Skip to content

Bump starlette from 0.46.2 to 0.49.1#3

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/starlette-0.49.1
Closed

Bump starlette from 0.46.2 to 0.49.1#3
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/starlette-0.49.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 28, 2026
edited
Loading

Copy link
Copy Markdown

Bumps starlette from 0.46.2 to 0.49.1.

Release notes

Sourced from starlette's releases.

Version 0.49.1

This release fixes a security vulnerability in the parsing logic of the Range header in FileResponse.

You can view the full security advisory: GHSA-7f5h-v6xp-fcq8

Fixed

Full Changelog: Kludex/starlette@0.49.0...0.49.1

Version 0.49.0

Added

  • Add encoding parameter to Config class #2996.
  • Support multiple cookie headers in Request.cookies #3029.
  • Use Literal type for WebSocketEndpoint encoding values #3027.

Changed

  • Do not pollute exception context in Middleware when using BaseHTTPMiddleware #2976.

New Contributors

Full Changelog: Kludex/starlette@0.48.0...0.49.0

Version 0.48.0

Added

  • Add official Python 3.14 support #3013.

Changed

New Contributors

Full Changelog: Kludex/starlette@0.47.3...0.48.0

... (truncated)

Changelog

Sourced from starlette's changelog.

0.49.1 (October 28, 2025)

This release fixes a security vulnerability in the parsing logic of the Range header in FileResponse.

You can view the full security advisory: GHSA-7f5h-v6xp-fcq8

Fixed

0.49.0 (October 28, 2025)

Added

  • Add encoding parameter to Config class #2996.
  • Support multiple cookie headers in Request.cookies #3029.
  • Use Literal type for WebSocketEndpoint encoding values #3027.

Changed

  • Do not pollute exception context in Middleware when using BaseHTTPMiddleware #2976.

0.48.0 (September 13, 2025)

Added

  • Add official Python 3.14 support #3013.

Changed

0.47.3 (August 24, 2025)

Fixed

  • Use asyncio.iscoroutinefunction for Python 3.12 and older #2984.

0.47.2 (July 20, 2025)

Fixed

  • Make UploadFile check for future rollover #2962.

0.47.1 (June 21, 2025)

Fixed

  • Use Self in TestClient.__enter__ #2951.
  • Allow async exception handlers to type-check #2949.

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 28, 2026
@dependabot
Bump starlette from 0.46.2 to 0.49.1
ff94d54 
Bumps [starlette](https://github.com/Kludex/starlette) from 0.46.2 to 0.49.1.
- [Release notes](https://github.com/Kludex/starlette/releases)
- [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md)
- [Commits](Kludex/starlette@0.46.2...0.49.1)

---
updated-dependencies:
- dependency-name: starlette
  dependency-version: 0.49.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/uv/starlette-0.49.1 branch from 12cf998 to ff94d54 Compare May 30, 2026 05:49
@dependabot @github

dependabot Bot commented on behalf of github Jun 4, 2026

Copy link
Copy Markdown
Author

Superseded by #10.

@dependabot dependabot Bot closed this Jun 4, 2026
@dependabot dependabot Bot deleted the dependabot/uv/starlette-0.49.1 branch June 4, 2026 16:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants