Skip to content

build(deps): bump uvicorn from 0.40.0 to 0.42.0#1220

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/uvicorn-0.42.0
Closed

build(deps): bump uvicorn from 0.40.0 to 0.42.0#1220
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/uvicorn-0.42.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 17, 2026
edited
Loading

Bumps uvicorn from 0.40.0 to 0.42.0.

Release notes

Sourced from uvicorn's releases.

Version 0.42.0

Changed

  • Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies (#2845)

Fixed

  • Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • Fix multiple issues in websockets sans-io implementation (#2825)

New Contributors

Full Changelog: Kludex/uvicorn@0.41.0...0.42.0

Version 0.41.0

Added

  • Add --limit-max-requests-jitter to stagger worker restarts (#2707)
  • Add socket path to scope["server"] (#2561)

Changed

  • Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

  • Ignore permission denied errors in watchfiles reloader (#2817)
  • Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
  • Reduce the log level of 'request limit exceeded' messages (#2788)

New Contributors

Full Changelog: Kludex/uvicorn@0.40.0...0.41.0

Changelog

Sourced from uvicorn's changelog.

0.42.0 (March 16, 2026)

Changed

  • Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies (#2845)

Fixed

  • Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • Fix multiple issues in websockets sans-io implementation (#2825)

0.41.0 (February 16, 2026)

Added

  • Add --limit-max-requests-jitter to stagger worker restarts (#2707)
  • Add socket path to scope["server"] (#2561)

Changed

  • Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

  • Ignore permission denied errors in watchfiles reloader (#2817)
  • Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
  • Reduce the log level of 'request limit exceeded' messages (#2788)
Commits
  • 02bed6f Version 0.42.0 (#2852)
  • d8f2501 chore: pre-create Config objects in benchmarks to measure protocol hot paths ...
  • 9dbb783 Add WebSocket protocol benchmarks for wsproto and websockets-sansio (#2849)
  • b3c69da Use bytearray for request body accumulation (#2845)
  • 3f3ebee Disable pytest-xdist for CodSpeed benchmark runs (#2847)
  • d072de7 Add fragmented body benchmark for chunked body accumulation (#2846)
  • e300c2c Add CodSpeed benchmark suite for HTTP protocol hot paths (#2844)
  • 1fa6976 Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • 59ec1de Fix multiple issues in websockets sansio implementation (#2825)
  • 2fc0efc Clarify Windows asyncio event loop selection in docs (#2843)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 17, 2026
@dependabot dependabot Bot mentioned this pull request Mar 17, 2026
Closed
@dependabot dependabot Bot force-pushed the dependabot/pip/uvicorn-0.42.0 branch 4 times, most recently from c50cc06 to a4a2bd6 Compare March 24, 2026 04:09
@dependabot dependabot Bot force-pushed the dependabot/pip/uvicorn-0.42.0 branch 2 times, most recently from b1f63ad to f721ff1 Compare April 3, 2026 04:21
@dependabot
build(deps): bump uvicorn from 0.40.0 to 0.42.0
2e5906c 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.40.0 to 0.42.0.
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.40.0...0.42.0)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/uvicorn-0.42.0 branch from f721ff1 to 2e5906c Compare April 3, 2026 04:26
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 6, 2026

Superseded by #1234.

@dependabot dependabot Bot closed this Apr 6, 2026
@dependabot dependabot Bot deleted the dependabot/pip/uvicorn-0.42.0 branch April 6, 2026 03:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants