Esmerald

Added

- `Esmerald`, `Include`, `Host`, `Gateway`, `HTTPHandler` and `Router` now support `before_request` and `after_request`
life cycles. This can be particularly useful to those who want to perform actions before and after
a request is performed. E.g.: Telemetry.
- Missing before and after request in the handler helpers.
- `BaseController` alias for the `View`. This serves a preparation for the internal renaming.

Fixed

- Internal permission checking for Lilya and Esmerald was not extended to `View` base of Controllers.
- Inheritance extending previous permissions on Controllers.

Added

- Esmerald now **also** supports **Pure ASGI Permissions**. That means you can pass the same
style of permissions as the ones used in Lilya as alternative to the native Esmerald permission
system.
- New [Lilya permissions](https://lilya.dev/permissions/lilya.md) documentation section.

Changed

- [Permissions section](https://lilya.dev/permissions/esmerald.md) moved and renamed to Esmerald Permissions.

Fixed

- `set_cookie` was causing an issue when multiple were being generated.

Added

- Support for `async` jinja templates.
- Missing `esmerald --version` command to the cli.

Changed

- Removed hard dependency of `nest_asyncio`.
- Use ORJSON as parsing json.

Fixed

- Internal pattern for OAuth2 form password.
- Fixed internal typings of passthrough in Response and TemplateResponse.
- Esmerald permissions on Include were being overriten by Lilya too early.

Added

- [Requires()](./dependencies.mdrequires-and-security) as a new independent way to manage dependencies.
- A more thorough explanation about the [Security()](./dependencies.mdrequires-and-security), how to use it and examples.

Changed

- Expose `Controller` in `esmerald` as alternative to `APIView`. This was already available to use but not directly
accessible via `from esmerald import Controller`.

Fixed

- Fix escaped " in TemplateResponse.
- Fix TemplateResponse's auto-detection of the media-type when used directly.
- Don't mangle strings by default for other media-types than json.
- Don't mangle returned responses.
- Reverse lookup or Class based views and nested naming using `path_for`.

Added

- `name` parameter to StaticFiles config allowing to reverse lookup internally.
- Support for Python 3.13
- Support for `redirect_slashes` in the Include.
- `status_code` to ResponseContainer to be parameter detectable.

Changed

- Cleanup Response.
- Move `transform` method to lilya but provide speedup in a mixin.
- Esmerald `Response` behaves like `make_response` in lilya with a plain `Response`.
- Special handle None (nothing is returned) in `Response`. It shouldn't map to `null` so not all handlers have to return a value.

Fixed

- `data` and `payload` special kwargs are now allowed when a not-bodyless method is available for the handler. They default to None.
- `bytes` won't be encoded as json when returned from a handler. This would unexpectly lead to a base64 encoding.
- SessionConfig has a unneccessarily heavily restricted secret_key parameter.
- Gracefully handle situations where cookies are None in `get_cookies`.
- Fix validation of parameters requiring a body.

Added

- Allow passing extensions as string.

Changed

- Change `media_type` parameter of `Response` from `MediaType.JSON` to `None` to match the default of the underlying lilya Response.

Fixed

- OpenAPI responses.
- Enum definitions.