Esmerald

Added

- [Requires()](./dependencies.mdrequires-and-security) as a new independent way to manage dependencies.
- A more thorough explanation about the [Security()](./dependencies.mdrequires-and-security), how to use it and examples.

Changed

- Expose `Controller` in `esmerald` as alternative to `APIView`. This was already available to use but not directly
accessible via `from esmerald import Controller`.

Fixed

- Fix escaped " in TemplateResponse.
- Fix TemplateResponse's auto-detection of the media-type when used directly.
- Don't mangle strings by default for other media-types than json.
- Don't mangle returned responses.
- Reverse lookup or Class based views and nested naming using `path_for`.

Added

- `name` parameter to StaticFiles config allowing to reverse lookup internally.
- Support for Python 3.13
- Support for `redirect_slashes` in the Include.
- `status_code` to ResponseContainer to be parameter detectable.

Changed

- Cleanup Response.
- Move `transform` method to lilya but provide speedup in a mixin.
- Esmerald `Response` behaves like `make_response` in lilya with a plain `Response`.
- Special handle None (nothing is returned) in `Response`. It shouldn't map to `null` so not all handlers have to return a value.

Fixed

- `data` and `payload` special kwargs are now allowed when a not-bodyless method is available for the handler. They default to None.
- `bytes` won't be encoded as json when returned from a handler. This would unexpectly lead to a base64 encoding.
- SessionConfig has a unneccessarily heavily restricted secret_key parameter.
- Gracefully handle situations where cookies are None in `get_cookies`.
- Fix validation of parameters requiring a body.

Added

- Allow passing extensions as string.

Changed

- Change `media_type` parameter of `Response` from `MediaType.JSON` to `None` to match the default of the underlying lilya Response.

Fixed

- OpenAPI responses.
- Enum definitions.

Added

- New `Security` section with all the explanations how to use the internals of Esmerald.
- Added new `Security` object used for security dependencies using Esmerald `esmerald.security` package.

Changed

- Updates from python-jose to PyJWT as dependency contrib library.
- Remove OpenAPI security as they where redundant and not 100% compliant with OpenAPI security.
- Allow the new Lilya StaticFiles allowing to provide multiple directories with fallthrough behaviour.
- Deprecate support for Mako.
- Internal code organisation and cleaning.

Fixed

- Fix cli detection of wrapped esmerald instances or different ASGI servers.
- Allow passing multiple `StaticFilesConfig` configurations in a tuple.
- Allow passing multiple directories to `StaticFiles` by removing the stringification in `StaticFilesConfig` so a fallthrough behavior can be established.
Note: this requires a newer lilya version.

Changed

- Use assigned encoders at requests for json_encoder.
- Allow overwriting the `LILYA_ENCODER_TYPES` for different encoder sets or tests.
- Use more orjson for encoding requests.

Added

- Allow passing HTTP/WebSocket handlers directly to routes. They are automatically wrapped in Gateways-
- Allow passing HTTP/WebSocket handlers directly to routes as alternative to defining a Gateway/WebsocketGateway.

Changed

- Esmerald is now under the License BSD-3. This aims to protect the maintainers and contributors and
the license will be now the final.
- Pluggables can now receive plain Extensions and Extension classes.
- Rename of Pluggables to Extensions:
- **Breaking**: The `pluggables` attribute and parameter are now renamed to `extensions`. The old name is still available but deprecated.
- **Breaking**: The `add_pluggable` method is now renamed to `add_extension`. The old name is still available but deprecated.
- The documentation will refer now to extensions with `Pluggable` as a setup wrapper.

Fixed

- Directive `runserver` now allows the use of ASGI middlewares.
- Remove the dependency of an app being an `esmerald` instance for `runserver`.
- Check the environment variables instead of settings variable for esmerald settings in the runserver.