Workflow

Lilya

Latest version: v0.12.11

Safety actively analyzes 723177 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 2 of 10

0.12.5

Added

- Header is now an iterator which is an alias to encoded_multi_items.
Instead of reparsing the headers for every middleware, keep the instance and mimic a fitting generator.- `sniff` method on Request.

Changed

- `receive`, `send` are not properties anymore on Request but proper methods. `receive` has a replay mode for `sniff`.

Fixed

- StaticFiles without scope headers failed.
- StaticFiles were susceptible for path traversal attacks.
- Calling Request.headers could empty the headers in scope when just a generator.
- Messages were not replayed in case `ContinueRouting` was raised. This prevented sniffing like documented.

0.12.4

Not secure
Added

- Compatibility mode for async response content.
- Support for jinja enable_async option.

Changed

- Removed hard dependency of nest_asyncio for the cli.

0.12.3

Not secure
Fixed

- `from_scope` was incorrectly applied in some middleware on scope and not on message for updated message headers.
This breaks for example post responses.

0.12.2

Not secure
Fixed

- Context G threads safety

0.12.1

Not secure
Added

- New [SessionContextMiddleware](https://lilya.dev/middleware/#sessioncontextmiddleware) allowing to use the new `session` object
in a request context.

Changed

- Updated the Context section by adding the [session context](https://lilya.dev/context/#the-session-object) examples and explanation
how to use it.

0.12.0

Not secure
Added

- Support for Python 3.13.
- Add `ReceiveSendSniffer`. This sniffer allows to detect communication events and to replay receive messages.
- `Include` and `BaseLilya` (application) have now a ClassVar `router_class` to provide a custom router.
- Subclasses of `BaseLilya` (application) can set the `router_class` to None to provide a completely custom router
which initialization parameters aren't required to match the ones of `Router`.
- Expose `fall_through` on `StaticFile`.

Changed

- The `PathHandler` interface was changed to receive a `ReceiveSendSniffer` instead of `send`/`receive`.
- The `handle_partial` interface was changed to receive a `PathHandler`.
- Fall-through routing was implemented.
- Expose `redirect_slashes` on `Include`.

Fixed

- `Host` with middleware or permissions.

Page 2 of 10

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.