Workflow

Starlette

Latest version: v0.45.2

Safety actively analyzes 693883 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 8 of 12

0.26.0

Not secure
Added

* Support [lifespan state](https://www.starlette.io/lifespan/) [#2060](https://github.com/encode/starlette/pull/2060), [#2065](https://github.com/encode/starlette/pull/2065) and [#2064](https://github.com/encode/starlette/pull/2064).

Changed
* Change `url_for` signature to return a `URL` instance [1385](https://github.com/encode/starlette/pull/1385).

Fixed
* Allow "name" argument on `url_for()` and `url_path_for()` [2050](https://github.com/encode/starlette/pull/2050).

Deprecated
* Deprecate `on_startup` and `on_shutdown` events [2070](https://github.com/encode/starlette/pull/2070).

**Full Changelog**: https://github.com/encode/starlette/compare/0.25.0...0.26.0

0.25.0

Not secure
Fixed
* Limit the number of fields and files when parsing `multipart/form-data` on the `MultipartParser` [8c74c2c](https://github.com/encode/starlette/commit/8c74c2c8dba7030154f8af18e016136bea1938fa) and [#2036](https://github.com/encode/starlette/pull/2036).

0.24.0

Not secure
Added
* Allow `StaticFiles` to follow symlinks [1683](https://github.com/encode/starlette/pull/1683).
* Allow `Request.form()` as a context manager [1903](https://github.com/encode/starlette/pull/1903).
* Add `size` attribute to `UploadFile` [1405](https://github.com/encode/starlette/pull/1405).
* Add `env_prefix` argument to `Config` [1990](https://github.com/encode/starlette/pull/1990).
* Add template context processors [1904](https://github.com/encode/starlette/pull/1904).
* Support `str` and `datetime` on `expires` parameter on the `Response.set_cookie` method [1908](https://github.com/encode/starlette/pull/1908).

Changed
* Lazily build the middleware stack [2017](https://github.com/encode/starlette/pull/2017).
* Make the `file` argument required on `UploadFile` [1413](https://github.com/encode/starlette/pull/1413).
* Use debug extension instead of custom response template extension [1991](https://github.com/encode/starlette/pull/1991).

Fixed
* Fix url parsing of ipv6 urls on `URL.replace` [1965](https://github.com/encode/starlette/pull/1965).

0.23.1

Not secure
Fixed
* Only stop receiving stream on `body_stream` if body is empty on the `BaseHTTPMiddleware` [1940](https://github.com/encode/starlette/pull/1940).

0.23.0

Not secure
Added
* Add `headers` parameter to the `TestClient` [1966](https://github.com/encode/starlette/pull/1966).

Deprecated
* Deprecate `Starlette` and `Router` decorators [1897](https://github.com/encode/starlette/pull/1897).

Fixed
* Fix bug on `FloatConvertor` regex [1973](https://github.com/encode/starlette/pull/1973).

0.22.0

Not secure
Changed
* Bypass `GZipMiddleware` when response includes `Content-Encoding` [1901](https://github.com/encode/starlette/pull/1901).

Fixed
* Remove unneeded `unquote()` from query parameters on the `TestClient` [1953](https://github.com/encode/starlette/pull/1953).
* Make sure `MutableHeaders._list` is actually a `list` [1917](https://github.com/encode/starlette/pull/1917).
* Import compatibility with the next version of `AnyIO` [1936](https://github.com/encode/starlette/pull/1936).

Page 8 of 12

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.