Safety vulnerability ID: 50817
The information on this page was manually curated by our Cybersecurity Intelligence Team.
[This advisory has been limited. Please create a free account to view the full advisory.]
Latest version: 4.2.1
Django ASGI (HTTP/WebSocket) server
[This affected versions has been limited. Please create a free account to view the full affected versions.]
[This fixed versions has been limited. Please create a free account to view the full fixed versions.]
--------------------
This is a beta release to allow testing compatibility with the upcoming Channels
4.0.
* Dropped support for Python 3.6.
* Updated dependencies to the latest versions.
Previously a range of Twisted versions have been supported. Recent Twisted
releases (22.2, 22.4) have issued security fixes, so those are now the
minimum supported version. Given the stability of Twisted, supporting a
range of versions does not represent a good use of maintainer time. Going
forward the latest Twisted version will be required.
* Set ``daphne`` as default ``Server`` header.
This can be configured with the ``--server-name`` CLI argument.
Added the new ``--no-server-name`` CLI argument to disable the ``Server``
header, which is equivalent to ``--server-name=` (an empty name).
* Added ``--log-fmt`` CLI argument.
* Added support for ``ASGI_THREADS`` environment variable, setting the maximum
number of workers used by a ``SyncToAsync`` thread-pool executor.
Set e.g. ``ASGI_THREADS=4 daphne ...`` when running to limit the number of
workers.
* Added a ``runserver`` command to run an ASGI Django development server.
Added ``"daphne"`` to the ``INSTALLED_APPS`` setting, before
``"django.contrib.staticfiles"`` to enable:
INSTALLED_APPS = [
"daphne",
...
]
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application