⚠️ Important ⚠️
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @maintain0404 made their first contribution in #3405
Bugfixes 🐛
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf
- Remove use of asserts for control flow in Pydantic Plugin by @peterschutt in #3359
- Fix OpenAPI schema for generic wrapped return types with DTO by @peterschutt in #3371
- Fix ambiguous default warning for no signature default by @peterschutt in #3378
- Fix path param consumed by dependency treated as unconsumed by @peterschutt in #3380
- Fix remove
nameandinproperties included in OpenAPI headers by @peterschutt in #3417 - Fix unconditional minijinja import in flash-messages plugin by @peterschutt in #3418
- Fix routing issues with regular handler under mounted app by @peterschutt in #3430
- Fix file logging with structlog by @peterschutt in #3425
- Fix clearing large session cookies by @peterschutt in #3446
- Fix flash messages were not displayed on redirects by @euri10 in #3420
- Fix alidation of optional sequence in multipart data with one value by @provinzkraut in #3408
Documentation
- Update
usage/static_filesby @JacobCoffee in #3358 - Fix broken url; swagger ui by @wer153 in #3368
- Correct a word by @wer153 in #3412
- Fix WebSockets documentation grammar by @marcuslimdw in #3413
- Fix intersphinx mapping for advanced-alchemy by @provinzkraut in #3438
- Update
usage/cachingby @JacobCoffee in #3345 - Update
docs/usage/security/*by @JacobCoffee in #3344 - Improve sse by @euri10 in #3454
Full Changelog
v2.8.2...v2.8.3