From 2aea8354ea60c1ec906905ca006fd4d4c928fe63 Mon Sep 17 00:00:00 2001 From: vvanglro Date: Thu, 21 Nov 2024 03:04:55 +0800 Subject: [PATCH 1/8] fix(http): enable httptools lenient data (#2488) Co-authored-by: Marcelo Trylesinski --- pyproject.toml | 2 +- uvicorn/protocols/http/httptools_impl.py | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 17ee643c5..6dd4916db 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -39,7 +39,7 @@ dependencies = [ [project.optional-dependencies] standard = [ "colorama>=0.4;sys_platform == 'win32'", - "httptools>=0.5.0", + "httptools>=0.6.3", "python-dotenv>=0.13", "PyYAML>=5.1", "uvloop>=0.14.0,!=0.15.0,!=0.15.1; sys_platform != 'win32' and (sys_platform != 'cygwin' and platform_python_implementation != 'PyPy')", diff --git a/uvicorn/protocols/http/httptools_impl.py b/uvicorn/protocols/http/httptools_impl.py index 00f1fb720..f3396a768 100644 --- a/uvicorn/protocols/http/httptools_impl.py +++ b/uvicorn/protocols/http/httptools_impl.py @@ -58,6 +58,14 @@ def __init__( self.access_logger = logging.getLogger("uvicorn.access") self.access_log = self.access_logger.hasHandlers() self.parser = httptools.HttpRequestParser(self) + + try: + # Enable dangerous leniencies to allow server to a response on the first request from a pipelined request. + self.parser.set_dangerous_leniencies(lenient_data_after_close=True) + except AttributeError: # pragma: no cover + # httptools < 0.6.3 + pass + self.ws_protocol_class = config.ws_protocol_class self.root_path = config.root_path self.limit_concurrency = config.limit_concurrency From fc6c51b8bba48454685907ba629ca404543e9f42 Mon Sep 17 00:00:00 2001 From: Marcelo Trylesinski Date: Wed, 20 Nov 2024 20:19:24 +0100 Subject: [PATCH 2/8] Drop ASGI spec version to 2.3 on HTTP (#2513) --- tests/protocols/test_http.py | 4 ++-- uvicorn/protocols/http/h11_impl.py | 5 +---- uvicorn/protocols/http/httptools_impl.py | 2 +- 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/tests/protocols/test_http.py b/tests/protocols/test_http.py index b3b060b0f..d8711af5b 100644 --- a/tests/protocols/test_http.py +++ b/tests/protocols/test_http.py @@ -860,8 +860,8 @@ async def asgi(receive: ASGIReceiveCallable, send: ASGISendCallable): @pytest.mark.parametrize( "asgi2or3_app, expected_scopes", [ - (asgi3app, {"version": "3.0", "spec_version": "2.4"}), - (asgi2app, {"version": "2.0", "spec_version": "2.4"}), + (asgi3app, {"version": "3.0", "spec_version": "2.3"}), + (asgi2app, {"version": "2.0", "spec_version": "2.3"}), ], ) async def test_scopes( diff --git a/uvicorn/protocols/http/h11_impl.py b/uvicorn/protocols/http/h11_impl.py index 932ddf62b..b8cdde3ab 100644 --- a/uvicorn/protocols/http/h11_impl.py +++ b/uvicorn/protocols/http/h11_impl.py @@ -200,10 +200,7 @@ def handle_events(self) -> None: full_raw_path = self.root_path.encode("ascii") + raw_path self.scope = { "type": "http", - "asgi": { - "version": self.config.asgi_version, - "spec_version": "2.4", - }, + "asgi": {"version": self.config.asgi_version, "spec_version": "2.3"}, "http_version": event.http_version.decode("ascii"), "server": self.server, "client": self.client, diff --git a/uvicorn/protocols/http/httptools_impl.py b/uvicorn/protocols/http/httptools_impl.py index f3396a768..e8795ed35 100644 --- a/uvicorn/protocols/http/httptools_impl.py +++ b/uvicorn/protocols/http/httptools_impl.py @@ -222,7 +222,7 @@ def on_message_begin(self) -> None: self.headers = [] self.scope = { # type: ignore[typeddict-item] "type": "http", - "asgi": {"version": self.config.asgi_version, "spec_version": "2.4"}, + "asgi": {"version": self.config.asgi_version, "spec_version": "2.3"}, "http_version": "1.1", "server": self.server, "client": self.client, From 04c6320f396938363e5f5488ffbf19adf528681e Mon Sep 17 00:00:00 2001 From: Marcelo Trylesinski Date: Wed, 20 Nov 2024 20:22:48 +0100 Subject: [PATCH 3/8] Version 0.32.1 (#2515) * Version 0.32.1 * Update CHANGELOG.md --- CHANGELOG.md | 7 +++++++ uvicorn/__init__.py | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 74af8e5ee..ffa11d53f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Change Log +## 0.32.1 (2024-11-20) + +### Fixed + +* Drop ASGI spec version to 2.3 on HTTP scope [#2513](https://github.com/encode/uvicorn/pull/2513) +* Enable httptools lenient data on `httptools >= 0.6.3` [#2488](https://github.com/encode/uvicorn/pull/2488) + ## 0.32.0 (2024-10-15) ### Added diff --git a/uvicorn/__init__.py b/uvicorn/__init__.py index c5c7b8f33..869de7984 100644 --- a/uvicorn/__init__.py +++ b/uvicorn/__init__.py @@ -1,5 +1,5 @@ from uvicorn.config import Config from uvicorn.main import Server, main, run -__version__ = "0.32.0" +__version__ = "0.32.1" __all__ = ["main", "run", "Config", "Server"] From 8c3402dd222d2773770bf0de8e68d85931efdf84 Mon Sep 17 00:00:00 2001 From: Marcelo Trylesinski Date: Wed, 20 Nov 2024 20:34:29 +0100 Subject: [PATCH 4/8] Update `publish.yaml` with latest PyPI recommendations (#2516) * Update `publish.yaml` with latest PyPI recommendations * Update .github/workflows/publish.yml * Simplify pipeline * Simplify pipeline * Use Python 3.12 --- .github/workflows/publish.yml | 88 ++++++++++++++++++++++++++++------- 1 file changed, 72 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 7ecef5559..c97c1acac 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -6,24 +6,80 @@ on: - '*' jobs: - publish: - name: "Publish release" - runs-on: "ubuntu-latest" + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-python@v5 + with: + python-version: "3.12" + + - name: Install dependencies + run: scripts/install + + - name: Build package & docs + run: scripts/build + + - name: Upload package distributions + uses: actions/upload-artifact@v2 + with: + name: package-distributions + path: dist/ + + - name: Upload documentation + uses: actions/upload-artifact@v2 + with: + name: documentation + path: site/ + + pypi-publish: + runs-on: ubuntu-latest + needs: build + + permissions: + id-token: write environment: - name: deploy + name: pypi + url: https://pypi.org/project/uvicorn steps: - - uses: "actions/checkout@v4" - - uses: "actions/setup-python@v5" + - name: Download artifacts + uses: actions/download-artifact@v2 with: - python-version: "3.8" - - name: "Install dependencies" - run: "scripts/install" - - name: "Build package & docs" - run: "scripts/build" - - name: "Publish to PyPI & deploy docs" - run: "scripts/publish" - env: - TWINE_USERNAME: __token__ - TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }} + name: package-distributions + path: dist/ + + - name: Publish distribution 📦 to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + + docs-publish: + runs-on: ubuntu-latest + needs: build + + permissions: + contents: write + + steps: + - name: Download artifacts + uses: actions/download-artifact@v2 + with: + name: documentation + path: site/ + + - name: Configure Git Credentials + run: | + git config user.name github-actions[bot] + git config user.email 41898282+github-actions[bot]@users.noreply.github.com + + - uses: actions/setup-python@v5 + with: + python-version: "3.12" + + - name: Install dependencies + run: scripts/install + + - name: Publish documentation 📚 to GitHub Pages + run: mkdocs gh-deploy --force From 5279296e620fad6c6839263c279ff23b4be8df32 Mon Sep 17 00:00:00 2001 From: Marcelo Trylesinski Date: Wed, 20 Nov 2024 20:38:07 +0100 Subject: [PATCH 5/8] Upgrade upload/download GitHub Actions (#2517) --- .github/workflows/publish.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c97c1acac..ad9481f35 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -23,13 +23,13 @@ jobs: run: scripts/build - name: Upload package distributions - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: package-distributions path: dist/ - name: Upload documentation - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: documentation path: site/ @@ -47,7 +47,7 @@ jobs: steps: - name: Download artifacts - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v4 with: name: package-distributions path: dist/ @@ -64,7 +64,7 @@ jobs: steps: - name: Download artifacts - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v4 with: name: documentation path: site/ From bc412d2a131ffda95394e10f9c46ce0946f2d86b Mon Sep 17 00:00:00 2001 From: Marcelo Trylesinski Date: Wed, 20 Nov 2024 20:47:40 +0100 Subject: [PATCH 6/8] Add `actions/checkout` GitHub action to docs-publish (#2518) --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ad9481f35..256214310 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -11,7 +11,6 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 with: python-version: "3.12" @@ -63,6 +62,7 @@ jobs: contents: write steps: + - uses: actions/checkout@v4 - name: Download artifacts uses: actions/download-artifact@v4 with: From 9a0587922f8cd077d62dd81aaac3da827b0d828a Mon Sep 17 00:00:00 2001 From: Marcelo Trylesinski Date: Wed, 20 Nov 2024 20:48:09 +0100 Subject: [PATCH 7/8] Set `fail-fast` to `false` on the pipeline (#2514) --- .github/workflows/test-suite.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml index 80817291f..6f7e2db8f 100644 --- a/.github/workflows/test-suite.yml +++ b/.github/workflows/test-suite.yml @@ -13,6 +13,7 @@ jobs: runs-on: "${{ matrix.os }}" timeout-minutes: 30 strategy: + fail-fast: false matrix: python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"] os: [windows-latest, ubuntu-latest, macos-latest] From 6215230fd2f42a05de7d4fe7fc950ed1eabe8b93 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 20:48:35 +0100 Subject: [PATCH 8/8] Bump the python-packages group with 7 updates (#2499) * Bump the python-packages group with 7 updates Bumps the python-packages group with 7 updates: | Package | From | To | | --- | --- | --- | | [build](https://github.com/pypa/build) | `1.2.2` | `1.2.2.post1` | | [ruff](https://github.com/astral-sh/ruff) | `0.6.8` | `0.7.1` | | [mypy](https://github.com/python/mypy) | `1.11.2` | `1.13.0` | | [trustme](https://github.com/python-trio/trustme) | `1.1.0` | `1.2.0` | | [cryptography](https://github.com/pyca/cryptography) | `43.0.1` | `43.0.3` | | [coverage](https://github.com/nedbat/coveragepy) | `7.6.1` | `7.6.4` | | [mkdocs-material](https://github.com/squidfunk/mkdocs-material) | `9.5.39` | `9.5.43` | Updates `build` from 1.2.2 to 1.2.2.post1 - [Release notes](https://github.com/pypa/build/releases) - [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pypa/build/compare/1.2.2...1.2.2.post1) Updates `ruff` from 0.6.8 to 0.7.1 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/0.6.8...0.7.1) Updates `mypy` from 1.11.2 to 1.13.0 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](https://github.com/python/mypy/compare/v1.11.2...v1.13.0) Updates `trustme` from 1.1.0 to 1.2.0 - [Release notes](https://github.com/python-trio/trustme/releases) - [Commits](https://github.com/python-trio/trustme/compare/v1.1.0...v1.2.0) Updates `cryptography` from 43.0.1 to 43.0.3 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/43.0.1...43.0.3) Updates `coverage` from 7.6.1 to 7.6.4 - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/7.6.1...7.6.4) Updates `mkdocs-material` from 9.5.39 to 9.5.43 - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.39...9.5.43) --- updated-dependencies: - dependency-name: build dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-packages - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-packages - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-packages - dependency-name: trustme dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-packages - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-packages - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-packages - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-packages ... Signed-off-by: dependabot[bot] * Update requirements.txt * Update requirements.txt * Update requirements.txt --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marcelo Trylesinski --- requirements.txt | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/requirements.txt b/requirements.txt index dc3b71d6e..bf8b09827 100644 --- a/requirements.txt +++ b/requirements.txt @@ -10,23 +10,24 @@ wsproto==1.2.0 websockets==13.1 # Packaging -build==1.2.2 +build==1.2.2.post1 twine==5.1.1 # Testing -ruff==0.6.8 +ruff==0.7.1 pytest==8.3.3 pytest-mock==3.14.0 -mypy==1.11.2 +mypy==1.13.0 types-click==7.1.8 types-pyyaml==6.0.12.20240917 trustme==1.1.0 -cryptography==43.0.1 -coverage==7.6.1 +cryptography==43.0.3 +coverage==7.6.1; python_version < '3.9' +coverage==7.6.4; python_version >= '3.9' coverage-conditional-plugin==0.9.0 httpx==0.27.2 watchgod==0.8.2 # Documentation mkdocs==1.6.1 -mkdocs-material==9.5.39 +mkdocs-material==9.5.43