Skip to content

0.75.2
Compare
Choose a tag to compare
@tiangolo tiangolo released this 17 Apr 21:11
· 2214 commits to master since this release
0.75.2
2b54432

This release includes upgrades to third-party packages that handle security issues. Although there's a chance these issues don't affect you in particular, please upgrade as soon as possible.

Fixes

  • ✅ Fix new/recent tests with new fixed ValidationError JSON Schema. PR #4806 by @tiangolo.
  • 🐛 Fix JSON Schema for ValidationError at field loc. PR #3810 by @dconathan.
  • 🐛 Fix support for prefix on APIRouter WebSockets. PR #2640 by @Kludex.

Upgrades

  • ⬆️ Update ujson ranges for CVE-2021-45958. PR #4804 by @tiangolo.
  • ⬆️ Upgrade dependencies upper range for extras "all". PR #4803 by @tiangolo.
  • ⬆ Upgrade Swagger UI - swagger-ui-dist@4. This handles a security issue in Swagger UI itself where it could be possible to inject HTML into Swagger UI. Please upgrade as soon as you can, in particular if you expose your Swagger UI (/docs) publicly to non-expert users. PR #4347 by @RAlanWright.

Internal

  • 🔧 Update sponsors, add: ExoFlare, Ines Course; remove: Dropbase, Vim.so, Calmcode; update: Striveworks, TalkPython and TestDriven.io. PR #4805 by @tiangolo.
  • ⬆️ Upgrade Codecov GitHub Action. PR #4801 by @tiangolo.
Assets 2