Skip to content

Commit ad7aaf7

Browse files
committed
Deploying to gh-pages from @ b343d5a 🚀
1 parent 520102c commit ad7aaf7

File tree

456 files changed

+13792
-12650
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

456 files changed

+13792
-12650
lines changed

2/.buildinfo

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
11
# Sphinx build info version 1
22
# This file records the configuration used when building these files. When it is not found, a full rebuild will be done.
3-
config: 336403e44b76cfc6a4ea8746cff4f1f2
3+
config: 4cb64fc0ba4aa3536b15dd22e19b70f7
44
tags: 645f666f9bcd5a90fca523b33c5a78b7

2/_sources/release-notes/changelog.rst.txt

Lines changed: 96 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,102 @@
33
Litestar 2 Changelog
44
====================
55

6+
.. changelog:: 2.20.0
7+
:date: 2026-02-08
8+
9+
.. change:: Fix ``AllowedHosts`` validation bypass via improperly escaped host names in ``AllowedHostsConfig``
10+
:type: bugfix
11+
12+
Fix a bug in :class:`~litestar.config.allowed_hosts.AllowedHostsConfig`, that
13+
could allow to bypass the allowed hosts validation, caused by an improperly
14+
escaped regex value in the ``allowed_hosts`` property.
15+
16+
``allowed_hosts=["*.example.com"]`` would not only allow ``foo.example.com``,
17+
but also ``example.x.com``.
18+
19+
.. change:: Fix CORS vulnerability in ``CORSConfig`` via improperly escaped ``allow_origins``
20+
:type: bugfix
21+
22+
Fix a bug in :class:`~litestar.config.cors.CORSConfig`, that could allow to
23+
bypass CORS validation, caused by an improperly escaped regex value in the
24+
``allow_origins`` property; A value like ``example.com`` would not only allow
25+
the host ``example.com``, but also ``exampleXcom``.
26+
27+
.. change:: Fix key collision due to improper key normalization in ``FileStore``
28+
:type: bugfix
29+
30+
Fix a bug in :class:`~litestar.stores.file.FileStore`, that could lead to a key
31+
collision due to improper normalization.
32+
33+
``FileStore`` use a key normalization method to ensure every key passed was able
34+
to be used as a valid file name on any platform. However, due to the nature of
35+
unicode normalization, the approach taken resulted in the possibility of
36+
uninentional key collisions, e.g. ```` (The Kelvin sign) would normalize to a
37+
regular ASCII ``K``, so a key like ``K1234`` (with the Kelvin sign) and
38+
``K1234`` (with a regular ``K``) would result in the same key.
39+
40+
This has been fixed by performing normalization on the keys via a hashing
41+
function.
42+
43+
.. change:: Added ``exclude_spans`` option for ``OpenTelemetryMiddleware``
44+
:type: feature
45+
:pr: 4534
46+
:issue: 4533
47+
48+
Add a config option to ``exclude_spans`` for ``OpenTelemetryMiddleware``
49+
50+
.. change:: DTO: add ``__schema_name__`` to dto base
51+
:type: feature
52+
:pr: 4131
53+
:issue: 3427
54+
55+
Add a new ``__schema_name__`` attribute to the DTO base, to allow to customising
56+
the name the DTO model will be given in the OpenAPI schema
57+
58+
.. change:: Fix header name when raising ``MethodNotAllowedException``
59+
:type: bugfix
60+
:pr: 4539
61+
:issue: 4277
62+
63+
Fix a typo that snuck in when fixing https://github.com/litestar-org/litestar/issues/4277,
64+
where instead of an ``Allow`` header, an ``Allowed`` header would be sent
65+
66+
.. change:: JWT: Store raw token in cookies without ``Bearer`` prefix
67+
:type: bugfix
68+
:pr: 4552
69+
70+
Fix a bug wherer the JWT Cookie backend would store the token with a ``Bearer``
71+
prefix in the cookie, because it was using the same functions to generate the
72+
payload as the header-based JWT backend
73+
74+
.. change:: JWT: Relax typing to allow ``Sequence`` for ``Token.aud``
75+
:type: bugfix
76+
:pr: 4241
77+
78+
Fix typing to allow :class:`typing.Sequence` in
79+
:attr:`~litestar.security.jwt.Token.aud`.
80+
81+
82+
.. change:: DI: Properly handle (async) generators returned by ``__call__``
83+
:type: bugfix
84+
:pr: 4459
85+
:issue: 4457
86+
87+
Fix a bug that would treat a generator returned from a provider by invoking its
88+
``__call__`` method, as a regular return value, and would ignore the cleanup
89+
step.
90+
91+
.. change:: Testing: Improve stdout handling of subprocess test client
92+
:type: bugfix
93+
:pr: 4574
94+
95+
Adds handling to the subprocess (sync and async) test clients to:
96+
97+
- Discard output to :obj:`subprocess.DEVNULL` by default, rather than to an
98+
unconsumed :obj:`subprocess.PIPE` (which could result in an overflow)
99+
- Enable subprocess output capture in the main stdout/stderr via the
100+
``capture_output`` flag (defaults to ``True`` to keep existing behaviour)
101+
6102
.. changelog:: 2.19.0
7103
:date: 2025-12-14
8104

2/_sources/usage/cli.rst.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -121,15 +121,15 @@ entries should point to a :class:`click.Command` or :class:`click.Group`:
121121
.. code-block:: toml
122122
:caption: Using `poetry <https://python-poetry.org/>`_
123123
124-
[tool.poetry.plugins."litestar.commands"]
124+
[project.entry-points."litestar.commands"]
125125
my_command = "my_litestar_plugin.cli:main"
126126
127127
.. tab-item:: uv
128128

129129
.. code-block:: toml
130130
:caption: Using `uv <https://docs.astral.sh/uv/>`_
131131
132-
[project.scripts]
132+
[project.entry-points."litestar.commands"]
133133
my_command = "my_litestar_plugin.cli:main"
134134
135135
Using a plugin

2/_sources/usage/openapi/ui_plugins.rst.txt

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -293,17 +293,6 @@ With that, you can preset your clientId or enable PKCE support.
293293
.. literalinclude:: /examples/openapi/plugins/swagger_ui_oauth.py
294294
:language: python
295295

296-
Customizing the OpenAPI UI
297-
--------------------------
298-
299-
Style and behavior of the OpenAPI UI can be customized by overriding the default ``css_url`` and ``js_url`` attributes
300-
on the render plugin class, for example:
301-
302-
.. literalinclude:: /examples/openapi/plugins/scalar_customized.py
303-
:language: python
304-
305-
To learn more about customizing the ``Scalar`` UI, see the `Scalar documentation <https://docs.scalar.com/>`_.
306-
307296
CDN and offline file support
308297
----------------------------
309298

2/_sources/usage/testing.rst.txt

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -330,6 +330,16 @@ with the regular test client setup:
330330
.. literalinclude:: /examples/testing/test_subprocess_sse.py
331331
:language: python
332332

333+
By default, the subprocess client will capture all output from the litestar instance. To discard output in the main (testing) process, set the ``capture_output`` argument to ``False`` when creating the client:
334+
335+
.. code-block:: python
336+
337+
@pytest.fixture(name="async_client")
338+
async def fx_async_client() -> AsyncIterator[httpx.AsyncClient]:
339+
async with subprocess_async_client(workdir=ROOT, app="subprocess_sse_app:app", capture_output=False) as client:
340+
yield client
341+
342+
333343
RequestFactory
334344
--------------
335345

2/_static/basic.css

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -741,6 +741,14 @@ abbr, acronym {
741741
cursor: help;
742742
}
743743

744+
.translated {
745+
background-color: rgba(207, 255, 207, 0.2)
746+
}
747+
748+
.untranslated {
749+
background-color: rgba(255, 207, 207, 0.2)
750+
}
751+
744752
/* -- code displays --------------------------------------------------------- */
745753

746754
pre {

2/_static/searchtools.js

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -513,11 +513,9 @@ const Search = {
513513
// perform the search on the required terms
514514
searchTerms.forEach((word) => {
515515
const files = [];
516-
// find documents, if any, containing the query word in their text/title term indices
517-
// use Object.hasOwnProperty to avoid mismatching against prototype properties
518516
const arr = [
519-
{ files: terms.hasOwnProperty(word) ? terms[word] : undefined, score: Scorer.term },
520-
{ files: titleTerms.hasOwnProperty(word) ? titleTerms[word] : undefined, score: Scorer.title },
517+
{ files: terms[word], score: Scorer.term },
518+
{ files: titleTerms[word], score: Scorer.title },
521519
];
522520
// add support for partial matches
523521
if (word.length > 2) {
@@ -549,9 +547,8 @@ const Search = {
549547

550548
// set score for the word in each file
551549
recordFiles.forEach((file) => {
552-
if (!scoreMap.has(file)) scoreMap.set(file, new Map());
553-
const fileScores = scoreMap.get(file);
554-
fileScores.set(word, record.score);
550+
if (!scoreMap.has(file)) scoreMap.set(file, {});
551+
scoreMap.get(file)[word] = record.score;
555552
});
556553
});
557554

@@ -590,7 +587,7 @@ const Search = {
590587
break;
591588

592589
// select one (max) score for the file.
593-
const score = Math.max(...wordList.map((w) => scoreMap.get(file).get(w)));
590+
const score = Math.max(...wordList.map((w) => scoreMap.get(file)[w]));
594591
// add result to the result list
595592
results.push([
596593
docNames[file],

2/_static/versioning.js

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
1+
const urlRoot = DOCUMENTATION_OPTIONS.URL_ROOT ?? "";
2+
13
const loadVersions = async () => {
2-
const res = await fetch(
3-
DOCUMENTATION_OPTIONS.URL_ROOT + "_static/versions.json",
4-
);
4+
const res = await fetch(urlRoot + "_static/versions.json");
55
if (res.status !== 200) {
66
return null;
77
}
@@ -32,7 +32,7 @@ const addVersionWarning = (currentVersion, latestVersion) => {
3232

3333
const latestLink = document.createElement("a");
3434
latestLink.textContent = "Click here to go to the latest version";
35-
latestLink.href = DOCUMENTATION_OPTIONS.URL_ROOT + "../latest";
35+
latestLink.href = urlRoot + "../latest";
3636
container.appendChild(latestLink);
3737

3838
header.before(container);
@@ -75,7 +75,7 @@ const addVersionSelect = (currentVersion, versionSpec) => {
7575

7676
const navLink = document.createElement("a");
7777
navLink.classList.add("nav-link", "nav-internal");
78-
navLink.href = DOCUMENTATION_OPTIONS.URL_ROOT + `../${version}`;
78+
navLink.href = urlRoot + `../${version}`;
7979
navLink.textContent = formatVersionName(
8080
version,
8181
version === versionSpec.latest,

2/admonitions/sync-to-thread-info.html

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@
4848
<script src="../_static/litestar-theme.js?v=ab2dcc9e"></script>
4949
<script src="../_static/design-tabs.js?v=f930bc37"></script>
5050
<script>DOCUMENTATION_OPTIONS.pagename = 'admonitions/sync-to-thread-info';</script>
51-
<script src="../_static/versioning.js?v=68b42869"></script>
51+
<script src="../_static/versioning.js?v=770a9916"></script>
5252
<link rel="icon" href="../_static/favicon.png"/>
5353
<link rel="index" title="Index" href="../genindex.html" />
5454
<link rel="search" title="Search" href="../search.html" />
@@ -1243,7 +1243,6 @@
12431243

12441244

12451245

1246-
12471246
</ul>
12481247
</li>
12491248
<li class="toctree-l2 has-children"><a class="reference internal" href="../usage/plugins/index.html">Plugins</a><input class="toctree-checkbox" id="toctree-checkbox-9" name="toctree-checkbox-9" type="checkbox"/><label class="toctree-toggle" for="toctree-checkbox-9"><i class="fa-solid fa-chevron-down"></i></label><ul>
@@ -1618,7 +1617,7 @@
16181617
<div class="footer-item">
16191618

16201619
<p class="sphinx-version">
1621-
Created using <a href="https://www.sphinx-doc.org/">Sphinx</a> 8.2.3.
1620+
Created using <a href="https://www.sphinx-doc.org/">Sphinx</a> 8.1.3.
16221621
<br/>
16231622
</p>
16241623
</div>

2/benchmarks.html

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@
4848
<script src="_static/litestar-theme.js?v=ab2dcc9e"></script>
4949
<script src="_static/design-tabs.js?v=f930bc37"></script>
5050
<script>DOCUMENTATION_OPTIONS.pagename = 'benchmarks';</script>
51-
<script src="_static/versioning.js?v=68b42869"></script>
51+
<script src="_static/versioning.js?v=770a9916"></script>
5252
<link rel="icon" href="_static/favicon.png"/>
5353
<link rel="index" title="Index" href="genindex.html" />
5454
<link rel="search" title="Search" href="search.html" />
@@ -1245,7 +1245,6 @@
12451245

12461246

12471247

1248-
12491248
</ul>
12501249
</li>
12511250
<li class="toctree-l2 has-children"><a class="reference internal" href="usage/plugins/index.html">Plugins</a><input class="toctree-checkbox" id="toctree-checkbox-9" name="toctree-checkbox-9" type="checkbox"/><label class="toctree-toggle" for="toctree-checkbox-9"><i class="fa-solid fa-chevron-down"></i></label><ul>
@@ -1757,7 +1756,7 @@ <h2>Interpreting the results<a class="headerlink" href="#interpreting-the-result
17571756
<div class="footer-item">
17581757

17591758
<p class="sphinx-version">
1760-
Created using <a href="https://www.sphinx-doc.org/">Sphinx</a> 8.2.3.
1759+
Created using <a href="https://www.sphinx-doc.org/">Sphinx</a> 8.1.3.
17611760
<br/>
17621761
</p>
17631762
</div>

0 commit comments

Comments
 (0)