Skip to content

Commit e04bd4f

Browse files
scale-ballenclaude
scale-ballen
and
claude
committed
fix: widen fastapi constraint to allow starlette CVE-2025-62727 fix
The tight `fastapi>=0.115.0,<0.116` pin caps starlette at `<0.47.0`, blocking the fix for CVE-2025-62727 which requires starlette>=0.49.1. Widened to `fastapi>=0.115.0,<0.136`. The SDK only uses stable public APIs (FastAPI, Request, StreamingResponse, BaseHTTPMiddleware, Depends) that are unchanged across these versions. All 501 SDK tests pass. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent b1f5ff8 commit e04bd4f

File tree

2 files changed

+21
-9
lines changed

2 files changed

+21
-9
lines changed

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ dependencies = [
1818
"typer>=0.16,<0.17",
1919
"questionary>=2.0.1,<3",
2020
"rich>=13.9.2,<14",
21-
"fastapi>=0.115.0,<0.116",
21+
"fastapi>=0.115.0,<0.136",
2222
"uvicorn>=0.31.1",
2323
"watchfiles>=0.24.0,<1.0",
2424
"python-on-whales>=0.73.0,<0.74",

uv.lock

Lines changed: 20 additions & 8 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)