github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2026-03-22 05:37:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2025-62727: Update starlette to 0.49.1 (#13016)

Browse Source 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
Co-authored-by: Ray Myers <ray.myers@gmail.com>
This commit is contained in:
aivong-openhands
2026-02-24 10:55:32 -06:00
committed by GitHub
parent 5367bef43a
commit 0f1ad46a47
3 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
poetry.lock generated
View File

@@ -13161,14 +13161,14 @@ files = [
[[package]]
name = "starlette"
version = "0.48.0"
version = "0.49.1"
description = "The little ASGI library that shines."
optional = false
python-versions = ">=3.9"
groups = ["main"]
files = [
{file = "starlette-0.48.0-py3-none-any.whl", hash = "sha256:0764ca97b097582558ecb498132ed0c7d942f233f365b86ba37770e026510659"},
{file = "starlette-0.48.0.tar.gz", hash = "sha256:7e8cee469a8ab2352911528110ce9088fdc6a37d9876926e73da7ce4aa4c7a46"},
{file = "starlette-0.49.1-py3-none-any.whl", hash = "sha256:d92ce9f07e4a3caa3ac13a79523bd18e3bc0042bb8ff2d759a8e7dd0e1859875"},
{file = "starlette-0.49.1.tar.gz", hash = "sha256:481a43b71e24ed8c43b11ea02f5353d77840e01480881b8cb5a26b8cae64a8cb"},
]
[package.dependencies]
@@ -14724,4 +14724,4 @@ third-party-runtimes = ["daytona", "e2b-code-interpreter", "modal", "runloop-api
[metadata]
lock-version = "2.1"
python-versions = "^3.12,<3.14"
content-hash = "91cf4d77b664da6d531d557c21c0d3b200a2974b96a7bb85bb53f00960ca7ac6"
content-hash = "4a60b2d840718caa7e16ffacb06e32c07317645ff880c6af012afe6097db1337"

4
pyproject.toml
View File

@@ -91,7 +91,7 @@ dependencies = [
"shellingham>=1.5.4",
"sqlalchemy[asyncio]>=2.0.40",
"sse-starlette>=3.0.2",
"starlette>=0.48",
"starlette>=0.49.1",
"tenacity>=8.5,<10",
"termcolor",
"toml",
@@ -221,7 +221,7 @@ bashlex = "^0.18"
# Explicitly pinned packages for latest versions
pypdf = "^6.0.0"
pillow = "^11.3.0"
starlette = "^0.48.0"
starlette = "^0.49.1"
urllib3 = "^2.6.3"
requests = "^2.32.5"
setuptools = ">=78.1.1"

2
uv.lock generated
View File

@@ -3823,7 +3823,7 @@ requires-dist = [
{ name = "shellingham", specifier = ">=1.5.4" },
{ name = "sqlalchemy", extras = ["asyncio"], specifier = ">=2.0.40" },
{ name = "sse-starlette", specifier = ">=3.0.2" },
{ name = "starlette", specifier = ">=0.48" },
{ name = "starlette", specifier = ">=0.49.1" },
{ name = "tenacity", specifier = ">=8.5,<10" },
{ name = "termcolor" },
{ name = "toml" },