build(deps): bump starlette from 0.17.1 to 0.20.3 in /frameworks

[dependabot[bot]]

Bumps starlette from 0.17.1 to 0.20.3.

Release notes

Sourced from starlette's releases.

Version 0.20.3

Fixed

• Revert "Allow StaticFiles to follow symlinks" #1681.

Version 0.20.2

Fixed

• Fix regression on route paths with colons #1675.
• Allow StaticFiles to follow symlinks #1337.

Version 0.20.1

Fixed

• Improve detection of async callables #1444.
• Send 400 (Bad Request) when boundary is missing #1617.
• Send 400 (Bad Request) when missing "name" field on Content-Disposition header #1643.
• Do not send empty data to StreamingResponse on BaseHTTPMiddleware #1609.
• Add __bool__ dunder for Secret #1625.

Version 0.20.0

Removed

• Drop Python 3.6 support #1357 and #1616.

Version 0.19.1

Fixed

• Fix inference of Route.name when created from methods #1553.
• Avoid TypeError on websocket.disconnect when code is None #1574.

Deprecated

• Deprecate WS_1004_NO_STATUS_RCVD and WS_1005_ABNORMAL_CLOSURE in favor of WS_1005_NO_STATUS_RCVD and WS_1006_ABNORMAL_CLOSURE, as the previous constants didn't match the WebSockets specs #1580.

Version 0.19.0

Added

• Error handler will always run, even if the error happens on a background task #761.
• Add headers parameter to HTTPException #1435.
• Internal responses with 405 status code insert an Allow header, as described by RFC 7231 #1436.
• The content argument in JSONResponse is now required #1431.
• Add custom URL convertor register #1437.
• Add content disposition type parameter to FileResponse #1266.
• Add next query param with original request URL in requires decorator #920.
• Add raw_path to TestClient scope #1445.
• Add union operators to MutableHeaders #1240.
• Display missing route details on debug page #1363.
• Change anyio required version range to >=3.4.0,<5.0 #1421 and #1460.
• Add typing-extensions>=3.10 requirement - used only on lower versions than Python 3.10 #1475.

Fixed

• Prevent BaseHTTPMiddleware from hiding errors of StreamingResponse and mounted applications #1459.
• SessionMiddleware uses an explicit path=..., instead of defaulting to the ASGI 'root_path' #1512.
• Request.client is now compliant with the ASGI specifications #1462.
• Raise KeyError at early stage for missing boundary #1349.

... (truncated)

Changelog

Sourced from starlette's changelog.

0.20.3

June 10, 2022

Fixed

• Revert "Allow StaticFiles to follow symlinks" #1681.

0.20.2

June 7, 2022

Fixed

• Fix regression on route paths with colons #1675.
• Allow StaticFiles to follow symlinks #1337.

0.20.1

May 28, 2022

Fixed

• Improve detection of async callables #1444.
• Send 400 (Bad Request) when boundary is missing #1617.
• Send 400 (Bad Request) when missing "name" field on Content-Disposition header #1643.
• Do not send empty data to StreamingResponse on BaseHTTPMiddleware #1609.
• Add __bool__ dunder for Secret #1625.

0.20.0

May 3, 2022

Removed

• Drop Python 3.6 support #1357 and #1616.

0.19.1

April 22, 2022

Fixed

• Fix inference of Route.name when created from methods #1553.
• Avoid TypeError on websocket.disconnect when code is None #1574.

Deprecated

• Deprecate WS_1004_NO_STATUS_RCVD and WS_1005_ABNORMAL_CLOSURE in favor of WS_1005_NO_STATUS_RCVD and WS_1006_ABNORMAL_CLOSURE, as the previous constants didn't match the WebSockets specs #1580.

0.19.0

March 9, 2022

... (truncated)

Commits

• ccd486e Version 0.20.3 (#1682)
• edeba9c Revert "Allow staticfiles to follow symlinks outside directory (#1377)" (#1681)
• 4519fba Version 0.20.2 (#1658)
• b588ebe Fix regression on route names with colons (#1675)
• 9ef1b91 Improve documentation on BaseHTTPMiddleware (#1655)
• e8dcf69 Bump types-contextvars from 2.4.5 to 2.4.6 (#1668)
• a552340 Bump mypy from 0.950 to 0.960 (#1667)
• d3dccdc Allow staticfiles to follow symlinks outside directory (#1377)
• d81545c Version 0.20.1 (#1644)
• 5b058fa Improve detection of async callables (#1444)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #171.