oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 19 Packages Projects Releases Wiki Activity

security: upgrade starlette to 1.0.1 to fix PYSEC-2026-161
Some checks failed
Cross-Node Transaction Testing / transaction-test (push) Has been cancelled
Details
Deploy to Testnet / deploy-testnet (push) Has been cancelled
Details
Multi-Node Stress Testing / stress-test (push) Has been cancelled
Details
CLI Tests / test-cli (push) Has been cancelled
Details
Coverage Phase 1 (70% Target) / test-coverage-70 (push) Has been cancelled
Details
Coverage Phase 2 (85% Target) / test-coverage-85 (push) Has been cancelled
Details
Package Tests / Python package - aitbc-agent-sdk (push) Has been cancelled
Details
Package Tests / Python package - aitbc-core (push) Has been cancelled
Details
Package Tests / Python package - aitbc-crypto (push) Has been cancelled
Details
Package Tests / Python package - aitbc-sdk (push) Has been cancelled
Details
Package Tests / JavaScript package - aitbc-sdk-js (push) Has been cancelled
Details
Package Tests / JavaScript package - aitbc-token (push) Has been cancelled
Details
Python Tests / test-python (push) Has been cancelled
Details

Browse Source 
- starlette 0.52.1 had Host header injection vulnerability (auth bypass)
- Upgraded to 1.0.1 which fixes the issue
- Removed unused prometheus-fastapi-instrumentator (conflicting constraint)
- Updated pyproject.toml starlette >= 1.0.1
This commit is contained in:
aitbc
2026-05-25 12:08:29 +02:00
parent 4e83877faf
commit 48eded61b8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pyproject.toml
View File

@@ -12,7 +12,7 @@ python = ">=3.13.5,<3.14"
fastapi = ">=0.115.6"
uvicorn = {extras = ["standard"], version = ">=0.34.0"}
gunicorn = ">=23.0.0"
starlette = ">=0.49.1"
starlette = ">=1.0.1"
# Database & ORM
sqlalchemy = {extras = ["asyncio"], version = ">=2.0.49"}
sqlmodel = ">=0.0.38"