Skip to content

Bump starlette from 1.0.0 to 1.0.1 in /JL-Engine-local#30

Merged
jaden688 merged 1 commit into
mainfrom
dependabot/uv/JL-Engine-local/starlette-1.0.1
Jun 14, 2026
Merged

Bump starlette from 1.0.0 to 1.0.1 in /JL-Engine-local#30
jaden688 merged 1 commit into
mainfrom
dependabot/uv/JL-Engine-local/starlette-1.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 4, 2026

Copy link
Copy Markdown
Contributor

Bumps starlette from 1.0.0 to 1.0.1.

Release notes

Sourced from starlette's releases.

Version 1.0.1

What's Changed

Full Changelog: Kludex/starlette@1.0.0...1.0.1

Changelog

Sourced from starlette's changelog.

1.0.1 (May 21, 2026)

Fixed

  • Ignore malformed Host header when constructing request.url #3279.
Commits
  • 48f8e33 Version 1.0.1 (#3281)
  • f078832 Remove Hugging Face sponsor block from docs (#3280)
  • 472951e chore(deps): bump the github-actions group with 2 updates (#3277)
  • 764dab0 Ignore malformed Host header when constructing request.url (#3279)
  • 19d0811 Harden GitHub Actions workflows and Dependabot config (#3276)
  • 01f4637 chore(deps): bump idna from 3.10 to 3.15 (#3274)
  • b8fa514 docs: fix typos in TestClient docs and test_requests comment (#3266)
  • e935b6b fix uvicorn domain (#3269)
  • 96af952 Add 7-day cooldown for dependency resolution via uv exclude-newer (#3265)
  • 61e385b Add zizmor GitHub Actions security analysis workflow (#3264)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [starlette](https://github.com/Kludex/starlette) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/Kludex/starlette/releases)
- [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md)
- [Commits](Kludex/starlette@1.0.0...1.0.1)

---
updated-dependencies:
- dependency-name: starlette
  dependency-version: 1.0.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 4, 2026
@deepsource-io

deepsource-io Bot commented Jun 4, 2026

Copy link
Copy Markdown

DeepSource Code Review

We reviewed changes in 8c866f2...198164c on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Security  

Reliability  

Complexity  

Hygiene  

Code Review Summary

Analyzer Status Updated (UTC) Details
Java Jun 4, 2026 5:50p.m. Review ↗
Shell Jun 4, 2026 5:50p.m. Review ↗
Python Jun 4, 2026 5:50p.m. Review ↗
Secrets Jun 4, 2026 5:50p.m. Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

@jaden688 jaden688 merged commit 2eabb60 into main Jun 14, 2026
7 of 12 checks passed
@github-project-automation github-project-automation Bot moved this from Todo to Done in @jaden688's JL-Engine Jun 14, 2026
@jaden688 jaden688 deleted the dependabot/uv/JL-Engine-local/starlette-1.0.1 branch June 14, 2026 09:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

1 participant