Skip to content

chore(deps): Bump uvicorn from 0.41.0 to 0.42.0#6022

Open
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/pip/uvicorn-0.42.0
Open

chore(deps): Bump uvicorn from 0.41.0 to 0.42.0#6022
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/pip/uvicorn-0.42.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 17, 2026

Bumps uvicorn from 0.41.0 to 0.42.0.

Release notes

Sourced from uvicorn's releases.

Version 0.42.0

Changed

  • Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies (#2845)

Fixed

  • Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • Fix multiple issues in websockets sans-io implementation (#2825)

New Contributors

Full Changelog: Kludex/uvicorn@0.41.0...0.42.0

Changelog

Sourced from uvicorn's changelog.

0.42.0 (March 16, 2026)

Changed

  • Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies (#2845)

Fixed

  • Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • Fix multiple issues in websockets sans-io implementation (#2825)
Commits
  • 02bed6f Version 0.42.0 (#2852)
  • d8f2501 chore: pre-create Config objects in benchmarks to measure protocol hot paths ...
  • 9dbb783 Add WebSocket protocol benchmarks for wsproto and websockets-sansio (#2849)
  • b3c69da Use bytearray for request body accumulation (#2845)
  • 3f3ebee Disable pytest-xdist for CodSpeed benchmark runs (#2847)
  • d072de7 Add fragmented body benchmark for chunked body accumulation (#2846)
  • e300c2c Add CodSpeed benchmark suite for HTTP protocol hot paths (#2844)
  • 1fa6976 Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • 59ec1de Fix multiple issues in websockets sansio implementation (#2825)
  • 2fc0efc Clarify Windows asyncio event loop selection in docs (#2843)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot
chore(deps): Bump uvicorn from 0.41.0 to 0.42.0
6c8a8c9 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.41.0 to 0.42.0. - [Release notes](https://github.com/Kludex/uvicorn/releases) - [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md) - [Commits](Kludex/uvicorn@0.41.0...0.42.0) --- updated-dependencies: - dependency-name: uvicorn dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python labels Mar 17, 2026
@github-actions github-actions bot added unresolved-conversations: 0 PR has 0 unresolved conversations files-changed: 2 PR changes 2 files labels Mar 17, 2026
@github-project-automation github-project-automation bot moved this from Backlog to Ready in 📌 OWASP BLT Project Board Mar 17, 2026
@github-actions github-actions bot added security: review needed Security scans need review pre-commit: passed Pre-commit checks passed tests: P:97 F:1 S:0 Django tests failed last-active: 0d PR last updated 0 days ago labels Mar 17, 2026
@github-actions github-actions bot added tests: P:666 F:0 S:2 Django tests passed last-active: 1d PR last updated 1 day ago last-active: 2d PR last updated 2 days ago last-active: 3d PR last updated 3 days ago last-active: 4d PR last updated 4 days ago last-active: 5d Issue last updated 5 days ago and removed last-active: 0d PR last updated 0 days ago tests: P:97 F:1 S:0 Django tests failed last-active: 1d PR last updated 1 day ago last-active: 2d PR last updated 2 days ago last-active: 3d PR last updated 3 days ago last-active: 4d PR last updated 4 days ago last-active: 5d Issue last updated 5 days ago labels Mar 17, 2026
@github-actions github-actions bot added the last-active: 6d Issue last updated 6 days ago label Mar 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file files-changed: 2 PR changes 2 files last-active: 6d Issue last updated 6 days ago pre-commit: passed Pre-commit checks passed python security: review needed Security scans need review tests: P:666 F:0 S:2 Django tests passed unresolved-conversations: 0 PR has 0 unresolved conversations

1 participant

@DonnieBLT