- SECURITY FIX: Prevent sending invalid HTTP header names and values.
- SECURITY FIX: Ensure path value is escaped before logging to the console.
- Fix overriding the root logger.
- Revert "Watch all files, not just .py" due to unexpected side effects.
- Revert "Pass through gunicorn timeout config." due to unexpected side effects.
- Use
watchgod
, if installed, for watching code changes. - Watch all files, not just .py.
- Pass through gunicorn timeout config.
- Update dependencies.
- Don't open socket until after application startup.
- Support
--backlog
.
- Use a more liberal
h11
dependency. Either0.8.*
or `0.9.*``.
- Fix reload/multiprocessing on Windows with Python 3.8.
- Drop IOCP support. (Required for fix above.)
- Add
uvicorn --version
flag. - Add
--use-colors
and--no-use-colors
flags. - Display port correctly, when auto port selection isused with
--port=0
.
- Fix reload/multiprocessing error.
- Use resource_sharer.DupSocket to resolve socket sharing on Windows.
- Exit if
workers
orreload
are use without an app import string style. - Reorganise supervisor processes to properly hand over sockets on windows.
- Update uvloop dependency to 0.14+
- Error clearly when
workers=<NUM>
is used with app instance, instead of an app import string. - Switch
--reload-dir
to current working directory by default.
- Add ``--log-level trace`
- Enable --proxy-headers by default.
- Resolve issues with logging when using
--reload
or--workers
. - Setup up root logger to capture output for all logger instances, not just
uvicorn.error
anduvicorn.access
.
- Support for Python 3.8
- Separated out
uvicorn.error
anduvicorn.access
logs. - Coloured log output when connected to a terminal.
- Dropped
logger=
config setting. - Added
--log-config [FILE]
andlog_config=[str|dict]
. May either be a Python logging config dictionary or the file name of a logging configuration. - Added
--forwarded_allow_ips
andforwarded_allow_ips
. Defaults to the value of the$FORWARDED_ALLOW_IPS
environment variable or "127.0.0.1". The--proxy-headers
flag now defaults toTrue
, but only trusted IPs are used to populate forwarding info. - The
--workers
setting now defaults to the value of the$WEB_CONCURRENCY
environment variable. - Added support for
--env-file
. Requirespython-dotenv
.