Fastapi

Fixes

* ♻ Assume request bodies contain JSON when no Content-Type header is provided. This fixes a breaking change introduced by [0.65.2 with PR 2118](https://github.com/tiangolo/fastapi/pull/2118). It should allow upgrading FastAPI applications with clients that send JSON data without a `Content-Type` header. And there's still protection against CSRFs. PR [#3456](https://github.com/tiangolo/fastapi/pull/3456) by [tiangolo](https://github.com/tiangolo).

Translations

* 🌐 Initialize Indonesian translations. PR [3014](https://github.com/tiangolo/fastapi/pull/3014) by [pace-noge](https://github.com/pace-noge).
* 🌐 Add Spanish translation of Tutorial - Path Parameters. PR [2219](https://github.com/tiangolo/fastapi/pull/2219) by [mariacamilagl](https://github.com/mariacamilagl).
* 🌐 Add Spanish translation of Tutorial - First Steps. PR [2208](https://github.com/tiangolo/fastapi/pull/2208) by [mariacamilagl](https://github.com/mariacamilagl).
* 🌐 Portuguese translation of Tutorial - Body - Fields. PR [3420](https://github.com/tiangolo/fastapi/pull/3420) by [ComicShrimp](https://github.com/ComicShrimp).
* 🌐 Add Chinese translation for Tutorial - Request - Forms - and - Files. PR [3249](https://github.com/tiangolo/fastapi/pull/3249) by [jaystone776](https://github.com/jaystone776).
* 🌐 Add Chinese translation for Tutorial - Handling - Errors. PR [3299](https://github.com/tiangolo/fastapi/pull/3299) by [jaystone776](https://github.com/jaystone776).
* 🌐 Add Chinese translation for Tutorial - Form - Data. PR [3248](https://github.com/tiangolo/fastapi/pull/3248) by [jaystone776](https://github.com/jaystone776).
* 🌐 Add Chinese translation for Tutorial - Body - Updates. PR [3237](https://github.com/tiangolo/fastapi/pull/3237) by [jaystone776](https://github.com/jaystone776).
* 🌐 Add Chinese translation for FastAPI People. PR [3112](https://github.com/tiangolo/fastapi/pull/3112) by [hareru](https://github.com/hareru).
* 🌐 Add French translation for Project Generation. PR [3197](https://github.com/tiangolo/fastapi/pull/3197) by [Smlep](https://github.com/Smlep).
* 🌐 Add French translation for Python Types Intro. PR [3185](https://github.com/tiangolo/fastapi/pull/3185) by [Smlep](https://github.com/Smlep).
* 🌐 Add French translation for External Links. PR [3103](https://github.com/tiangolo/fastapi/pull/3103) by [Smlep](https://github.com/Smlep).
* 🌐 Add French translation for Alternatives, Inspiration and Comparisons. PR [3020](https://github.com/tiangolo/fastapi/pull/3020) by [rjNemo](https://github.com/rjNemo).
* 🌐 Fix Chinese translation code snippet mismatch in Tutorial - Python Types Intro. PR [2573](https://github.com/tiangolo/fastapi/pull/2573) by [BoYanZh](https://github.com/BoYanZh).
* 🌐 Add Portuguese translation for Development Contributing. PR [1364](https://github.com/tiangolo/fastapi/pull/1364) by [Serrones](https://github.com/Serrones).
* 🌐 Add Chinese translation for Tutorial - Request - Files. PR [3244](https://github.com/tiangolo/fastapi/pull/3244) by [jaystone776](https://github.com/jaystone776).

Internal

* 👥 Update FastAPI People. PR [3450](https://github.com/tiangolo/fastapi/pull/3450) by [github-actions[bot]](https://github.com/apps/github-actions).
* 👥 Update FastAPI People. PR [3319](https://github.com/tiangolo/fastapi/pull/3319) by [github-actions[bot]](https://github.com/apps/github-actions).
* ⬆ Upgrade docs development dependency on `typer-cli` to >=0.0.12 to fix conflicts. PR [3429](https://github.com/tiangolo/fastapi/pull/3429) by [tiangolo](https://github.com/tiangolo).

Security fixes

* 🔒 Check Content-Type request header before assuming JSON. Initial PR [2118](https://github.com/tiangolo/fastapi/pull/2118) by [patrickkwang](https://github.com/patrickkwang).

This change fixes a [CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery) security vulnerability when using cookies for authentication in path operations with JSON payloads sent by browsers.

In versions lower than `0.65.2`, FastAPI would try to read the request payload as JSON even if the `content-type` header sent was not set to `application/json` or a compatible JSON media type (e.g. `application/geo+json`).

So, a request with a content type of `text/plain` containing JSON data would be accepted and the JSON data would be extracted.

But requests with content type `text/plain` are exempt from [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) preflights, for being considered [Simple requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests). So, the browser would execute them right away including cookies, and the text content could be a JSON string that would be parsed and accepted by the FastAPI application.

See [CVE-2021-32677](https://github.com/tiangolo/fastapi/security/advisories/GHSA-8h2j-cgx8-6xv7) for more details.

Thanks to [Dima Boger](https://twitter.com/b0g3r) for the security report! 🙇🔒

Internal

* 🔧 Update sponsors badge, course bundle. PR [3340](https://github.com/tiangolo/fastapi/pull/3340) by [tiangolo](https://github.com/tiangolo).
* 🔧 Add new gold sponsor Jina 🎉. PR [3291](https://github.com/tiangolo/fastapi/pull/3291) by [tiangolo](https://github.com/tiangolo).
* 🔧 Add new banner sponsor badge for FastAPI courses bundle. PR [3288](https://github.com/tiangolo/fastapi/pull/3288) by [tiangolo](https://github.com/tiangolo).
* 👷 Upgrade Issue Manager GitHub Action. PR [3236](https://github.com/tiangolo/fastapi/pull/3236) by [tiangolo](https://github.com/tiangolo).

Security fixes

* 📌 Upgrade pydantic pin, to handle security vulnerability [CVE-2021-29510](https://github.com/samuelcolvin/pydantic/security/advisories/GHSA-5jqp-qgf6-3pvh). PR [#3213](https://github.com/tiangolo/fastapi/pull/3213) by [tiangolo](https://github.com/tiangolo).

Breaking Changes - Upgrade

* ⬆️ Upgrade Starlette to `0.14.2`, including internal `UJSONResponse` migrated from Starlette. This includes several bug fixes and features from Starlette. PR [2335](https://github.com/tiangolo/fastapi/pull/2335) by [hanneskuettner](https://github.com/hanneskuettner).

Translations

* 🌐 Initialize new language Polish for translations. PR [3170](https://github.com/tiangolo/fastapi/pull/3170) by [neternefer](https://github.com/neternefer).

Internal

* 👷 Add GitHub Action cache to speed up CI installs. PR [3204](https://github.com/tiangolo/fastapi/pull/3204) by [tiangolo](https://github.com/tiangolo).
* ⬆️ Upgrade setup-python GitHub Action to v2. PR [3203](https://github.com/tiangolo/fastapi/pull/3203) by [tiangolo](https://github.com/tiangolo).
* 🐛 Fix docs script to generate a new translation language with `overrides` boilerplate. PR [3202](https://github.com/tiangolo/fastapi/pull/3202) by [tiangolo](https://github.com/tiangolo).
* ✨ Add new Deta banner badge with new sponsorship tier 🙇. PR [3194](https://github.com/tiangolo/fastapi/pull/3194) by [tiangolo](https://github.com/tiangolo).
* 👥 Update FastAPI People. PR [3189](https://github.com/tiangolo/fastapi/pull/3189) by [github-actions[bot]](https://github.com/apps/github-actions).
* 🔊 Update FastAPI People to allow better debugging. PR [3188](https://github.com/tiangolo/fastapi/pull/3188) by [tiangolo](https://github.com/tiangolo).

Features

* ✨ Add support for adding multiple `examples` in request bodies and path, query, cookie, and header params. New docs: [Declare Request Example Data](https://fastapi.tiangolo.com/tutorial/schema-extra-example/#body-with-multiple-examples). Initial PR [1267](https://github.com/tiangolo/fastapi/pull/1267) by [austinorr](https://github.com/austinorr).

Fixes

* 📌 Pin SQLAlchemy range for tests, as it doesn't use SemVer. PR [3001](https://github.com/tiangolo/fastapi/pull/3001) by [tiangolo](https://github.com/tiangolo).
* 🎨 Add newly required type annotations for mypy. PR [2882](https://github.com/tiangolo/fastapi/pull/2882) by [tiangolo](https://github.com/tiangolo).
* 🎨 Remove internal "type: ignore", now unnecessary. PR [2424](https://github.com/tiangolo/fastapi/pull/2424) by [AsakuraMizu](https://github.com/AsakuraMizu).

Docs

* 📝 Add link to article in Russian "FastAPI: знакомимся с фреймворком". PR [2564](https://github.com/tiangolo/fastapi/pull/2564) by [trkohler](https://github.com/trkohler).
* 📝 Add external link to blog post "Authenticate Your FastAPI App with Auth0". PR [2172](https://github.com/tiangolo/fastapi/pull/2172) by [dompatmore](https://github.com/dompatmore).
* 📝 Fix broken link to article: Machine learning model serving in Python using FastAPI and Streamlit. PR [2557](https://github.com/tiangolo/fastapi/pull/2557) by [davidefiocco](https://github.com/davidefiocco).
* 📝 Add FastAPI Medium Article: Deploy a dockerized FastAPI application to AWS. PR [2515](https://github.com/tiangolo/fastapi/pull/2515) by [vjanz](https://github.com/vjanz).
* ✏ Fix typo in Tutorial - Handling Errors. PR [2486](https://github.com/tiangolo/fastapi/pull/2486) by [johnthagen](https://github.com/johnthagen).
* ✏ Fix typo in Security OAuth2 scopes. PR [2407](https://github.com/tiangolo/fastapi/pull/2407) by [jugmac00](https://github.com/jugmac00).
* ✏ Fix typo/clarify docs for SQL (Relational) Databases. PR [2393](https://github.com/tiangolo/fastapi/pull/2393) by [kangni](https://github.com/kangni).
* 📝 Add external link to "FastAPI for Flask Users". PR [2280](https://github.com/tiangolo/fastapi/pull/2280) by [amitness](https://github.com/amitness).

Translations

* 🌐 Fix Chinese translation of Tutorial - Query Parameters, remove obsolete content. PR [3051](https://github.com/tiangolo/fastapi/pull/3051) by [louis70109](https://github.com/louis70109).
* 🌐 Add French translation for Tutorial - Background Tasks. PR [3098](https://github.com/tiangolo/fastapi/pull/3098) by [Smlep](https://github.com/Smlep).
* 🌐 Fix Korean translation for docs/ko/docs/index.md. PR [3159](https://github.com/tiangolo/fastapi/pull/3159) by [SueNaEunYang](https://github.com/SueNaEunYang).
* 🌐 Add Korean translation for Tutorial - Query Parameters. PR [2390](https://github.com/tiangolo/fastapi/pull/2390) by [hard-coders](https://github.com/hard-coders).
* 🌐 Add French translation for FastAPI People. PR [2232](https://github.com/tiangolo/fastapi/pull/2232) by [JulianMaurin](https://github.com/JulianMaurin).
* 🌐 Add Korean translation for Tutorial - Path Parameters. PR [2355](https://github.com/tiangolo/fastapi/pull/2355) by [hard-coders](https://github.com/hard-coders).
* 🌐 Add French translation for Features. PR [2157](https://github.com/tiangolo/fastapi/pull/2157) by [Jefidev](https://github.com/Jefidev).
* 👥 Update FastAPI People. PR [3031](https://github.com/tiangolo/fastapi/pull/3031) by [github-actions[bot]](https://github.com/apps/github-actions).
* 🌐 Add Chinese translation for Tutorial - Debugging. PR [2737](https://github.com/tiangolo/fastapi/pull/2737) by [blt232018](https://github.com/blt232018).
* 🌐 Add Chinese translation for Tutorial - Security - OAuth2 with Password (and hashing), Bearer with JWT tokens. PR [2642](https://github.com/tiangolo/fastapi/pull/2642) by [waynerv](https://github.com/waynerv).
* 🌐 Add Korean translation for Tutorial - Header Parameters. PR [2589](https://github.com/tiangolo/fastapi/pull/2589) by [mode9](https://github.com/mode9).
* 🌐 Add Chinese translation for Tutorial - Metadata and Docs URLs. PR [2559](https://github.com/tiangolo/fastapi/pull/2559) by [blt232018](https://github.com/blt232018).
* 🌐 Add Korean translation for Tutorial - First Steps. PR [2323](https://github.com/tiangolo/fastapi/pull/2323) by [hard-coders](https://github.com/hard-coders).
* 🌐 Add Chinese translation for Tutorial - CORS (Cross-Origin Resource Sharing). PR [2540](https://github.com/tiangolo/fastapi/pull/2540) by [blt232018](https://github.com/blt232018).
* 🌐 Add Chinese translation for Tutorial - Middleware. PR [2334](https://github.com/tiangolo/fastapi/pull/2334) by [lpdswing](https://github.com/lpdswing).
* 🌐 Add Korean translation for Tutorial - Intro. PR [2317](https://github.com/tiangolo/fastapi/pull/2317) by [hard-coders](https://github.com/hard-coders).
* 🌐 Add Chinese translation for Tutorial - Bigger Applications - Multiple Files. PR [2453](https://github.com/tiangolo/fastapi/pull/2453) by [waynerv](https://github.com/waynerv).
* 🌐 Add Chinese translation for Tutorial - Security - Security Intro. PR [2443](https://github.com/tiangolo/fastapi/pull/2443) by [waynerv](https://github.com/waynerv).
* 🌐 Add Chinese translation for Tutorial - Header Parameters. PR [2412](https://github.com/tiangolo/fastapi/pull/2412) by [maoyibo](https://github.com/maoyibo).
* 🌐 Add Chinese translation for Tutorial - Extra Data Types. PR [2410](https://github.com/tiangolo/fastapi/pull/2410) by [maoyibo](https://github.com/maoyibo).
* 🌐 Add Japanese translation for Deployment - Docker. PR [2312](https://github.com/tiangolo/fastapi/pull/2312) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for Deployment - Versions. PR [2310](https://github.com/tiangolo/fastapi/pull/2310) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Chinese translation for Tutorial - Cookie Parameters. PR [2261](https://github.com/tiangolo/fastapi/pull/2261) by [alicrazy1947](https://github.com/alicrazy1947).
* 🌐 Add Japanese translation for Tutorial - Static files. PR [2260](https://github.com/tiangolo/fastapi/pull/2260) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for Tutorial - Testing. PR [2259](https://github.com/tiangolo/fastapi/pull/2259) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for Tutorial - Debugging. PR [2256](https://github.com/tiangolo/fastapi/pull/2256) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for Tutorial - Middleware. PR [2255](https://github.com/tiangolo/fastapi/pull/2255) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for Concurrency and async / await. PR [2058](https://github.com/tiangolo/fastapi/pull/2058) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Chinese translation for Tutorial - Security - Simple OAuth2 with Password and Bearer. PR [2514](https://github.com/tiangolo/fastapi/pull/2514) by [waynerv](https://github.com/waynerv).
* 🌐 Add Japanese translation for Deployment - Deta. PR [2314](https://github.com/tiangolo/fastapi/pull/2314) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Chinese translation for Tutorial - Security - Get Current User. PR [2474](https://github.com/tiangolo/fastapi/pull/2474) by [waynerv](https://github.com/waynerv).
* 🌐 Add Japanese translation for Deployment - Manually. PR [2313](https://github.com/tiangolo/fastapi/pull/2313) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for Deployment - Intro. PR [2309](https://github.com/tiangolo/fastapi/pull/2309) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for FastAPI People. PR [2254](https://github.com/tiangolo/fastapi/pull/2254) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for Advanced - Path Operation Advanced Configuration. PR [2124](https://github.com/tiangolo/fastapi/pull/2124) by [Attsun1031](https://github.com/Attsun1031).
* 🌐 Add Japanese translation for External Links. PR [2070](https://github.com/tiangolo/fastapi/pull/2070) by [tokusumi](https://github.com/tokusumi).
* 🌐 Add Japanese translation for Tutorial - Body - Updates. PR [1956](https://github.com/tiangolo/fastapi/pull/1956) by [SwftAlpc](https://github.com/SwftAlpc).
* 🌐 Add Japanese translation for Tutorial - Form Data. PR [1943](https://github.com/tiangolo/fastapi/pull/1943) by [SwftAlpc](https://github.com/SwftAlpc).
* 🌐 Add Japanese translation for Tutorial - Cookie Parameters. PR [1933](https://github.com/tiangolo/fastapi/pull/1933) by [SwftAlpc](https://github.com/SwftAlpc).

Internal

* 🔧 Update top banner, point to newsletter. PR [3003](https://github.com/tiangolo/fastapi/pull/3003) by [tiangolo](https://github.com/tiangolo).
* 🔧 Disable sponsor WeTransfer. PR [3002](https://github.com/tiangolo/fastapi/pull/3002) by [tiangolo](https://github.com/tiangolo).
* 👥 Update FastAPI People. PR [2880](https://github.com/tiangolo/fastapi/pull/2880) by [github-actions[bot]](https://github.com/apps/github-actions).
* 👥 Update FastAPI People. PR [2739](https://github.com/tiangolo/fastapi/pull/2739) by [github-actions[bot]](https://github.com/apps/github-actions).
* 🔧 Add new Gold Sponsor Talk Python 🎉. PR [2673](https://github.com/tiangolo/fastapi/pull/2673) by [tiangolo](https://github.com/tiangolo).
* 🔧 Add new Gold Sponsor vim.so 🎉. PR [2669](https://github.com/tiangolo/fastapi/pull/2669) by [tiangolo](https://github.com/tiangolo).
* 🔧 Add FastAPI user survey banner. PR [2623](https://github.com/tiangolo/fastapi/pull/2623) by [tiangolo](https://github.com/tiangolo).
* 🔧 Add new Bronze Sponsor(s) 🥉🎉. PR [2622](https://github.com/tiangolo/fastapi/pull/2622) by [tiangolo](https://github.com/tiangolo).
* 📝 Update social links: add Discord, fix GitHub. PR [2621](https://github.com/tiangolo/fastapi/pull/2621) by [tiangolo](https://github.com/tiangolo).
* 🔧 Update FastAPI People GitHub Sponsors order. PR [2620](https://github.com/tiangolo/fastapi/pull/2620) by [tiangolo](https://github.com/tiangolo).
* 🔧 Update InvestSuite sponsor data. PR [2608](https://github.com/tiangolo/fastapi/pull/2608) by [tiangolo](https://github.com/tiangolo).
* 👥 Update FastAPI People. PR [2590](https://github.com/tiangolo/fastapi/pull/2590) by [github-actions[bot]](https://github.com/apps/github-actions).

Features

* ✨ Improve type annotations, add support for mypy --strict, internally and for external packages. PR [2547](https://github.com/tiangolo/fastapi/pull/2547) by [tiangolo](https://github.com/tiangolo).

Breaking changes

* ⬆️ Upgrade Uvicorn when installing `fastapi[all]` to the latest version including `uvloop`, the new range is `uvicorn[standard] >=0.12.0,<0.14.0`. PR [2548](https://github.com/tiangolo/fastapi/pull/2548) by [tiangolo](https://github.com/tiangolo).

Fixes

* 🐛 PR [2547](https://github.com/tiangolo/fastapi/pull/2547) (read above) also fixes some false-positive mypy errors with `callbacks` parameters and when using the `OAuth2` class.

Docs

* 📝 Update Uvicorn installation instructions to use uvicorn[standard] (includes uvloop). PR [2543](https://github.com/tiangolo/fastapi/pull/2543) by [tiangolo](https://github.com/tiangolo).
* 📝 Update title for Deta tutorial. PR [2466](https://github.com/tiangolo/fastapi/pull/2466) by [tiangolo](https://github.com/tiangolo).
* 👥 Update FastAPI People. PR [2454](https://github.com/tiangolo/fastapi/pull/2454) by [github-actions[bot]](https://github.com/apps/github-actions).

Translations

* 🌐 Add docs lang selector widget. PR [2542](https://github.com/tiangolo/fastapi/pull/2542) by [tiangolo](https://github.com/tiangolo).
* 🌐 Add Chinese translation for Tutorial - Response Status Code. PR [2442](https://github.com/tiangolo/fastapi/pull/2442) by [waynerv](https://github.com/waynerv).
* 🌐 Start translation of the documentation for the Albanian language. PR [2516](https://github.com/tiangolo/fastapi/pull/2516) by [vjanz](https://github.com/vjanz).
* 🌐 Add Chinese translation for Tutorial - Extra Models. PR [2416](https://github.com/tiangolo/fastapi/pull/2416) by [waynerv](https://github.com/waynerv).
* 🌐 Add Chinese translation for Tutorial - Response Model. PR [2414](https://github.com/tiangolo/fastapi/pull/2414) by [waynerv](https://github.com/waynerv).
* 🌐 Add Chinese translation for Tutorial - Schema Extra Example. PR [2411](https://github.com/tiangolo/fastapi/pull/2411) by [maoyibo](https://github.com/maoyibo).
* 🌐 Add Korean translation for Index. PR [2192](https://github.com/tiangolo/fastapi/pull/2192) by [hard-coders](https://github.com/hard-coders).
* 🌐 Add Japanese translation for Advanced User Guide - Additional Status Codes. PR [2145](https://github.com/tiangolo/fastapi/pull/2145) by [Attsun1031](https://github.com/Attsun1031).

Internal

* 🐛 Fix docs overrides directory for translations. PR [2541](https://github.com/tiangolo/fastapi/pull/2541) by [tiangolo](https://github.com/tiangolo).
* ➖ Remove Typer as a docs building dependency (covered by typer-cli) to fix pip resolver conflicts. PR [2539](https://github.com/tiangolo/fastapi/pull/2539) by [tiangolo](https://github.com/tiangolo).
* ✨ Add newsletter: FastAPI and friends. PR [2509](https://github.com/tiangolo/fastapi/pull/2509) by [tiangolo](https://github.com/tiangolo).
* ✨ Add new Gold Sponsor: InvestSuite 🎉. PR [2508](https://github.com/tiangolo/fastapi/pull/2508) by [tiangolo](https://github.com/tiangolo).
* 🔧 Add issue template configs. PR [2476](https://github.com/tiangolo/fastapi/pull/2476) by [tiangolo](https://github.com/tiangolo).