Starlette

This release fixes a path traversal vulnerability in `StaticFiles`. You can view the full security advisory:
https://github.com/encode/starlette/security/advisories/GHSA-v5gw-mw7f-84px

Added
* Minify JSON websocket data via `send_json` https://github.com/encode/starlette/pull/2128

Fixed
* Replace `commonprefix` by `commonpath` on `StaticFiles` [1797de4](https://github.com/encode/starlette/commit/1797de464124b090f10cf570441e8292936d63e3).
* Convert ImportErrors into ModuleNotFoundError [2135](https://github.com/encode/starlette/pull/2135).
* Correct the RuntimeError message content in websockets [2141](https://github.com/encode/starlette/pull/2141).

**Full Changelog**: https://github.com/encode/starlette/compare/0.26.1...0.27.0

Fixed
* Fix typing of Lifespan to allow subclasses of Starlette [2077](https://github.com/encode/starlette/pull/2077).

Fixed
* Replace reference from Events to Lifespan on the mkdocs.yml [2072](https://github.com/encode/starlette/pull/2072).

Added

* Support [lifespan state](https://www.starlette.io/lifespan/) [#2060](https://github.com/encode/starlette/pull/2060), [#2065](https://github.com/encode/starlette/pull/2065) and [#2064](https://github.com/encode/starlette/pull/2064).

Changed
* Change `url_for` signature to return a `URL` instance [1385](https://github.com/encode/starlette/pull/1385).

Fixed
* Allow "name" argument on `url_for()` and `url_path_for()` [2050](https://github.com/encode/starlette/pull/2050).

Deprecated
* Deprecate `on_startup` and `on_shutdown` events [2070](https://github.com/encode/starlette/pull/2070).

**Full Changelog**: https://github.com/encode/starlette/compare/0.25.0...0.26.0

Fixed
* Limit the number of fields and files when parsing `multipart/form-data` on the `MultipartParser` [8c74c2c](https://github.com/encode/starlette/commit/8c74c2c8dba7030154f8af18e016136bea1938fa) and [#2036](https://github.com/encode/starlette/pull/2036).

Added
* Allow `StaticFiles` to follow symlinks [1683](https://github.com/encode/starlette/pull/1683).
* Allow `Request.form()` as a context manager [1903](https://github.com/encode/starlette/pull/1903).
* Add `size` attribute to `UploadFile` [1405](https://github.com/encode/starlette/pull/1405).
* Add `env_prefix` argument to `Config` [1990](https://github.com/encode/starlette/pull/1990).
* Add template context processors [1904](https://github.com/encode/starlette/pull/1904).
* Support `str` and `datetime` on `expires` parameter on the `Response.set_cookie` method [1908](https://github.com/encode/starlette/pull/1908).

Changed
* Lazily build the middleware stack [2017](https://github.com/encode/starlette/pull/2017).
* Make the `file` argument required on `UploadFile` [1413](https://github.com/encode/starlette/pull/1413).
* Use debug extension instead of custom response template extension [1991](https://github.com/encode/starlette/pull/1991).

Fixed
* Fix url parsing of ipv6 urls on `URL.replace` [1965](https://github.com/encode/starlette/pull/1965).