Bump starlette from 0.48.0 to 0.49.1 in /e2e_tests in the pip group across 1 directory

[dependabot]

Bumps the pip group with 1 update in the /e2e_tests directory: starlette.

Updates starlette from 0.48.0 to 0.49.1

Release notes

Sourced from starlette's releases.

Version 0.49.1

This release fixes a security vulnerability in the parsing logic of the Range header in FileResponse.

You can view the full security advisory: GHSA-7f5h-v6xp-fcq8

Fixed

• Optimize the HTTP ranges parsing logic 4ea6e22b489ec388d6004cfbca52dd5b147127c5

---

Full Changelog: Kludex/starlette@0.49.0...0.49.1

Version 0.49.0

Added

• Add encoding parameter to Config class #2996.
• Support multiple cookie headers in Request.cookies #3029.
• Use Literal type for WebSocketEndpoint encoding values #3027.

Changed

• Do not pollute exception context in Middleware when using BaseHTTPMiddleware #2976.

---

New Contributors

• @​TheWesDias made their first contribution in Kludex/starlette#3017
• @​gmos2104 made their first contribution in Kludex/starlette#3027
• @​secrett2633 made their first contribution in Kludex/starlette#2996
• @​adam-sikora made their first contribution in Kludex/starlette#2976

Full Changelog: Kludex/starlette@0.48.0...0.49.0

Changelog

Sourced from starlette's changelog.

0.49.1 (October 28, 2025)

This release fixes a security vulnerability in the parsing logic of the Range header in FileResponse.

You can view the full security advisory: GHSA-7f5h-v6xp-fcq8

Fixed

• Optimize the HTTP ranges parsing logic 4ea6e22b489ec388d6004cfbca52dd5b147127c5

0.49.0 (October 28, 2025)

Added

• Add encoding parameter to Config class #2996.
• Support multiple cookie headers in Request.cookies #3029.
• Use Literal type for WebSocketEndpoint encoding values #3027.

Changed

• Do not pollute exception context in Middleware when using BaseHTTPMiddleware #2976.

Commits

• 7e4b742 Version 0.49.1 (#3047)
• 4ea6e22 Merge commit from fork
• 7d88ea6 Version 0.49.0 (#3046)
• 26d66bb Do not pollute exception context in Middleware (#2976)
• a59397d Set encodings when reading config files (#2996)
• 3b7f0cb test: add test for unknown status (#3035)
• b09ce1a docs: fix legibility issues on sponsorship page (#3039)
• 0f0edcf Revert "Add Marcelo Trylesinski to the license (#3025)" (#3044)
• 3912d63 docs: add social icons (#3038)
• 4915a93 Add discord to README/docs (#3034)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Unit Test Results

658 tests   658 ✅  7s ⏱️
  1 suites    0 💤
  1 files      0 ❌

Results for commit d595db6.

♻️ This comment has been updated with latest results.

[tamirkamara]

/test-extended 98a7a20

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/18902123415 (with refid 63019940)

(in response to this comment from @tamirkamara)

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/18902123415 (with refid 63019940)

(in response to this comment from @tamirkamara)

[tamirkamara]

@copilot this upgrade of starlette needs to include an upgrade of fastapi to resolve the following dependency conflict:

The conflict is caused by:
    The user requested starlette==0.49.1
    fastapi 0.118.0 depends on starlette<0.49.0 and >=0.40.0

[Copilot]

@tamirkamara I've opened a new pull request, #4739, to work on those changes. Once the pull request is ready, I'll request review from you.

[tamirkamara]

/test-extended 701c030

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/18920036098 (with refid 63019940)

(in response to this comment from @tamirkamara)

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/18920036098 (with refid 63019940)

(in response to this comment from @tamirkamara)

[github-actions]

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/18920036098 (with refid 63019940)

(in response to this comment from @tamirkamara)

[tamirkamara]

/test-force-approve 701c030

[github-actions]

🤖 pr-bot 🤖

✅ Marking tests as complete (for commit 701c030)

(in response to this comment from @tamirkamara)

[marrobi]

LGTM - might want to add to the changelog.

[tamirkamara]

/test-force-approve d595db6

[github-actions]

🤖 pr-bot 🤖

✅ Marking tests as complete (for commit d595db6)

(in response to this comment from @tamirkamara)