streamlit 1.53.1__py3-none-any.whl → 1.54.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (309) hide show
  1. streamlit/__init__.py +1 -31
  2. streamlit/auth_util.py +91 -2
  3. streamlit/cli_util.py +3 -2
  4. streamlit/commands/echo.py +2 -2
  5. streamlit/commands/execution_control.py +1 -1
  6. streamlit/commands/logo.py +76 -24
  7. streamlit/commands/navigation.py +1 -1
  8. streamlit/components/types/base_custom_component.py +0 -2
  9. streamlit/components/v1/custom_component.py +0 -2
  10. streamlit/components/v2/bidi_component/main.py +2 -2
  11. streamlit/components/v2/component_path_utils.py +17 -29
  12. streamlit/components/v2/manifest_scanner.py +8 -3
  13. streamlit/components/v2/presentation.py +1 -1
  14. streamlit/config.py +57 -13
  15. streamlit/config_util.py +5 -5
  16. streamlit/connections/snowflake_connection.py +5 -3
  17. streamlit/dataframe_util.py +10 -10
  18. streamlit/deprecation_util.py +19 -1
  19. streamlit/elements/arrow.py +18 -8
  20. streamlit/elements/deck_gl_json_chart.py +6 -2
  21. streamlit/elements/exception.py +4 -2
  22. streamlit/elements/form.py +1 -1
  23. streamlit/elements/layouts.py +1 -1
  24. streamlit/elements/lib/built_in_chart_utils.py +36 -13
  25. streamlit/elements/lib/color_util.py +21 -2
  26. streamlit/elements/lib/column_config_utils.py +9 -7
  27. streamlit/elements/lib/dialog.py +1 -1
  28. streamlit/elements/lib/image_utils.py +5 -5
  29. streamlit/elements/lib/layout_utils.py +1 -1
  30. streamlit/elements/lib/options_selector_utils.py +72 -22
  31. streamlit/elements/lib/policies.py +1 -1
  32. streamlit/elements/lib/streamlit_plotly_theme.py +9 -11
  33. streamlit/elements/lib/utils.py +1 -1
  34. streamlit/elements/map.py +6 -6
  35. streamlit/elements/plotly_chart.py +2 -2
  36. streamlit/elements/toast.py +1 -1
  37. streamlit/elements/vega_charts.py +30 -7
  38. streamlit/elements/widgets/button.py +3 -3
  39. streamlit/elements/widgets/button_group.py +3 -3
  40. streamlit/elements/widgets/chat.py +1 -1
  41. streamlit/elements/widgets/data_editor.py +6 -6
  42. streamlit/elements/widgets/multiselect.py +1 -1
  43. streamlit/elements/widgets/number_input.py +1 -1
  44. streamlit/elements/widgets/radio.py +91 -31
  45. streamlit/elements/widgets/select_slider.py +123 -37
  46. streamlit/elements/widgets/slider.py +5 -5
  47. streamlit/elements/widgets/time_widgets.py +150 -18
  48. streamlit/elements/write.py +2 -3
  49. streamlit/env_util.py +1 -1
  50. streamlit/errors.py +2 -14
  51. streamlit/external/langchain/streamlit_callback_handler.py +1 -1
  52. streamlit/hello/dataframe_demo.py +1 -1
  53. streamlit/hello/plotting_demo.py +19 -12
  54. streamlit/path_security.py +98 -0
  55. streamlit/proto/Alert_pb2.py +2 -3
  56. streamlit/proto/AppPage_pb2.py +2 -3
  57. streamlit/proto/ArrowData_pb2.py +2 -3
  58. streamlit/proto/ArrowNamedDataSet_pb2.py +2 -3
  59. streamlit/proto/ArrowVegaLiteChart_pb2.py +2 -3
  60. streamlit/proto/Arrow_pb2.py +2 -3
  61. streamlit/proto/AudioInput_pb2.py +2 -3
  62. streamlit/proto/Audio_pb2.py +2 -3
  63. streamlit/proto/AuthRedirect_pb2.py +2 -3
  64. streamlit/proto/AutoRerun_pb2.py +2 -3
  65. streamlit/proto/BackMsg_pb2.py +2 -3
  66. streamlit/proto/Balloons_pb2.py +2 -3
  67. streamlit/proto/BidiComponent_pb2.py +2 -3
  68. streamlit/proto/Block_pb2.py +2 -3
  69. streamlit/proto/BokehChart_pb2.py +2 -3
  70. streamlit/proto/ButtonGroup_pb2.py +2 -3
  71. streamlit/proto/ButtonLikeIconPosition_pb2.py +2 -3
  72. streamlit/proto/Button_pb2.py +2 -3
  73. streamlit/proto/CameraInput_pb2.py +2 -3
  74. streamlit/proto/ChatInput_pb2.py +2 -3
  75. streamlit/proto/Checkbox_pb2.py +2 -3
  76. streamlit/proto/ClientState_pb2.py +2 -3
  77. streamlit/proto/Code_pb2.py +2 -3
  78. streamlit/proto/ColorPicker_pb2.py +2 -3
  79. streamlit/proto/Common_pb2.py +2 -3
  80. streamlit/proto/Components_pb2.py +2 -3
  81. streamlit/proto/DataFrame_pb2.py +2 -3
  82. streamlit/proto/DateInput_pb2.py +2 -3
  83. streamlit/proto/DateTimeInput_pb2.py +2 -3
  84. streamlit/proto/DeckGlJsonChart_pb2.py +2 -3
  85. streamlit/proto/Delta_pb2.py +2 -3
  86. streamlit/proto/DocString_pb2.py +2 -3
  87. streamlit/proto/DownloadButton_pb2.py +2 -3
  88. streamlit/proto/Element_pb2.py +2 -3
  89. streamlit/proto/Empty_pb2.py +2 -3
  90. streamlit/proto/Exception_pb2.py +2 -3
  91. streamlit/proto/Favicon_pb2.py +2 -3
  92. streamlit/proto/FileUploader_pb2.py +2 -3
  93. streamlit/proto/ForwardMsg_pb2.py +2 -3
  94. streamlit/proto/GapSize_pb2.py +2 -3
  95. streamlit/proto/GitInfo_pb2.py +2 -3
  96. streamlit/proto/GraphVizChart_pb2.py +2 -3
  97. streamlit/proto/Heading_pb2.py +2 -3
  98. streamlit/proto/HeightConfig_pb2.py +2 -3
  99. streamlit/proto/Html_pb2.py +2 -3
  100. streamlit/proto/IFrame_pb2.py +2 -3
  101. streamlit/proto/Image_pb2.py +2 -3
  102. streamlit/proto/Json_pb2.py +2 -3
  103. streamlit/proto/LabelVisibilityMessage_pb2.py +2 -3
  104. streamlit/proto/LinkButton_pb2.py +2 -3
  105. streamlit/proto/Logo_pb2.py +6 -5
  106. streamlit/proto/Logo_pb2.pyi +25 -1
  107. streamlit/proto/Markdown_pb2.py +2 -3
  108. streamlit/proto/Metric_pb2.py +2 -3
  109. streamlit/proto/MetricsEvent_pb2.py +2 -3
  110. streamlit/proto/MultiSelect_pb2.py +2 -3
  111. streamlit/proto/NamedDataSet_pb2.py +2 -3
  112. streamlit/proto/Navigation_pb2.py +2 -3
  113. streamlit/proto/NewSession_pb2.py +25 -24
  114. streamlit/proto/NewSession_pb2.pyi +28 -2
  115. streamlit/proto/NumberInput_pb2.py +2 -3
  116. streamlit/proto/PageConfig_pb2.py +2 -3
  117. streamlit/proto/PageInfo_pb2.py +2 -3
  118. streamlit/proto/PageLink_pb2.py +2 -3
  119. streamlit/proto/PageNotFound_pb2.py +2 -3
  120. streamlit/proto/PageProfile_pb2.py +2 -3
  121. streamlit/proto/PagesChanged_pb2.py +2 -3
  122. streamlit/proto/ParentMessage_pb2.py +2 -3
  123. streamlit/proto/PlotlyChart_pb2.py +2 -3
  124. streamlit/proto/Progress_pb2.py +2 -3
  125. streamlit/proto/Radio_pb2.py +5 -4
  126. streamlit/proto/Radio_pb2.pyi +20 -3
  127. streamlit/proto/RootContainer_pb2.py +2 -3
  128. streamlit/proto/Selectbox_pb2.py +2 -3
  129. streamlit/proto/SessionEvent_pb2.py +2 -3
  130. streamlit/proto/SessionStatus_pb2.py +2 -3
  131. streamlit/proto/Skeleton_pb2.py +2 -3
  132. streamlit/proto/Slider_pb2.py +7 -8
  133. streamlit/proto/Slider_pb2.pyi +9 -1
  134. streamlit/proto/Snow_pb2.py +2 -3
  135. streamlit/proto/Space_pb2.py +2 -3
  136. streamlit/proto/Spinner_pb2.py +2 -3
  137. streamlit/proto/TextAlignmentConfig_pb2.py +2 -3
  138. streamlit/proto/TextArea_pb2.py +2 -3
  139. streamlit/proto/TextInput_pb2.py +2 -3
  140. streamlit/proto/Text_pb2.py +2 -3
  141. streamlit/proto/TimeInput_pb2.py +2 -3
  142. streamlit/proto/Toast_pb2.py +2 -3
  143. streamlit/proto/Transient_pb2.py +2 -3
  144. streamlit/proto/VegaLiteChart_pb2.py +2 -3
  145. streamlit/proto/Video_pb2.py +2 -3
  146. streamlit/proto/WidgetStates_pb2.py +2 -3
  147. streamlit/proto/WidthConfig_pb2.py +2 -3
  148. streamlit/proto/openmetrics_data_model_pb2.py +2 -3
  149. streamlit/runtime/app_session.py +106 -60
  150. streamlit/runtime/caching/cache_data_api.py +3 -3
  151. streamlit/runtime/caching/cache_errors.py +0 -2
  152. streamlit/runtime/caching/cache_resource_api.py +1 -1
  153. streamlit/runtime/caching/cache_utils.py +2 -2
  154. streamlit/runtime/caching/hashing.py +1 -3
  155. streamlit/runtime/caching/storage/cache_storage_protocol.py +0 -3
  156. streamlit/runtime/connection_factory.py +1 -1
  157. streamlit/runtime/credentials.py +2 -2
  158. streamlit/runtime/metrics_util.py +3 -3
  159. streamlit/runtime/runtime.py +6 -6
  160. streamlit/runtime/scriptrunner/script_runner.py +17 -0
  161. streamlit/runtime/scriptrunner_utils/exceptions.py +0 -4
  162. streamlit/runtime/scriptrunner_utils/script_run_context.py +13 -31
  163. streamlit/runtime/secrets.py +3 -4
  164. streamlit/runtime/state/__init__.py +7 -1
  165. streamlit/runtime/state/common.py +13 -0
  166. streamlit/runtime/state/query_params.py +493 -24
  167. streamlit/runtime/state/session_state.py +179 -4
  168. streamlit/runtime/state/widgets.py +26 -1
  169. streamlit/runtime/stats.py +1 -10
  170. streamlit/static/index.html +1 -1
  171. streamlit/static/manifest.json +304 -304
  172. streamlit/static/static/js/{ErrorOutline.esm.CScZvf44.js → ErrorOutline.esm.BWk6F-Tz.js} +1 -1
  173. streamlit/static/static/js/{FileDownload.esm.COCxTZxP.js → FileDownload.esm.AllYUuOW.js} +1 -1
  174. streamlit/static/static/js/{FileHelper.Bhs-iVRI.js → FileHelper.BvVTNdmy.js} +1 -1
  175. streamlit/static/static/js/{FormClearHelper.CA_5b-Ut.js → FormClearHelper.C__r5Llk.js} +1 -1
  176. streamlit/static/static/js/{InputInstructions.Bzb0MCfv.js → InputInstructions.DOtkdOMV.js} +1 -1
  177. streamlit/static/static/js/Particles.DCsqQZlE.js +1 -0
  178. streamlit/static/static/js/{ProgressBar.DyQNhVsJ.js → ProgressBar.DLCRvt4m.js} +2 -2
  179. streamlit/static/static/js/{StreamlitSyntaxHighlighter.BOkJThtV.js → StreamlitSyntaxHighlighter.CYFWoZHb.js} +1 -1
  180. streamlit/static/static/js/{TableChart.esm.a60nntBC.js → TableChart.esm.D6ydHcIm.js} +1 -1
  181. streamlit/static/static/js/Toolbar.BHDNzWBx.js +1 -0
  182. streamlit/static/static/js/{WidgetLabelHelpIconInline.BjIku2ic.js → WidgetLabelHelpIconInline.DEXBrVlc.js} +1 -1
  183. streamlit/static/static/js/{base-input.avGkArOc.js → base-input.TSQjctlq.js} +4 -4
  184. streamlit/static/static/js/{checkbox.Q8mCuqps.js → checkbox.BKgfzJZV.js} +1 -1
  185. streamlit/static/static/js/{createDownloadLinkElement.CfqHRpxo.js → createDownloadLinkElement.CG7nr2a4.js} +1 -1
  186. streamlit/static/static/js/{data-grid-overlay-editor.PuoMl3yV.js → data-grid-overlay-editor.ChXO__lP.js} +1 -1
  187. streamlit/static/static/js/{downloader.CjG2csSm.js → downloader.DJ3R_zWA.js} +1 -1
  188. streamlit/static/static/js/embed.u3PPfLkw.js +193 -0
  189. streamlit/static/static/js/{es6.CQD6uUK7.js → es6.C5Mfy8nd.js} +2 -2
  190. streamlit/static/static/js/{formatNumber.CtjUO-if.js → formatNumber.CMRgW9EJ.js} +1 -1
  191. streamlit/static/static/js/{iconPosition.7Qt6oUiI.js → iconPosition.B4EEXI3E.js} +1 -1
  192. streamlit/static/static/js/{iframeResizer.contentWindow._oj2Xh0v.js → iframeResizer.contentWindow.WSvOiTW0.js} +1 -1
  193. streamlit/static/static/js/index.-FOBV3nz.js +1 -0
  194. streamlit/static/static/js/{index.BuBkymZd.js → index.-NF8OSF5.js} +1 -1
  195. streamlit/static/static/js/{index.B-XrnnK6.js → index.4cBg8kn5.js} +1 -1
  196. streamlit/static/static/js/{index.B_ylV_tl.js → index.B0pzzCsH.js} +1 -1
  197. streamlit/static/static/js/{index.BhJwyXH6.js → index.BID6ND5j.js} +2 -2
  198. streamlit/static/static/js/index.BMp5bGjh.js +1 -0
  199. streamlit/static/static/js/{index.Cptu1tS-.js → index.BQcmlvas.js} +1 -1
  200. streamlit/static/static/js/{index.DXQ_Fvpt.js → index.BRcmclgI.js} +1 -1
  201. streamlit/static/static/js/index.BaUZR4IG.js +1 -0
  202. streamlit/static/static/js/{index.CMBgAPh6.js → index.BbMJj4PN.js} +1 -1
  203. streamlit/static/static/js/{index.CVRgrLT-.js → index.BdCTJtq3.js} +2 -2
  204. streamlit/static/static/js/index.BdETLMuI.js +1 -0
  205. streamlit/static/static/js/index.BnKMWhs1.js +1 -0
  206. streamlit/static/static/js/index.Br1kXwQW.js +2 -0
  207. streamlit/static/static/js/{index.XGft6-dq.js → index.Bt2olRE4.js} +1 -1
  208. streamlit/static/static/js/{index.B2fAYU1N.js → index.Bxwsv5T8.js} +1 -1
  209. streamlit/static/static/js/index.C4KskYz6.js +1 -0
  210. streamlit/static/static/js/{index.DZE_91Ym.js → index.C6bmbXk0.js} +1 -1
  211. streamlit/static/static/js/{index.Egabyb7u.js → index.CEfKfbta.js} +1 -1
  212. streamlit/static/static/js/index.CIuaA8q0.js +2 -0
  213. streamlit/static/static/js/{index.DVtfSohT.js → index.CV1sObFX.js} +1 -1
  214. streamlit/static/static/js/{index.BlJhnb4M.js → index.CbR6dgaV.js} +1 -1
  215. streamlit/static/static/js/index.Cq6szKqJ.js +1 -0
  216. streamlit/static/static/js/index.CyouXqCz.js +1 -0
  217. streamlit/static/static/js/{index.B5wmZkRW.js → index.D1NUgMFI.js} +1 -1
  218. streamlit/static/static/js/{index.euRMkmNi.js → index.D7SWG4Om.js} +1 -1
  219. streamlit/static/static/js/{index.Bg-9YNUa.js → index.DAYPEwLI.js} +1 -1
  220. streamlit/static/static/js/index.DKS75Vfg.js +11 -0
  221. streamlit/static/static/js/{index.CIizdLeb.js → index.DOXrMIxB.js} +1 -1
  222. streamlit/static/static/js/{index.BRegnbUa.js → index.DOzYX8yS.js} +3 -3
  223. streamlit/static/static/js/{index.BksGMsW0.js → index.DRFMYcC4.js} +4 -4
  224. streamlit/static/static/js/{index.B8PovXCX.js → index.Divl5FCY.js} +1 -1
  225. streamlit/static/static/js/{index.DxQuXlXH.js → index.DjAJ_CUa.js} +1 -1
  226. streamlit/static/static/js/{index.BrRuSP42.js → index.Dncue2pm.js} +33 -33
  227. streamlit/static/static/js/{index.DSTThs-t.js → index.Drusyo5m.js} +47 -47
  228. streamlit/static/static/js/{index.BOafPwIE.js → index.DuUyDGnP.js} +1 -1
  229. streamlit/static/static/js/{index.D1bkwsLT.js → index.DvgT2rB2.js} +223 -223
  230. streamlit/static/static/js/{index.BmDXWfgx.js → index.DzutABu5.js} +2 -2
  231. streamlit/static/static/js/index.Dzw2iPzi.js +3 -0
  232. streamlit/static/static/js/{index.DJsqD2Sc.js → index.FsTmxLbT.js} +1 -1
  233. streamlit/static/static/js/{index.BOTEMJfV.js → index.OIwPqGYN.js} +1 -1
  234. streamlit/static/static/js/{index.CBqST2Yj.js → index.RXLN7YFT.js} +2 -2
  235. streamlit/static/static/js/{index.Ft2Zxbhr.js → index.YYb2u0jk.js} +2 -2
  236. streamlit/static/static/js/{index.BWCFtBS4.js → index.h8ejt-W3.js} +1 -1
  237. streamlit/static/static/js/{index.KuLql7H0.js → index.lFMCi9am.js} +1 -1
  238. streamlit/static/static/js/{index.D8t7R4QQ.js → index.pOgf4cEj.js} +1 -1
  239. streamlit/static/static/js/{index.CsoN0h7K.js → index.s_E0s7LB.js} +51 -51
  240. streamlit/static/static/js/{index.BVX_bqnf.js → index.xLCbzoqj.js} +1 -1
  241. streamlit/static/static/js/{input.Cf97CQME.js → input.BLG7kWaj.js} +2 -2
  242. streamlit/static/static/js/{main.Ccuk53yQ.js → main.D_CmqChN.js} +1 -1
  243. streamlit/static/static/js/{memory.Bng6Ij0g.js → memory.T8u9KqIQ.js} +1 -1
  244. streamlit/static/static/js/{number-overlay-editor.CFLv-CWC.js → number-overlay-editor.BKBSXkAM.js} +2 -2
  245. streamlit/static/static/js/{pandasStylerUtils.C2hcAKiv.js → pandasStylerUtils.B4tLYMwS.js} +1 -1
  246. streamlit/static/static/js/{sandbox.BXdeD-wA.js → sandbox.jRlkcPem.js} +1 -1
  247. streamlit/static/static/js/{styled-components.Br04Ogac.js → styled-components.D2QhNwzd.js} +1 -1
  248. streamlit/static/static/js/{throttle.mI9ItGre.js → throttle.Cyw_V0Dq.js} +1 -1
  249. streamlit/static/static/js/{timepicker.poFdB0sd.js → timepicker.PzyuDDWl.js} +1 -1
  250. streamlit/static/static/js/{toConsumableArray.92-fANS-.js → toConsumableArray.gE9fMkLj.js} +1 -1
  251. streamlit/static/static/js/uniqueId.B1GeHnT1.js +1 -0
  252. streamlit/static/static/js/{useBasicWidgetState.DzKGLAv_.js → useBasicWidgetState.DFklfao0.js} +1 -1
  253. streamlit/static/static/js/{useIntlLocale.BMma2iiY.js → useIntlLocale.C3tUGWTU.js} +8 -8
  254. streamlit/static/static/js/{useTextInputAutoExpand.DQbIhdma.js → useTextInputAutoExpand.D9nU_y-e.js} +1 -1
  255. streamlit/static/static/js/useUpdateUiValue.ClTdrkJN.js +1 -0
  256. streamlit/static/static/js/{useWaveformController.AH0ggRyc.js → useWaveformController.lzTbjMW2.js} +1 -1
  257. streamlit/static/static/js/{withCalculatedWidth.G5xJ-MbS.js → withCalculatedWidth.Dxs9I5Oe.js} +1 -1
  258. streamlit/static/static/js/{withFullScreenWrapper.rdRu6zZ4.js → withFullScreenWrapper.DfpAcJxf.js} +1 -1
  259. streamlit/string_util.py +2 -2
  260. streamlit/testing/v1/app_test.py +1 -1
  261. streamlit/testing/v1/element_tree.py +33 -20
  262. streamlit/type_util.py +2 -2
  263. streamlit/url_util.py +2 -2
  264. streamlit/user_info.py +2 -41
  265. streamlit/util.py +1 -1
  266. streamlit/watcher/event_based_path_watcher.py +37 -7
  267. streamlit/watcher/path_watcher.py +61 -2
  268. streamlit/watcher/util.py +26 -10
  269. streamlit/web/bootstrap.py +16 -4
  270. streamlit/web/cli.py +1 -4
  271. streamlit/web/server/app_discovery.py +2 -1
  272. streamlit/web/server/app_static_file_handler.py +9 -0
  273. streamlit/web/server/bidi_component_request_handler.py +4 -4
  274. streamlit/web/server/component_file_utils.py +14 -6
  275. streamlit/web/server/component_request_handler.py +2 -2
  276. streamlit/web/server/oauth_authlib_routes.py +14 -42
  277. streamlit/web/server/server.py +1 -1
  278. streamlit/web/server/server_util.py +23 -1
  279. streamlit/web/server/starlette/starlette_app.py +7 -1
  280. streamlit/web/server/starlette/starlette_auth_routes.py +94 -16
  281. streamlit/web/server/starlette/starlette_path_security_middleware.py +97 -0
  282. streamlit/web/server/starlette/starlette_routes.py +16 -9
  283. streamlit/web/server/starlette/starlette_server.py +2 -2
  284. streamlit/web/server/starlette/starlette_static_routes.py +14 -4
  285. streamlit/web/server/stats_request_handler.py +1 -3
  286. {streamlit-1.53.1.dist-info → streamlit-1.54.0.dist-info}/METADATA +10 -25
  287. {streamlit-1.53.1.dist-info → streamlit-1.54.0.dist-info}/RECORD +290 -290
  288. {streamlit-1.53.1.dist-info → streamlit-1.54.0.dist-info}/WHEEL +1 -1
  289. streamlit/commands/experimental_query_params.py +0 -169
  290. streamlit/static/static/js/Particles.ix5_l22I.js +0 -1
  291. streamlit/static/static/js/Toolbar.CxkcuBQ8.js +0 -1
  292. streamlit/static/static/js/embed.DZ-CLCPz.js +0 -195
  293. streamlit/static/static/js/index.B6ZAXv47.js +0 -1
  294. streamlit/static/static/js/index.BDm-Ia27.js +0 -1
  295. streamlit/static/static/js/index.BeCZLkzg.js +0 -1
  296. streamlit/static/static/js/index.BuEBeckn.js +0 -11
  297. streamlit/static/static/js/index.CL2eCR01.js +0 -1
  298. streamlit/static/static/js/index.CdLlbsiN.js +0 -1
  299. streamlit/static/static/js/index.CwIIk90V.js +0 -1
  300. streamlit/static/static/js/index.DDk0U8rh.js +0 -2
  301. streamlit/static/static/js/index.DNB79dOd.js +0 -3
  302. streamlit/static/static/js/index.DNj5S4tY.js +0 -1
  303. streamlit/static/static/js/index.DOY0ZriT.js +0 -2
  304. streamlit/static/static/js/index.r0gCrMFP.js +0 -1
  305. streamlit/static/static/js/uniqueId.BUj-C6GA.js +0 -1
  306. streamlit/static/static/js/useUpdateUiValue.Bk5OIXup.js +0 -1
  307. streamlit-1.53.1.data/scripts/streamlit.cmd +0 -16
  308. {streamlit-1.53.1.dist-info → streamlit-1.54.0.dist-info}/entry_points.txt +0 -0
  309. {streamlit-1.53.1.dist-info → streamlit-1.54.0.dist-info}/top_level.txt +0 -0
streamlit/web/server/starlette/starlette_static_routes.py CHANGED
@@ -24,6 +24,7 @@ import os
24
24
  from typing import TYPE_CHECKING, Any, Final
25
25
 
26
26
  from streamlit import file_util
27
+ from streamlit.path_security import is_unsafe_path_pattern
27
28
  from streamlit.url_util import make_url_path
28
29
  from streamlit.web.server.routes import (
29
30
  NO_CACHE_PATTERN,
@@ -51,7 +52,7 @@ def create_streamlit_static_handler(
51
52
  - Long-term caching of hashed assets
52
53
  - No-cache for HTML/manifest files
53
54
  - Trailing slash redirect (301)
54
- - Double-slash protection (403 for protocol-relative URL security)
55
+ - Double-slash protection (400 for protocol-relative URL security)
55
56
  """
56
57
  from starlette.exceptions import HTTPException
57
58
  from starlette.responses import FileResponse, RedirectResponse, Response
@@ -74,10 +75,19 @@ def create_streamlit_static_handler(
74
75
  # Security check: Block paths starting with double slash (protocol-relative
75
76
  # URL protection). A path like //example.com could be misinterpreted as a
76
77
  # protocol-relative URL if redirected, which is a security risk.
77
- # This matches Tornado's behavior where such paths would escape the static
78
- # directory and trigger a 403 Forbidden.
79
78
  if path.startswith("//"):
80
- response = Response(content="Forbidden", status_code=403)
79
+ response = Response(content="Bad Request", status_code=400)
80
+ await response(scope, receive, send)
81
+ return
82
+
83
+ # Security check: Block UNC paths, absolute paths, drive-qualified paths,
84
+ # and path traversal patterns BEFORE any filesystem operations.
85
+ # See is_unsafe_path_pattern() docstring for details.
86
+ # Strip the leading slash since paths come in as "/filename" but we check
87
+ # the relative portion.
88
+ relative_path = path.lstrip("/")
89
+ if relative_path and is_unsafe_path_pattern(relative_path):
90
+ response = Response(content="Bad Request", status_code=400)
81
91
  await response(scope, receive, send)
82
92
  return
83
93
 
streamlit/web/server/stats_request_handler.py CHANGED
@@ -52,9 +52,7 @@ class StatsRequestHandler(tornado.web.RequestHandler):
52
52
  # If no families are specified, all metrics are returned.
53
53
  # Example: /_stcore/metrics?families=session_events_total&families=active_sessions
54
54
  requested_families = self.get_arguments("families")
55
- stats = self._manager.get_stats(
56
- family_names=requested_families if requested_families else None
57
- )
55
+ stats = self._manager.get_stats(family_names=requested_families or None)
58
56
  # If the request asked for protobuf output, we return a serialized
59
57
  # protobuf. Else we return text.
60
58
  if "application/x-protobuf" in self.request.headers.get_list("Accept"):
{streamlit-1.53.1.dist-info → streamlit-1.54.0.dist-info}/METADATA RENAMED
@@ -1,23 +1,20 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: streamlit
3
- Version: 1.53.1
3
+ Version: 1.54.0
4
4
  Summary: A faster way to build and share data apps
5
- Home-page: https://streamlit.io
6
- Author: Snowflake Inc
7
- Author-email: hello@streamlit.io
8
- License: Apache License 2.0
5
+ Author-email: Snowflake Inc <hello@streamlit.io>
6
+ License-Expression: Apache-2.0
7
+ Project-URL: Homepage, https://streamlit.io
8
+ Project-URL: Documentation, https://docs.streamlit.io/
9
9
  Project-URL: Source Code, https://github.com/streamlit/streamlit
10
10
  Project-URL: Bug Tracker, https://github.com/streamlit/streamlit/issues
11
- Project-URL: Release notes, https://docs.streamlit.io/develop/quick-reference/changelog
12
- Project-URL: Documentation, https://docs.streamlit.io/
11
+ Project-URL: Release Notes, https://docs.streamlit.io/develop/quick-reference/changelog
13
12
  Project-URL: Community, https://discuss.streamlit.io/
14
- Project-URL: Twitter, https://twitter.com/streamlit
15
13
  Classifier: Development Status :: 5 - Production/Stable
16
14
  Classifier: Environment :: Console
17
15
  Classifier: Environment :: Web Environment
18
16
  Classifier: Intended Audience :: Developers
19
17
  Classifier: Intended Audience :: Science/Research
20
- Classifier: License :: OSI Approved :: Apache Software License
21
18
  Classifier: Programming Language :: Python :: 3.10
22
19
  Classifier: Programming Language :: Python :: 3.11
23
20
  Classifier: Programming Language :: Python :: 3.12
@@ -35,20 +32,20 @@ Requires-Dist: altair!=5.4.0,!=5.4.1,<7,>=4.0
35
32
  Requires-Dist: blinker<2,>=1.5.0
36
33
  Requires-Dist: cachetools<7,>=5.5
37
34
  Requires-Dist: click<9,>=7.0
35
+ Requires-Dist: gitpython!=3.1.19,<4,>=3.0.7
38
36
  Requires-Dist: numpy<3,>=1.23
39
37
  Requires-Dist: packaging>=20
40
38
  Requires-Dist: pandas<3,>=1.4.0
41
39
  Requires-Dist: pillow<13,>=7.1.0
40
+ Requires-Dist: pydeck<1,>=0.8.0b4
42
41
  Requires-Dist: protobuf<7,>=3.20
43
42
  Requires-Dist: pyarrow>=7.0
44
43
  Requires-Dist: requests<3,>=2.27
45
44
  Requires-Dist: tenacity<10,>=8.1.0
46
45
  Requires-Dist: toml<2,>=0.10.1
46
+ Requires-Dist: tornado!=6.5.0,<7,>=6.0.3
47
47
  Requires-Dist: typing-extensions<5,>=4.10.0
48
48
  Requires-Dist: watchdog<7,>=2.1.5; platform_system != "Darwin"
49
- Requires-Dist: gitpython!=3.1.19,<4,>=3.0.7
50
- Requires-Dist: pydeck<1,>=0.8.0b4
51
- Requires-Dist: tornado!=6.5.0,<7,>=6.0.3
52
49
  Provides-Extra: snowflake
53
50
  Requires-Dist: snowflake-snowpark-python[modin]>=1.17.0; python_version < "3.12" and extra == "snowflake"
54
51
  Requires-Dist: snowflake-connector-python>=3.3.0; python_version < "3.12" and extra == "snowflake"
@@ -72,23 +69,11 @@ Provides-Extra: sql
72
69
  Requires-Dist: SQLAlchemy>=2.0.0; extra == "sql"
73
70
  Provides-Extra: performance
74
71
  Requires-Dist: orjson>=3.5.0; extra == "performance"
75
- Requires-Dist: uvloop>=0.15.2; (sys_platform != "win32" and (sys_platform != "cygwin" and platform_python_implementation != "PyPy")) and extra == "performance"
72
+ Requires-Dist: uvloop>=0.15.2; (sys_platform != "win32" and sys_platform != "cygwin" and platform_python_implementation != "PyPy") and extra == "performance"
76
73
  Requires-Dist: httptools>=0.6.3; extra == "performance"
77
74
  Provides-Extra: all
78
75
  Requires-Dist: streamlit[auth,charts,pdf,performance,snowflake,sql]; extra == "all"
79
76
  Requires-Dist: rich>=11.0.0; extra == "all"
80
- Dynamic: author
81
- Dynamic: author-email
82
- Dynamic: classifier
83
- Dynamic: description
84
- Dynamic: description-content-type
85
- Dynamic: home-page
86
- Dynamic: license
87
- Dynamic: project-url
88
- Dynamic: provides-extra
89
- Dynamic: requires-dist
90
- Dynamic: requires-python
91
- Dynamic: summary
92
77
 
93
78
  <br>
94
79