From b95f381f0d3b61a64bcabfd9397eb3f60860f6bc Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 7 Apr 2026 04:23:37 +0000
Subject: [PATCH] Bump uvicorn from 0.42.0 to 0.44.0 in /backend (#1646)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.42.0 to
0.44.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.44.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Implement websocket keepalive pings for websockets-sansio by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2888">Kludex/uvicorn#2888</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0">https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0</a></p>
<h2>Version 0.43.0</h2>
<h2>Changed</h2>
<ul>
<li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event
on server shutting down for streaming responses (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li>
<li>Use native <code>context</code> parameter for
<code>create_task</code> on Python 3.11+ (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li>
<li>Drop cast in ASGI types (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0">https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.44.0 (April 6, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Implement websocket keepalive pings for websockets-sansio (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2888">#2888</a>)</li>
</ul>
<h2>0.43.0 (April 3, 2026)</h2>
<p>You can quit Uvicorn now. We heard you, <a
href="https://github.com/pamelafox"><code>@​pamelafox</code></a> - all
47 of your Ctrl+C's (thanks for flagging it, and thanks to <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a> for the
fix 🙏). <a href="https://x.com/pamelafox/status/2039097686155227623">See
the tweet</a>.</p>
<h3>Changed</h3>
<ul>
<li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event
on server shutting down for streaming responses (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li>
<li>Use native <code>context</code> parameter for
<code>create_task</code> on Python 3.11+ (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li>
<li>Drop cast in ASGI types (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Kludex/uvicorn/commit/edb54c43c0321c0b41eee1473f3f4cf145e8927f"><code>edb54c4</code></a>
Version 0.44.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2890">#2890</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/029be08867fe899cde6fd31a3ba75fffca7bd9ae"><code>029be08</code></a>
Implement websocket keepalive pings for websockets-sansio (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2888">#2888</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/8d397c73191b49c6d5280098d7c09dbe474e00bf"><code>8d397c7</code></a>
Version 0.43.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2885">#2885</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/587042d68ff6c813ec0d8cfafaa820ebe7229d23"><code>587042d</code></a>
🐛 Emit <code>http.disconnect</code> ASGI <code>receive()</code> event on
server shutting down for s...</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/c9a75fb67b2e969253a41ef4ad447e013eee879e"><code>c9a75fb</code></a>
chore(deps): bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2878">#2878</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/84fd578224e36766efb056585cb6cc5171270089"><code>84fd578</code></a>
chore(deps): bump pygments from 2.19.2 to 2.20.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2877">#2877</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/cd52d34b55d898180a65cfc01a6a88aac54c65c3"><code>cd52d34</code></a>
Use native <code>context</code> parameter for <code>create_task</code>
on Python 3.11+ (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/5211880320b2e99a532eb121808039404da234ab"><code>5211880</code></a>
Drop cast in ASGI types (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/1cb8e747e2817ee46a4c0d44139e46b3b1f8fab6"><code>1cb8e74</code></a>
Add websocket 500 fallback header test (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2874">#2874</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/28efbb24bd590f1f943cbc2bf84f197268a8c6d8"><code>28efbb2</code></a>
chore(deps-dev): bump cryptography from 46.0.5 to 46.0.6 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2873">#2873</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.42.0...0.44.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.42.0&new-version=0.44.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 backend/pyproject.toml | 2 +-
 backend/uv.lock        | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/pyproject.toml b/backend/pyproject.toml
index a1c41896..8e062288 100644
--- a/backend/pyproject.toml
+++ b/backend/pyproject.toml
@@ -29,7 +29,7 @@ dependencies = [
     "types-aiofiles==25.1.0.20251011",
     "types-passlib==1.7.7.20241221",
     "types-simplejson==3.20.0.20250218",
-    "uvicorn==0.42.0",
+    "uvicorn==0.44.0",
 ]
 
 [tool.pytest.ini_options]
diff --git a/backend/uv.lock b/backend/uv.lock
index ef6daccc..f1f11f78 100644
--- a/backend/uv.lock
+++ b/backend/uv.lock
@@ -399,7 +399,7 @@ requires-dist = [
     { name = "types-aiofiles", specifier = "==25.1.0.20251011" },
     { name = "types-passlib", specifier = "==1.7.7.20241221" },
     { name = "types-simplejson", specifier = "==3.20.0.20250218" },
-    { name = "uvicorn", specifier = "==0.42.0" },
+    { name = "uvicorn", specifier = "==0.44.0" },
 ]
 
 [package.metadata.requires-dev]
@@ -1685,15 +1685,15 @@ wheels = [
 
 [[package]]
 name = "uvicorn"
-version = "0.42.0"
+version = "0.44.0"
 source = { registry = "https://pypi.org/simple" }
 dependencies = [
     { name = "click" },
     { name = "h11" },
 ]
-sdist = { url = "https://files.pythonhosted.org/packages/e3/ad/4a96c425be6fb67e0621e62d86c402b4a17ab2be7f7c055d9bd2f638b9e2/uvicorn-0.42.0.tar.gz", hash = "sha256:9b1f190ce15a2dd22e7758651d9b6d12df09a13d51ba5bf4fc33c383a48e1775", size = 85393, upload-time = "2026-03-16T06:19:50.077Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/5e/da/6eee1ff8b6cbeed47eeb5229749168e81eb4b7b999a1a15a7176e51410c9/uvicorn-0.44.0.tar.gz", hash = "sha256:6c942071b68f07e178264b9152f1f16dfac5da85880c4ce06366a96d70d4f31e", size = 86947, upload-time = "2026-04-06T09:23:22.826Z" }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/0a/89/f8827ccff89c1586027a105e5630ff6139a64da2515e24dafe860bd9ae4d/uvicorn-0.42.0-py3-none-any.whl", hash = "sha256:96c30f5c7abe6f74ae8900a70e92b85ad6613b745d4879eb9b16ccad15645359", size = 68830, upload-time = "2026-03-16T06:19:48.325Z" },
+    { url = "https://files.pythonhosted.org/packages/b7/23/a5bbd9600dd607411fa644c06ff4951bec3a4d82c4b852374024359c19c0/uvicorn-0.44.0-py3-none-any.whl", hash = "sha256:ce937c99a2cc70279556967274414c087888e8cec9f9c94644dfca11bd3ced89", size = 69425, upload-time = "2026-04-06T09:23:21.524Z" },
 ]
 
 [[package]]