From ea410b828d690e44cf430342aa34af95b11a045c Mon Sep 17 00:00:00 2001
From: Josh <jclark@indigoag.com>
Date: Fri, 28 Jan 2022 16:06:01 -0500
Subject: [PATCH 1/2] bump uvicorn version to resolve websockets security
 vulnerability

---
 stac_fastapi/pgstac/setup.py     | 2 +-
 stac_fastapi/sqlalchemy/setup.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/stac_fastapi/pgstac/setup.py b/stac_fastapi/pgstac/setup.py
index 56af1dd1f..93cb2bb3b 100644
--- a/stac_fastapi/pgstac/setup.py
+++ b/stac_fastapi/pgstac/setup.py
@@ -30,7 +30,7 @@
         "shapely",
     ],
     "docs": ["mkdocs", "mkdocs-material", "pdocs"],
-    "server": ["uvicorn[standard]>=0.12.0,<0.14.0"],
+    "server": ["uvicorn[standard]==0.17.*"],
     "awslambda": ["mangum"],
 }
 
diff --git a/stac_fastapi/sqlalchemy/setup.py b/stac_fastapi/sqlalchemy/setup.py
index 52628ebee..0958d11a9 100644
--- a/stac_fastapi/sqlalchemy/setup.py
+++ b/stac_fastapi/sqlalchemy/setup.py
@@ -30,7 +30,7 @@
         "requests",
     ],
     "docs": ["mkdocs", "mkdocs-material", "pdocs"],
-    "server": ["uvicorn[standard]>=0.12.0,<0.14.0"],
+    "server": ["uvicorn[standard]==0.17.*"],
 }
 
 

From f91896be3b4da68a889efe774c8dfc795c0018fa Mon Sep 17 00:00:00 2001
From: Josh <jclark@indigoag.com>
Date: Fri, 28 Jan 2022 16:39:29 -0500
Subject: [PATCH 2/2] pin version to 0.17, update changelog

---
 CHANGES.md                       | 2 +-
 stac_fastapi/pgstac/setup.py     | 2 +-
 stac_fastapi/sqlalchemy/setup.py | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 121257512..881155b99 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -9,7 +9,7 @@
 ### Removed
 
 ### Fixed
-
+* Bumped uvicorn version to 0.17 (from >=0.12, <=0.14) to resolve security vulnerability related to websockets dependency version ([#343](https://github.com/stac-utils/stac-fastapi/pull/343))
 
 ## [2.3.0]
 
diff --git a/stac_fastapi/pgstac/setup.py b/stac_fastapi/pgstac/setup.py
index 93cb2bb3b..d9019c69d 100644
--- a/stac_fastapi/pgstac/setup.py
+++ b/stac_fastapi/pgstac/setup.py
@@ -30,7 +30,7 @@
         "shapely",
     ],
     "docs": ["mkdocs", "mkdocs-material", "pdocs"],
-    "server": ["uvicorn[standard]==0.17.*"],
+    "server": ["uvicorn[standard]==0.17.0"],
     "awslambda": ["mangum"],
 }
 
diff --git a/stac_fastapi/sqlalchemy/setup.py b/stac_fastapi/sqlalchemy/setup.py
index 0958d11a9..4bb6ced47 100644
--- a/stac_fastapi/sqlalchemy/setup.py
+++ b/stac_fastapi/sqlalchemy/setup.py
@@ -30,7 +30,7 @@
         "requests",
     ],
     "docs": ["mkdocs", "mkdocs-material", "pdocs"],
-    "server": ["uvicorn[standard]==0.17.*"],
+    "server": ["uvicorn[standard]==0.17.0"],
 }