v0.9.10

[0.9.10] - 2026-01-01

Added

• VideoFile and AudioFile types for file uploads
  • VideoFile: Accepts common video formats (mp4, mov, avi, mkv, wmv, flv, webm, mpeg, mpg)
  • AudioFile: Accepts common audio formats (mp3, wav, aac, flac, ogg, m4a)
• Updated ImageFile type to include additional formats (raw, psd)
• FileResponse now accepts either binary data or file path
  • FileResponse(data=bytes, filename="file.ext") - for in-memory files
  • FileResponse(path="/path/to/file", filename="file.ext") - for existing files on disk
  • Files specified by path are copied to returns_dir for consistent management
  • Both approaches result in automatic 1-hour cleanup

Changed

• Changed default title of index page from "Function Tools" to "Menu"

v0.9.9

[0.9.9] - 2025-12-23

Performance

• Non-blocking Execution: Standard Python functions (def) are now automatically executed in a thread pool. This prevents CPU-heavy tasks from blocking the main event loop.
• Async Disk I/O: Offloaded FileResponse processing and disk writing to background threads.
  • Generating and saving large files (GB+) no longer freezes the server.
  • The UI remains responsive for other users while files are being written to disk.
• Improved Concurrency: The server can now handle multiple simultaneous heavy requests (calculations or downloads) without queue blocking.

v0.9.8

[0.9.8] - 2025-12-21

Changed

• FileResponse Filename Limit: 150-character maximum (Pydantic validated)

Security

• Filename Sanitization: User-uploaded files sanitized against directory traversal, reserved names, and special characters
  • Format: {sanitized_name}_{32char_uuid}.{ext}
  • 100-char limit on user portion, ~143 total length
  • Preserves original name for identification

Fixed

• File Lists: Fixed bug where list[File] would fail with JSON parsing error
  • Backend now uses form_data.getlist() to properly group uploaded files
  • validate_list_param() accepts pre-processed lists in addition to JSON strings

0.9.7

[0.9.7] - 2025-12-10

Philosophy Change

Version 0.9.6 introduced SQLite for file tracking, blocked multiple workers, and added complex configuration. This was overengineered. func-to-web should be simple, fast, and reliable.

0.9.7 returns to simplicity with filesystem-based tracking, multiple workers support, and sensible defaults.

---

Removed

• SQLite Database

  • No more database files or locks
  • File metadata encoded directly in filenames
  • Format: {uuid}___{timestamp}___{filename}

• Parameters Removed

  • db_location - no longer needed
  • cleanup_hours - now hardcoded to 1 hour

• Workers Limitation

  • workers > 1 no longer blocked
  • Scale vertically without restrictions

Added

• Automatic Upload Cleanup

  • New parameter: auto_delete_uploads (default: True)
  • Uploaded files deleted after function completes
  • Disable with auto_delete_uploads=False if needed

• Directory Configuration

  • New parameter: uploads_dir (default: "./uploads")
  • New parameter: returns_dir (default: "./returned_files")

Changed

• File Retention

  • Returned files deleted 1 hour after creation (hardcoded)
  • No download tracking needed
  • Cleanup runs every hour automatically

• Multiple Workers

  • Now supported like any other Uvicorn option
  • Each worker runs independent cleanup
  • File operations are atomic, no conflicts

• Architecture

  • Removed db_manager.py module
  • Simplified file_handler.py
  • Faster startup (no database initialization)

Fixed

• Database lock errors eliminated
• Race conditions eliminated
• Improved startup performance

Documentation

• Updated all docs to remove SQLite references
• Removed db_location and cleanup_hours from examples
• Added auto_delete_uploads documentation
• Updated API reference (removed db_manager)

Migration from 0.9.6

Before:

run(my_function, db_location="/data", cleanup_hours=48)

After:

run(my_function, uploads_dir="/data/uploads", returns_dir="/data/returns")
# Files now expire after 1 hour (hardcoded)

Breaking Changes:

• db_location removed (use returns_dir)
• cleanup_hours removed (hardcoded to 1 hour)
• func_to_web.db no longer created

Non-Breaking:

• workers parameter now supported
• All other parameters unchanged

Summary

0.9.6 was overengineered. 0.9.7 is simple again: no database, automatic cleanup, multiple workers supported. Filesystem operations are fast, atomic, and sufficient.

0.9.6

Added

• Automatic Periodic Cleanup: Files are now automatically cleaned up every hour while the server runs.

  • No need to restart the server for cleanup to occur
  • Cleanup task runs in background every 3600 seconds (1 hour)
  • Files older than cleanup_hours are removed from both disk and database
  • Configurable via cleanup_hours parameter (default: 24 hours)
  • Set cleanup_hours=0 to disable periodic cleanup

• Thread-Safe File Cleanup: Implemented threading locks to prevent race conditions during concurrent file cleanup operations.

  • Per-file locks ensure only one thread can clean up a specific file at a time
  • Lock registry automatically cleaned up after operations complete
  • Prevents "file not found" errors when multiple threads/requests attempt cleanup simultaneously
  • Safe for high-concurrency environments with async I/O

• Database Health Monitoring: Added automatic monitoring for file registry size.

  • Displays warning if database contains >10,000 file references on startup
  • Helps identify when manual cleanup or configuration changes are needed
  • New get_file_count() function in db_manager module

• Enhanced Security: Added UUID validation for file download endpoints.

  • Validates file IDs match UUID v4 format before database queries
  • Returns 400 Bad Request for malformed file IDs
  • Additional layer of protection against injection attempts

Changed

• Workers Limitation: Multiple workers (workers > 1) are now explicitly blocked and will raise a clear error.

  • Prevents SQLite database corruption from concurrent writes across processes
  • Displays educational error message with scaling alternatives
  • Recommends running multiple instances with Nginx instead
  • Single worker can handle 500-1,000 req/s with async I/O (sufficient for most teams)

• Database Location Validation: Improved validation and path handling for db_location parameter.

  • Automatically creates directories if path is a directory
  • Validates parent directory exists for file paths
  • Raises clear error messages with actionable guidance
  • Better support for custom database locations

• Database Connection Timeouts: Added 5-second timeout to SQLite connections to prevent deadlocks.

Fixed

• FileNotFoundError Handling: Improved error handling when uploaded or returned files are manually deleted from disk.

  • Auto-healing: broken database references are cleaned up automatically
  • Returns "File expired" instead of internal server error
  • Graceful degradation when files are missing

• Lock Cleanup: Threading locks are now properly cleaned up in finally blocks.

  • Prevents lock registry from growing indefinitely
  • Eliminates potential memory leaks in long-running processes

Documentation

• File Upload Cleanup Clarification: Updated files.md to clearly explain OS cleanup behavior.

  • Added comparison table for Linux/macOS/Windows automatic cleanup
  • Warning for Windows users about potential file accumulation
  • Three cleanup strategies with code examples (OS, manual, in-memory)
  • Clear distinction between uploaded files (not auto-cleaned) and returned files (auto-cleaned)

• Scaling Guidelines: Added comprehensive scaling section to server-configuration.md.

  • Explains why multiple workers aren't supported (SQLite limitations)
  • Documents single worker performance capabilities (500-1,000 req/s)
  • Provides step-by-step guide for horizontal scaling with multiple instances
  • Nginx sticky sessions configuration for load balancing
  • Enterprise alternatives for >1,000 concurrent users

• Updated API Documentation: All docstrings revised for consistency.

  • No inline comments (per style guide)
  • Comprehensive function/class documentation
  • Clear parameter descriptions with examples

Refactored

• Modular Architecture: Complete code reorganization into specialized modules for better maintainability.

  • server.py: Main server configuration and entry point
  • routes.py: Routing setup and request handling
  • file_handler.py: File upload/download operations with thread-safe cleanup
  • db_manager.py: SQLite database operations for file tracking
  • auth.py: Authentication middleware and session management
  • analyze_function.py: Function signature analysis and metadata extraction
  • validate_params.py: Form data validation and type conversion
  • build_form_fields.py: HTML form field generation from type hints
  • process_result.py: Result processing for different output types
  • check_return_is_table.py: Table format detection and conversion
  • types.py: Type definitions and custom types (Color, Email, File types)
  • __init__.py: Clean public API with minimal exports (run, type helpers)

• Benefits:

  • Separation of concerns: Each module has a single, clear responsibility
  • Easier testing: Modules can be tested independently
  • Better code navigation: Find functionality quickly by module name
  • Reduced coupling: Clear interfaces between components
  • Future-proof: Easy to extend without touching unrelated code

0.9.5

[0.9.5] - 2025-12-09

Added

• New Generic File Type: Added support for a generic File type hint.
  • Use from func_to_web.types import File to accept uploaded files of any extension.
• Expanded File Extensions: Significantly broadened the list of supported formats for specific file types.

0.9.4

[0.9.4] - 2025-12-08

Added

• Python Enum Support: Full support for Python Enum types as dropdown menus.
  • Use standard Python enums as type hints: def func(theme: Theme)
  • Supports str, int, and float enum values
  • Your function receives the actual Enum member (e.g., Theme.LIGHT), not just the string value
  • Access both .name and .value properties in your function
  • Compatible with all enum features (methods, properties, iteration)
  • Add tests covering enum handling, conversion, and edge cases

0.9.3

[0.9.3] - 2025-11-30

Fixed

• Async Function Support: Fixed an issue where passing an async def function displayed a <coroutine object> instead of the result.
  • The library now automatically detects async functions and awaits them properly.
  • Enables seamless integration with async libraries (e.g., httpx, tortoise-orm, motor).

0.9.2

[0.9.2] - 2025-11-25

Added

• Built-in Authentication: Robust, stateless authentication system.
  • Enable simply by passing a dictionary auth={"username": "password"} to the run() function.
  • Architecture based on Signed Cookies (no database required).
  • Includes protection against Timing Attacks (secrets.compare_digest) and CSRF (SameSite='Lax').
• Session Management: New secret_key argument in run() to control session persistence across server restarts.
• Login UI:
  • Dedicated, modern login page that automatically inherits the application's theme (Light/Dark).
  • Responsive design matching the core library aesthetics.
• Logout Functionality: New logout button in the header navigation (automatically appears when auth is enabled).

Changed

• Dependencies: Added itsdangerous to required packages (essential for session signing).
• Templates: Updated base templates to handle conditional rendering based on authentication state (has_auth flag).