0.41.3 introduces a breaking change to add_middleware

[glung]

app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_origin_regex=allow_origin_regex,
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

mypy errors out with the following message

error: Argument 1 to "add_middleware" of "Starlette" has incompatible type "type[CORSMiddleware]"; expected "_MiddlewareFactory[[MutableMapping[str, Any], Callable[[], Awaitable[MutableMapping[str, Any]]], Callable[[MutableMapping[str, Any]], Awaitable[None]]]]"  [arg-type]
note: Following member(s) of "CORSMiddleware" have conflicts:
note:     Expected:
note:         def __call__(app: Callable[[MutableMapping[str, Any], Callable[[], Awaitable[MutableMapping[str, Any]]], Callable[[MutableMapping[str, Any]], Awaitable[None]]], Awaitable[None]], scope: MutableMapping[str, Any], receive: Callable[[], Awaitable[MutableMapping[str, Any]]], send: Callable[[MutableMapping[str, Any]], Awaitable[None]]) -> Callable[[MutableMapping[str, Any], Callable[[], Awaitable[MutableMapping[str, Any]]], Callable[[MutableMapping[str, Any]], Awaitable[None]]], Awaitable[None]]
note:     Got:
note:         def __init__(app: Callable[[MutableMapping[str, Any], Callable[[], Awaitable[MutableMapping[str, Any]]], Callable[[MutableMapping[str, Any]], Awaitable[None]]], Awaitable[None]], allow_origins: Sequence[str] = ..., allow_methods: Sequence[str] = ..., allow_headers: Sequence[str] = ..., allow_credentials: bool = ..., allow_origin_regex: str | None = ..., expose_headers: Sequence[str] = ..., max_age: int = ...) -> CORSMiddleware

[Kludex]

@uriyyo @adriangb

[uriyyo]

Hi @glung,

I tried to reproduce this issue using latest mypy version 1.13.0 and starlette 0.41.3 and can't reproduce this issue.

Here is code that I used:

from starlette.applications import Starlette
from starlette.middleware.cors import CORSMiddleware

app = Starlette()

origins = [
    "http://localhost",
    "http://localhost:8080",
]

allow_origin_regex = r"https://.*\.example\.org"

app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_origin_regex=allow_origin_regex,
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

$ mypy foo.py --strict
Success: no issues found in 1 source file

Could you please provide more context?

[glung]

I can confirm that it works with mypy 1.13.0.
I reproduce it with mypy 1.4.1

[adriangb]

It's a bug in MyPy.
MyPy 1.4.1 reproduces: https://mypy-play.net/?mypy=1.4.1&python=3.12&gist=70be69d97d1f3ec21a2646a07672e974
MyPy 1.13.0 it's fixed: https://mypy-play.net/?mypy=1.13.0&python=3.12&gist=108f1a3956b5a9afa42f068586a6bffa

Please update your MyPy, we can't work around bugs in every MyPy version.