Release 0.4.1: Jinja2 templates render forms without |safe

audreyfeldroy · audreyfeldroy · commit 36c409d48e4b · 2026-03-21T13:42:27.000+08:00
SafeHTML.__html__() is a method returning the HTML string,
satisfying MarkupSafe's escape() protocol. Jinja2 auto-escaping
recognizes form.render() output as trusted HTML.
diff --git a/CHANGELOG/0.4.1.md b/CHANGELOG/0.4.1.md
@@ -0,0 +1,15 @@
+## AirForm 0.4.1: Fix __html__ for Jinja2 compatibility
+
+`SafeHTML.__html__` is now a method that returns the HTML string, not a boolean attribute. Jinja2 and MarkupSafe call `obj.__html__()` and expect a string back. The 0.4.0 release had `__html__ = True`, which raised `TypeError: 'bool' object is not callable` when Jinja2 tried to auto-escape form output.
+
+```sh
+uv add AirForm --upgrade
+```
+
+### What's fixed
+
+- **`{{ form.render() }}` works in Jinja2 templates without `|safe`.** MarkupSafe's `escape()` calls `obj.__html__()` to get trusted HTML. The method returns `str(self)`, satisfying both Jinja2/MarkupSafe (calls it) and Air's tag system (checks `hasattr`).
+
+### Contributors
+
+[@audreyfeldroy](https://github.com/audreyfeldroy) (Audrey M. Roy Greenfeld) built this release. Bug discovered by the feldroy.com integration in a parallel session.
diff --git a/pyproject.toml b/pyproject.toml
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "AirForm"
-version = "0.4.0"
+version = "0.4.1"
 description = "Pydantic-native form validation and rendering. Define a model, get a validated, rendered HTML form. Works with or without Air web framework."
 readme = "README.md"
 authors = [
diff --git a/uv.lock b/uv.lock
