chore: bump starlette version (backport #4158) (#4248)

# What does this PR do?

Require at least 0.49.1 which fixes a security vulnerability in the
parsing logic of the Range header in FileResponse. Release note:
https://github.com/Kludex/starlette/releases/tag/0.49.1
<hr>This is an automatic backport of pull request #4158 done by
[Mergify](https://mergify.com).

---------

Co-authored-by: Sébastien Han <[email protected]>
Co-authored-by: Ashwin Bharambe <[email protected]>

Author: 3 people

pyproject.toml

@@ -49,6 +49,7 @@ dependencies = [
     "aiosqlite>=0.21.0",                              # server - for metadata store
     "asyncpg",                                        # for metadata store
     "sqlalchemy[asyncio]>=2.0.41",                    # server - for conversations
+    "starlette>=0.49.1",
 ]
 
 [project.optional-dependencies]