OWASP / Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
https://owasp.org/www-project-nettacker/
Apache License 2.0
3.63k stars 780 forks source link

Bump aiohttp from 3.10.8 to 3.11.2 #961

Closed dependabot[bot] closed 2 days ago

dependabot[bot] commented 6 days ago

Bumps aiohttp from 3.10.8 to 3.11.2.

Release notes

Sourced from aiohttp's releases.

3.11.2

Bug fixes

  • Fixed improperly closed WebSocket connections generating an unhandled exception -- by :user:bdraco.

    Related issues and pull requests on GitHub: #9883.


3.11.1

Bug fixes

  • Added a backward compatibility layer to :class:aiohttp.RequestInfo to allow creating these objects without a real_url -- by :user:bdraco.

    Related issues and pull requests on GitHub: #9873.


3.11.0

Bug fixes

  • Raise :exc:aiohttp.ServerFingerprintMismatch exception on client-side if request through http proxy with mismatching server fingerprint digest: aiohttp.ClientSession(headers=headers, connector=TCPConnector(ssl=aiohttp.Fingerprint(mismatch_digest), trust_env=True).request(...) -- by :user:gangj.

    Related issues and pull requests on GitHub: #6652.

  • Modified websocket :meth:aiohttp.ClientWebSocketResponse.receive_str, :py:meth:aiohttp.ClientWebSocketResponse.receive_bytes, :py:meth:aiohttp.web.WebSocketResponse.receive_str & :py:meth:aiohttp.web.WebSocketResponse.receive_bytes methods to raise new :py:exc:aiohttp.WSMessageTypeError exception, instead of generic :py:exc:TypeError, when websocket messages of incorrect types are received -- by :user:ara-25.

    Related issues and pull requests on GitHub: #6800.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.11.2 (2024-11-14)

Bug fixes

  • Fixed improperly closed WebSocket connections generating an unhandled exception -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:9883.


3.11.1 (2024-11-14)

Bug fixes

  • Added a backward compatibility layer to :class:aiohttp.RequestInfo to allow creating these objects without a real_url -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:9873.


3.11.0 (2024-11-13)

Bug fixes

  • Raise :exc:aiohttp.ServerFingerprintMismatch exception on client-side if request through http proxy with mismatching server fingerprint digest: aiohttp.ClientSession(headers=headers, connector=TCPConnector(ssl=aiohttp.Fingerprint(mismatch_digest), trust_env=True).request(...) -- by :user:gangj.

    Related issues and pull requests on GitHub: :issue:6652.

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 days ago

Superseded by #963.