Bump aiohttp from 3.8.4 to 3.8.5

[dependabot[bot]]

Bumps aiohttp from 3.8.4 to 3.8.5.

Release notes

Sourced from aiohttp's releases.

3.8.5

Security bugfixes

• Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz and :user:Dreamsorcerer.

  Thanks to :user:sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w.

  .. _llhttp: https://llhttp.org

  (#7346)

Features

• Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

  (#7366)

Bugfixes

• Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

  (#3355)

---

Changelog

Sourced from aiohttp's changelog.

3.8.5 (2023-07-19)

Security bugfixes

• Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz and :user:Dreamsorcerer.

  Thanks to :user:sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w.

  .. _llhttp: https://llhttp.org

  [#7346](https://github.com/aio-libs/aiohttp/issues/7346) <https://github.com/aio-libs/aiohttp/issues/7346>_

Features

• Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

  [#7366](https://github.com/aio-libs/aiohttp/issues/7366) <https://github.com/aio-libs/aiohttp/issues/7366>_

Bugfixes

• Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

  [#3355](https://github.com/aio-libs/aiohttp/issues/3355) <https://github.com/aio-libs/aiohttp/issues/3355>_

---

Commits

• 9c13a52 Bump aiohttp to v3.8.5 a security release
• 7c02129  Bump pypa/cibuildwheel to v2.14.1
• 135a45e Improve error messages from C parser (#7366) (#7380)
• 9337fb3 Fix bump llhttp to v8.1.1 (#7367) (#7377)
• f07e9b4 [PR #7373/66e261a5 backport][3.8] Drop azure mention (#7374)
• 01d9b70 [PR #7370/22c264ce backport][3.8] fix: Spelling error fixed (#7371)
• 3577b1e [PR #7359/7911f1e9 backport][3.8]  Set up secretless publishing to PyPI (#7360)
• 8d45f9c [PR #7333/3a54d378 backport][3.8] Fix TLS transport is None error (#7357)
• dd8e24e [PR #7343/18057581 backport][3.8] Mention encoding in yarl.URL (#7355)
• 4087410 [PR #7346/346fd202 backport][3.8]  Bump vendored llhttp to v8.1.1 (#7352)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)