Update dependency repl/aiohttp to >=3.9.3 - autoclosed

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
repl/aiohttp	`>=3.9.0b0` -> `>=3.9.3`
repl/aiohttp	`>=3.8.6` -> `>=3.9.3`

Release Notes

aio-libs/aiohttp (repl/aiohttp)

### [`v3.9.3`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.3): 3.9.3 [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.2...v3.9.3) ## Bug fixes - Fixed backwards compatibility breakage (in 3.9.2) of `ssl` parameter when set outside of `ClientSession` (e.g. directly in `TCPConnector`) -- by :user:`Dreamsorcerer`. *Related issues and pull requests on GitHub:* [#8097](https://togithub.com/aio-libs/aiohttp/issues/8097), [#8098](https://togithub.com/aio-libs/aiohttp/issues/8098). ## Miscellaneous internal changes - Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures. *Related issues and pull requests on GitHub:* [#3957](https://togithub.com/aio-libs/aiohttp/issues/3957). *** ### [`v3.9.2`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.2): 3.9.2 [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.1...v3.9.2) ## Bug fixes - Fixed server-side websocket connection leak. *Related issues and pull requests on GitHub:* [#7978](https://togithub.com/aio-libs/aiohttp/issues/7978). - Fixed `web.FileResponse` doing blocking I/O in the event loop. *Related issues and pull requests on GitHub:* [#8012](https://togithub.com/aio-libs/aiohttp/issues/8012). - Fixed double compress when compression enabled and compressed file exists in server file responses. *Related issues and pull requests on GitHub:* [#8014](https://togithub.com/aio-libs/aiohttp/issues/8014). - Added runtime type check for `ClientSession` `timeout` parameter. *Related issues and pull requests on GitHub:* [#8021](https://togithub.com/aio-libs/aiohttp/issues/8021). - Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:`pajod`. Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with :rfc:`9110#section-5.6.2` and are not known to be of any legitimate use. *Related issues and pull requests on GitHub:* [#8074](https://togithub.com/aio-libs/aiohttp/issues/8074). - Improved validation of paths for static resources requests to the server -- by :user:`bdraco`. *Related issues and pull requests on GitHub:* [#8079](https://togithub.com/aio-libs/aiohttp/issues/8079). ## Features - Added support for passing :py:data:`True` to `ssl` parameter in `ClientSession` while deprecating :py:data:`None` -- by :user:`xiangyan99`. *Related issues and pull requests on GitHub:* [#7698](https://togithub.com/aio-libs/aiohttp/issues/7698). ## Breaking changes - Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:`pajod`. Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with :rfc:`9110#section-5.6.2` and are not known to be of any legitimate use. *Related issues and pull requests on GitHub:* [#8074](https://togithub.com/aio-libs/aiohttp/issues/8074). ## Improved documentation - Fixed examples of `fallback_charset_resolver` function in the :doc:`client_advanced` document. -- by :user:`henry0312`. *Related issues and pull requests on GitHub:* [#7995](https://togithub.com/aio-libs/aiohttp/issues/7995). - The Sphinx setup was updated to avoid showing the empty changelog draft section in the tagged release documentation builds on Read The Docs -- by :user:`webknjaz`. *Related issues and pull requests on GitHub:* [#8067](https://togithub.com/aio-libs/aiohttp/issues/8067). ## Packaging updates and notes for downstreams - The changelog categorization was made clearer. The contributors can now mark their fragment files more accurately -- by :user:`webknjaz`. The new category tags are: * ``bugfix`` * ``feature`` * ``deprecation`` * ``breaking`` (previously, ``removal``) * ``doc`` * ``packaging`` * ``contrib`` * ``misc`` *Related issues and pull requests on GitHub:* [#8066](https://togithub.com/aio-libs/aiohttp/issues/8066). ## Contributor-facing changes - Updated :ref:`contributing/Tests coverage ` section to show how we use `codecov` -- by :user:`Dreamsorcerer`. *Related issues and pull requests on GitHub:* [#7916](https://togithub.com/aio-libs/aiohttp/issues/7916). - The changelog categorization was made clearer. The contributors can now mark their fragment files more accurately -- by :user:`webknjaz`. The new category tags are: * ``bugfix`` * ``feature`` * ``deprecation`` * ``breaking`` (previously, ``removal``) * ``doc`` * ``packaging`` * ``contrib`` * ``misc`` *Related issues and pull requests on GitHub:* [#8066](https://togithub.com/aio-libs/aiohttp/issues/8066). ## Miscellaneous internal changes - Replaced all `tmpdir` fixtures with `tmp_path` in test suite. *Related issues and pull requests on GitHub:* [#3551](https://togithub.com/aio-libs/aiohttp/issues/3551). *** ### [`v3.9.1`](https://togithub.com/aio-libs/aiohttp/blob/HEAD/CHANGES.rst#391-2023-11-26) [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.0...v3.9.1) \================== ## Bugfixes - Fixed importing aiohttp under PyPy on Windows. `#7848 `\_ - Fixed async concurrency safety in websocket compressor. `#7865 `\_ - Fixed `ClientResponse.close()` releasing the connection instead of closing. `#7869 `\_ - Fixed a regression where connection may get closed during upgrade. -- by :user:`Dreamsorcerer` `#7879 `\_ - Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:`Dreamsorcerer` `#7895 `\_ *** ### [`v3.9.0`](https://togithub.com/aio-libs/aiohttp/blob/HEAD/CHANGES.rst#390-2023-11-18) [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.0rc0...v3.9.0) \================== ## Features - Introduced `AppKey` for static typing support of `Application` storage. See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config `#5864 `\_ - Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called. The period can be adjusted with the `shutdown_timeout` parameter. -- by :user:`Dreamsorcerer`. See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown `#7188 `\_ - Added `handler_cancellation `\_ parameter to cancel web handler on client disconnection. -- by :user:`mosquito` This (optionally) reintroduces a feature removed in a previous release. Recommended for those looking for an extra level of protection against denial-of-service attacks. `#7056 `\_ - Added support for setting response header parameters `max_line_size` and `max_field_size`. `#2304 `\_ - Added `auto_decompress` parameter to `ClientSession.request` to override `ClientSession._auto_decompress`. -- by :user:`Daste745` `#3751 `\_ - Changed `raise_for_status` to allow a coroutine. `#3892 `\_ - Added client brotli compression support (optional with runtime check). `#5219 `\_ - Added `client_max_size` to `BaseRequest.clone()` to allow overriding the request body size. -- :user:`anesabml`. `#5704 `\_ - Added a middleware type alias `aiohttp.typedefs.Middleware`. `#5898 `\_ - Exported `HTTPMove` which can be used to catch any redirection request that has a location -- :user:`dreamsorcerer`. `#6594 `\_ - Changed the `path` parameter in `web.run_app()` to accept a `pathlib.Path` object. `#6839 `\_ - Performance: Skipped filtering `CookieJar` when the jar is empty or all cookies have expired. `#7819 `\_ - Performance: Only check origin if insecure scheme and there are origins to treat as secure, in `CookieJar.filter_cookies()`. `#7821 `\_ - Performance: Used timestamp instead of `datetime` to achieve faster cookie expiration in `CookieJar`. `#7824 `\_ - Added support for passing a custom server name parameter to HTTPS connection. `#7114 `\_ - Added support for using Basic Auth credentials from :file:`.netrc` file when making HTTP requests with the :py:class:`~aiohttp.ClientSession` `trust_env` argument is set to `True`. -- by :user:`yuvipanda`. `#7131 `\_ - Turned access log into no-op when the logger is disabled. `#7240 `\_ - Added typing information to `RawResponseMessage`. -- by :user:`Gobot1234` `#7365 `\_ - Removed `async-timeout` for Python 3.11+ (replaced with `asyncio.timeout()` on newer releases). `#7502 `\_ - Added support for `brotlicffi` as an alternative to `brotli` (fixing Brotli support on PyPy). `#7611 `\_ - Added `WebSocketResponse.get_extra_info()` to access a protocol transport's extra info. `#7078 `\_ - Allow `link` argument to be set to None/empty in HTTP 451 exception. `#7689 `\_ ## Bugfixes - Implemented stripping the trailing dots from fully-qualified domain names in `Host` headers and TLS context when acting as an HTTP client. This allows the client to connect to URLs with FQDN host name like `https://example.com./`. \-- by :user:`martin-sucha`. `#3636 `\_ - Fixed client timeout not working when incoming data is always available without waiting. -- by :user:`Dreamsorcerer`. `#5854 `\_ - Fixed `readuntil` to work with a delimiter of more than one character. `#6701 `\_ - Added `__repr__` to `EmptyStreamReader` to avoid `AttributeError`. `#6916 `\_ - Fixed bug when using `TCPConnector` with `ttl_dns_cache=0`. `#7014 `\_ - Fixed response returned from expect handler being thrown away. -- by :user:`Dreamsorcerer` `#7025 `\_ - Avoided raising `UnicodeDecodeError` in multipart and in HTTP headers parsing. `#7044 `\_ - Changed `sock_read` timeout to start after writing has finished, avoiding read timeouts caused by an unfinished write. -- by :user:`dtrifiro` `#7149 `\_ - Fixed missing query in tracing method URLs when using `yarl` 1.9+. `#7259 `\_ - Changed max 32-bit timestamp to an aware datetime object, for consistency with the non-32-bit one, and to avoid a `DeprecationWarning` on Python 3.12. `#7302 `\_ - Fixed `EmptyStreamReader.iter_chunks()` never ending. -- by :user:`mind1m` `#7616 `\_ - Fixed a rare `RuntimeError: await wasn't used with future` exception. -- by :user:`stalkerg` `#7785 `\_ - Fixed issue with insufficient HTTP method and version validation. `#7700 `\_ - Added check to validate that absolute URIs have schemes. `#7712 `\_ - Fixed unhandled exception when Python HTTP parser encounters unpaired Unicode surrogates. `#7715 `\_ - Updated parser to disallow invalid characters in header field names and stop accepting LF as a request line separator. `#7719 `\_ - Fixed Python HTTP parser not treating 204/304/1xx as an empty body. `#7755 `\_ - Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3. `#7756 `\_ - Fixed an issue when a client request is closed before completing a chunked payload. -- by :user:`Dreamsorcerer` `#7764 `\_ - Edge Case Handling for ResponseParser for missing reason value. `#7776 `\_ - Fixed `ClientWebSocketResponse.close_code` being erroneously set to `None` when there are concurrent async tasks receiving data and closing the connection. `#7306 `\_ - Added HTTP method validation. `#6533 `\_ - Fixed arbitrary sequence types being allowed to inject values via version parameter. -- by :user:`Dreamsorcerer` `#7835 `\_ - Performance: Fixed increase in latency with small messages from websocket compression changes. `#7797 `\_ ## Improved Documentation - Fixed the `ClientResponse.release`'s type in the doc. Changed from `comethod` to `method`. `#5836 `\_ - Added information on behavior of base_url parameter in `ClientSession`. `#6647 `\_ - Fixed `ClientResponseError` docs. `#6700 `\_ - Updated Redis code examples to follow the latest API. `#6907 `\_ - Added a note about possibly needing to update headers when using `on_response_prepare`. -- by :user:`Dreamsorcerer` `#7283 `\_ - Completed `trust_env` parameter description to honor `wss_proxy`, `ws_proxy` or `no_proxy` env. `#7325 `\_ - Expanded SSL documentation with more examples (e.g. how to use certifi). -- by :user:`Dreamsorcerer` `#7334 `\_ - Fix, update, and improve client exceptions documentation. `#7733 `\_ ## Deprecations and Removals - Added `shutdown_timeout` parameter to `BaseRunner`, while deprecating `shutdown_timeout` parameter from `BaseSite`. -- by :user:`Dreamsorcerer` `#7718 `\_ - Dropped Python 3.6 support. `#6378 `\_ - Dropped Python 3.7 support. -- by :user:`Dreamsorcerer` `#7336 `\_ - Removed support for abandoned `tokio` event loop. -- by :user:`Dreamsorcerer` `#7281 `\_ ## Misc - Made `print` argument in `run_app()` optional. `#3690 `\_ - Improved performance of `ceil_timeout` in some cases. `#6316 `\_ - Changed importing Gunicorn to happen on-demand, decreasing import time by ~53%. -- :user:`Dreamsorcerer` `#6591 `\_ - Improved import time by replacing `http.server` with `http.HTTPStatus`. `#6903 `\_ - Fixed annotation of `ssl` parameter to disallow `True`. -- by :user:`Dreamsorcerer`. `#7335 `\_ *** ### [`v3.9.0rc0`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.0rc0): 3.9.0rc0 [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.0b1...v3.9.0rc0) ## Features - Performance: Skipped filtering `CookieJar` when the jar is empty or all cookies have expired. ([#7819](https://togithub.com/aio-libs/aiohttp/issues/7819)) - Performance: Only check origin if insecure scheme and there are origins to treat as secure, in `CookieJar.filter_cookies()`. ([#7821](https://togithub.com/aio-libs/aiohttp/issues/7821)) - Performance: Used timestamp instead of `datetime` to achieve faster cookie expiration in `CookieJar`. ([#7824](https://togithub.com/aio-libs/aiohttp/issues/7824)) ## Bugfixes - Fixed an issue where the client could go into an infinite loop. -- by :user:`Dreamsorcerer` ([#7815](https://togithub.com/aio-libs/aiohttp/issues/7815)) - Added HTTP method validation. ([#6533](https://togithub.com/aio-libs/aiohttp/issues/6533)) - Fixed arbitrary sequence types being allowed to inject values via version parameter. -- by :user:`Dreamsorcerer` ([#7835](https://togithub.com/aio-libs/aiohttp/issues/7835)) - Performance: Fixed increase in latency with small messages from websocket compression changes. ([#7797](https://togithub.com/aio-libs/aiohttp/issues/7797)) *** ### [`v3.9.0b1`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.0b1): 3.9.0b1 [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.0b0...v3.9.0b1) ## Features - Added `WebSocketResponse.get_extra_info()` to access a protocol transport's extra info. ([#7078](https://togithub.com/aio-libs/aiohttp/issues/7078)) - Allow `link` argument to be set to None/empty in HTTP 451 exception. ([#7689](https://togithub.com/aio-libs/aiohttp/issues/7689)) - Added `shutdown_timeout` parameter to `BaseRunner`, while deprecating `shutdown_timeout` parameter from `BaseSite`. -- by :user:`Dreamsorcerer` ([#7718](https://togithub.com/aio-libs/aiohttp/issues/7718)) ## Bugfixes - Fixed keep-alive connections stopping a graceful shutdown. -- by :user:`Dreamsorcerer` ([#7718](https://togithub.com/aio-libs/aiohttp/issues/7718)) - Fixed `ClientWebSocketResponse.close_code` being erroneously set to `None` when there are concurrent async tasks receiving data and closing the connection. ([#7306](https://togithub.com/aio-libs/aiohttp/issues/7306)) - Changed `AppKey` warning to `web.NotAppKeyWarning` and stop it being displayed by default. -- by :user:`Dreamsorcerer` ([#7677](https://togithub.com/aio-libs/aiohttp/issues/7677)) - Fix issue with insufficient HTTP method and version validation. ([#7700](https://togithub.com/aio-libs/aiohttp/issues/7700)) - Add check to validate that absolute URIs have schemes. ([#7712](https://togithub.com/aio-libs/aiohttp/issues/7712)) - Fix unhandled exception when Python HTTP parser encounters unpaired Unicode surrogates. ([#7715](https://togithub.com/aio-libs/aiohttp/issues/7715)) - Update parser to disallow invalid characters in header field names and stop accepting LF as a request line separator. ([#7719](https://togithub.com/aio-libs/aiohttp/issues/7719)) - Fix py http parser not treating 204/304/1xx as an empty body ([#7755](https://togithub.com/aio-libs/aiohttp/issues/7755)) - Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3 ([#7756](https://togithub.com/aio-libs/aiohttp/issues/7756)) - Fixed an issue when a client request is closed before completing a chunked payload -- by :user:`Dreamsorcerer` ([#7764](https://togithub.com/aio-libs/aiohttp/issues/7764)) - Edge Case Handling for ResponseParser for missing reason value ([#7776](https://togithub.com/aio-libs/aiohttp/issues/7776)) - Fixed a rare `RuntimeError: await wasn't used with future` exception -- by :user:`stalkerg` ([#7785](https://togithub.com/aio-libs/aiohttp/issues/7785)) ## Improved Documentation - Fix, update, and improve client exceptions documentation. ([#7733](https://togithub.com/aio-libs/aiohttp/issues/7733)) ***

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

alexrudd2 / pymodbus

Update dependency repl/aiohttp to >=3.9.3 - autoclosed #29

Release Notes

Configuration