aio-libs/aiohttp (simulator/aiohttp)
### [`v3.9.3`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.3): 3.9.3
[Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.2...v3.9.3)
## Bug fixes
- Fixed backwards compatibility breakage (in 3.9.2) of `ssl` parameter when set outside
of `ClientSession` (e.g. directly in `TCPConnector`) -- by :user:`Dreamsorcerer`.
*Related issues and pull requests on GitHub:*
[#8097](https://togithub.com/aio-libs/aiohttp/issues/8097), [#8098](https://togithub.com/aio-libs/aiohttp/issues/8098).
## Miscellaneous internal changes
- Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures.
*Related issues and pull requests on GitHub:*
[#3957](https://togithub.com/aio-libs/aiohttp/issues/3957).
***
### [`v3.9.2`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.2): 3.9.2
[Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.1...v3.9.2)
## Bug fixes
- Fixed server-side websocket connection leak.
*Related issues and pull requests on GitHub:*
[#7978](https://togithub.com/aio-libs/aiohttp/issues/7978).
- Fixed `web.FileResponse` doing blocking I/O in the event loop.
*Related issues and pull requests on GitHub:*
[#8012](https://togithub.com/aio-libs/aiohttp/issues/8012).
- Fixed double compress when compression enabled and compressed file exists in server file responses.
*Related issues and pull requests on GitHub:*
[#8014](https://togithub.com/aio-libs/aiohttp/issues/8014).
- Added runtime type check for `ClientSession` `timeout` parameter.
*Related issues and pull requests on GitHub:*
[#8021](https://togithub.com/aio-libs/aiohttp/issues/8021).
- Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:`pajod`.
Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected.
Invalid header field names containing question mark or slash are now rejected.
Such requests are incompatible with :rfc:`9110#section-5.6.2` and are not known to be of any legitimate use.
*Related issues and pull requests on GitHub:*
[#8074](https://togithub.com/aio-libs/aiohttp/issues/8074).
- Improved validation of paths for static resources requests to the server -- by :user:`bdraco`.
*Related issues and pull requests on GitHub:*
[#8079](https://togithub.com/aio-libs/aiohttp/issues/8079).
## Features
- Added support for passing :py:data:`True` to `ssl` parameter in `ClientSession` while
deprecating :py:data:`None` -- by :user:`xiangyan99`.
*Related issues and pull requests on GitHub:*
[#7698](https://togithub.com/aio-libs/aiohttp/issues/7698).
## Breaking changes
- Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:`pajod`.
Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected.
Invalid header field names containing question mark or slash are now rejected.
Such requests are incompatible with :rfc:`9110#section-5.6.2` and are not known to be of any legitimate use.
*Related issues and pull requests on GitHub:*
[#8074](https://togithub.com/aio-libs/aiohttp/issues/8074).
## Improved documentation
- Fixed examples of `fallback_charset_resolver` function in the :doc:`client_advanced` document. -- by :user:`henry0312`.
*Related issues and pull requests on GitHub:*
[#7995](https://togithub.com/aio-libs/aiohttp/issues/7995).
- The Sphinx setup was updated to avoid showing the empty
changelog draft section in the tagged release documentation
builds on Read The Docs -- by :user:`webknjaz`.
*Related issues and pull requests on GitHub:*
[#8067](https://togithub.com/aio-libs/aiohttp/issues/8067).
## Packaging updates and notes for downstreams
- The changelog categorization was made clearer. The
contributors can now mark their fragment files more
accurately -- by :user:`webknjaz`.
The new category tags are:
* ``bugfix``
* ``feature``
* ``deprecation``
* ``breaking`` (previously, ``removal``)
* ``doc``
* ``packaging``
* ``contrib``
* ``misc``
*Related issues and pull requests on GitHub:*
[#8066](https://togithub.com/aio-libs/aiohttp/issues/8066).
## Contributor-facing changes
- Updated :ref:`contributing/Tests coverage ` section to show how we use `codecov` -- by :user:`Dreamsorcerer`.
*Related issues and pull requests on GitHub:*
[#7916](https://togithub.com/aio-libs/aiohttp/issues/7916).
- The changelog categorization was made clearer. The
contributors can now mark their fragment files more
accurately -- by :user:`webknjaz`.
The new category tags are:
* ``bugfix``
* ``feature``
* ``deprecation``
* ``breaking`` (previously, ``removal``)
* ``doc``
* ``packaging``
* ``contrib``
* ``misc``
*Related issues and pull requests on GitHub:*
[#8066](https://togithub.com/aio-libs/aiohttp/issues/8066).
## Miscellaneous internal changes
- Replaced all `tmpdir` fixtures with `tmp_path` in test suite.
*Related issues and pull requests on GitHub:*
[#3551](https://togithub.com/aio-libs/aiohttp/issues/3551).
***
### [`v3.9.1`](https://togithub.com/aio-libs/aiohttp/blob/HEAD/CHANGES.rst#391-2023-11-26)
[Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.0...v3.9.1)
\==================
## Bugfixes
- Fixed importing aiohttp under PyPy on Windows.
`#7848 `\_
- Fixed async concurrency safety in websocket compressor.
`#7865 `\_
- Fixed `ClientResponse.close()` releasing the connection instead of closing.
`#7869 `\_
- Fixed a regression where connection may get closed during upgrade. -- by :user:`Dreamsorcerer`
`#7879 `\_
- Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:`Dreamsorcerer`
`#7895 `\_
***
### [`v3.9.0`](https://togithub.com/aio-libs/aiohttp/blob/HEAD/CHANGES.rst#390-2023-11-18)
[Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.0rc0...v3.9.0)
\==================
## Features
- Introduced `AppKey` for static typing support of `Application` storage.
See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config
`#5864 `\_
- Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called.
The period can be adjusted with the `shutdown_timeout` parameter. -- by :user:`Dreamsorcerer`.
See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown
`#7188 `\_
- Added `handler_cancellation `\_ parameter to cancel web handler on client disconnection. -- by :user:`mosquito`
This (optionally) reintroduces a feature removed in a previous release.
Recommended for those looking for an extra level of protection against denial-of-service attacks.
`#7056 `\_
- Added support for setting response header parameters `max_line_size` and `max_field_size`.
`#2304 `\_
- Added `auto_decompress` parameter to `ClientSession.request` to override `ClientSession._auto_decompress`. -- by :user:`Daste745`
`#3751 `\_
- Changed `raise_for_status` to allow a coroutine.
`#3892 `\_
- Added client brotli compression support (optional with runtime check).
`#5219 `\_
- Added `client_max_size` to `BaseRequest.clone()` to allow overriding the request body size. -- :user:`anesabml`.
`#5704 `\_
- Added a middleware type alias `aiohttp.typedefs.Middleware`.
`#5898 `\_
- Exported `HTTPMove` which can be used to catch any redirection request
that has a location -- :user:`dreamsorcerer`.
`#6594 `\_
- Changed the `path` parameter in `web.run_app()` to accept a `pathlib.Path` object.
`#6839 `\_
- Performance: Skipped filtering `CookieJar` when the jar is empty or all cookies have expired.
`#7819 `\_
- Performance: Only check origin if insecure scheme and there are origins to treat as secure, in `CookieJar.filter_cookies()`.
`#7821 `\_
- Performance: Used timestamp instead of `datetime` to achieve faster cookie expiration in `CookieJar`.
`#7824 `\_
- Added support for passing a custom server name parameter to HTTPS connection.
`#7114 `\_
- Added support for using Basic Auth credentials from :file:`.netrc` file when making HTTP requests with the
:py:class:`~aiohttp.ClientSession` `trust_env` argument is set to `True`. -- by :user:`yuvipanda`.
`#7131 `\_
- Turned access log into no-op when the logger is disabled.
`#7240 `\_
- Added typing information to `RawResponseMessage`. -- by :user:`Gobot1234`
`#7365 `\_
- Removed `async-timeout` for Python 3.11+ (replaced with `asyncio.timeout()` on newer releases).
`#7502 `\_
- Added support for `brotlicffi` as an alternative to `brotli` (fixing Brotli support on PyPy).
`#7611 `\_
- Added `WebSocketResponse.get_extra_info()` to access a protocol transport's extra info.
`#7078 `\_
- Allow `link` argument to be set to None/empty in HTTP 451 exception.
`#7689 `\_
## Bugfixes
- Implemented stripping the trailing dots from fully-qualified domain names in `Host` headers and TLS context when acting as an HTTP client.
This allows the client to connect to URLs with FQDN host name like `https://example.com./`.
\-- by :user:`martin-sucha`.
`#3636 `\_
- Fixed client timeout not working when incoming data is always available without waiting. -- by :user:`Dreamsorcerer`.
`#5854 `\_
- Fixed `readuntil` to work with a delimiter of more than one character.
`#6701 `\_
- Added `__repr__` to `EmptyStreamReader` to avoid `AttributeError`.
`#6916 `\_
- Fixed bug when using `TCPConnector` with `ttl_dns_cache=0`.
`#7014 `\_
- Fixed response returned from expect handler being thrown away. -- by :user:`Dreamsorcerer`
`#7025 `\_
- Avoided raising `UnicodeDecodeError` in multipart and in HTTP headers parsing.
`#7044 `\_
- Changed `sock_read` timeout to start after writing has finished, avoiding read timeouts caused by an unfinished write. -- by :user:`dtrifiro`
`#7149 `\_
- Fixed missing query in tracing method URLs when using `yarl` 1.9+.
`#7259 `\_
- Changed max 32-bit timestamp to an aware datetime object, for consistency with the non-32-bit one, and to avoid a `DeprecationWarning` on Python 3.12.
`#7302 `\_
- Fixed `EmptyStreamReader.iter_chunks()` never ending. -- by :user:`mind1m`
`#7616 `\_
- Fixed a rare `RuntimeError: await wasn't used with future` exception. -- by :user:`stalkerg`
`#7785 `\_
- Fixed issue with insufficient HTTP method and version validation.
`#7700 `\_
- Added check to validate that absolute URIs have schemes.
`#7712 `\_
- Fixed unhandled exception when Python HTTP parser encounters unpaired Unicode surrogates.
`#7715 `\_
- Updated parser to disallow invalid characters in header field names and stop accepting LF as a request line separator.
`#7719 `\_
- Fixed Python HTTP parser not treating 204/304/1xx as an empty body.
`#7755 `\_
- Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3.
`#7756 `\_
- Fixed an issue when a client request is closed before completing a chunked payload. -- by :user:`Dreamsorcerer`
`#7764 `\_
- Edge Case Handling for ResponseParser for missing reason value.
`#7776 `\_
- Fixed `ClientWebSocketResponse.close_code` being erroneously set to `None` when there are concurrent async tasks receiving data and closing the connection.
`#7306 `\_
- Added HTTP method validation.
`#6533 `\_
- Fixed arbitrary sequence types being allowed to inject values via version parameter. -- by :user:`Dreamsorcerer`
`#7835 `\_
- Performance: Fixed increase in latency with small messages from websocket compression changes.
`#7797 `\_
## Improved Documentation
- Fixed the `ClientResponse.release`'s type in the doc. Changed from `comethod` to `method`.
`#5836 `\_
- Added information on behavior of base_url parameter in `ClientSession`.
`#6647 `\_
- Fixed `ClientResponseError` docs.
`#6700 `\_
- Updated Redis code examples to follow the latest API.
`#6907 `\_
- Added a note about possibly needing to update headers when using `on_response_prepare`. -- by :user:`Dreamsorcerer`
`#7283 `\_
- Completed `trust_env` parameter description to honor `wss_proxy`, `ws_proxy` or `no_proxy` env.
`#7325 `\_
- Expanded SSL documentation with more examples (e.g. how to use certifi). -- by :user:`Dreamsorcerer`
`#7334 `\_
- Fix, update, and improve client exceptions documentation.
`#7733 `\_
## Deprecations and Removals
- Added `shutdown_timeout` parameter to `BaseRunner`, while
deprecating `shutdown_timeout` parameter from `BaseSite`. -- by :user:`Dreamsorcerer`
`#7718 `\_
- Dropped Python 3.6 support.
`#6378 `\_
- Dropped Python 3.7 support. -- by :user:`Dreamsorcerer`
`#7336 `\_
- Removed support for abandoned `tokio` event loop. -- by :user:`Dreamsorcerer`
`#7281 `\_
## Misc
- Made `print` argument in `run_app()` optional.
`#3690 `\_
- Improved performance of `ceil_timeout` in some cases.
`#6316 `\_
- Changed importing Gunicorn to happen on-demand, decreasing import time by ~53%. -- :user:`Dreamsorcerer`
`#6591 `\_
- Improved import time by replacing `http.server` with `http.HTTPStatus`.
`#6903 `\_
- Fixed annotation of `ssl` parameter to disallow `True`. -- by :user:`Dreamsorcerer`.
`#7335 `\_
***
### [`v3.9.0rc0`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.0rc0): 3.9.0rc0
[Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.0b1...v3.9.0rc0)
## Features
- Performance: Skipped filtering `CookieJar` when the jar is empty or all cookies have expired.
([#7819](https://togithub.com/aio-libs/aiohttp/issues/7819))
- Performance: Only check origin if insecure scheme and there are origins to treat as secure, in `CookieJar.filter_cookies()`.
([#7821](https://togithub.com/aio-libs/aiohttp/issues/7821))
- Performance: Used timestamp instead of `datetime` to achieve faster cookie expiration in `CookieJar`.
([#7824](https://togithub.com/aio-libs/aiohttp/issues/7824))
## Bugfixes
- Fixed an issue where the client could go into an infinite loop. -- by :user:`Dreamsorcerer`
([#7815](https://togithub.com/aio-libs/aiohttp/issues/7815))
- Added HTTP method validation.
([#6533](https://togithub.com/aio-libs/aiohttp/issues/6533))
- Fixed arbitrary sequence types being allowed to inject values via version parameter. -- by :user:`Dreamsorcerer`
([#7835](https://togithub.com/aio-libs/aiohttp/issues/7835))
- Performance: Fixed increase in latency with small messages from websocket compression changes.
([#7797](https://togithub.com/aio-libs/aiohttp/issues/7797))
***
### [`v3.9.0b1`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.0b1): 3.9.0b1
[Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.0b0...v3.9.0b1)
## Features
- Added `WebSocketResponse.get_extra_info()` to access a protocol transport's extra info.
([#7078](https://togithub.com/aio-libs/aiohttp/issues/7078))
- Allow `link` argument to be set to None/empty in HTTP 451 exception.
([#7689](https://togithub.com/aio-libs/aiohttp/issues/7689))
- Added `shutdown_timeout` parameter to `BaseRunner`, while
deprecating `shutdown_timeout` parameter from `BaseSite`. -- by :user:`Dreamsorcerer`
([#7718](https://togithub.com/aio-libs/aiohttp/issues/7718))
## Bugfixes
- Fixed keep-alive connections stopping a graceful shutdown. -- by :user:`Dreamsorcerer`
([#7718](https://togithub.com/aio-libs/aiohttp/issues/7718))
- Fixed `ClientWebSocketResponse.close_code` being erroneously set to `None` when there are concurrent async tasks receiving data and closing the connection.
([#7306](https://togithub.com/aio-libs/aiohttp/issues/7306))
- Changed `AppKey` warning to `web.NotAppKeyWarning` and stop it being displayed by default. -- by :user:`Dreamsorcerer`
([#7677](https://togithub.com/aio-libs/aiohttp/issues/7677))
- Fix issue with insufficient HTTP method and version validation.
([#7700](https://togithub.com/aio-libs/aiohttp/issues/7700))
- Add check to validate that absolute URIs have schemes.
([#7712](https://togithub.com/aio-libs/aiohttp/issues/7712))
- Fix unhandled exception when Python HTTP parser encounters unpaired Unicode surrogates.
([#7715](https://togithub.com/aio-libs/aiohttp/issues/7715))
- Update parser to disallow invalid characters in header field names and stop accepting LF as a request line separator.
([#7719](https://togithub.com/aio-libs/aiohttp/issues/7719))
- Fix py http parser not treating 204/304/1xx as an empty body
([#7755](https://togithub.com/aio-libs/aiohttp/issues/7755))
- Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3
([#7756](https://togithub.com/aio-libs/aiohttp/issues/7756))
- Fixed an issue when a client request is closed before completing a chunked payload -- by :user:`Dreamsorcerer`
([#7764](https://togithub.com/aio-libs/aiohttp/issues/7764))
- Edge Case Handling for ResponseParser for missing reason value
([#7776](https://togithub.com/aio-libs/aiohttp/issues/7776))
- Fixed a rare `RuntimeError: await wasn't used with future` exception -- by :user:`stalkerg`
([#7785](https://togithub.com/aio-libs/aiohttp/issues/7785))
## Improved Documentation
- Fix, update, and improve client exceptions documentation.
([#7733](https://togithub.com/aio-libs/aiohttp/issues/7733))
***
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
>=3.9.0b0
->>=3.9.3
>=3.8.6
->>=3.9.3
Release Notes
aio-libs/aiohttp (simulator/aiohttp)
### [`v3.9.3`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.3): 3.9.3 [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.2...v3.9.3) ## Bug fixes - Fixed backwards compatibility breakage (in 3.9.2) of `ssl` parameter when set outside of `ClientSession` (e.g. directly in `TCPConnector`) -- by :user:`Dreamsorcerer`. *Related issues and pull requests on GitHub:* [#8097](https://togithub.com/aio-libs/aiohttp/issues/8097), [#8098](https://togithub.com/aio-libs/aiohttp/issues/8098). ## Miscellaneous internal changes - Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures. *Related issues and pull requests on GitHub:* [#3957](https://togithub.com/aio-libs/aiohttp/issues/3957). *** ### [`v3.9.2`](https://togithub.com/aio-libs/aiohttp/releases/tag/v3.9.2): 3.9.2 [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.9.1...v3.9.2) ## Bug fixes - Fixed server-side websocket connection leak. *Related issues and pull requests on GitHub:* [#7978](https://togithub.com/aio-libs/aiohttp/issues/7978). - Fixed `web.FileResponse` doing blocking I/O in the event loop. *Related issues and pull requests on GitHub:* [#8012](https://togithub.com/aio-libs/aiohttp/issues/8012). - Fixed double compress when compression enabled and compressed file exists in server file responses. *Related issues and pull requests on GitHub:* [#8014](https://togithub.com/aio-libs/aiohttp/issues/8014). - Added runtime type check for `ClientSession` `timeout` parameter. *Related issues and pull requests on GitHub:* [#8021](https://togithub.com/aio-libs/aiohttp/issues/8021). - Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:`pajod`. Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with :rfc:`9110#section-5.6.2` and are not known to be of any legitimate use. *Related issues and pull requests on GitHub:* [#8074](https://togithub.com/aio-libs/aiohttp/issues/8074). - Improved validation of paths for static resources requests to the server -- by :user:`bdraco`. *Related issues and pull requests on GitHub:* [#8079](https://togithub.com/aio-libs/aiohttp/issues/8079). ## Features - Added support for passing :py:data:`True` to `ssl` parameter in `ClientSession` while deprecating :py:data:`None` -- by :user:`xiangyan99`. *Related issues and pull requests on GitHub:* [#7698](https://togithub.com/aio-libs/aiohttp/issues/7698). ## Breaking changes - Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:`pajod`. Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with :rfc:`9110#section-5.6.2` and are not known to be of any legitimate use. *Related issues and pull requests on GitHub:* [#8074](https://togithub.com/aio-libs/aiohttp/issues/8074). ## Improved documentation - Fixed examples of `fallback_charset_resolver` function in the :doc:`client_advanced` document. -- by :user:`henry0312`. *Related issues and pull requests on GitHub:* [#7995](https://togithub.com/aio-libs/aiohttp/issues/7995). - The Sphinx setup was updated to avoid showing the empty changelog draft section in the tagged release documentation builds on Read The Docs -- by :user:`webknjaz`. *Related issues and pull requests on GitHub:* [#8067](https://togithub.com/aio-libs/aiohttp/issues/8067). ## Packaging updates and notes for downstreams - The changelog categorization was made clearer. The contributors can now mark their fragment files more accurately -- by :user:`webknjaz`. The new category tags are: * ``bugfix`` * ``feature`` * ``deprecation`` * ``breaking`` (previously, ``removal``) * ``doc`` * ``packaging`` * ``contrib`` * ``misc`` *Related issues and pull requests on GitHub:* [#8066](https://togithub.com/aio-libs/aiohttp/issues/8066). ## Contributor-facing changes - Updated :ref:`contributing/Tests coverageConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by Mend Renovate. View repository job log here.