Fixed backwards compatibility breakage (in 3.9.2) of ssl parameter when set outside
of ClientSession (e.g. directly in TCPConnector) -- by :user:Dreamsorcerer.
Related issues and pull requests on GitHub:#8097, #8098.
Miscellaneous internal changes
Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures.
Fixed backwards compatibility breakage (in 3.9.2) of ssl parameter when set outside
of ClientSession (e.g. directly in TCPConnector) -- by :user:Dreamsorcerer.
Related issues and pull requests on GitHub:
:issue:8097, :issue:8098.
Miscellaneous internal changes
Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures.
Related issues and pull requests on GitHub:
:issue:3957.
Fix: setting COVERAGE_CORE=sysmon no longer errors on 3.11 and lower, thanks Hugo van Kemenade. It now issues a warning that sys.monitoring is not available and falls back to the default core instead.
Fix: setting COVERAGE_CORE=sysmon no longer errors on 3.11 and lower,
thanks Hugo van Kemenade <pull 1747_>_. It now issues a warning that
sys.monitoring is not available and falls back to the default core instead.
Upgraded the C-API macros that have been deprecated in Python 3.9 and later removed in 3.13 -- by @iemelyanov💰.
Related issues and pull requests on GitHub:#862, #864, #868, #898.
Reverted to using the public argument parsing API PyArg_ParseTupleAndKeywords() under Python 3.12 -- by @charles-dyfis-net💰 and @webknjaz💰.
The effect is that this change prevents build failures with clang 16.9.6 and gcc-14 reported in #926. It also fixes a segmentation fault crash caused by passing keyword arguments to MultiDict.getall() discovered by @jonaslb💰 and @hroncok💰 while examining the problem.
Related issues and pull requests on GitHub:#862, #909, #926, #929.
Fixed a SystemError: null argument to internal routine error on a MultiDict.items().isdisjoint() call when using C Extensions.
Upgraded the C-API macros that have been deprecated in Python 3.9
and later removed in 3.13 -- by :user:iemelyanov.
Related issues and pull requests on GitHub:
:issue:862, :issue:864, :issue:868, :issue:898.
Reverted to using the public argument parsing API
:c:func:PyArg_ParseTupleAndKeywords under Python 3.12
-- by :user:charles-dyfis-net and :user:webknjaz.
The effect is that this change prevents build failures with
clang 16.9.6 and gcc-14 reported in :issue:926. It also
fixes a segmentation fault crash caused by passing keyword
arguments to :py:meth:MultiDict.getall() <multidict.MultiDict.getall> discovered by :user:jonaslb
and :user:hroncok while examining the problem.
Related issues and pull requests on GitHub:
:issue:862, :issue:909, :issue:926, :issue:929.
Fixed a SystemError: null argument to internal routine error on
a MultiDict.items().isdisjoint() call when using C Extensions.
Related issues and pull requests on GitHub:
:issue:927.
Improved documentation
On the Contributing docs <https://github.com/aio-libs/multidict/blob/master/CHANGES/README.rst>_ page,
a link to the Towncrier philosophy has been fixed.
Fix typing errors with recent versions of mypy #769
Prevent DeprecationWarning about internal use of asyncio.get_event_loop() from affecting test cases #757
Known issues
As of v0.23, pytest-asyncio attaches an asyncio event loop to each item of the test suite (i.e. session, packages, modules, classes, functions) and allows tests to be run in those loops when marked accordingly. Pytest-asyncio currently assumes that async fixture scope is correlated with the new event loop scope. This prevents fixtures from being evaluated independently from the event loop scope and breaks some existing test suites (see #706). For example, a test suite may require all fixtures and tests to run in the same event loop, but have async fixtures that are set up and torn down for each module. If you're affected by this issue, please continue using the v0.21 release, until it is resolved.
Fix typing errors with recent versions of mypy #769
Known issues
As of v0.23, pytest-asyncio attaches an asyncio event loop to each item of the test suite (i.e. session, packages, modules, classes, functions) and allows tests to be run in those loops when marked accordingly. Pytest-asyncio currently assumes that async fixture scope is correlated with the new event loop scope. This prevents fixtures from being evaluated independently from the event loop scope and breaks some existing test suites (see #706). For example, a test suite may require all fixtures and tests to run in the same event loop, but have async fixtures that are set up and torn down for each module. If you're affected by this issue, please continue using the v0.21 release, until it is resolved.
pytest-asyncio 0.23.4
0.23.4 (2024-01-28)
pytest-asyncio no longer imports additional, unrelated packages during test collection #729
Addresses further issues that caused an internal pytest error during test collection
pytest-asyncio no longer imports additional, unrelated packages during test collection #729
Addresses further issues that caused an internal pytest error during test collection
Known issues
As of v0.23, pytest-asyncio attaches an asyncio event loop to each item of the test suite (i.e. session, packages, modules, classes, functions) and allows tests to be run in those loops when marked accordingly. Pytest-asyncio currently assumes that async fixture scope is correlated with the new event loop scope. This prevents fixtures from being evaluated independently from the event loop scope and breaks some existing test suites (see #706). For example, a test suite may require all fixtures and tests to run in the same event loop, but have async fixtures that are set up and torn down for each module. If you're affected by this issue, please continue using the v0.21 release, until it is resolved.
pytest-asyncio 0.23.4a1
0.23.4 (UNRELEASED)
pytest-asyncio no longer imports additional, unrelated packages during test collection #729
Known issues
As of v0.23, pytest-asyncio attaches an asyncio event loop to each item of the test suite (i.e. session, packages, modules, classes, functions) and allows tests to be run in those loops when marked accordingly. Pytest-asyncio currently assumes that async fixture scope is correlated with the new event loop scope. This prevents fixtures from being evaluated independently from the event loop scope and breaks some existing test suites (see #706). For example, a test suite may require all fixtures and tests to run in the same event loop, but have async fixtures that are set up and torn down for each module. If you're affected by this issue, please continue using the v0.21 release, until it is resolved.
pytest-asyncio 0.23.4a0
0.23.4 (UNRELEASED)
pytest-asyncio no longer imports additional, unrelated packages during test collection #729
Known issues
As of v0.23, pytest-asyncio attaches an asyncio event loop to each item of the test suite (i.e. session, packages, modules, classes, functions) and allows tests to be run in those loops when marked accordingly. Pytest-asyncio currently assumes that async fixture scope is correlated with the new event loop scope. This prevents fixtures from being evaluated independently from the event loop scope and breaks some existing test suites (see #706). For example, a test suite may require all fixtures and tests to run in the same event loop, but have async fixtures that are set up and torn down for each module. If you're affected by this issue, please continue using the v0.21 release, until it is resolved.
Commits
3aef605 [build] Update actions/upload-artifact and actions/download-artifact to v4.
4b1908d [fix] Prevent DeprecationWarning from bubbling to user code.
fc6d6cf Fix typing and update to mypy 1.8.0 (#769)
6008cf1 Build(deps): Bump pluggy from 1.3.0 to 1.4.0 in /dependencies/default
712c51b Build(deps): Bump coverage from 7.4.0 to 7.4.1 in /dependencies/default
42fd304 Build(deps): Bump hypothesis in /dependencies/default
a40b4f6 Build(deps): Bump urllib3 from 2.1.0 to 2.2.0 in /dependencies/docs
9d90f8e Build(deps): Bump certifi in /dependencies/docs
fe5da07 Build(deps): Bump markupsafe from 2.1.4 to 2.1.5 in /dependencies/docs
urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.
Thank you for your support.
Changes
Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. (#3331)
Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. (#3343)
Changed ProtocolError to InvalidChunkLength when response terminates before the chunk length is sent. (#2860)
Changed ProtocolError to be more verbose on incomplete reads with excess content. (#3261)
Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. ([#3331](https://github.com/urllib3/urllib3/issues/3331) <https://github.com/urllib3/urllib3/issues/3331>__)
Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. ([#3343](https://github.com/urllib3/urllib3/issues/3343) <https://github.com/urllib3/urllib3/issues/3343>__)
Changed InvalidChunkLength to ProtocolError when response terminates before the chunk length is sent. ([#2860](https://github.com/urllib3/urllib3/issues/2860) <https://github.com/urllib3/urllib3/issues/2860>__)
Changed ProtocolError to be more verbose on incomplete reads with excess content. ([#3261](https://github.com/urllib3/urllib3/issues/3261) <https://github.com/urllib3/urllib3/issues/3261>__)
Most Recent Ignore Conditions Applied to This Pull Request
| Dependency Name | Ignore Conditions |
| --- | --- |
| pydantic-core | [>= 2.11.a, < 2.12] |
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the dep-patch-updates group with 11 updates:
3.9.2
3.9.3
1.7.6
1.7.7
4.12.2
4.12.3
7.4.0
7.4.3
3.1.41
3.1.42
6.0.4
6.0.5
2.6.1
2.6.2
2.16.2
2.16.3
0.23.3
0.23.5
2.2.0
2.2.1
69.1.0
69.1.1
Updates
aiohttp
from 3.9.2 to 3.9.3Release notes
Sourced from aiohttp's releases.
Changelog
Sourced from aiohttp's changelog.
Commits
bf4edce
Release v3.9.3 (#8102)5637e8f
[PR #8098/aca206fc backport][3.9] Fix backwards compatibility with ssl (#8101)33f49e8
Bump pypa/cibuildwheel from 2.16.2 to 2.16.4 (#8092)5ff4b3c
Update version94462ee
[PR #3957/79fe2045 backport][3.9] Improve test suite handling of paths, temp ...Updates
bandit
from 1.7.6 to 1.7.7Release notes
Sourced from bandit's releases.
Commits
4c5b3c8
Downsize the org:repo name (#1104)3f86e84
Remove markdown formatting in reStructuredText formatted README (#1103)ff7ed4b
Introduce Official Bandit Images (#1088)99ddf6b
Bump actions/dependency-review-action from 3 to 4 (#1101)22c75a8
Rework GitPython dependency to be an extra for bandit-baseline (#1099)12e14f6
Prepend ./ for files specified as CLI args (#1094)0779eb0
Add random.randbytes to blacklist calls (#1096)7129108
Fix up issues found running Bandit on itself (#1093)c2bd6d6
Create a security policy (#1091)a78cafe
Add tidelift to the sponsor funding list (#1089)Updates
beautifulsoup4
from 4.12.2 to 4.12.3Updates
coverage[toml]
from 7.4.0 to 7.4.3Release notes
Sourced from coverage[toml]'s releases.
Changelog
Sourced from coverage[toml]'s changelog.
Commits
1af3624
docs: sample HTML for 7.4.3f06c5e4
docs: prep for 7.4.308fc997
fix: get atomic copies of iterables when flushing data. #17334e34571
build: put a time limit on the Python nightly testsa1d8d29
build: make targets should use underscores not dashesf7d40a0
build: tweak the release instructions0f19b82
build: bump version5d69334
test: if a test fails randomly, let it retry with@flaky
65d686c
docs: sample HTML for 7.4.2026dca7
docs: prep for 7.4.2Updates
gitpython
from 3.1.41 to 3.1.42Release notes
Sourced from gitpython's releases.
Commits
1f37b48
prepare the next release9caf3ae
Merge pull request #1825 from EliahKagan/tree-test2613421
Merge pull request #1823 from marcm-ml/masterb780a8c
Tweak@with_rw_directory
and go back to using it0114a99
Use more ligtweight approach to guarantee deletion90cf4d7
Fix new PermissionError in Windows with Python 3.7dd42e38
Keep temp files out of project dir and improve cleanup2671167
Remove deprecated section in README.md7ba3fd2
Bump Vampire/setup-wsl from 2.0.2 to 3.0.0e75ea98
Bump pre-commit/action from 3.0.0 to 3.0.1Updates
multidict
from 6.0.4 to 6.0.5Release notes
Sourced from multidict's releases.
... (truncated)
Changelog
Sourced from multidict's changelog.
... (truncated)
Commits
a9b281b
⇪ 📦 Release v6.0.5ed825c8
🧪 Download artifacts todist/
@ release job7b04a64
🧪 Normalize issue refs @ release action74840e8
🧪 Pass Codecov token to reusable linters job41c133e
🧪 Bump Codecov action to v4adb1976
📝 Fix return type @ Sphinx config99e435f
📝 Mention bylines in the changelog guidelines736169e
📝 Clarify need to only ref PR @ change note name887846f
📝 Highlight the RST term @ changelog guide8f57f8a
📝 Add a missing comma @ changelog guideUpdates
pydantic
from 2.6.1 to 2.6.2Release notes
Sourced from pydantic's releases.
Changelog
Sourced from pydantic's changelog.
Commits
511d862
fixing test0a2eee8
fix number8668927
Upgradepydantic-core
to 2.16.3 (#8879)18433ee
prep for 2.6.2, reformattingUpdates
pydantic-core
from 2.16.2 to 2.16.3Release notes
Sourced from pydantic-core's releases.
Commits
ab503cb
ci: updates for Rust 1.76 (#1191)200a68d
update version33f5d8f
date
string coerced todatetime
shouldn't infer timezone (#1193)Updates
pytest-asyncio
from 0.23.3 to 0.23.5Release notes
Sourced from pytest-asyncio's releases.
Commits
3aef605
[build] Update actions/upload-artifact and actions/download-artifact to v4.4b1908d
[fix] Prevent DeprecationWarning from bubbling to user code.fc6d6cf
Fix typing and update to mypy 1.8.0 (#769)6008cf1
Build(deps): Bump pluggy from 1.3.0 to 1.4.0 in /dependencies/default712c51b
Build(deps): Bump coverage from 7.4.0 to 7.4.1 in /dependencies/default42fd304
Build(deps): Bump hypothesis in /dependencies/defaulta40b4f6
Build(deps): Bump urllib3 from 2.1.0 to 2.2.0 in /dependencies/docs9d90f8e
Build(deps): Bump certifi in /dependencies/docsfe5da07
Build(deps): Bump markupsafe from 2.1.4 to 2.1.5 in /dependencies/docs42b140d
fix compatibility with pytest ^8 (#776)Updates
urllib3
from 2.2.0 to 2.2.1Release notes
Sourced from urllib3's releases.
Changelog
Sourced from urllib3's changelog.
Commits
54d6edf
Release 2.2.149b2dda
Stop casting request headers to HTTPHeaderDict (#3344)e22f651
Fix docstring of retries parameterfa54179
Distinguish between truncated and excess content in response (#3273)cfe52f9
Fix InsecureRequestWarning for HTTPS Emscripten requests (#3333)25155d7
Ensure no remote connections during testing (#3328)12f9233
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (#3340)9929d3c
Add nox session to start local Pyodide consoleaa8d3dd
Fix ssl_version tests for upcoming migration to pytest 823f2287
Remove TODO about informational responses (#3319)Updates
setuptools
from 69.1.0 to 69.1.1Changelog
Sourced from setuptools's changelog.
Commits
8c45d6e
Bump version: 69.1.0 → 69.1.1367559f
Cleanup withespace in Github issue template5a54d5b
Append arbitrary args instead of prepending (#4217)1719601
Append arbitrary args instead of prepending.a9e7b72
Bump test dependency onpackaging
to 23.2 (#4231)86a2899
Use setup.cfg to specify test dependency on packagingadc8999
PR number to newsfragment73466de
Bump packaging in tests to 23.2569fd7b
Add comments about Python version to bug-report.ymle4cca0e
Remove arbitrary equality operator from bug report template.Most Recent Ignore Conditions Applied to This Pull Request
| Dependency Name | Ignore Conditions | | --- | --- | | pydantic-core | [>= 2.11.a, < 2.12] |Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show