build(deps): Bump aiohttp from 3.8.4 to 3.8.5 in /requirements

Bumps aiohttp from 3.8.4 to 3.8.5.

Release notes

3.8.5

Security bugfixes

Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz and :user:Dreamsorcerer.

Thanks to :user:sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w.

.. _llhttp: https://llhttp.org

(#7346)

Features

Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

(#7366)

Bugfixes

Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

(#3355)

Changelog

Sourced from aiohttp's changelog.

3.8.5 (2023-07-19)

Security bugfixes

Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz and :user:Dreamsorcerer.

Thanks to :user:sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w.

.. _llhttp: https://llhttp.org

[#7346](https://github.com/aio-libs/aiohttp/issues/7346) <https://github.com/aio-libs/aiohttp/issues/7346>_

Features

Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

[#7366](https://github.com/aio-libs/aiohttp/issues/7366) <https://github.com/aio-libs/aiohttp/issues/7366>_

Bugfixes

Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

[#3355](https://github.com/aio-libs/aiohttp/issues/3355) <https://github.com/aio-libs/aiohttp/issues/3355>_

Commits

9c13a52 Bump aiohttp to v3.8.5 a security release
7c02129  Bump pypa/cibuildwheel to v2.14.1
135a45e Improve error messages from C parser (#7366) (#7380)
9337fb3 Fix bump llhttp to v8.1.1 (#7367) (#7377)
f07e9b4 [PR #7373/66e261a5 backport][3.8] Drop azure mention (#7374)
01d9b70 [PR #7370/22c264ce backport][3.8] fix: Spelling error fixed (#7371)
3577b1e [PR #7359/7911f1e9 backport][3.8]  Set up secretless publishing to PyPI (#7360)
8d45f9c [PR #7333/3a54d378 backport][3.8] Fix TLS transport is None error (#7357)
dd8e24e [PR #7343/18057581 backport][3.8] Mention encoding in yarl.URL (#7355)
4087410 [PR #7346/346fd202 backport][3.8]  Bump vendored llhttp to v8.1.1 (#7352)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

postlund / pyatv

build(deps): Bump aiohttp from 3.8.4 to 3.8.5 in /requirements #2102

3.8.5

Security bugfixes

Features

Bugfixes

3.8.5 (2023-07-19)

Security bugfixes

Features

Bugfixes

Codecov Report