search

postlund / pyatv

A client library for Apple TV and AirPlay devices
https://pyatv.dev
MIT License
836 stars 89 forks source link

build(deps): Bump aiohttp from 3.9.1 to 3.9.2 in /requirements #2342

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps aiohttp from 3.9.1 to 3.9.2.

Release notes

Sourced from aiohttp's releases.

3.9.2

Bug fixes

  • Fixed server-side websocket connection leak.

    Related issues and pull requests on GitHub: #7978.

  • Fixed web.FileResponse doing blocking I/O in the event loop.

    Related issues and pull requests on GitHub: #8012.

  • Fixed double compress when compression enabled and compressed file exists in server file responses.

    Related issues and pull requests on GitHub: #8014.

  • Added runtime type check for ClientSession timeout parameter.

    Related issues and pull requests on GitHub: #8021.

  • Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:pajod.

    Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with :rfc:9110#section-5.6.2 and are not known to be of any legitimate use.

    Related issues and pull requests on GitHub: #8074.

  • Improved validation of paths for static resources requests to the server -- by :user:bdraco.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.9.2 (2024-01-28)

Bug fixes

  • Fixed server-side websocket connection leak.

    Related issues and pull requests on GitHub: :issue:7978.

  • Fixed web.FileResponse doing blocking I/O in the event loop.

    Related issues and pull requests on GitHub: :issue:8012.

  • Fixed double compress when compression enabled and compressed file exists in server file responses.

    Related issues and pull requests on GitHub: :issue:8014.

  • Added runtime type check for ClientSession timeout parameter.

    Related issues and pull requests on GitHub: :issue:8021.

  • Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:pajod.

    Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with :rfc:9110#section-5.6.2 and are not known to be of any legitimate use.

    Related issues and pull requests on GitHub: :issue:8074.

... (truncated)

Commits
  • 24a6d64 Release v3.9.2 (#8082)
  • 9118a58 [PR #8079/1c335944 backport][3.9] Validate static paths (#8080)
  • 435ad46 [PR #3955/8960063e backport][3.9] Replace all tmpdir fixtures with tmp_path (...
  • d33bc21 Improve validation in HTTP parser (#8074) (#8078)
  • 0d945d1 [PR #7916/822fbc74 backport][3.9] Add more information to contributing page (...
  • 3ec4fa1 [PR #8069/69bbe874 backport][3.9] 📝 Only show changelog draft for non-release...
  • 419d715 [PR #8066/cba34699 backport][3.9] 💅📝 Restructure the changelog for clarity (#...
  • a54dab3 [PR #8049/a379e634 backport][3.9] Set cause for ClientPayloadError (#8050)
  • 437ac47 [PR #7995/43a5bc50 backport][3.9] Fix examples of fallback_charset_resolver...
  • 034e5e3 [PR #8042/4b91b530 backport][3.9] Tightening the runtime type check for ssl (...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 4 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (4b00261) 88.91% compared to head (ea402df) 88.78%.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #2342 +/- ## ========================================== - Coverage 88.91% 88.78% -0.14% ========================================== Files 168 168 Lines 11370 11370 ========================================== - Hits 10110 10095 -15 - Misses 1260 1275 +15 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

dependabot[bot] commented 4 months ago

Superseded by #2343.