Skip to content

Commit defdda6

Browse files
dependabot[bot]dependabot[bot]
authored
Bump aiohttp from 3.9.1 to 3.9.2 (iMicknl#271)
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.9.1 to 3.9.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.9.2</h2> <h2>Bug fixes</h2> <ul> <li> <p>Fixed server-side websocket connection leak.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7978">#7978</a>.</p> </li> <li> <p>Fixed <code>web.FileResponse</code> doing blocking I/O in the event loop.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8012">#8012</a>.</p> </li> <li> <p>Fixed double compress when compression enabled and compressed file exists in server file responses.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8014">#8014</a>.</p> </li> <li> <p>Added runtime type check for <code>ClientSession</code> <code>timeout</code> parameter.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8021">#8021</a>.</p> </li> <li> <p>Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:<code>pajod</code>.</p> <p>Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with :rfc:<code>9110#section-5.6.2</code> and are not known to be of any legitimate use.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8074">#8074</a>.</p> </li> <li> <p>Improved validation of paths for static resources requests to the server -- by :user:<code>bdraco</code>.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.9.2 (2024-01-28)</h1> <h2>Bug fixes</h2> <ul> <li> <p>Fixed server-side websocket connection leak.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>7978</code>.</p> </li> <li> <p>Fixed <code>web.FileResponse</code> doing blocking I/O in the event loop.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8012</code>.</p> </li> <li> <p>Fixed double compress when compression enabled and compressed file exists in server file responses.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8014</code>.</p> </li> <li> <p>Added runtime type check for <code>ClientSession</code> <code>timeout</code> parameter.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8021</code>.</p> </li> <li> <p>Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by :user:<code>pajod</code>.</p> <p>Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with :rfc:<code>9110#section-5.6.2</code> and are not known to be of any legitimate use.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8074</code>.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aio-libs/aiohttp/commit/24a6d64966d99182e95f5d3a29541ef2fec397ad"><code>24a6d64</code></a> Release v3.9.2 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8082">#8082</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/9118a5831e8a65b8c839eb7e4ac983e040ff41df"><code>9118a58</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8079">#8079</a>/1c335944 backport][3.9] Validate static paths (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8080">#8080</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/435ad46e6c26cbf6ed9a38764e9ba8e7441a0e3b"><code>435ad46</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/3955">#3955</a>/8960063e backport][3.9] Replace all tmpdir fixtures with tmp_path (...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/d33bc21414e283c9e6fe7f6caf69e2ed60d66c82"><code>d33bc21</code></a> Improve validation in HTTP parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8074">#8074</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8078">#8078</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/0d945d1be08f2ba8475513216a66411f053c3217"><code>0d945d1</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7916">#7916</a>/822fbc74 backport][3.9] Add more information to contributing page (...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/3ec4fa1f0e0a0dad218c75dbe5ed09e22d5cc284"><code>3ec4fa1</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8069">#8069</a>/69bbe874 backport][3.9] 📝 Only show changelog draft for non-release...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/419d715c42c46daf1a59e0aff61c1f6d10236982"><code>419d715</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8066">#8066</a>/cba34699 backport][3.9] 💅📝 Restructure the changelog for clarity (#...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/a54dab3b36bcf0d815b9244f52ae7bc5da08f387"><code>a54dab3</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8049">#8049</a>/a379e634 backport][3.9] Set cause for ClientPayloadError (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8050">#8050</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/437ac47fe332106a07a2d5335bb89619f1bc23f7"><code>437ac47</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7995">#7995</a>/43a5bc50 backport][3.9] Fix examples of <code>fallback_charset_resolver</code>...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/034e5e34ee11c6138c773d85123490e691e1b708"><code>034e5e3</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8042">#8042</a>/4b91b530 backport][3.9] Tightening the runtime type check for ssl (...</li> <li>Additional commits viewable in <a href="https://github.com/aio-libs/aiohttp/compare/v3.9.1...v3.9.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.9.1&new-version=3.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 17bb2ae commit defdda6

1 file changed

Lines changed: 77 additions & 77 deletions

File tree

0 commit comments

Comments
 (0)