Skip to content

Commit

Permalink
Build(deps): Bump aiohttp from 3.9.5 to 3.10.0 (#245)
Browse files Browse the repository at this point in the history 
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.9.5 to
3.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/releases">aiohttp's
releases</a>.</em></p>
<blockquote>
<h2>3.10.0</h2>
<h2>Bug fixes</h2>
<ul>
<li>
<p>Fixed server response headers for <code>Content-Type</code> and
<code>Content-Encoding</code> for
static compressed files -- by :user:<code>steverep</code>.</p>
<p>Server will now respond with a <code>Content-Type</code> appropriate
for the compressed
file (e.g. <code>&quot;application/gzip&quot;</code>), and omit the
<code>Content-Encoding</code> header.
Users should expect that most clients will no longer decompress such
responses
by default.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/4462">#4462</a>.</p>
</li>
<li>
<p>Fixed duplicate cookie expiration calls in the CookieJar
implementation</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7784">#7784</a>.</p>
</li>
<li>
<p>Adjusted <code>FileResponse</code> to check file existence and access
when preparing the response -- by :user:<code>steverep</code>.</p>
<p>The :py:class:<code>~aiohttp.web.FileResponse</code> class was
modified to respond with
403 Forbidden or 404 Not Found as appropriate. Previously, it would
cause a
server error if the path did not exist or could not be accessed. Checks
for
existence, non-regular files, and permissions were expected to be done
in the
route handler. For static routes, this now permits a compressed file to
exist
without its uncompressed variant and still be served.  In addition, this
changes the response status for files without read permission to 403,
and for
non-regular files from 404 to 403 for consistency.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8182">#8182</a>.</p>
</li>
<li>
<p>Fixed <code>AsyncResolver</code> to match
<code>ThreadedResolver</code> behavior
-- by :user:<code>bdraco</code>.</p>
<p>On system with IPv6 support, the
:py:class:<code>~aiohttp.resolver.AsyncResolver</code> would not
fallback
to providing A records when AAAA records were not available.
Additionally, unlike the
:py:class:<code>~aiohttp.resolver.ThreadedResolver</code>, the
:py:class:<code>~aiohttp.resolver.AsyncResolver</code>
did not handle link-local addresses correctly.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's
changelog</a>.</em></p>
<blockquote>
<h1>3.10.0 (2024-07-30)</h1>
<h2>Bug fixes</h2>
<ul>
<li>
<p>Fixed server response headers for <code>Content-Type</code> and
<code>Content-Encoding</code> for
static compressed files -- by :user:<code>steverep</code>.</p>
<p>Server will now respond with a <code>Content-Type</code> appropriate
for the compressed
file (e.g. <code>&quot;application/gzip&quot;</code>), and omit the
<code>Content-Encoding</code> header.
Users should expect that most clients will no longer decompress such
responses
by default.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>4462</code>.</p>
</li>
<li>
<p>Fixed duplicate cookie expiration calls in the CookieJar
implementation</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>7784</code>.</p>
</li>
<li>
<p>Adjusted <code>FileResponse</code> to check file existence and access
when preparing the response -- by :user:<code>steverep</code>.</p>
<p>The :py:class:<code>~aiohttp.web.FileResponse</code> class was
modified to respond with
403 Forbidden or 404 Not Found as appropriate. Previously, it would
cause a
server error if the path did not exist or could not be accessed. Checks
for
existence, non-regular files, and permissions were expected to be done
in the
route handler. For static routes, this now permits a compressed file to
exist
without its uncompressed variant and still be served.  In addition, this
changes the response status for files without read permission to 403,
and for
non-regular files from 404 to 403 for consistency.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>8182</code>.</p>
</li>
<li>
<p>Fixed <code>AsyncResolver</code> to match
<code>ThreadedResolver</code> behavior
-- by :user:<code>bdraco</code>.</p>
<p>On system with IPv6 support, the
:py:class:<code>~aiohttp.resolver.AsyncResolver</code> would not
fallback
to providing A records when AAAA records were not available.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/7f298511915205d86ac12c0e79bfeda138ffb451"><code>7f29851</code></a>
Release 3.10.0 (attempt 2) (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8552">#8552</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/fc201e845dd5e98c6d96bc3bd3c9ea00e8035a29"><code>fc201e8</code></a>
Release 3.10.0 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8550">#8550</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/305f67a223ec69a2013ba2e887ca2d5f2c42df31"><code>305f67a</code></a>
Release 3.10.0rc0 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8545">#8545</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/ed8de3ace43be5aca78800b6652ed63fdc75766d"><code>ed8de3a</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8541">#8541</a>/a561fa99
backport][3.10] Cleanup for <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8495">#8495</a>
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8544">#8544</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/df57b9f34ed4c696d3de3f3229dc84c2f9e6ac84"><code>df57b9f</code></a>
[3.10] Handle 403 and 404 issues in FileResponse class (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8538">#8538</a>)
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8539">#8539</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/3baa6de1ec831e1b6d97127adced3f4ff1d5cb05"><code>3baa6de</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8535">#8535</a>/7108d646
backport][3.10] Small speed up to cookiejar filter_cookies...</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/5621ecf654af21a145cc706a434fc0c2ff697e8f"><code>5621ecf</code></a>
Bump pytest from 8.3.1 to 8.3.2 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8536">#8536</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/9b9cec20eda00f6a2f5bb923e0fc54fcc6f6a95f"><code>9b9cec2</code></a>
Release 3.10.0b1 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8533">#8533</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/088f73489eab7ca053df7890913a0415ae577a00"><code>088f734</code></a>
[3.10] Downgrade upload/download artifact to v3 to fix CI (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8532">#8532</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/948a4c599161503193f822294e3b8d35b4ebe354"><code>948a4c5</code></a>
Release 3.10.0b0 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/8531">#8531</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aio-libs/aiohttp/compare/v3.9.5...v3.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.9.5&new-version=3.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
  • Loading branch information
@Diapolo10
Diapolo10 authored Jul 31, 2024
2 parents 6029ec5 + 7901f83 commit e7e64bf
Showing 1 changed file with 90 additions and 78 deletions.
Loading

0 comments on commit e7e64bf

Please sign in to comment.