Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix ConnectionResetError not being raised when the transport is closed #7180

Merged

Conversation

bdraco
Copy link
Member

@bdraco bdraco commented Jan 22, 2023

What do these changes do?

ConnectionResetError will always be raised when StreamWriter.write is called after connection_lost has been called on the BaseProtocol

Are there changes in behavior for the user?

Restores pre 3.8.3 behavior

Related issue number

fixes #7172

Checklist

  • I think the code is well written
  • Unit tests for the changes exist
  • Documentation reflects the changes
  • If you provide code modification, please add yourself to CONTRIBUTORS.txt
    • The format is <Name> <Surname>.
    • Please keep alphabetical order, the file is sorted by names.
  • Add a new news fragment into the CHANGES folder
    • name it <issue_id>.<type> for example (588.bugfix)
    • if you don't have an issue_id change it to the pr id after creating the pr
    • ensure type is one of the following:
      • .feature: Signifying a new feature.
      • .bugfix: Signifying a bug fix.
      • .doc: Signifying a documentation improvement.
      • .removal: Signifying a deprecation or removal of public API.
      • .misc: A ticket has been closed, but it is not of interest to users.
    • Make sure to use full sentences with correct case and punctuation, for example: "Fix issue with non-ascii contents in doctest text files."

@codecov
Copy link

codecov bot commented Jan 22, 2023

Codecov Report

Merging #7180 (115ce1d) into master (2a1024f) will increase coverage by 0.12%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master    #7180      +/-   ##
==========================================
+ Coverage   97.25%   97.37%   +0.12%     
==========================================
  Files         106      106              
  Lines       31092    31105      +13     
  Branches     3821     3877      +56     
==========================================
+ Hits        30240    30290      +50     
+ Misses        645      613      -32     
+ Partials      207      202       -5     
Flag Coverage Δ
CI-GHA 97.28% <100.00%> (+0.11%) ⬆️
OS-Linux 96.94% <100.00%> (+2.78%) ⬆️
OS-Windows 95.35% <100.00%> (+<0.01%) ⬆️
OS-macOS 96.51% <100.00%> (+<0.01%) ⬆️
Py-3.10.9 97.02% <100.00%> (+0.61%) ⬆️
Py-3.11.0 95.59% <100.00%> (?)
Py-3.7.15 96.75% <100.00%> (?)
Py-3.7.9 95.23% <100.00%> (+<0.01%) ⬆️
Py-3.8.10 95.14% <100.00%> (+<0.01%) ⬆️
Py-3.8.16 96.65% <100.00%> (?)
Py-3.9.13 95.12% <100.00%> (-0.01%) ⬇️
Py-3.9.16 96.67% <100.00%> (+0.28%) ⬆️
Py-pypy7.3.11 94.16% <95.83%> (+<0.01%) ⬆️
VM-macos 96.51% <100.00%> (+<0.01%) ⬆️
VM-ubuntu 96.94% <100.00%> (+2.78%) ⬆️
VM-windows 95.35% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
aiohttp/base_protocol.py 86.36% <100.00%> (+0.20%) ⬆️
aiohttp/http_writer.py 99.15% <100.00%> (-0.01%) ⬇️
tests/test_base_protocol.py 100.00% <100.00%> (ø)
tests/test_client_proto.py 100.00% <100.00%> (ø)
tests/test_http_writer.py 100.00% <100.00%> (ø)
aiohttp/client.py 94.16% <0.00%> (+0.43%) ⬆️
aiohttp/test_utils.py 99.69% <0.00%> (+0.61%) ⬆️
tests/autobahn/test_autobahn.py 98.33% <0.00%> (+1.66%) ⬆️
tests/test_worker.py 98.97% <0.00%> (+2.04%) ⬆️
tests/conftest.py 96.49% <0.00%> (+3.50%) ⬆️
... and 4 more

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@psf-chronographer psf-chronographer bot added the bot:chronographer:provided There is a change note present in this PR label Jan 22, 2023
@bdraco bdraco marked this pull request as ready for review January 22, 2023 21:00
CHANGES/7180.bugfix Outdated Show resolved Hide resolved
aiohttp/http_writer.py Outdated Show resolved Hide resolved
tests/test_http_writer.py Outdated Show resolved Hide resolved
Copy link
Member

@Dreamsorcerer Dreamsorcerer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, any last comments @webknjaz?

@Dreamsorcerer Dreamsorcerer merged commit 974323f into aio-libs:master Feb 10, 2023
@patchback
Copy link
Contributor

patchback bot commented Feb 10, 2023

Backport to 3.8: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply 974323f on top of patchback/backports/3.8/974323f63ba03bf720658cd738fc8722182322ae/pr-7180

Backporting merged PR #7180 into master

  1. Ensure you have a local repo clone of your fork. Unless you cloned it
    from the upstream, this would be your origin remote.
  2. Make sure you have an upstream repo added as a remote too. In these
    instructions you'll refer to it by the name upstream. If you don't
    have it, here's how you can add it:
    $ git remote add upstream https://github.com/aio-libs/aiohttp.git
  3. Ensure you have the latest copy of upstream and prepare a branch
    that will hold the backported code:
    $ git fetch upstream
    $ git checkout -b patchback/backports/3.8/974323f63ba03bf720658cd738fc8722182322ae/pr-7180 upstream/3.8
  4. Now, cherry-pick PR Fix ConnectionResetError not being raised when the transport is closed #7180 contents into that branch:
    $ git cherry-pick -x 974323f63ba03bf720658cd738fc8722182322ae
    If it'll yell at you with something like fatal: Commit 974323f63ba03bf720658cd738fc8722182322ae is a merge but no -m option was given., add -m 1 as follows intead:
    $ git cherry-pick -m1 -x 974323f63ba03bf720658cd738fc8722182322ae
  5. At this point, you'll probably encounter some merge conflicts. You must
    resolve them in to preserve the patch from PR Fix ConnectionResetError not being raised when the transport is closed #7180 as close to the
    original as possible.
  6. Push this branch to your fork on GitHub:
    $ git push origin patchback/backports/3.8/974323f63ba03bf720658cd738fc8722182322ae/pr-7180
  7. Create a PR, ensure that the CI is green. If it's not — update it so that
    the tests and any other checks pass. This is it!
    Now relax and wait for the maintainers to process your pull request
    when they have some cycles to do reviews. Don't worry — they'll tell you if
    any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

@patchback
Copy link
Contributor

patchback bot commented Feb 10, 2023

Backport to 3.9: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply 974323f on top of patchback/backports/3.9/974323f63ba03bf720658cd738fc8722182322ae/pr-7180

Backporting merged PR #7180 into master

  1. Ensure you have a local repo clone of your fork. Unless you cloned it
    from the upstream, this would be your origin remote.
  2. Make sure you have an upstream repo added as a remote too. In these
    instructions you'll refer to it by the name upstream. If you don't
    have it, here's how you can add it:
    $ git remote add upstream https://github.com/aio-libs/aiohttp.git
  3. Ensure you have the latest copy of upstream and prepare a branch
    that will hold the backported code:
    $ git fetch upstream
    $ git checkout -b patchback/backports/3.9/974323f63ba03bf720658cd738fc8722182322ae/pr-7180 upstream/3.9
  4. Now, cherry-pick PR Fix ConnectionResetError not being raised when the transport is closed #7180 contents into that branch:
    $ git cherry-pick -x 974323f63ba03bf720658cd738fc8722182322ae
    If it'll yell at you with something like fatal: Commit 974323f63ba03bf720658cd738fc8722182322ae is a merge but no -m option was given., add -m 1 as follows intead:
    $ git cherry-pick -m1 -x 974323f63ba03bf720658cd738fc8722182322ae
  5. At this point, you'll probably encounter some merge conflicts. You must
    resolve them in to preserve the patch from PR Fix ConnectionResetError not being raised when the transport is closed #7180 as close to the
    original as possible.
  6. Push this branch to your fork on GitHub:
    $ git push origin patchback/backports/3.9/974323f63ba03bf720658cd738fc8722182322ae/pr-7180
  7. Create a PR, ensure that the CI is green. If it's not — update it so that
    the tests and any other checks pass. This is it!
    Now relax and wait for the maintainers to process your pull request
    when they have some cycles to do reviews. Don't worry — they'll tell you if
    any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

Dreamsorcerer pushed a commit that referenced this pull request Feb 10, 2023
#7180)

<!-- Thank you for your contribution! -->

`ConnectionResetError` will always be raised when `StreamWriter.write`
is called after `connection_lost` has been called on the `BaseProtocol`

<!-- Please give a short brief about these changes. -->

Restores pre 3.8.3 behavior

fixes #7172

- [x] I think the code is well written
- [x] Unit tests for the changes exist
- [x] Documentation reflects the changes
- [x] If you provide code modification, please add yourself to
`CONTRIBUTORS.txt`
  * The format is &lt;Name&gt; &lt;Surname&gt;.
  * Please keep alphabetical order, the file is sorted by names.
- [x] Add a new news fragment into the `CHANGES` folder
  * name it `<issue_id>.<type>` for example (588.bugfix)
* if you don't have an `issue_id` change it to the pr id after creating
the pr
  * ensure type is one of the following:
    * `.feature`: Signifying a new feature.
    * `.bugfix`: Signifying a bug fix.
    * `.doc`: Signifying a documentation improvement.
    * `.removal`: Signifying a deprecation or removal of public API.
* `.misc`: A ticket has been closed, but it is not of interest to users.
* Make sure to use full sentences with correct case and punctuation, for
example: "Fix issue with non-ascii contents in doctest text files."

---------

Co-authored-by: Sviatoslav Sydorenko <[email protected]>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Sam Bull <[email protected]>
(cherry picked from commit 974323f)
Dreamsorcerer pushed a commit that referenced this pull request Feb 10, 2023
#7180)

<!-- Thank you for your contribution! -->

`ConnectionResetError` will always be raised when `StreamWriter.write`
is called after `connection_lost` has been called on the `BaseProtocol`

<!-- Please give a short brief about these changes. -->

Restores pre 3.8.3 behavior

fixes #7172

- [x] I think the code is well written
- [x] Unit tests for the changes exist
- [x] Documentation reflects the changes
- [x] If you provide code modification, please add yourself to
`CONTRIBUTORS.txt`
  * The format is &lt;Name&gt; &lt;Surname&gt;.
  * Please keep alphabetical order, the file is sorted by names.
- [x] Add a new news fragment into the `CHANGES` folder
  * name it `<issue_id>.<type>` for example (588.bugfix)
* if you don't have an `issue_id` change it to the pr id after creating
the pr
  * ensure type is one of the following:
    * `.feature`: Signifying a new feature.
    * `.bugfix`: Signifying a bug fix.
    * `.doc`: Signifying a documentation improvement.
    * `.removal`: Signifying a deprecation or removal of public API.
* `.misc`: A ticket has been closed, but it is not of interest to users.
* Make sure to use full sentences with correct case and punctuation, for
example: "Fix issue with non-ascii contents in doctest text files."

---------

Co-authored-by: Sviatoslav Sydorenko <[email protected]>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Sam Bull <[email protected]>
(cherry picked from commit 974323f)
@bdraco
Copy link
Member Author

bdraco commented Feb 10, 2023

Do you want me to take care of the backport commits? Home Assistant is blocked from upgrading to Python 3.11 because of this so we are quite keen to get a new 3.8.x

@Dreamsorcerer
Copy link
Member

I already did them, but thanks. #7198 #7199

@bdraco
Copy link
Member Author

bdraco commented Feb 11, 2023

Thank you very much. Is there anything blocking getting a new 3.8.x release?

edit: I assume #7200 is

@Dreamsorcerer
Copy link
Member

Dreamsorcerer commented Feb 11, 2023

@webknjaz Are you happy to push one more 3.8 release?

This is a moderate severity issue, so I think it's worth getting this fix out. Will also get people to stop complaining about the charset-normalizer pin.

I've cleared the errors on CI, so should be good to go.

@webknjaz
Copy link
Member

@Dreamsorcerer okay, I'll try to take a look... unless you want to take this on personally?

@Dreamsorcerer
Copy link
Member

I can take a look tomorrow. Is it just adding a tag like other repos, or are there manual steps to create the changelog?

@webknjaz
Copy link
Member

@Dreamsorcerer the changelog should be generated and the hardcoded version number should be bumped too. Then, the commit with these changes should be tagged with the same version. The rest of the automation is the same. After the release, the 3.8 branch should be carefully merged into 3.9 and master so the changelog fragment removal would be reflected there. But some things shouldn't get into the merge. And it should be a proper merge, not squash, for Git to track things properly.

bdraco added a commit to home-assistant/core that referenced this pull request Feb 13, 2023
changelog: aio-libs/aiohttp@v3.8.1...v3.8.4

Has aio-libs/aiohttp#7180 which is the fix we have been waiting for
@bdraco
Copy link
Member Author

bdraco commented Feb 13, 2023

Thank you.

@bdraco bdraco deleted the fix_connection_reset_error_not_raised branch February 13, 2023 21:52
renovate bot referenced this pull request in allenporter/pyrainbird Feb 14, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [aiohttp](https://togithub.com/aio-libs/aiohttp) | `==3.8.3` ->
`==3.8.4` |
[![age](https://badges.renovateapi.com/packages/pypi/aiohttp/3.8.4/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/pypi/aiohttp/3.8.4/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/pypi/aiohttp/3.8.4/compatibility-slim/3.8.3)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/pypi/aiohttp/3.8.4/confidence-slim/3.8.3)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>aio-libs/aiohttp</summary>

###
[`v3.8.4`](https://togithub.com/aio-libs/aiohttp/blob/HEAD/CHANGES.rst#&#8203;384-2023-02-12)

[Compare
Source](https://togithub.com/aio-libs/aiohttp/compare/v3.8.3...v3.8.4)

\==================

## Bugfixes

- Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
    `#&#8203;6638 <https://github.com/aio-libs/aiohttp/issues/6638>`\_
- Fixed `ConnectionResetError` not being raised after client
disconnection in SSL environments.
    `#&#8203;7180 <https://github.com/aio-libs/aiohttp/issues/7180>`\_

***

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/allenporter/pyrainbird).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xMzMuMCIsInVwZGF0ZWRJblZlciI6IjM0LjEzMy4wIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
marcelveldt pushed a commit to music-assistant/python-hass-client that referenced this pull request Apr 19, 2023
Bumps [aiohttp[speedups]](https://github.com/aio-libs/aiohttp) from
3.7.4 to 3.8.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/releases">aiohttp[speedups]'s
releases</a>.</em></p>
<blockquote>
<h2>3.8.4</h2>
<h2>Bugfixes</h2>
<ul>
<li>Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6638">#6638</a>)</li>
<li>Fixed <code>ConnectionResetError</code> not being raised after
client disconnection in SSL environments.
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7180">#7180</a>)</li>
</ul>
<hr />
<h2>3.8.3</h2>
<p>.. attention::</p>
<p>This is the last :doc:<code>aiohttp &lt;index&gt;</code> release
tested under
Python 3.6. The 3.9 stream is dropping it from the CI and the
distribution package metadata.</p>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Increased the upper boundary of the :doc:<code>multidict:index</code>
dependency
to allow for the version 6 -- by :user:<code>hugovk</code>.</p>
<p>It used to be limited below version 7 in :doc:<code>aiohttp
&lt;index&gt;</code> v3.8.1 but
was lowered in v3.8.2 via :pr:<code>6550</code> and never brought back,
causing
problems with dependency pins when upgrading. :doc:<code>aiohttp
&lt;index&gt;</code> v3.8.3
fixes that by recovering the original boundary of <code>&lt; 7</code>.
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6950">#6950</a>)</p>
</li>
</ul>
<hr />
<h1>3.8.2 (2022-09-20, subsequently yanked on 2022-09-21)</h1>
<p>.. note::</p>
<p>This release has some compatibility fixes for Python 3.11 but it may
still have some quirks. Some tests are still flaky in the CI.</p>
<p>.. caution::</p>
<p>This release has been yanked from PyPI. Modern pip will not pick it
up automatically. The reason is that is has <code>multidict &lt;
6</code> set in
the distribution package metadata (see :pr:<code>6950</code>). Please,
use
<code>aiohttp ~= 3.8.3, != 3.8.1</code> instead, if you can.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp[speedups]'s
changelog</a>.</em></p>
<blockquote>
<h1>3.8.4 (2023-02-12)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
<code>[#6638](aio-libs/aiohttp#6638)
&lt;https://github.com/aio-libs/aiohttp/issues/6638&gt;</code>_</li>
<li>Fixed <code>ConnectionResetError</code> not being raised after
client disconnection in SSL environments.
<code>[#7180](aio-libs/aiohttp#7180)
&lt;https://github.com/aio-libs/aiohttp/issues/7180&gt;</code>_</li>
</ul>
<hr />
<h1>3.8.3 (2022-09-21)</h1>
<p>.. attention::</p>
<p>This is the last :doc:<code>aiohttp &lt;index&gt;</code> release
tested under
Python 3.6. The 3.9 stream is dropping it from the CI and the
distribution package metadata.</p>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Increased the upper boundary of the :doc:<code>multidict:index</code>
dependency
to allow for the version 6 -- by :user:<code>hugovk</code>.</p>
<p>It used to be limited below version 7 in :doc:<code>aiohttp
&lt;index&gt;</code> v3.8.1 but
was lowered in v3.8.2 via :pr:<code>6550</code> and never brought back,
causing
problems with dependency pins when upgrading. :doc:<code>aiohttp
&lt;index&gt;</code> v3.8.3
fixes that by recovering the original boundary of <code>&lt; 7</code>.
<code>[#6950](aio-libs/aiohttp#6950)
&lt;https://github.com/aio-libs/aiohttp/issues/6950&gt;</code>_</p>
</li>
</ul>
<hr />
<h1>3.8.2 (2022-09-20, subsequently yanked on 2022-09-21)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Support registering OPTIONS HTTP method handlers via RouteTableDef.
<code>[#4663](aio-libs/aiohttp#4663)
&lt;https://github.com/aio-libs/aiohttp/issues/4663&gt;</code>_</li>
<li>Started supporting <code>authority-form</code> and
<code>absolute-form</code> URLs on the server-side.
<code>[#6227](aio-libs/aiohttp#6227)
&lt;https://github.com/aio-libs/aiohttp/issues/6227&gt;</code>_</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/33953f110e97eecc707e1402daa8d543f38a189b"><code>33953f1</code></a>
Release v3.8.4 (<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7207">#7207</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/28854a4743cb367351397bd0a8b38469f28f369a"><code>28854a4</code></a>
Fix ConnectionResetError not being raised when the transport is close…
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7199">#7199</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/565cc2132a4c3667e0601f055cff913526226352"><code>565cc21</code></a>
Raise upper bound of charset-normalizer</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/ba573e267c0601e97b7caafb7ac9ad4ec7c7d52d"><code>ba573e2</code></a>
[3.8] Fix CI (<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7143">#7143</a>)
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7200">#7200</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/9cde3b47e10b04b9db3bf86611d01132d852c0c7"><code>9cde3b4</code></a>
Update .pre-commit-config.yaml</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/ed04b4da2e0fbb504728064335fc0cdcd52773c6"><code>ed04b4d</code></a>
[PR <a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7154">#7154</a>/283861dd
backport][3.8] fixed error in ContentDisposition doc (<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7155">#7155</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/8cf01adc8c8dbf706e4cd33bf89fd5195f638715"><code>8cf01ad</code></a>
[3.8] Fix cookie handling (<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6638">#6638</a>)
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6974">#6974</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/6d4ec02dcbfaa849aa6756dec9f2314bf8665ff5"><code>6d4ec02</code></a>
Merge branch 'release/v3.8.3' into 3.8</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/e4bce667f6bef14d34cfc32276cfdaf95de4c033"><code>e4bce66</code></a>
Bump the hardcoded version to v3.8.3.post0.dev0</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/0f8d39ff7bacfef6e4dad00e1b20895cd50b8396"><code>0f8d39f</code></a>
Revert &quot;Stop including an empty changelog draft in
Sphinx&quot;</li>
<li>Additional commits viewable in <a
href="https://github.com/aio-libs/aiohttp/compare/v3.7.4...v3.8.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp[speedups]&package-manager=pip&previous-version=3.7.4&new-version=3.8.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
marcelveldt pushed a commit to music-assistant/python-hass-client that referenced this pull request Apr 19, 2023
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.7.4 to
3.8.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/releases">aiohttp's
releases</a>.</em></p>
<blockquote>
<h2>3.8.4</h2>
<h2>Bugfixes</h2>
<ul>
<li>Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6638">#6638</a>)</li>
<li>Fixed <code>ConnectionResetError</code> not being raised after
client disconnection in SSL environments.
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7180">#7180</a>)</li>
</ul>
<hr />
<h2>3.8.3</h2>
<p>.. attention::</p>
<p>This is the last :doc:<code>aiohttp &lt;index&gt;</code> release
tested under
Python 3.6. The 3.9 stream is dropping it from the CI and the
distribution package metadata.</p>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Increased the upper boundary of the :doc:<code>multidict:index</code>
dependency
to allow for the version 6 -- by :user:<code>hugovk</code>.</p>
<p>It used to be limited below version 7 in :doc:<code>aiohttp
&lt;index&gt;</code> v3.8.1 but
was lowered in v3.8.2 via :pr:<code>6550</code> and never brought back,
causing
problems with dependency pins when upgrading. :doc:<code>aiohttp
&lt;index&gt;</code> v3.8.3
fixes that by recovering the original boundary of <code>&lt; 7</code>.
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6950">#6950</a>)</p>
</li>
</ul>
<hr />
<h1>3.8.2 (2022-09-20, subsequently yanked on 2022-09-21)</h1>
<p>.. note::</p>
<p>This release has some compatibility fixes for Python 3.11 but it may
still have some quirks. Some tests are still flaky in the CI.</p>
<p>.. caution::</p>
<p>This release has been yanked from PyPI. Modern pip will not pick it
up automatically. The reason is that is has <code>multidict &lt;
6</code> set in
the distribution package metadata (see :pr:<code>6950</code>). Please,
use
<code>aiohttp ~= 3.8.3, != 3.8.1</code> instead, if you can.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's
changelog</a>.</em></p>
<blockquote>
<h1>3.8.4 (2023-02-12)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
<code>[#6638](aio-libs/aiohttp#6638)
&lt;https://github.com/aio-libs/aiohttp/issues/6638&gt;</code>_</li>
<li>Fixed <code>ConnectionResetError</code> not being raised after
client disconnection in SSL environments.
<code>[#7180](aio-libs/aiohttp#7180)
&lt;https://github.com/aio-libs/aiohttp/issues/7180&gt;</code>_</li>
</ul>
<hr />
<h1>3.8.3 (2022-09-21)</h1>
<p>.. attention::</p>
<p>This is the last :doc:<code>aiohttp &lt;index&gt;</code> release
tested under
Python 3.6. The 3.9 stream is dropping it from the CI and the
distribution package metadata.</p>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Increased the upper boundary of the :doc:<code>multidict:index</code>
dependency
to allow for the version 6 -- by :user:<code>hugovk</code>.</p>
<p>It used to be limited below version 7 in :doc:<code>aiohttp
&lt;index&gt;</code> v3.8.1 but
was lowered in v3.8.2 via :pr:<code>6550</code> and never brought back,
causing
problems with dependency pins when upgrading. :doc:<code>aiohttp
&lt;index&gt;</code> v3.8.3
fixes that by recovering the original boundary of <code>&lt; 7</code>.
<code>[#6950](aio-libs/aiohttp#6950)
&lt;https://github.com/aio-libs/aiohttp/issues/6950&gt;</code>_</p>
</li>
</ul>
<hr />
<h1>3.8.2 (2022-09-20, subsequently yanked on 2022-09-21)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Support registering OPTIONS HTTP method handlers via RouteTableDef.
<code>[#4663](aio-libs/aiohttp#4663)
&lt;https://github.com/aio-libs/aiohttp/issues/4663&gt;</code>_</li>
<li>Started supporting <code>authority-form</code> and
<code>absolute-form</code> URLs on the server-side.
<code>[#6227](aio-libs/aiohttp#6227)
&lt;https://github.com/aio-libs/aiohttp/issues/6227&gt;</code>_</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/33953f110e97eecc707e1402daa8d543f38a189b"><code>33953f1</code></a>
Release v3.8.4 (<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7207">#7207</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/28854a4743cb367351397bd0a8b38469f28f369a"><code>28854a4</code></a>
Fix ConnectionResetError not being raised when the transport is close…
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7199">#7199</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/565cc2132a4c3667e0601f055cff913526226352"><code>565cc21</code></a>
Raise upper bound of charset-normalizer</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/ba573e267c0601e97b7caafb7ac9ad4ec7c7d52d"><code>ba573e2</code></a>
[3.8] Fix CI (<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7143">#7143</a>)
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7200">#7200</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/9cde3b47e10b04b9db3bf86611d01132d852c0c7"><code>9cde3b4</code></a>
Update .pre-commit-config.yaml</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/ed04b4da2e0fbb504728064335fc0cdcd52773c6"><code>ed04b4d</code></a>
[PR <a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7154">#7154</a>/283861dd
backport][3.8] fixed error in ContentDisposition doc (<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7155">#7155</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/8cf01adc8c8dbf706e4cd33bf89fd5195f638715"><code>8cf01ad</code></a>
[3.8] Fix cookie handling (<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6638">#6638</a>)
(<a
href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6974">#6974</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/6d4ec02dcbfaa849aa6756dec9f2314bf8665ff5"><code>6d4ec02</code></a>
Merge branch 'release/v3.8.3' into 3.8</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/e4bce667f6bef14d34cfc32276cfdaf95de4c033"><code>e4bce66</code></a>
Bump the hardcoded version to v3.8.3.post0.dev0</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/0f8d39ff7bacfef6e4dad00e1b20895cd50b8396"><code>0f8d39f</code></a>
Revert &quot;Stop including an empty changelog draft in
Sphinx&quot;</li>
<li>Additional commits viewable in <a
href="https://github.com/aio-libs/aiohttp/compare/v3.7.4...v3.8.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.7.4&new-version=3.8.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
joeyorlando pushed a commit to grafana/oncall that referenced this pull request Jul 21, 2023
…2602)

Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.3 to
3.8.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/releases">aiohttp's
releases</a>.</em></p>
<blockquote>
<h2>3.8.5</h2>
<h2>Security bugfixes</h2>
<ul>
<li>
<p>Upgraded the vendored copy of llhttp_ to v8.1.1 -- by
:user:<code>webknjaz</code>
and :user:<code>Dreamsorcerer</code>.</p>
<p>Thanks to :user:<code>sethmlarson</code> for reporting this and
providing us with
comprehensive reproducer, workarounds and fixing details! For more
information, see
<a
href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w</a>.</p>
<p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7346">#7346</a>)</p>
</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Added information to C parser exceptions to show which character
caused the error. -- by :user:<code>Dreamsorcerer</code></p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7366">#7366</a>)</p>
</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Fixed a transport is :data:<code>None</code> error -- by
:user:<code>Dreamsorcerer</code>.</p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/3355">#3355</a>)</p>
</li>
</ul>
<hr />
<h2>3.8.4</h2>
<h2>Bugfixes</h2>
<ul>
<li>Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/6638">#6638</a>)</li>
<li>Fixed <code>ConnectionResetError</code> not being raised after
client disconnection in SSL environments.
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7180">#7180</a>)</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/blob/v3.8.5/CHANGES.rst">aiohttp's
changelog</a>.</em></p>
<blockquote>
<h1>3.8.5 (2023-07-19)</h1>
<h2>Security bugfixes</h2>
<ul>
<li>
<p>Upgraded the vendored copy of llhttp_ to v8.1.1 -- by
:user:<code>webknjaz</code>
and :user:<code>Dreamsorcerer</code>.</p>
<p>Thanks to :user:<code>sethmlarson</code> for reporting this and
providing us with
comprehensive reproducer, workarounds and fixing details! For more
information, see
<a
href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w</a>.</p>
<p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p>
<p><code>[#7346](aio-libs/aiohttp#7346)
&lt;https://github.com/aio-libs/aiohttp/issues/7346&gt;</code>_</p>
</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Added information to C parser exceptions to show which character
caused the error. -- by :user:<code>Dreamsorcerer</code></p>
<p><code>[#7366](aio-libs/aiohttp#7366)
&lt;https://github.com/aio-libs/aiohttp/issues/7366&gt;</code>_</p>
</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Fixed a transport is :data:<code>None</code> error -- by
:user:<code>Dreamsorcerer</code>.</p>
<p><code>[#3355](aio-libs/aiohttp#3355)
&lt;https://github.com/aio-libs/aiohttp/issues/3355&gt;</code>_</p>
</li>
</ul>
<hr />
<h1>3.8.4 (2023-02-12)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
<code>[#6638](aio-libs/aiohttp#6638)
&lt;https://github.com/aio-libs/aiohttp/issues/6638&gt;</code>_</li>
<li>Fixed <code>ConnectionResetError</code> not being raised after
client disconnection in SSL environments.
<code>[#7180](aio-libs/aiohttp#7180)
&lt;https://github.com/aio-libs/aiohttp/issues/7180&gt;</code>_</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/9c13a52c21c23dfdb49ed89418d28a5b116d0681"><code>9c13a52</code></a>
Bump aiohttp to v3.8.5 a security release</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/7c02129567bc4ec59be467b70fc937c82920948c"><code>7c02129</code></a>
 Bump pypa/cibuildwheel to v2.14.1</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/135a45e9d655d56e4ebad78abe84f1cb7b5c62dc"><code>135a45e</code></a>
Improve error messages from C parser (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7366">#7366</a>)
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7380">#7380</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/9337fb3f2ab2b5f38d7e98a194bde6f7e3d16c40"><code>9337fb3</code></a>
Fix bump llhttp to v8.1.1 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7367">#7367</a>)
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7377">#7377</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/f07e9b44b5cb909054a697c8dd447b30dbf8073e"><code>f07e9b4</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7373">#7373</a>/66e261a5
backport][3.8] Drop azure mention (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7374">#7374</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/01d9b70e5477cd746561b52225992d8a2ebde953"><code>01d9b70</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7370">#7370</a>/22c264ce
backport][3.8] fix: Spelling error fixed (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7371">#7371</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/3577b1e3719d4648fa973dbdec927f78f9df34dd"><code>3577b1e</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7359">#7359</a>/7911f1e9
backport][3.8]  Set up secretless publishing to PyPI (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7360">#7360</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/8d45f9c99511cd80140d6658bd9c11002c697f1c"><code>8d45f9c</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7333">#7333</a>/3a54d378
backport][3.8] Fix TLS transport is <code>None</code> error (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7357">#7357</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/dd8e24e77351df9c0f029be49d3c6d7862706e79"><code>dd8e24e</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7343">#7343</a>/18057581
backport][3.8] Mention encoding in <code>yarl.URL</code> (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7355">#7355</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/40874103ebfaa1007d47c25ecc4288af873a07cf"><code>4087410</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7346">#7346</a>/346fd202
backport][3.8]  Bump vendored llhttp to v8.1.1 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7352">#7352</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aio-libs/aiohttp/compare/v3.8.3...v3.8.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.8.3&new-version=3.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/grafana/oncall/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
keinsell pushed a commit to keinsell/neuronek that referenced this pull request Apr 28, 2024
…sources/psychonautwiki-tripsit (#402)

Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.7.4.post0 to
3.8.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/releases">aiohttp's
releases</a>.</em></p>
<blockquote>
<h2>3.8.5</h2>
<h2>Security bugfixes</h2>
<ul>
<li>
<p>Upgraded the vendored copy of llhttp_ to v8.1.1 -- by
:user:<code>webknjaz</code>
and :user:<code>Dreamsorcerer</code>.</p>
<p>Thanks to :user:<code>sethmlarson</code> for reporting this and
providing us with
comprehensive reproducer, workarounds and fixing details! For more
information, see
<a
href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w</a>.</p>
<p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7346">#7346</a>)</p>
</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Added information to C parser exceptions to show which character
caused the error. -- by :user:<code>Dreamsorcerer</code></p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7366">#7366</a>)</p>
</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Fixed a transport is :data:<code>None</code> error -- by
:user:<code>Dreamsorcerer</code>.</p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/3355">#3355</a>)</p>
</li>
</ul>
<hr />
<h2>3.8.4</h2>
<h2>Bugfixes</h2>
<ul>
<li>Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/6638">#6638</a>)</li>
<li>Fixed <code>ConnectionResetError</code> not being raised after
client disconnection in SSL environments.
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7180">#7180</a>)</li>
</ul>
<hr />
<h2>3.8.3</h2>
<p>.. attention::</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/blob/v3.8.5/CHANGES.rst">aiohttp's
changelog</a>.</em></p>
<blockquote>
<h1>3.8.5 (2023-07-19)</h1>
<h2>Security bugfixes</h2>
<ul>
<li>
<p>Upgraded the vendored copy of llhttp_ to v8.1.1 -- by
:user:<code>webknjaz</code>
and :user:<code>Dreamsorcerer</code>.</p>
<p>Thanks to :user:<code>sethmlarson</code> for reporting this and
providing us with
comprehensive reproducer, workarounds and fixing details! For more
information, see
<a
href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w</a>.</p>
<p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p>
<p><code>[#7346](aio-libs/aiohttp#7346)
&lt;https://github.com/aio-libs/aiohttp/issues/7346&gt;</code>_</p>
</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Added information to C parser exceptions to show which character
caused the error. -- by :user:<code>Dreamsorcerer</code></p>
<p><code>[#7366](aio-libs/aiohttp#7366)
&lt;https://github.com/aio-libs/aiohttp/issues/7366&gt;</code>_</p>
</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Fixed a transport is :data:<code>None</code> error -- by
:user:<code>Dreamsorcerer</code>.</p>
<p><code>[#3355](aio-libs/aiohttp#3355)
&lt;https://github.com/aio-libs/aiohttp/issues/3355&gt;</code>_</p>
</li>
</ul>
<hr />
<h1>3.8.4 (2023-02-12)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Fixed incorrectly overwriting cookies with the same name and domain,
but different path.
<code>[#6638](aio-libs/aiohttp#6638)
&lt;https://github.com/aio-libs/aiohttp/issues/6638&gt;</code>_</li>
<li>Fixed <code>ConnectionResetError</code> not being raised after
client disconnection in SSL environments.
<code>[#7180](aio-libs/aiohttp#7180)
&lt;https://github.com/aio-libs/aiohttp/issues/7180&gt;</code>_</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/9c13a52c21c23dfdb49ed89418d28a5b116d0681"><code>9c13a52</code></a>
Bump aiohttp to v3.8.5 a security release</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/7c02129567bc4ec59be467b70fc937c82920948c"><code>7c02129</code></a>
 Bump pypa/cibuildwheel to v2.14.1</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/135a45e9d655d56e4ebad78abe84f1cb7b5c62dc"><code>135a45e</code></a>
Improve error messages from C parser (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7366">#7366</a>)
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7380">#7380</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/9337fb3f2ab2b5f38d7e98a194bde6f7e3d16c40"><code>9337fb3</code></a>
Fix bump llhttp to v8.1.1 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7367">#7367</a>)
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7377">#7377</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/f07e9b44b5cb909054a697c8dd447b30dbf8073e"><code>f07e9b4</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7373">#7373</a>/66e261a5
backport][3.8] Drop azure mention (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7374">#7374</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/01d9b70e5477cd746561b52225992d8a2ebde953"><code>01d9b70</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7370">#7370</a>/22c264ce
backport][3.8] fix: Spelling error fixed (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7371">#7371</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/3577b1e3719d4648fa973dbdec927f78f9df34dd"><code>3577b1e</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7359">#7359</a>/7911f1e9
backport][3.8]  Set up secretless publishing to PyPI (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7360">#7360</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/8d45f9c99511cd80140d6658bd9c11002c697f1c"><code>8d45f9c</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7333">#7333</a>/3a54d378
backport][3.8] Fix TLS transport is <code>None</code> error (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7357">#7357</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/dd8e24e77351df9c0f029be49d3c6d7862706e79"><code>dd8e24e</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7343">#7343</a>/18057581
backport][3.8] Mention encoding in <code>yarl.URL</code> (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7355">#7355</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohttp/commit/40874103ebfaa1007d47c25ecc4288af873a07cf"><code>4087410</code></a>
[PR <a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7346">#7346</a>/346fd202
backport][3.8]  Bump vendored llhttp to v8.1.1 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7352">#7352</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aio-libs/aiohttp/compare/v3.7.4.post0...v3.8.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.7.4.post0&new-version=3.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/keinsell/neuronek/network/alerts).

</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bot:chronographer:provided There is a change note present in this PR
Projects
None yet
Development

Successfully merging this pull request may close these issues.

StreamResponse write() does not raise an exception if client disconnects
3 participants