Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump aiohttp from 3.7.4 to 3.8.4 (#116)
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.7.4 to 3.8.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.8.4</h2> <h2>Bugfixes</h2> <ul> <li>Fixed incorrectly overwriting cookies with the same name and domain, but different path. (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6638">#6638</a>)</li> <li>Fixed <code>ConnectionResetError</code> not being raised after client disconnection in SSL environments. (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7180">#7180</a>)</li> </ul> <hr /> <h2>3.8.3</h2> <p>.. attention::</p> <p>This is the last :doc:<code>aiohttp <index></code> release tested under Python 3.6. The 3.9 stream is dropping it from the CI and the distribution package metadata.</p> <h2>Bugfixes</h2> <ul> <li> <p>Increased the upper boundary of the :doc:<code>multidict:index</code> dependency to allow for the version 6 -- by :user:<code>hugovk</code>.</p> <p>It used to be limited below version 7 in :doc:<code>aiohttp <index></code> v3.8.1 but was lowered in v3.8.2 via :pr:<code>6550</code> and never brought back, causing problems with dependency pins when upgrading. :doc:<code>aiohttp <index></code> v3.8.3 fixes that by recovering the original boundary of <code>< 7</code>. (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6950">#6950</a>)</p> </li> </ul> <hr /> <h1>3.8.2 (2022-09-20, subsequently yanked on 2022-09-21)</h1> <p>.. note::</p> <p>This release has some compatibility fixes for Python 3.11 but it may still have some quirks. Some tests are still flaky in the CI.</p> <p>.. caution::</p> <p>This release has been yanked from PyPI. Modern pip will not pick it up automatically. The reason is that is has <code>multidict < 6</code> set in the distribution package metadata (see :pr:<code>6950</code>). Please, use <code>aiohttp ~= 3.8.3, != 3.8.1</code> instead, if you can.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.8.4 (2023-02-12)</h1> <h2>Bugfixes</h2> <ul> <li>Fixed incorrectly overwriting cookies with the same name and domain, but different path. <code>[#6638](aio-libs/aiohttp#6638) <https://github.com/aio-libs/aiohttp/issues/6638></code>_</li> <li>Fixed <code>ConnectionResetError</code> not being raised after client disconnection in SSL environments. <code>[#7180](aio-libs/aiohttp#7180) <https://github.com/aio-libs/aiohttp/issues/7180></code>_</li> </ul> <hr /> <h1>3.8.3 (2022-09-21)</h1> <p>.. attention::</p> <p>This is the last :doc:<code>aiohttp <index></code> release tested under Python 3.6. The 3.9 stream is dropping it from the CI and the distribution package metadata.</p> <h2>Bugfixes</h2> <ul> <li> <p>Increased the upper boundary of the :doc:<code>multidict:index</code> dependency to allow for the version 6 -- by :user:<code>hugovk</code>.</p> <p>It used to be limited below version 7 in :doc:<code>aiohttp <index></code> v3.8.1 but was lowered in v3.8.2 via :pr:<code>6550</code> and never brought back, causing problems with dependency pins when upgrading. :doc:<code>aiohttp <index></code> v3.8.3 fixes that by recovering the original boundary of <code>< 7</code>. <code>[#6950](aio-libs/aiohttp#6950) <https://github.com/aio-libs/aiohttp/issues/6950></code>_</p> </li> </ul> <hr /> <h1>3.8.2 (2022-09-20, subsequently yanked on 2022-09-21)</h1> <h2>Bugfixes</h2> <ul> <li>Support registering OPTIONS HTTP method handlers via RouteTableDef. <code>[#4663](aio-libs/aiohttp#4663) <https://github.com/aio-libs/aiohttp/issues/4663></code>_</li> <li>Started supporting <code>authority-form</code> and <code>absolute-form</code> URLs on the server-side. <code>[#6227](aio-libs/aiohttp#6227) <https://github.com/aio-libs/aiohttp/issues/6227></code>_</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aio-libs/aiohttp/commit/33953f110e97eecc707e1402daa8d543f38a189b"><code>33953f1</code></a> Release v3.8.4 (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7207">#7207</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/28854a4743cb367351397bd0a8b38469f28f369a"><code>28854a4</code></a> Fix ConnectionResetError not being raised when the transport is close… (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7199">#7199</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/565cc2132a4c3667e0601f055cff913526226352"><code>565cc21</code></a> Raise upper bound of charset-normalizer</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/ba573e267c0601e97b7caafb7ac9ad4ec7c7d52d"><code>ba573e2</code></a> [3.8] Fix CI (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7143">#7143</a>) (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7200">#7200</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/9cde3b47e10b04b9db3bf86611d01132d852c0c7"><code>9cde3b4</code></a> Update .pre-commit-config.yaml</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/ed04b4da2e0fbb504728064335fc0cdcd52773c6"><code>ed04b4d</code></a> [PR <a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7154">#7154</a>/283861dd backport][3.8] fixed error in ContentDisposition doc (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/7155">#7155</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8cf01adc8c8dbf706e4cd33bf89fd5195f638715"><code>8cf01ad</code></a> [3.8] Fix cookie handling (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6638">#6638</a>) (<a href="https://github-redirect.dependabot.com/aio-libs/aiohttp/issues/6974">#6974</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/6d4ec02dcbfaa849aa6756dec9f2314bf8665ff5"><code>6d4ec02</code></a> Merge branch 'release/v3.8.3' into 3.8</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/e4bce667f6bef14d34cfc32276cfdaf95de4c033"><code>e4bce66</code></a> Bump the hardcoded version to v3.8.3.post0.dev0</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/0f8d39ff7bacfef6e4dad00e1b20895cd50b8396"><code>0f8d39f</code></a> Revert "Stop including an empty changelog draft in Sphinx"</li> <li>Additional commits viewable in <a href="https://github.com/aio-libs/aiohttp/compare/v3.7.4...v3.8.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.7.4&new-version=3.8.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information