- update to 3.9.5:
  * Fixed "Unclosed client session" when initialization of
    :py:class:`~aiohttp.ClientSession` fails
  * Fixed regression (from :pr:`8280`) with adding Content-
    Disposition to the form-data part after appending to writer
  * Added default Content-Disposition in multipart/form-data
    responses to avoid broken form-data responses
  * The asynchronous internals now set the underlying causes when
    assigning exceptions to the future objects
  * Treated values of Accept-Encoding header as case-insensitive
    when checking for gzip files
  * Improved the DNS resolution performance on cache hit
  * Changed the type annotations to allow dict on
    :meth:`aiohttp.MultipartWriter.append`,
    :meth:`aiohttp.MultipartWriter.append_json` and
    :meth:`aiohttp.MultipartWriter.append_form` -- by
    :user:`cakemanny` Related issues and pull requests on GitHub:
    :issue:`7741`.
  * Ensure websocket transport is closed when client does not
    close it
  * Leave websocket transport open if receive times out or is
    cancelled
  * Fixed content not being read when an upgrade request was not
    supported with the pure Python implementation.
  * Fixed a race condition with incoming connections during
    server shutdown
  * Fixed multipart/form-data compliance with RFC 7578
  * Fixed blocking I/O in the event loop while processing files
    in a POST request
  * Escaped filenames in static view

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Disable broken tests with openssl 3.2 and python < 3.11 bsc#1217782

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- update to 3.9.0:
  * Introduced ``AppKey`` for static typing support of
    ``Application`` storage.
  * Added a graceful shutdown period which allows pending tasks
    to complete before the application's cleanup is called.
  * Added `handler_cancellation`_ parameter to cancel web handler on
    client disconnection.
  * This (optionally) reintroduces a feature removed in a
    previous release.
  * Recommended for those looking for an extra level of
    protection against denial-of-service attacks.
  * Added support for setting response header parameters
    ``max_line_size`` and ``max_field_size``.
  * Added ``auto_decompress`` parameter to
    ``ClientSession.request`` to override
    ``ClientSession._auto_decompress``.
  * Changed ``raise_for_status`` to allow a coroutine.
  * Added client brotli compression support (optional with
    runtime check).
  * Added ``client_max_size`` to ``BaseRequest.clone()`` to allow
    overriding the request body size. -- :user:`anesabml`.
  * Added a middleware type alias
    ``aiohttp.typedefs.Middleware``.
  * Exported ``HTTPMove`` which can be used to catch any
    redirection request that has a location -- :user:`dreamsorcerer`.
  * Changed the ``path`` parameter in ``web.run_app()`` to accept
    a ``pathlib.Path`` object.
  * Performance: Skipped filtering ``CookieJar`` when the jar is
    empty or all cookies have expired.
  * Performance: Only check origin if insecure scheme and there

• Files Changed
• Browse Source

- update to 3.8.6:
  * Security bugfixes
  * Upgraded the vendored copy of llhttp_ to v9.1.3
  * https://github.com/aio-libs/aiohttp/security/advisories/GHSA-
    pjjw-qhg8-p2p9.
  * Updated Python parser to comply with RFCs 9110/9112
  * https://github.com/aio-libs/aiohttp/security/advisories/GHSA-
    gfw2-4jvh-wgfg.
  * Added ``fallback_charset_resolver`` parameter in
    ``ClientSession`` to allow a user-supplied
    character set detection function.
    Character set detection will no longer be included in 3.9 as
    a default. If this feature is needed,
    please use `fallback_charset_resolver
  * Enabled lenient response parsing for more flexible parsing in
    the client
  * Fixed ``PermissionError`` when ``.netrc`` is unreadable due
    to permissions.
  * Fixed output of parsing errors
  * Fixed ``GunicornWebWorker`` max_requests_jitter not working.
  * Fixed sorting in ``filter_cookies`` to use cookie with
    longest path.
  * Fixed display of ``BadStatusLine`` messages from llhttp_.

• Files Changed
• Browse Source

- Add remove-re-assert.patch, we really don’t need beautifuly
  presented exceptions for our testing; remove re-assert BR.

• Files Changed
• Browse Source

- switch from unmaintained brotlipy to Brotli

- skip more tests
- Drop python39-failures.patch, no longer required.
- Update python39-failures.patch to only fire with Python 3.9.7.
  * Made exceptions pickleable. Also changed the repr of
    some exceptions. #4077
  * Raise a ClientResponseError instead of an AssertionError for a
  * Fix web_middlewares.normalize_path_middleware behavior for
  * Fix overshadowing of overlapped sub-applications prefixes.
  * Make BaseConnector.close() a coroutine and wait until the
    client closes all connections. Drop deprecated "with
  * Reset the sock_read timeout each time data is received for a
  * Fixed type annotation for add_view method of UrlDispatcher to
  * Fixed querying the address families from DNS that the current
  * Change return type of MultipartReader.__aiter__() and
- Fix python 3.6 build
  * Response headers are now prepared prior to running

• Files Changed
• Browse Source

- Update in SLE-15 (bsc#1197831)

- Update to 3.7.4 (bsc#1184745, CVE-2021-21330):
  * obsoletes CVE-2021-21330.patch in older dists
  * Fixes https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg

- Include in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Add Update-update_query-calls-to-work-with-latest-yarl.patch to fix
  problems with latest python-yarl
- Delete aiohttp-pr7057-bump-charset-normalizer.patch not needed
  anymore
- Update to 3.8.4:
  * Fixed incorrectly overwriting cookies with the same name and
    domain, but different path. (#6638)
  * Fixed ConnectionResetError not being raised after client
    disconnection in SSL environments. (#7180)

- Move documentation into the main package for SLE15

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Disable DeprecationWarning to avoid error with the latest setuptools
  and pkg_resources deprecation

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Update py3109-compat.patch to work with python <= 3.10.8 too.
- Add py3109-compat.patch to make tests compatible with python 3.10.9. These
  tests are not present anymore in upstream master version so this patch could
  be removed in future releases.

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- skip more tests 

- update to 3.8.3:
  * Increased the upper boundary of the :doc:`multidict:index` dependency
    to allow for the version 6 -- by :user:`hugovk`.
  * Added support for registering :rfc:`OPTIONS <9110#OPTIONS>`
    HTTP method handlers via :py:class:`~aiohttp.web.RouteTableDef`.
  * Started supporting :rfc:`authority-form <9112#authority-form>` and
    :rfc:`absolute-form <9112#absolute-form>` URLs on the server-side.
  * Fixed Python 3.11 incompatibilities by using Cython 0.29.25.
  * Extended the ``sock`` argument typing declaration of the
    :py:func:`~aiohttp.web.run_app` function as optionally
    accepting iterables.
  * Fixed a regression where :py:exc:`~asyncio.CancelledError`
    occurs on client disconnection.
  * Started exporting :py:class:`~aiohttp.web.PrefixedSubAppResource`
    under :py:mod:`aiohttp.web` -- by :user:`Dreamsorcerer`.
  * Dropped the :class:`object` type possibility from
    the :py:attr:`aiohttp.ClientSession.timeout`
    property return type declaration.

• Files Changed
• Browse Source

• Files Changed
• Browse Source