remove-freethreading-cython-option.patch

Index: aiohttp-3.13.3/Makefile
===================================================================
--- aiohttp-3.13.3.orig/Makefile
+++ aiohttp-3.13.3/Makefile
@@ -57,14 +57,14 @@ aiohttp/_find_header.c: $(call to-hash,a
 # Special case for reader since we want to be able to disable
 # the extension with AIOHTTP_NO_EXTENSIONS
 aiohttp/_websocket/reader_c.c: aiohttp/_websocket/reader_c.py
-	cython -3 -X freethreading_compatible=True -o $@ $< -I aiohttp -Werror
+	cython -3 -o $@ $< -I aiohttp -Werror
 
 # _find_headers generator creates _headers.pyi as well
 aiohttp/%.c: aiohttp/%.pyx $(call to-hash,$(CYS)) aiohttp/_find_header.c
-	cython -3 -X freethreading_compatible=True -o $@ $< -I aiohttp -Werror
+	cython -3 -o $@ $< -I aiohttp -Werror
 
 aiohttp/_websocket/%.c: aiohttp/_websocket/%.pyx $(call to-hash,$(CYS))
-	cython -3 -X freethreading_compatible=True -o $@ $< -I aiohttp -Werror
+	cython -3 -o $@ $< -I aiohttp -Werror
 
 vendor/llhttp/node_modules: vendor/llhttp/package.json
 	cd vendor/llhttp; npm ci
- Update to 3.13.3: * Security + Brotli and brotlicffi minimum version is now 1.2. Decompression now has a default maximum output size of 32MiB per decompress call (bsc#1256017, CVE-2025-69223, GHSA-6mq8-rvhq-8wgg) + Check for ASCII in header values (bsc#1256018, CVE-2025-69224, GHSA-69f9-5gxw-wvc2) + Forbid non-ASCII decimals in the Range header (bsc#1256019, CVE-2025-69225, GHSA-mqqc-3gqh-h2x8) + Reject static URLs that traverse outside static root (bsc#1256020, CVE-2025-69226, GHSA-54jq-c3m8-4m76) + Raise exceptions when processing a POST body (bsc#1256021, CVE-2025-69227, GHSA-jj3x-wxrx-4x23) + Enforce client_max_size over entire multipart form (bsc#1256022, CVE-2025-69228, GHSA-6jhg-hg63-jvvf) + Pause reading of chunks when it reaches a high water mark (bsc#1256023, CVE-2025-69229, GHSA-g84x-mcqj-x9qq) + Log only once per Cookie header (bsc#1256024, CVE-2025-69230, GHSA-fh55-r93g-j68g) * Bug fixes + Fixed proxy authorization headers not being passed when reusing a connection, which caused 407 (Proxy authentication required) errors + Fixed multipart reading failing when encountering an empty body part + Fixed a case where the parser wasn't raising an exception for a websocket continuation frame when there was no initial frame in context * Miscellaneous internal changes + Optimized web server performance when access logging is disabled by reducing time syscalls + Added regression test for cached logging status - Refreshed patches fix-vendoring.patch - Add patch remove-freethreading-cython-option.patch: * Drop newer Cython command line option. 2026-01-28 16:02:27 +11:00			`Index: aiohttp-3.13.3/Makefile`
			`===================================================================`
			`--- aiohttp-3.13.3.orig/Makefile`
			`+++ aiohttp-3.13.3/Makefile`
			`@@ -57,14 +57,14 @@ aiohttp/_find_header.c: $(call to-hash,a`
			`# Special case for reader since we want to be able to disable`
			`# the extension with AIOHTTP_NO_EXTENSIONS`
			`aiohttp/_websocket/reader_c.c: aiohttp/_websocket/reader_c.py`
			`- cython -3 -X freethreading_compatible=True -o $@ $< -I aiohttp -Werror`
			`+ cython -3 -o $@ $< -I aiohttp -Werror`

			`# _find_headers generator creates _headers.pyi as well`
			`aiohttp/%.c: aiohttp/%.pyx $(call to-hash,$(CYS)) aiohttp/_find_header.c`
			`- cython -3 -X freethreading_compatible=True -o $@ $< -I aiohttp -Werror`
			`+ cython -3 -o $@ $< -I aiohttp -Werror`

			`aiohttp/_websocket/%.c: aiohttp/_websocket/%.pyx $(call to-hash,$(CYS))`
			`- cython -3 -X freethreading_compatible=True -o $@ $< -I aiohttp -Werror`
			`+ cython -3 -o $@ $< -I aiohttp -Werror`

			`vendor/llhttp/node_modules: vendor/llhttp/package.json`
			`cd vendor/llhttp; npm ci`