- Update to 3.13.3:
* Security
+ Brotli and brotlicffi minimum version is now 1.2. Decompression now has
a default maximum output size of 32MiB per decompress call
(bsc#1256017, CVE-2025-69223, GHSA-6mq8-rvhq-8wgg)
+ Check for ASCII in header values
(bsc#1256018, CVE-2025-69224, GHSA-69f9-5gxw-wvc2)
+ Forbid non-ASCII decimals in the Range header
(bsc#1256019, CVE-2025-69225, GHSA-mqqc-3gqh-h2x8)
+ Reject static URLs that traverse outside static root
(bsc#1256020, CVE-2025-69226, GHSA-54jq-c3m8-4m76)
+ Raise exceptions when processing a POST body
(bsc#1256021, CVE-2025-69227, GHSA-jj3x-wxrx-4x23)
+ Enforce client_max_size over entire multipart form
(bsc#1256022, CVE-2025-69228, GHSA-6jhg-hg63-jvvf)
+ Pause reading of chunks when it reaches a high water mark
(bsc#1256023, CVE-2025-69229, GHSA-g84x-mcqj-x9qq)
+ Log only once per Cookie header
(bsc#1256024, CVE-2025-69230, GHSA-fh55-r93g-j68g)
* Bug fixes
+ Fixed proxy authorization headers not being passed when reusing a
connection, which caused 407 (Proxy authentication required) errors
+ Fixed multipart reading failing when encountering an empty body part
+ Fixed a case where the parser wasn't raising an exception for a
websocket continuation frame when there was no initial frame in context
* Miscellaneous internal changes
+ Optimized web server performance when access logging is disabled by
reducing time syscalls
+ Added regression test for cached logging status
- Refreshed patch fix-vendoring.patch
OBS-URL: https://build.opensuse.org/request/show/1326279
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=63
* Security
+ Brotli and brotlicffi minimum version is now 1.2. Decompression now has
a default maximum output size of 32MiB per decompress call
(bsc#1256017, CVE-2025-69223, GHSA-6mq8-rvhq-8wgg)
+ Forbid non-ASCII decimals in the Range header
(bsc#1256019, CVE-2025-69225, GHSA-mqqc-3gqh-h2x8)
+ Reject static URLs that traverse outside static root
(bsc#1256020, CVE-2025-69226, GHSA-54jq-c3m8-4m76)
+ Raise exceptions when processing a POST body
(bsc#1256021, CVE-2025-69227, GHSA-jj3x-wxrx-4x23)
+ Enforce client_max_size over entire multipart form
(bsc#1256022, CVE-2025-69228, GHSA-6jhg-hg63-jvvf)
+ Pause reading of chunks when it reaches a high water mark
(bsc#1256023, CVE-2025-69229, GHSA-g84x-mcqj-x9qq)
+ Log only once per Cookie header
(bsc#1256024, CVE-2025-69230, GHSA-fh55-r93g-j68g)
* Bug fixes
+ Fixed proxy authorization headers not being passed when reusing a
connection, which caused 407 (Proxy authentication required) errors
+ Fixed multipart reading failing when encountering an empty body part
+ Fixed a case where the parser wasn't raising an exception for a
websocket continuation frame when there was no initial frame in context
* Miscellaneous internal changes
+ Optimized web server performance when access logging is disabled by
reducing time syscalls
+ Added regression test for cached logging status
- Refreshed patch fix-vendoring.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=166
* Fixed cookie parser to continue parsing subsequent cookies
when encountering a malformed cookie that fails regex
validation, such as Google's g_state cookie with unescaped
quotes -- by :user:`bdraco`. Related issues and pull requests
on GitHub: :issue:`11632`.
* Fixed loading netrc credentials from the default
:file:`~/.netrc` (:file:`~/_netrc` on Windows) location when
the :envvar:`NETRC` environment variable is not set -- by
:user:`bdraco`. Related issues and pull requests on GitHub:
:issue:`11713`, :issue:`11714`.
* Fixed WebSocket compressed sends to be cancellation safe.
Tasks are now shielded during compression to prevent
compressor state corruption. This ensures that the stateful
compressor remains consistent even when send operations are
cancelled -- by :user:`bdraco`. Related issues and pull
requests on GitHub: :issue:`11725`.
* Make configuration options in AppRunner also available in
run_app() -- by :user:`Cycloctane`. Related issues and pull
requests on GitHub: :issue:`11633`.
* Switched to backports.zstd for Python <3.14 and fixed zstd
decompression for chunked zstd streams -- by :user:`ZhaoMJ`.
Note: Users who installed zstandard for support on Python
<3.14 will now need to install backports.zstd instead
(installing aiohttp[speedups] will do this automatically).
Related issues and pull requests on GitHub: :issue:`11623`.
* Updated Content-Type header parsing to return
application/octet-stream when header contains invalid syntax.
See RFC 9110. -- by :user:`sgaist`. Related issues and pull
requests on GitHub: :issue:`10889`.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=162
Forwarded request #1298128 from glaubitz
- Update to 3.12.15
* Fixed :class:`~aiohttp.DigestAuthMiddleware` to preserve the algorithm case
from the server's challenge in the authorization response. This improves
compatibility with servers that perform case-sensitive algorithm matching
(e.g., servers expecting ``algorithm=MD5-sess`` instead of ``algorithm=MD5-SESS``)
* Remove outdated contents of ``aiohttp-devtools`` and ``aiohttp-swagger``
from Web_advanced docs.
* Started including the ``llhttp`` :file:`LICENSE` file in wheels by adding
``vendor/llhttp/LICENSE`` to ``license-files`` in :file:`setup.cfg`
* Updated a regex in `test_aiohttp_request_coroutine` for Python 3.14.
OBS-URL: https://build.opensuse.org/request/show/1298363
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=59
* Fixed :class:`~aiohttp.DigestAuthMiddleware` to preserve the algorithm case
from the server's challenge in the authorization response. This improves
compatibility with servers that perform case-sensitive algorithm matching
(e.g., servers expecting ``algorithm=MD5-sess`` instead of ``algorithm=MD5-SESS``)
* Remove outdated contents of ``aiohttp-devtools`` and ``aiohttp-swagger``
from Web_advanced docs.
* Started including the ``llhttp`` :file:`LICENSE` file in wheels by adding
``vendor/llhttp/LICENSE`` to ``license-files`` in :file:`setup.cfg`
* Updated a regex in `test_aiohttp_request_coroutine` for Python 3.14.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=156
- update to 3.12.14:
* Fixed file uploads failing with HTTP 422 errors when
encountering 307/308 redirects, and 301/302 redirects for
non-POST methods, by preserving the request body when
appropriate per RFC 9110 -- by :user:`bdraco`. Related issues
and pull requests on GitHub: :issue:`11270`.
* Fixed :py:meth:`ClientSession.close()
<aiohttp.ClientSession.close>` hanging indefinitely when
using HTTPS requests through HTTP proxies -- by
:user:`bdraco`. Related issues and pull requests on GitHub:
:issue:`11273`.
* Bumped minimum version of aiosignal to 1.4+ to resolve typing
issues -- by :user:`Dreamsorcerer`. Related issues and pull
requests on GitHub: :issue:`11280`.
* Added initial trailer parsing logic to Python HTTP parser --
by :user:`Dreamsorcerer`. Related issues and pull requests on
GitHub: :issue:`11269`.
* Clarified exceptions raised by WebSocketResponse.send_frame
et al. -- by :user:`DoctorJohn`. Related issues and pull
requests on GitHub: :issue:`11234`.
OBS-URL: https://build.opensuse.org/request/show/1294222
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=57
* Fixed file uploads failing with HTTP 422 errors when
encountering 307/308 redirects, and 301/302 redirects for
non-POST methods, by preserving the request body when
appropriate per RFC 9110 -- by :user:`bdraco`. Related issues
and pull requests on GitHub: :issue:`11270`.
* Fixed :py:meth:`ClientSession.close()
<aiohttp.ClientSession.close>` hanging indefinitely when
using HTTPS requests through HTTP proxies -- by
:user:`bdraco`. Related issues and pull requests on GitHub:
:issue:`11273`.
* Bumped minimum version of aiosignal to 1.4+ to resolve typing
issues -- by :user:`Dreamsorcerer`. Related issues and pull
requests on GitHub: :issue:`11280`.
* Added initial trailer parsing logic to Python HTTP parser --
by :user:`Dreamsorcerer`. Related issues and pull requests on
GitHub: :issue:`11269`.
* Clarified exceptions raised by WebSocketResponse.send_frame
et al. -- by :user:`DoctorJohn`. Related issues and pull
requests on GitHub: :issue:`11234`.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=149
- Add remove-isal-test-dep.patch to remove python-isal test
dependency, that's not part of Factory yet.
- Update to 3.12.13
* Optimized web server performance when access logging is disabled
by reducing time syscalls
* Improved performance of the WebSocket reader
* Disabled TLS in TLS warning (when using HTTPS proxies) for uvloop
and newer Python versions
* Added a comprehensive HTTP Digest Authentication client middleware
(DigestAuthMiddleware) that implements RFC 7616.
* Fixed pytest plugin to not use deprecated asyncio policy APIs.
* Allow user setting zlib compression backend
* Added host parameter to aiohttp_server fixture
* Added socket_factory to aiohttp.TCPConnector to allow specifying
custom socket options
* Upgraded to LLHTTP 9.3.0
* Optimized small HTTP requests/responses by coalescing headers and
body into a single TCP packet
* Removed non SPDX-license description from setup.cfg
* Added support for building against system llhttp library
* Fixed compatibility issue with Cython 3.1.1
* Added support for reusable request bodies to enable retries,
redirects, and digest authentication
* Improved performance of isinstance checks by using collections.abc
types instead of typing module equivalents
* Added ssl_shutdown_timeout parameter to aiohttp.ClientSession and
aiohttp.TCPConnector to control the grace period for SSL shutdown
handshake on TLS connections.
* Downgraded the logging level for connector close errors from ERROR
OBS-URL: https://build.opensuse.org/request/show/1289166
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=56
* Optimized web server performance when access logging is disabled
by reducing time syscalls
* Improved performance of the WebSocket reader
* Disabled TLS in TLS warning (when using HTTPS proxies) for uvloop
and newer Python versions
* Added a comprehensive HTTP Digest Authentication client middleware
(DigestAuthMiddleware) that implements RFC 7616.
* Fixed pytest plugin to not use deprecated asyncio policy APIs.
* Allow user setting zlib compression backend
* Added host parameter to aiohttp_server fixture
* Added socket_factory to aiohttp.TCPConnector to allow specifying
custom socket options
* Upgraded to LLHTTP 9.3.0
* Optimized small HTTP requests/responses by coalescing headers and
body into a single TCP packet
* Removed non SPDX-license description from setup.cfg
* Added support for building against system llhttp library
* Fixed compatibility issue with Cython 3.1.1
* Added support for reusable request bodies to enable retries,
redirects, and digest authentication
* Improved performance of isinstance checks by using collections.abc
types instead of typing module equivalents
* Added ssl_shutdown_timeout parameter to aiohttp.ClientSession and
aiohttp.TCPConnector to control the grace period for SSL shutdown
handshake on TLS connections.
* Downgraded the logging level for connector close errors from ERROR
to DEBUG, as these are expected behavior with TLS 1.3 connections
* Fixed cookie parsing to be more lenient when handling cookies with
special characters in names or values
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=146
* Replaced deprecated asyncio.iscoroutinefunction with its
counterpart from inspect
* Fixed :class:multidict.CIMultiDict being mutated when passed
to :class:aiohttp.web.Response -- by :user:bdraco.
- from version 3.11.15
* Reverted explicitly closing sockets if an exception is raised
during create_connection
This change originally appeared in aiohttp 3.11.13
* Improved performance of WebSocket buffer handling
* Improved performance of serializing headers
- from version 3.11.14
* Fixed an issue where dns queries were delayed indefinitely
when an exception occurred in a trace.send_dns_cache_miss
* Fixed DNS resolution on platforms that don't support
socket.AI_ADDRCONFIG
* The connector now raises :exc:aiohttp.ClientConnectionError
instead of :exc:OSError when failing to explicitly close the
socket after :py:meth:asyncio.loop.create_connection fails
* Break cyclic references at connection close when there was
a traceback
* Break cyclic references when there is an exception handling
a request
* Improved logging on non-overlapping WebSocket client protocols
to include the remote address
* Improved performance of parsing content types by adding a cache
in the same manner currently done with mime types
- from version 3.11.13
* Removed a break statement inside the finally block in
:py:class:~aiohttp.web.RequestHandler
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=144
- Update to 3.11.11:
- Bug fixes
- Updated :py:meth:~aiohttp.ClientSession.request to reuse
the quote_cookie setting from ClientSession._cookie_jar
when processing cookies parameter.
- Fixed type of SSLContext for some static type checkers
(e.g. pyright).
- Updated :meth:aiohttp.web.StreamResponse.write annotation
to also allow :class:bytearray and :class:memoryview as
inputs
- Fixed a hang where a connection previously used for a
streaming download could be returned to the pool in a
paused state.
- Features
- Enabled ALPN on default SSL contexts. This improves
compatibility with some proxies which don't work without
this extension.
- Miscellaneous internal changes
- Fixed an infinite loop that can occur when using aiohttp in
combination with async-solipsism
- Update to 3.11.10:
- Fixed race condition in :class:aiohttp.web.FileResponse
that could have resulted in an incorrect response if the
file was replaced on the file system during prepare
- Replaced deprecated call to :func:mimetypes.guess_type with
:func:mimetypes.guess_file_type when using Python 3.13+
- Disabled zero copy writes in the StreamWriter
OBS-URL: https://build.opensuse.org/request/show/1235442
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=54
- Bug fixes
- Updated :py:meth:~aiohttp.ClientSession.request to reuse
the quote_cookie setting from ClientSession._cookie_jar
when processing cookies parameter.
- Fixed type of SSLContext for some static type checkers
(e.g. pyright).
- Updated :meth:aiohttp.web.StreamResponse.write annotation
to also allow :class:bytearray and :class:memoryview as
inputs
- Fixed a hang where a connection previously used for a
streaming download could be returned to the pool in a
paused state.
- Features
- Enabled ALPN on default SSL contexts. This improves
compatibility with some proxies which don't work without
this extension.
- Miscellaneous internal changes
- Fixed an infinite loop that can occur when using aiohttp in
combination with async-solipsism
- Update to 3.11.10:
- Fixed race condition in :class:aiohttp.web.FileResponse
that could have resulted in an incorrect response if the
file was replaced on the file system during prepare
- Replaced deprecated call to :func:mimetypes.guess_type with
:func:mimetypes.guess_file_type when using Python 3.13+
- Disabled zero copy writes in the StreamWriter
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=142
* Fixed invalid method logging unexpected being logged at exception
level on subsequent connections -- by :user:`bdraco`.
* Improved performance of parsing headers when using the C parser --
by :user:`bdraco`.
- 3.11.8:
* Improved performance of creating :class:`aiohttp.ClientResponse`
objects when there are no cookies -- by :user:`bdraco`.
* Improved performance of creating :class:`aiohttp.ClientResponse`
objects -- by :user:`bdraco`.
* Improved performances of creating objects during the HTTP request
lifecycle -- by :user:`bdraco`.
* Improved performance of constructing :class:`aiohttp.web.Response`
with headers -- by :user:`bdraco`.
* Improved performance of making requests when there are no auto
headers to skip -- by :user:`bdraco`.
* Downgraded logging of invalid HTTP method exceptions on the first
request to debug level -- by :user:`bdraco`.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=140
* Fixed the HTTP client not considering the connector's
force_close value when setting the Connection header -- by
:user:`bdraco`. Related issues and pull requests on GitHub:
:issue:`10003`.
* Improved performance of serializing HTTP headers -- by
:user:`bdraco`. Related issues and pull requests on GitHub:
:issue:`10014`.
* Restored the force_close method to the ResponseHandler -- by
:user:`bdraco`. Related issues and pull requests on GitHub:
:issue:`9997`.
* Fixed the ANY method not appearing in
:meth:`~aiohttp.web.UrlDispatcher.routes` -- by
:user:`bdraco`. Related issues and pull requests on GitHub:
:issue:`9899`, :issue:`9987`.
* Fixed StaticResource not allowing the OPTIONS method after
calling set_options_route -- by :user:`bdraco`. Related
issues and pull requests on GitHub: :issue:`9972`,
:issue:`9975`, :issue:`9976`.
* Improved performance of creating web responses when there are
no cookies -- by :user:`bdraco`. Related issues and pull
requests on GitHub: :issue:`9895`.
* Removed non-existing __author__ from dir(aiohttp) -- by
:user:`Dreamsorcerer`. Related issues and pull requests on
GitHub: :issue:`9918`.
* Restored the FlowControlDataQueue class -- by :user:`bdraco`.
This class is no longer used internally, and will be
permanently removed in the next major version. Related issues
and pull requests on GitHub: :issue:`9963`.
* Improved performance of resolving resources when multiple
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=139
(bsc#1233446, CVE-2024-52303, bsc#1233447, CVE-2024-52304)
- Authentication provided by a redirect now takes precedence over
provided auth when making requests with the client -- by
:user:`PLPeeters`.
- Fixed :py:meth:`WebSocketResponse.close()
<aiohttp.web.WebSocketResponse.close>` to discard non-close
messages within its timeout window after sending close -- by
:user:`lenard-mosys`.
- Fixed a deadlock that could occur while attempting to get a new
connection slot after a timeout -- by :user:`bdraco`.
- Fixed the WebSocket flow control calculation undercounting with
multi-byte data -- by :user:`bdraco`.
- Fixed incorrect parsing of chunk extensions with the pure Python
parser -- by :user:`bdraco`.
- Fixed system routes polluting the middleware cache -- by
:user:`bdraco`.
- Improved performance of the connector when a connection can be
reused -- by :user:`bdraco`.
- Improved performance of the client request lifecycle when there
are no cookies -- by :user:`bdraco`.
- Improved performance of sending client requests when the writer
can finish synchronously -- by :user:`bdraco`.
- Improved performance of serializing HTTP headers -- by
:user:`bdraco`.
- Passing enable_cleanup_closed to :py:class:`aiohttp.TCPConnector`
is now ignored on Python 3.12.7+ and 3.13.1+ since the underlying
bug that caused asyncio to leak SSL connections has been fixed
upstream -- by :user:`bdraco`.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=138
- update to 3.10.10:
* Fixed error messages from
:py:class:`~aiohttp.resolver.AsyncResolver` being swallowed
-- by :user:`bdraco`. Related issues and pull requests on
GitHub: :issue:`9451`, :issue:`9455`.
* Added :exc:`aiohttp.ClientConnectorDNSError` for
differentiating DNS resolution errors from other connector
errors -- by :user:`mstojcevich`. Related issues and pull
requests on GitHub: :issue:`8455`.
* Simplified DNS resolution throttling code to reduce chance of
race conditions -- by :user:`bdraco`. Related issues and pull
requests on GitHub: :issue:`9454`.
OBS-URL: https://build.opensuse.org/request/show/1217029
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=52
* Fixed error messages from
:py:class:`~aiohttp.resolver.AsyncResolver` being swallowed
-- by :user:`bdraco`. Related issues and pull requests on
GitHub: :issue:`9451`, :issue:`9455`.
* Added :exc:`aiohttp.ClientConnectorDNSError` for
differentiating DNS resolution errors from other connector
errors -- by :user:`mstojcevich`. Related issues and pull
requests on GitHub: :issue:`8455`.
* Simplified DNS resolution throttling code to reduce chance of
race conditions -- by :user:`bdraco`. Related issues and pull
requests on GitHub: :issue:`9454`.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=136
- Update to 3.10.9
* Fixed proxy headers being used in the ``ConnectionKey`` hash
when a proxy was not being used
* Widened the type of the ``trace_request_ctx`` parameter of
:meth:`ClientSession.request() <aiohttp.ClientSession.request>`
and friends
* Fixed failure to try next host after single-host connection timeout
* Improved performance of resolving hosts with Python 3.12+
* Reduced memory required for timer objects
created during the client request lifecycle
- from version 3.10.8
* Fixed cancellation leaking upwards on timeout
- from version 3.10.7
* Fixed assembling the :class:`~yarl.URL` for web requests when
the host contains a non-default port or IPv6 address
* Improved performance of determining if a URL is absolute
* Replaced code that can now be handled by ``yarl``
- Add patch to increase timeout for import time test
* test_relax_import_time.patch
- Update BuildRequires and Requires from setup.py
OBS-URL: https://build.opensuse.org/request/show/1206528
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=51
* Fixed proxy headers being used in the ``ConnectionKey`` hash
when a proxy was not being used
* Widened the type of the ``trace_request_ctx`` parameter of
:meth:`ClientSession.request() <aiohttp.ClientSession.request>`
and friends
* Fixed failure to try next host after single-host connection timeout
* Improved performance of resolving hosts with Python 3.12+
* Reduced memory required for timer objects
created during the client request lifecycle
- from version 3.10.8
* Fixed cancellation leaking upwards on timeout
- from version 3.10.7
* Fixed assembling the :class:`~yarl.URL` for web requests when
the host contains a non-default port or IPv6 address
* Improved performance of determining if a URL is absolute
* Replaced code that can now be handled by ``yarl``
- Add patch to increase timeout for import time test
* test_relax_import_time.patch
- Update BuildRequires and Requires from setup.py
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=134
e Update to 3.10.5:
* Fixed aiohttp.ClientResponse.json() not setting status when
aiohttp.ContentTypeError is raised
* Improved performance of the WebSocket reader
* Fixed decoding base64 chunk in BodyPartReader
* Fixed a race closing the server-side WebSocket where the close code would
not reach the client
* Fixed unconsumed exceptions raised by the WebSocket heartbeat
* Fixed an edge case in the Python parser when chunk separators happen to
align with network chunks
* Fixed multipart reading when stream buffer splits the boundary over
several read() calls
* Fixed aiohttp.TCPConnector doing blocking I/O in the event loop to create
the SSLContext
* Improved performance of aiohttp.ClientWebSocketResponse.receive and
aiohttp.web.WebSocketResponse.receive when there is no timeout.
* Improved performance of starting request handlers with Python 3.12+
* Improved performance of HTTP keep-alive checks
* Fixed server checks for circular symbolic links to be compatible with
Python 3.13
* Fixed request body not being read when ignoring an Upgrade request
* Fixed an edge case where shutdown would wait for timeout when the handler
was already completed
* Fixed connecting to npipe://, tcp://, and unix:// urls
* Fixed WebSocket ping tasks being prematurely garbage collected
* Fixed incorrectly following symlinks for compressed file variants
(bsc#1229226, CVE-2024-42367)
* Fixed monkey patches for Path.stat() and Path.is_dir() for Python 3.13
compatibility
* Fixed url dispatcher index not matching when a variable is preceded by a
OBS-URL: https://build.opensuse.org/request/show/1194832
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=49
* Fixed aiohttp.ClientResponse.json() not setting status when
aiohttp.ContentTypeError is raised
* Improved performance of the WebSocket reader
* Fixed decoding base64 chunk in BodyPartReader
* Fixed a race closing the server-side WebSocket where the close code would
not reach the client
* Fixed unconsumed exceptions raised by the WebSocket heartbeat
* Fixed an edge case in the Python parser when chunk separators happen to
align with network chunks
* Fixed multipart reading when stream buffer splits the boundary over
several read() calls
* Fixed aiohttp.TCPConnector doing blocking I/O in the event loop to create
the SSLContext
* Improved performance of aiohttp.ClientWebSocketResponse.receive and
aiohttp.web.WebSocketResponse.receive when there is no timeout.
* Improved performance of starting request handlers with Python 3.12+
* Improved performance of HTTP keep-alive checks
* Fixed server checks for circular symbolic links to be compatible with
Python 3.13
* Fixed request body not being read when ignoring an Upgrade request
* Fixed an edge case where shutdown would wait for timeout when the handler
was already completed
* Fixed connecting to npipe://, tcp://, and unix:// urls
* Fixed WebSocket ping tasks being prematurely garbage collected
* Fixed incorrectly following symlinks for compressed file variants
(bsc#1229226, CVE-2024-42367)
* Fixed monkey patches for Path.stat() and Path.is_dir() for Python 3.13
compatibility
* Fixed url dispatcher index not matching when a variable is preceded by a
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=129
- update to 3.9.5:
* Fixed "Unclosed client session" when initialization of
:py:class:`~aiohttp.ClientSession` fails
* Fixed regression (from :pr:`8280`) with adding Content-
Disposition to the form-data part after appending to writer
* Added default Content-Disposition in multipart/form-data
responses to avoid broken form-data responses
* The asynchronous internals now set the underlying causes when
assigning exceptions to the future objects
* Treated values of Accept-Encoding header as case-insensitive
when checking for gzip files
* Improved the DNS resolution performance on cache hit
* Changed the type annotations to allow dict on
:meth:`aiohttp.MultipartWriter.append`,
:meth:`aiohttp.MultipartWriter.append_json` and
:meth:`aiohttp.MultipartWriter.append_form` -- by
:user:`cakemanny` Related issues and pull requests on GitHub:
:issue:`7741`.
* Ensure websocket transport is closed when client does not
close it
* Leave websocket transport open if receive times out or is
cancelled
* Fixed content not being read when an upgrade request was not
supported with the pure Python implementation.
* Fixed a race condition with incoming connections during
server shutdown
* Fixed multipart/form-data compliance with RFC 7578
* Fixed blocking I/O in the event loop while processing files
in a POST request
* Escaped filenames in static view
OBS-URL: https://build.opensuse.org/request/show/1169371
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aiohttp?expand=0&rev=46
* Fixed "Unclosed client session" when initialization of
:py:class:`~aiohttp.ClientSession` fails
* Fixed regression (from :pr:`8280`) with adding Content-
Disposition to the form-data part after appending to writer
* Added default Content-Disposition in multipart/form-data
responses to avoid broken form-data responses
* The asynchronous internals now set the underlying causes when
assigning exceptions to the future objects
* Treated values of Accept-Encoding header as case-insensitive
when checking for gzip files
* Improved the DNS resolution performance on cache hit
* Changed the type annotations to allow dict on
:meth:`aiohttp.MultipartWriter.append`,
:meth:`aiohttp.MultipartWriter.append_json` and
:meth:`aiohttp.MultipartWriter.append_form` -- by
:user:`cakemanny` Related issues and pull requests on GitHub:
:issue:`7741`.
* Ensure websocket transport is closed when client does not
close it
* Leave websocket transport open if receive times out or is
cancelled
* Fixed content not being read when an upgrade request was not
supported with the pure Python implementation.
* Fixed a race condition with incoming connections during
server shutdown
* Fixed multipart/form-data compliance with RFC 7578
* Fixed blocking I/O in the event loop while processing files
in a POST request
* Escaped filenames in static view
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=123
