Aiohttp

Latest version: v3.11.11

Safety actively analyzes 690739 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 3 of 33

3.10.11

====================

Bug fixes
---------

- Authentication provided by a redirect now takes precedence over provided ``auth`` when making requests with the client -- by :user:`PLPeeters`.


*Related issues and pull requests on GitHub:*
:issue:`9436`.



- Fixed :py:meth:`WebSocketResponse.close() <aiohttp.web.WebSocketResponse.close>` to discard non-close messages within its timeout window after sending close -- by :user:`lenard-mosys`.


*Related issues and pull requests on GitHub:*
:issue:`9506`.



- Fixed a deadlock that could occur while attempting to get a new connection slot after a timeout -- by :user:`bdraco`.

The connector was not cancellation-safe.


*Related issues and pull requests on GitHub:*
:issue:`9670`, :issue:`9671`.



- Fixed the WebSocket flow control calculation undercounting with multi-byte data -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9686`.



- Fixed incorrect parsing of chunk extensions with the pure Python parser -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9851`.



- Fixed system routes polluting the middleware cache -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9852`.




Removals and backward incompatible breaking changes
---------------------------------------------------

- Improved performance of the connector when a connection can be reused -- by :user:`bdraco`.

If ``BaseConnector.connect`` has been subclassed and replaced with custom logic, the ``ceil_timeout`` must be added.


*Related issues and pull requests on GitHub:*
:issue:`9600`.




Miscellaneous internal changes
------------------------------

- Improved performance of the client request lifecycle when there are no cookies -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9470`.



- Improved performance of sending client requests when the writer can finish synchronously -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9485`.



- Improved performance of serializing HTTP headers -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9603`.



- Passing ``enable_cleanup_closed`` to :py:class:`aiohttp.TCPConnector` is now ignored on Python 3.12.7+ and 3.13.1+ since the underlying bug that caused asyncio to leak SSL connections has been fixed upstream -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9726`, :issue:`9736`.



----

3.10.10

Not secure
====================

Bug fixes
---------

- Fixed error messages from :py:class:`~aiohttp.resolver.AsyncResolver` being swallowed -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9451`, :issue:`9455`.




Features
--------

- Added :exc:`aiohttp.ClientConnectorDNSError` for differentiating DNS resolution errors from other connector errors -- by :user:`mstojcevich`.


*Related issues and pull requests on GitHub:*
:issue:`8455`.




Miscellaneous internal changes
------------------------------

- Simplified DNS resolution throttling code to reduce chance of race conditions -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9454`.




----

3.10.9

Not secure
===================

Bug fixes
---------

- Fixed proxy headers being used in the ``ConnectionKey`` hash when a proxy was not being used -- by :user:`bdraco`.

If default headers are used, they are also used for proxy headers. This could have led to creating connections that were not needed when one was already available.


*Related issues and pull requests on GitHub:*
:issue:`9368`.



- Widened the type of the ``trace_request_ctx`` parameter of
:meth:`ClientSession.request() <aiohttp.ClientSession.request>` and friends
-- by :user:`layday`.


*Related issues and pull requests on GitHub:*
:issue:`9397`.




Removals and backward incompatible breaking changes
---------------------------------------------------

- Fixed failure to try next host after single-host connection timeout -- by :user:`brettdh`.

The default client :class:`aiohttp.ClientTimeout` params has changed to include a ``sock_connect`` timeout of 30 seconds so that this correct behavior happens by default.


*Related issues and pull requests on GitHub:*
:issue:`7342`.




Miscellaneous internal changes
------------------------------

- Improved performance of resolving hosts with Python 3.12+ -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9342`.



- Reduced memory required for timer objects created during the client request lifecycle -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9406`.




----

3.10.8

Not secure
===================

Bug fixes
---------

- Fixed cancellation leaking upwards on timeout -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9326`.




----

3.10.7

Not secure
===================

Bug fixes
---------

- Fixed assembling the :class:`~yarl.URL` for web requests when the host contains a non-default port or IPv6 address -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9309`.




Miscellaneous internal changes
------------------------------

- Improved performance of determining if a URL is absolute -- by :user:`bdraco`.

The property :attr:`~yarl.URL.absolute` is more performant than the method ``URL.is_absolute()`` and preferred when newer versions of yarl are used.


*Related issues and pull requests on GitHub:*
:issue:`9171`.



- Replaced code that can now be handled by ``yarl`` -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9301`.




----

3.10.6

Not secure
===================

Bug fixes
---------

- Added :exc:`aiohttp.ClientConnectionResetError`. Client code that previously threw :exc:`ConnectionResetError`
will now throw this -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9137`.



- Fixed an unclosed transport ``ResourceWarning`` on web handlers -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8875`.



- Fixed resolve_host() 'Task was destroyed but is pending' errors -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8967`.



- Fixed handling of some file-like objects (e.g. ``tarfile.extractfile()``) which raise ``AttributeError`` instead of ``OSError`` when ``fileno`` fails for streaming payload data -- by :user:`ReallyReivax`.


*Related issues and pull requests on GitHub:*
:issue:`6732`.



- Fixed web router not matching pre-encoded URLs (requires yarl 1.9.6+) -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8898`, :issue:`9267`.



- Fixed an error when trying to add a route for multiple methods with a path containing a regex pattern -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8998`.



- Fixed ``Response.text`` when body is a ``Payload`` -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`6485`.



- Fixed compressed requests failing when no body was provided -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9108`.



- Fixed client incorrectly reusing a connection when the previous message had not been fully sent -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8992`.



- Fixed race condition that could cause server to close connection incorrectly at keepalive timeout -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9140`.



- Fixed Python parser chunked handling with multiple Transfer-Encoding values -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8823`.



- Fixed error handling after 100-continue so server sends 500 response instead of disconnecting -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8876`.



- Stopped adding a default Content-Type header when response has no content -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8858`.



- Added support for URL credentials with empty (zero-length) username, e.g. ``https://:passwordhost`` -- by :user:`shuckc`


*Related issues and pull requests on GitHub:*
:issue:`6494`.



- Stopped logging exceptions from ``web.run_app()`` that would be raised regardless -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`6807`.



- Implemented binding to IPv6 addresses in the pytest server fixture.


*Related issues and pull requests on GitHub:*
:issue:`4650`.



- Fixed the incorrect use of flags for ``getnameinfo()`` in the Resolver --by :user:`GitNMLee`

Link-Local IPv6 addresses can now be handled by the Resolver correctly.


*Related issues and pull requests on GitHub:*
:issue:`9032`.



- Fixed StreamResponse.prepared to return True after EOF is sent -- by :user:`arthurdarcet`.


*Related issues and pull requests on GitHub:*
:issue:`5343`.



- Changed ``make_mocked_request()`` to use empty payload by default -- by :user:`rahulnht`.


*Related issues and pull requests on GitHub:*
:issue:`7167`.



- Used more precise type for ``ClientResponseError.headers``, fixing some type errors when using them -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8768`.



- Changed behavior when returning an invalid response to send a 500 response -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8845`.



- Fixed response reading from closed session to throw an error immediately instead of timing out -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8878`.



- Fixed ``CancelledError`` from one cleanup context stopping other contexts from completing -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8908`.



- Fixed changing scheme/host in ``Response.clone()`` for absolute URLs -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8990`.



- Fixed ``Site.name`` when host is an empty string -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8929`.



- Updated Python parser to reject messages after a close message, matching C parser behaviour -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9018`.



- Fixed creation of ``SSLContext`` inside of :py:class:`aiohttp.TCPConnector` with multiple event loops in different threads -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9029`.



- Fixed (on Python 3.11+) some edge cases where a task cancellation may get incorrectly suppressed -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9030`.



- Fixed exception information getting lost on ``HttpProcessingError`` -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9052`.



- Fixed ``If-None-Match`` not using weak comparison -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9063`.



- Fixed badly encoded charset crashing when getting response text instead of falling back to charset detector.


*Related issues and pull requests on GitHub:*
:issue:`9160`.



- Rejected `\n` in `reason` values to avoid sending broken HTTP messages -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9167`.



- Changed :py:meth:`ClientResponse.raise_for_status() <aiohttp.ClientResponse.raise_for_status>` to only release the connection when invoked outside an ``async with`` context -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9239`.




Features
--------

- Improved type on ``params`` to match the underlying type allowed by ``yarl`` -- by :user:`lpetre`.


*Related issues and pull requests on GitHub:*
:issue:`8564`.



- Declared Python 3.13 supported -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`8748`.




Removals and backward incompatible breaking changes
---------------------------------------------------

- Improved middleware performance -- by :user:`bdraco`.

The ``set_current_app`` method was removed from ``UrlMappingMatchInfo`` because it is no longer used, and it was unlikely external caller would ever use it.


*Related issues and pull requests on GitHub:*
:issue:`9200`.



- Increased minimum yarl version to 1.12.0 -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9267`.




Improved documentation
----------------------

- Clarified that ``GracefulExit`` needs to be handled in ``AppRunner`` and ``ServerRunner`` when using ``handle_signals=True``. -- by :user:`Daste745`


*Related issues and pull requests on GitHub:*
:issue:`4414`.



- Clarified that auth parameter in ClientSession will persist and be included with any request to any origin, even during redirects to different origins. -- by :user:`MaximZemskov`.


*Related issues and pull requests on GitHub:*
:issue:`6764`.



- Clarified which timeout exceptions happen on which timeouts -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8968`.



- Updated ``ClientSession`` parameters to match current code -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`8991`.




Packaging updates and notes for downstreams
-------------------------------------------

- Fixed ``test_client_session_timeout_zero`` to not require internet access -- by :user:`Dreamsorcerer`.


*Related issues and pull requests on GitHub:*
:issue:`9004`.




Miscellaneous internal changes
------------------------------

- Improved performance of making requests when there are no auto headers to skip -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`8847`.



- Exported ``aiohttp.TraceRequestHeadersSentParams`` -- by :user:`Hadock-is-ok`.


*Related issues and pull requests on GitHub:*
:issue:`8947`.



- Avoided tracing overhead in the http writer when there are no active traces -- by user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9031`.



- Improved performance of reify Cython implementation -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9054`.



- Use :meth:`URL.extend_query() <yarl.URL.extend_query>` to extend query params (requires yarl 1.11.0+) -- by :user:`bdraco`.

If yarl is older than 1.11.0, the previous slower hand rolled version will be used.


*Related issues and pull requests on GitHub:*
:issue:`9068`.



- Improved performance of checking if a host is an IP Address -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9095`.



- Significantly improved performance of middlewares -- by :user:`bdraco`.

The construction of the middleware wrappers is now cached and is built once per handler instead of on every request.


*Related issues and pull requests on GitHub:*
:issue:`9158`, :issue:`9170`.



- Improved performance of web requests -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9168`, :issue:`9169`, :issue:`9172`, :issue:`9174`, :issue:`9175`, :issue:`9241`.



- Improved performance of starting web requests when there is no response prepare hook -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9173`.



- Significantly improved performance of expiring cookies -- by :user:`bdraco`.

Expiring cookies has been redesigned to use :mod:`heapq` instead of a linear search, to better scale.


*Related issues and pull requests on GitHub:*
:issue:`9203`.



- Significantly sped up filtering cookies -- by :user:`bdraco`.


*Related issues and pull requests on GitHub:*
:issue:`9204`.




----

Page 3 of 33

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.