Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
python-aiohttp.35324
python-aiohttp.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File python-aiohttp.changes of Package python-aiohttp.35324
------------------------------------------------------------------- Thu Aug 22 06:08:06 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com> - Add patch CVE-2024-42367-path-traversal-via-symlink.patch: * Do not follow symlinks for compressed file variants. (CVE-2024-42367, bsc#1229226) ------------------------------------------------------------------- Tue May 14 09:29:42 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> - Add patch to fix XSS on index pages for static file handling * CVE-2024-27306.patch (bsc#1223098, CVE-2024-27306) - Add patch to remove pytest.mark.internal marker to enable CVE-2024-27306 tests * remove-pytest.mark.internal.patch ------------------------------------------------------------------- Tue Jan 30 10:26:57 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> - Update to version 3.9.3 * Fixed backwards compatibility breakage (in 3.9.2) of ``ssl`` parameter when set outside of ``ClientSession`` (e.g. directly in ``TCPConnector``) * Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures. - from version 3.9.2 (bsc#1219341, CVE-2024-23334, bsc#1219342, CVE-2024-23829) * Fixed server-side websocket connection leak. * Fixed ``web.FileResponse`` doing blocking I/O in the event loop. * Fixed double compress when compression enabled and compressed file exists in server file responses. * Added runtime type check for ``ClientSession`` ``timeout`` parameter. * Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon. * Improved validation of paths for static resources requests to the server. * Added support for passing :py:data:`True` to ``ssl`` parameter in ``ClientSession`` while deprecating :py:data:`None`. * Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon. * Fixed examples of ``fallback_charset_resolver`` function in the :doc:`client_advanced` document. * The Sphinx setup was updated to avoid showing the empty changelog draft section in the tagged release documentation builds on Read The Docs. * The changelog categorization was made clearer. The contributors can now mark their fragment files more accurately. * Updated :ref:`contributing/Tests coverage <aiohttp-contributing>` section to show how we use ``codecov``. * Replaced all ``tmpdir`` fixtures with ``tmp_path`` in test suite. - Refresh patches for new version * remove-re-assert.patch ------------------------------------------------------------------- Fri Jan 26 08:02:10 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com> - Disable broken tests with openssl 3.2 and python < 3.11 bsc#1217782 ------------------------------------------------------------------- Fri Dec 22 13:46:25 UTC 2023 - Ben Greiner <code@bnavigator.de> - Fix pytest call - Update requirements ------------------------------------------------------------------- Mon Nov 27 15:22:11 UTC 2023 - Dirk Müller <dmueller@suse.com> - update to 3.9.1: * Fixed importing aiohttp under PyPy on Windows. * Fixed async concurrency safety in websocket compressor. * Fixed ``ClientResponse.close()`` releasing the connection instead of closing. * Fixed a regression where connection may get closed during upgrade. -- by :user:`Dreamsorcerer` * Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:`Dreamsorcerer` ------------------------------------------------------------------- Sat Nov 25 22:51:20 UTC 2023 - Dirk Müller <dmueller@suse.com> - update to 3.9.0: (bsc#1217684, CVE-2023-49081, bsc#1217682, CVE-2023-49082) * Introduced ``AppKey`` for static typing support of ``Application`` storage. * Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called. * Added `handler_cancellation`_ parameter to cancel web handler on client disconnection. * This (optionally) reintroduces a feature removed in a previous release. * Recommended for those looking for an extra level of protection against denial-of-service attacks. * Added support for setting response header parameters ``max_line_size`` and ``max_field_size``. * Added ``auto_decompress`` parameter to ``ClientSession.request`` to override ``ClientSession._auto_decompress``. * Changed ``raise_for_status`` to allow a coroutine. * Added client brotli compression support (optional with runtime check). * Added ``client_max_size`` to ``BaseRequest.clone()`` to allow overriding the request body size. -- :user:`anesabml`. * Added a middleware type alias ``aiohttp.typedefs.Middleware``. * Exported ``HTTPMove`` which can be used to catch any redirection request that has a location -- :user:`dreamsorcerer`. * Changed the ``path`` parameter in ``web.run_app()`` to accept a ``pathlib.Path`` object. * Performance: Skipped filtering ``CookieJar`` when the jar is empty or all cookies have expired. * Performance: Only check origin if insecure scheme and there are origins to treat as secure, in ``CookieJar.filter_cookies()``. * Performance: Used timestamp instead of ``datetime`` to achieve faster cookie expiration in ``CookieJar``. * Added support for passing a custom server name parameter to HTTPS connection. * Added support for using Basic Auth credentials from :file:`.netrc` file when making HTTP requests with the * :py:class:`~aiohttp.ClientSession` ``trust_env`` argument is set to ``True``. -- by :user:`yuvipanda`. * Turned access log into no-op when the logger is disabled. * Added typing information to ``RawResponseMessage``. -- by :user:`Gobot1234` * Removed ``async-timeout`` for Python 3.11+ (replaced with ``asyncio.timeout()`` on newer releases). * Added support for ``brotlicffi`` as an alternative to ``brotli`` (fixing Brotli support on PyPy). * Added ``WebSocketResponse.get_extra_info()`` to access a protocol transport's extra info. * Allow ``link`` argument to be set to None/empty in HTTP 451 exception. * Fixed client timeout not working when incoming data is always available without waiting. -- by :user:`Dreamsorcerer`. * Fixed ``readuntil`` to work with a delimiter of more than one character. * Added ``__repr__`` to ``EmptyStreamReader`` to avoid ``AttributeError``. * Fixed bug when using ``TCPConnector`` with ``ttl_dns_cache=0``. * Fixed response returned from expect handler being thrown away. -- by :user:`Dreamsorcerer` * Avoided raising ``UnicodeDecodeError`` in multipart and in HTTP headers parsing. * Changed ``sock_read`` timeout to start after writing has finished, avoiding read timeouts caused by an unfinished write. -- by :user:`dtrifiro` * Fixed missing query in tracing method URLs when using ``yarl`` 1.9+. * Changed max 32-bit timestamp to an aware datetime object, for consistency with the non-32-bit one, and to avoid a ``DeprecationWarning`` on Python 3.12. * Fixed ``EmptyStreamReader.iter_chunks()`` never ending. * Fixed a rare ``RuntimeError: await wasn't used with future`` exception. * Fixed issue with insufficient HTTP method and version validation. * Added check to validate that absolute URIs have schemes. * Fixed unhandled exception when Python HTTP parser encounters unpaired Unicode surrogates. * Updated parser to disallow invalid characters in header field names and stop accepting LF as a request line separator. * Fixed Python HTTP parser not treating 204/304/1xx as an empty body. * Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3. * Fixed an issue when a client request is closed before completing a chunked payload. -- by :user:`Dreamsorcerer` * Edge Case Handling for ResponseParser for missing reason value. * Fixed ``ClientWebSocketResponse.close_code`` being erroneously set to ``None`` when there are concurrent async tasks receiving data and closing the connection. * Added HTTP method validation. * Fixed arbitrary sequence types being allowed to inject values via version parameter. -- by :user:`Dreamsorcerer` * Performance: Fixed increase in latency with small messages from websocket compression changes. * Improved Documentation * Fixed the `ClientResponse.release`'s type in the doc. Changed from `comethod` to `method`. * Added information on behavior of base_url parameter in `ClientSession`. * Completed ``trust_env`` parameter description to honor ``wss_proxy``, ``ws_proxy`` or ``no_proxy`` env. * Dropped Python 3.6 support. * Dropped Python 3.7 support. -- by :user:`Dreamsorcerer` * Removed support for abandoned ``tokio`` event loop. * Made ``print`` argument in ``run_app()`` optional. * Improved performance of ``ceil_timeout`` in some cases. * Changed importing Gunicorn to happen on-demand, decreasing import time by ~53%. -- :user:`Dreamsorcerer` * Improved import time by replacing ``http.server`` with ``http.HTTPStatus``. * Fixed annotation of ``ssl`` parameter to disallow ``True``. - drop Update-update_query-calls-to-work-with-latest-yarl.patch (upstream) ------------------------------------------------------------------- Tue Nov 7 11:52:54 UTC 2023 - Dirk Müller <dmueller@suse.com> - update to 3.8.6 (bsc#1217181, CVE-2023-47627): * Security bugfixes * Upgraded the vendored copy of llhttp_ to v9.1.3 * https://github.com/aio-libs/aiohttp/security/advisories/GHSA- pjjw-qhg8-p2p9. * Updated Python parser to comply with RFCs 9110/9112 * https://github.com/aio-libs/aiohttp/security/advisories/GHSA- gfw2-4jvh-wgfg. * Added ``fallback_charset_resolver`` parameter in ``ClientSession`` to allow a user-supplied character set detection function. Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use `fallback_charset_resolver * Enabled lenient response parsing for more flexible parsing in the client * Fixed ``PermissionError`` when ``.netrc`` is unreadable due to permissions. * Fixed output of parsing errors * Fixed ``GunicornWebWorker`` max_requests_jitter not working. * Fixed sorting in ``filter_cookies`` to use cookie with longest path. * Fixed display of ``BadStatusLine`` messages from llhttp_. ------------------------------------------------------------------- Sat Oct 14 17:27:26 UTC 2023 - Matej Cepl <mcepl@cepl.eu> - Add remove-re-assert.patch, we really don’t need beautifuly presented exceptions for our testing; remove re-assert BR. ------------------------------------------------------------------- Mon Sep 11 20:43:01 UTC 2023 - Dirk Müller <dmueller@suse.com> - switch from unmaintained brotlipy to Brotli ------------------------------------------------------------------- Fri Aug 18 15:42:27 UTC 2023 - Martin Schreiner <martin.schreiner@suse.com> - Remove py3109-compat.patch, no longer required. The current spec builds successfully on Python 3.9, 3.10 and 3.11. - Update to 3.8.5: * Upgraded the vendored copy of llhttp to v8.1.1. More information here: https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w * Added information to C parser exceptions to show which character caused the error. * Fixed a transport is None error. ------------------------------------------------------------------- Wed Apr 26 07:35:37 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com> - Add Update-update_query-calls-to-work-with-latest-yarl.patch to fix problems with latest python-yarl - Delete aiohttp-pr7057-bump-charset-normalizer.patch not needed anymore - Update to 3.8.4: * Fixed incorrectly overwriting cookies with the same name and domain, but different path. (#6638) * Fixed ConnectionResetError not being raised after client disconnection in SSL environments. (#7180) ------------------------------------------------------------------- Sun Apr 23 22:42:27 UTC 2023 - Matej Cepl <mcepl@suse.com> - Move documentation into the main package for SLE15 ------------------------------------------------------------------- Fri Apr 21 12:21:39 UTC 2023 - Dirk Müller <dmueller@suse.com> - add sle15_python_module_pythons (jsc#PED-68) ------------------------------------------------------------------- Thu Apr 13 22:39:50 UTC 2023 - Matej Cepl <mcepl@suse.com> - Make calling of %{sle15modernpython} optional. ------------------------------------------------------------------- Thu Mar 16 07:32:13 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com> - Disable DeprecationWarning to avoid error with the latest setuptools and pkg_resources deprecation ------------------------------------------------------------------- Mon Dec 26 21:35:01 UTC 2022 - Ben Greiner <code@bnavigator.de> - Don't assume python3 to be present for d:l:p:backports/15.4_py39 - Requires pytest 6.2.0 when pytest.TempPathFactory was introduced. ------------------------------------------------------------------- Mon Dec 12 16:16:31 UTC 2022 - Daniel Garcia <daniel.garcia@suse.com> - Update py3109-compat.patch to work with python <= 3.10.8 too. ------------------------------------------------------------------- Mon Dec 12 11:26:26 UTC 2022 - Daniel Garcia <daniel.garcia@suse.com> - Add py3109-compat.patch to make tests compatible with python 3.10.9. These tests are not present anymore in upstream master version so this patch could be removed in future releases. ------------------------------------------------------------------- Mon Nov 7 17:49:50 UTC 2022 - Ben Greiner <code@bnavigator.de> - Drop ignore-pytest-deprecationwarning.patch - Add aiohttp-pr7057-bump-charset-normalizer.patch * gh#aio-libs/aiohttp#7057 * Sync requirement with rpm specs ------------------------------------------------------------------- Tue Oct 4 20:31:56 UTC 2022 - Dirk Müller <dmueller@suse.com> - skip more tests ------------------------------------------------------------------- Sat Sep 24 11:07:58 UTC 2022 - Dirk Müller <dmueller@suse.com> - update to 3.8.3: * Increased the upper boundary of the :doc:`multidict:index` dependency to allow for the version 6 -- by :user:`hugovk`. * Added support for registering :rfc:`OPTIONS <9110#OPTIONS>` HTTP method handlers via :py:class:`~aiohttp.web.RouteTableDef`. * Started supporting :rfc:`authority-form <9112#authority-form>` and :rfc:`absolute-form <9112#absolute-form>` URLs on the server-side. * Fixed Python 3.11 incompatibilities by using Cython 0.29.25. * Extended the ``sock`` argument typing declaration of the :py:func:`~aiohttp.web.run_app` function as optionally accepting iterables. * Fixed a regression where :py:exc:`~asyncio.CancelledError` occurs on client disconnection. * Started exporting :py:class:`~aiohttp.web.PrefixedSubAppResource` under :py:mod:`aiohttp.web` -- by :user:`Dreamsorcerer`. * Dropped the :class:`object` type possibility from the :py:attr:`aiohttp.ClientSession.timeout` property return type declaration. ------------------------------------------------------------------- Wed May 4 11:35:43 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> - Update in SLE-15 (bsc#1197831) ------------------------------------------------------------------- Sun Mar 27 19:01:09 UTC 2022 - Ben Greiner <code@bnavigator.de> - Add ignore-pytest-deprecationwarning.patch * gh#aio-libs/aiohttp#6663 ------------------------------------------------------------------- Sat Dec 11 19:18:47 UTC 2021 - Ben Greiner <code@bnavigator.de> - Update to version 3.8.1 * Bugfixes * Fix the error in handling the return value of getaddrinfo. getaddrinfo will return an (int, bytes) tuple, if CPython could not handle the address family. It will cause a index out of range error in aiohttp. For example, if user compile CPython with --disable-ipv6 option but his system enable the ipv6. #5901 * Do not install "examples" as a top-level package. #6189 * Restored ability to connect IPv6-only host. #6195 * Remove Signal from __all__, replace aiohttp.Signal with aiosignal.Signal in docs #6201 * Made chunked encoding HTTP header check stricter. #6305 * Improved Documentation * update quick starter demo codes. #6240 * Added an explanation of how tiny timeouts affect performance to the client reference document. #6274 * Add flake8-docstrings to flake8 configuration, enable subset of checks. #6276 * Added information on running complex applications with additional tasks/processes -- :user:`Dreamsorcerer`. #6278 - Release 3.8.0 (2021-10-31) (bsc#1217174, CVE-2023-47641) * Features * Added a GunicornWebWorker feature for extending the aiohttp server configuration by allowing the 'wsgi' coroutine to return web.AppRunner object. #2988 * Switch from http-parser to llhttp #3561 * Use Brotli instead of brotlipy #3803 * Disable implicit switch-back to pure python mode. The build fails loudly if aiohttp cannot be compiled with C Accelerators. Use AIOHTTP_NO_EXTENSIONS=1 to explicitly disable C Extensions complication and switch to Pure-Python mode. Note that Pure-Python mode is significantly slower than compiled one. #3828 * Make access log use local time with timezone #3853 * Implemented readuntil in StreamResponse #4054 * FileResponse now supports ETag. #4594 * Add a request handler type alias aiohttp.typedefs.Handler. #4686 * AioHTTPTestCase is more async friendly now. * For people who use unittest and are used to use :py:exc:`~unittest.TestCase` it will be easier to write new test cases like the sync version of the :py:exc:`~unittest.TestCase` class, without using the decorator @unittest_run_loop, just async def test_*. The only difference is that for the people using python3.7 and below a new dependency is needed, it is asynctestcase. #4700 * Add validation of HTTP header keys and values to prevent header injection. #4818 * Add predicate to AbstractCookieJar.clear. Add AbstractCookieJar.clear_domain to clean all domain and subdomains cookies only. #4942 * Add keepalive_timeout parameter to web.run_app. #5094 * Tracing for client sent headers #5105 * Make type hints for http parser stricter #5267 * Add final declarations for constants. #5275 * Switch to external frozenlist and aiosignal libraries. #5293 * Don't send secure cookies by insecure transports. * By default, the transport is secure if https or wss scheme is used. Use CookieJar(treat_as_secure_origin="http://127.0.0.1") to override the default security checker. #5571 * Always create a new event loop in aiohttp.web.run_app(). This adds better compatibility with asyncio.run() or if trying to run multiple apps in sequence. #5572 * Add aiohttp.pytest_plugin.AiohttpClient for static typing of pytest plugin. #5585 * Added a socket_factory argument to BaseTestServer. #5844 * Add compression strategy parameter to enable_compression method. #5909 * Added support for Python 3.10 to Github Actions CI/CD workflows and fix the related deprecation warnings -- :user:`Hanaasagi`. #5927 * Switched chardet to charset-normalizer for guessing the HTTP payload body encoding -- :user:`Ousret`. #5930 * Added optional auto_decompress argument for HttpRequestParser #5957 * Added support for HTTPS proxies to the extent CPython's :py:mod:`asyncio` supports it -- by :user:`bmbouter`, :user:`jborean93` and :user:`webknjaz`. #5992 * Added base_url parameter to the initializer of :class:`~aiohttp.ClientSession`. #6013 * Add Trove classifier and create binary wheels for 3.10. -- :user:`hugovk`. #6079 * Started shipping platform-specific wheels with the musl tag targeting typical Alpine Linux runtimes — :user:`asvetlov`. #6139 * Started shipping platform-specific arm64 wheels for Apple Silicon — :user:`asvetlov`. #6139 * Bugfixes * Modify _drain_helper() to handle concurrent await resp.write(...) or ws.send_json(...) calls without race-condition. #2934 * Started using MultiLoopChildWatcher when it's available under POSIX while setting up the test I/O loop. #3450 * Only encode content-disposition filename parameter using percent-encoding. Other parameters are encoded to quoted-string or RFC2231 extended parameter value. #4012 * Fixed HTTP client requests to honor no_proxy environment variables. #4431 * Fix supporting WebSockets proxies configured via environment variables. #4648 * Change return type on URLDispatcher to UrlMappingMatchInfo to improve type annotations. #4748 * Ensure a cleanup context is cleaned up even when an exception occurs during startup. #4799 * Added a new exception type for Unix socket client errors which provides a more useful error message. #4984 * Remove Transfer-Encoding and Content-Type headers for 204 in StreamResponse #5106 * Only depend on typing_extensions for Python <3.8 #5107 * Add ABNORMAL_CLOSURE and BAD_GATEWAY to WSCloseCode #5192 * Fix cookies disappearing from HTTPExceptions. #5233 * StaticResource prefixes no longer match URLs with a non-folder prefix. For example routes.static('/foo', '/foo') no longer matches the URL /foobar. Previously, this would attempt to load the file /foo/ar. #5250 * Acquire the connection before running traces to prevent race condition. #5259 * Add missing slots to `_RequestContextManager and _WSRequestContextManager #5329 * Ensure sending a zero byte file does not throw an exception (round 2) #5380 * Set "text/plain" when data is an empty string in client requests. #5392 * Stop automatically releasing the ClientResponse object on calls to the ok property for the failed requests. #5403 * Include query parameters from params keyword argument in tracing URL. #5432 * Fix annotations #5466 * Fixed the multipart POST requests processing to always release file descriptors for the tempfile.Temporaryfile-created _io.BufferedRandom instances of files sent within multipart request bodies via HTTP POST requests -- by :user:`webknjaz`. #5494 * Fix 0 being incorrectly treated as an immediate timeout. #5527 * Fixes failing tests when an environment variable <scheme>_proxy is set. #5554 * Replace deprecated app handler design in tests/autobahn/server.py with call to web.run_app; replace deprecated aiohttp.ws_connect calls in tests/autobahn/client.py with aiohttp.ClienSession.ws_connect. #5606 * Fixed test for HTTPUnauthorized that access the text argument. This is not used in any part of the code, so it's removed now. #5657 * Remove incorrect default from docs #5727 * Remove external test dependency to http://httpbin.org #5840 * Don't cancel current task when entering a cancelled timer. #5853 * Added params keyword argument to ClientSession.ws_connect. -- :user:`hoh`. #5868 * Uses :py:class:`~asyncio.ThreadedChildWatcher` under POSIX to allow setting up test loop in non-main thread. #5877 * Fix the error in handling the return value of getaddrinfo. getaddrinfo will return an (int, bytes) tuple, if CPython could not handle the address family. It will cause a index out of range error in aiohttp. For example, if user compile CPython with --disable-ipv6 option but his system enable the ipv6. #5901 * Removed the deprecated loop argument from the asyncio.sleep/gather calls #5905 * Return None from request.if_modified_since, request.if_unmodified_since, request.if_range and response.last_modified when corresponding http date headers are invalid. #5925 * Fix resetting SIGCHLD signals in Gunicorn aiohttp Worker to fix subprocesses that capture output having an incorrect returncode. #6130 * Raise 400: Content-Length can't be present with Transfer-Encoding if both Content-Length and Transfer-Encoding are sent by peer by both C and Python implementations #6182 * Improved Documentation * Refactored OpenAPI/Swagger aiohttp addons, added aio-openapi #5326 * Fixed docs on request cookies type, so it matches what is actually used in the code (a read-only dictionary-like object). #5725 * Documented that the HTTP client Authorization header is removed on redirects to a different host or protocol. #5850 - Drop patches * backport_fix_for_setting_cookies.patch * remove_deprecated_loop_argument.patch * stdlib-typing_extensions.patch * unbundle-http-parser.patch -- replaced by llhttp, nothing else than the bundled llhttp available. - Disable building the docs (no sphinxcontrib-towncrier) ------------------------------------------------------------------- Wed Nov 24 00:38:26 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com> - Drop python39-failures.patch, no longer required. ------------------------------------------------------------------- Wed Nov 17 09:52:49 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com> - Update python39-failures.patch to only fire with Python 3.9.7. ------------------------------------------------------------------- Fri Sep 10 14:22:31 UTC 2021 - Matej Cepl <mcepl@suse.com> - Restore python39-failures.patch, which is actually still needed. ------------------------------------------------------------------- Thu Sep 9 20:05:44 UTC 2021 - Matej Cepl <mcepl@suse.com> - Remove python39-failures.patch and replace it with actual fix of the issue in remove_deprecated_loop_argument.patch. - Add backport_fix_for_setting_cookies.patch for backport of fixes from 3.8 branch. ------------------------------------------------------------------- Wed Sep 8 21:10:23 UTC 2021 - Matej Cepl <mcepl@suse.com> - Add python39-failures.patch to fix test problems with Python 3.9.7+ (gh#aio-libs/aiohttp#5991). ------------------------------------------------------------------- Tue Jun 8 19:15:11 UTC 2021 - Matej Cepl <mcepl@suse.com> - Remove pytest-asyncio dependency which is actually harmful (gh#aio-libs/aiohttp#5787). ------------------------------------------------------------------- Thu May 13 21:58:35 UTC 2021 - Matej Cepl <mcepl@suse.com> - Add stdlib-typing_extensions.patch to avoid necessity for BR python-typing_extensions (gh#aio-libs/aiohttp#5374). ------------------------------------------------------------------- Sun Feb 28 13:09:40 UTC 2021 - Michael Ströder <michael@stroeder.com> - Update to 3.7.4 (bsc#1184745, CVE-2021-21330): * obsoletes CVE-2021-21330.patch in older dists * Fixes https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg ------------------------------------------------------------------- Mon Feb 8 10:55:58 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> - Include in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352) ------------------------------------------------------------------- Sun Dec 20 08:22:59 UTC 2020 - John Vandenberg <jayvdb@gmail.com> - Allow use with chardet v4 ------------------------------------------------------------------- Fri Dec 4 11:50:52 UTC 2020 - Benjamin Greiner <code@bnavigator.de> - Update to v3.7.3 Features * Made exceptions pickleable. Also changed the repr of some exceptions. #4077 Bugfixes * Raise a ClientResponseError instead of an AssertionError for a blank HTTP Reason Phrase. #3532 * Fix web_middlewares.normalize_path_middleware behavior for patch without slash. #3669 * Fix overshadowing of overlapped sub-applications prefixes. #3701 * Make BaseConnector.close() a coroutine and wait until the client closes all connections. Drop deprecated "with Connector():" syntax. #3736 * Reset the sock_read timeout each time data is received for a aiohttp.client response. #3808 * Fixed type annotation for add_view method of UrlDispatcher to accept any subclass of View #3880 * Fixed querying the address families from DNS that the current host supports. #5156 * Change return type of MultipartReader.__aiter__() and BodyPartReader.__aiter__() to AsyncIterator. #5163 * Provide x86 Windows wheels. #5230 * Improved Documentation * Add documentation for aiohttp.web.FileResponse. #3958 * Removed deprecation warning in tracing example docs #3964 * Fixed wrong "Usage" docstring of aiohttp.client.request. #4603 * Add aiohttp-pydantic to third party libraries #5228 Misc * #4102 - Also clean header files in sitearch - Remove hidden .hash directory (remnant from build process) - Fix python 3.6 build * For Leap * For TW with python36 flavor gh#openSUSE/python-rpm-macros#66 * Always BuildRequire idna_ssl * Skip a failing test on python 3.6 * Next upstream release will drop python 3.6 ------------------------------------------------------------------- Wed Oct 28 15:33:18 UTC 2020 - John Vandenberg <jayvdb@gmail.com> - Re-activate tests - Update to v3.7.2 * Fixed static files handling for loops without .sendfile() support - from v3.7.1 * Fixed a type error caused by the conditional import of Protocol * Server doesn't send Content-Length for 1xx or 204 * Fix run_app typing * Always require typing_extensions library * Fix a variable-shadowing bug causing ThreadedResolver.resolve to return the resolved IP as the ``hostname`` in each record, which prevented validation of HTTPS connections * Added annotations to all public attributes * Fix flaky test_when_timeout_smaller_second * Ensure sending a zero byte file does not throw an exception - from v3.7.0 * Response headers are now prepared prior to running ``on_response_prepare`` hooks, directly before headers are sent to the client * Add a ``quote_cookie`` option to ``CookieJar``, a way to skip quotation wrapping of cookies containing special characters * Call AccessLogger.log with the current exception available from sys.exc_info() * web.UrlDispatcher.add_routes and web.Application.add_routes return a list of registered AbstractRoute instances. `AbstractRouteDef.register` (and all subclasses) return a list of registered resources registered resource * Added properties of default ClientSession params to ClientSession class so it is available for introspection * Don't cancel web handler on peer disconnection, raise `OSError` on reading/writing instead. * Implement BaseRequest.get_extra_info() to access a protocol transports' extra info. * Added `ClientSession.timeout` property * Allow use of SameSite in cookies * Use loop.sendfile() instead of custom implementation if available * Apply SO_REUSEADDR to test server's socket * Use .raw_host instead of slower .host in client API * Allow configuring the buffer size of input stream by passing ``read_bufsize`` argument * Add method and url attributes to TraceRequestChunkSentParams and TraceResponseChunkReceivedParams. * Add ClientResponse.ok property for checking status code under 400 * Don't ceil timeouts that are smaller than 5 seconds. * TCPSite now listens by default on all interfaces instead of just IPv4 when `None` is passed in as the host * Bump ``http_parser`` to 2.9.4 * Fix keepalive connections not being closed in time * Fix failed websocket handshake leaving connection hanging. * Fix tasks cancellation order on exit. The run_app task needs to be cancelled first for cleanup hooks to run with all tasks intact. * Don't start heartbeat until _writer is set * Fix handling of multipart file uploads without a content type * Preserve view handler function attributes across middlewares * Fix the string representation of ServerDisconnectedError * Raising RuntimeError when trying to get encoding from not read body * Remove warning messages from noop. * Raise ClientPayloadError if FormData re-processed. * Fix a warning about unfinished task in web_protocol.py * Fixed 'deflate' compression. According to RFC 2616 now. * Fixed OverflowError on platforms with 32-bit time_t * Fixed request.body_exists returns wrong value for methods without body * Fix connecting to link-local IPv6 addresses. * Fix a problem with connection waiters that are never awaited * Always make sure transport is not closing before reuse a connection. Reuse a protocol based on keepalive in headers is unreliable. For example, uWSGI will not support keepalive even it serves a HTTP 1.1 request, except explicitly configure uWSGI with a ``--http-keepalive`` option. Servers designed like uWSGI could cause aiohttp intermittently raise a ConnectionResetException when the protocol poll runs out and some protocol is reused. * Handle the last CRLF correctly even if it is received via separate TCP segment. * Fix the register_resource function to validate route name before splitting it so that route name can include python keywords * Fix resolver task is not awaited when connector is cancelled * Fix Aiohttp doesn't return any error on invalid request methods * Fix HEAD requests for static content. * Fix incorrect size calculation for memoryview * Add HTTPMove to _all__. * Fixed the type annotations in the ``tracing`` module. * Fix typing for multipart ``__aiter__``. * Fix for race condition on connections in BaseConnector that leads to exceeding the connection limit. * Add forced UTF-8 encoding for ``application/rdap+json`` responses. * Fix inconsistency between Python and C http request parsers in parsing pct-encoded URL * Fix connection closing issue in HEAD request. * Fix type hint on BaseRunner.addresses (from ``List[str]`` to ``List[Any]``) - from v3.6.3 * Pin yarl to `<1.6.0` to avoid buggy behavior ------------------------------------------------------------------- Tue Mar 10 08:33:15 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com> - Update to 3.6.2: * more compatibility fixes with python 3.8 - Disable tests as they explode in upstream git too and all other distributions also gave up on it ------------------------------------------------------------------- Tue Mar 10 08:15:55 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com> - Do remove pytest configuration to not error out on deprecation warnings - Unbundle http parser headers: * unbundle-http-parser.patch ------------------------------------------------------------------- Tue Sep 24 10:20:20 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com> - Update to 3.6.1: * Compatibility with Python 3.8. #4056 * correct some exception string format #4068 * Emit a warning when ssl.OP_NO_COMPRESSION is unavailable because the runtime is built against an outdated OpenSSL. #4052 * Update multidict requirement to >= 4.5 #4057 - Drop merged patch aiohttp-3.6.0-fix-typeerror.patch ------------------------------------------------------------------- Wed Sep 18 07:34:10 UTC 2019 - Matthias Fehring <buschmann23@opensuse.org> - Add patch to fix type error with old multidict: * aiohttp-3.6.0-fix-typeerror.patch - Require python-multidict 4.5 or newer ------------------------------------------------------------------- Fri Sep 13 12:05:43 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com> - Update to 3.6.0: * Add support for Named Pipes * Removed Transfer-Encoding: chunked header * Accept non-GET request for starting websocket handshake on server side - Drop merged patch pytest5.patch ------------------------------------------------------------------- Thu Aug 22 09:27:05 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com> - Add patch to work well with pytest 5: * pytest5.patch ------------------------------------------------------------------- Tue Jun 4 14:47:20 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com> - Fix Requires and BuildRequires ------------------------------------------------------------------- Wed Feb 27 14:25:09 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com> - update to 3.5.4 - drop invalid-escapes-in-tests.patch and rename-request-fixture.patch * big list of changes from 3.4.4 - https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst ------------------------------------------------------------------- Tue Jan 15 13:15:30 UTC 2019 - Alberto Planas Dominguez <aplanas@suse.com> - Remove version dependency from Cython (boo#1121578). ------------------------------------------------------------------- Tue Nov 20 13:29:01 UTC 2018 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> - Add patch to address name collision issue with pytest fixtures + rename-request-fixture.patch ------------------------------------------------------------------- Sat Oct 6 11:10:41 CEST 2018 - mcepl@suse.com - Upgrade to 3.4.4: - Multiple small bugfixes - Remove remove-failing-tests-due-to-pytest-timeout-issues.patch - Add invalid-escapes-in-tests.patch to fix invalid escapes in non-raw regexp strings. ------------------------------------------------------------------- Fri Aug 31 11:50:26 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com> - Match up requirements to the setup.py ------------------------------------------------------------------- Fri Aug 31 09:22:37 UTC 2018 - Adrian Schröter <adrian@suse.de> - update to version 3.4.0: * please check the longer list in CHANGES.rst ------------------------------------------------------------------- Mon Jun 25 07:50:19 UTC 2018 - adrian@suse.de - update to version 3.3.2: * Raise ``ConnectionResetError`` instead of ``CancelledError`` on trying to write to a closed stream. (`#2499 <https://github.com/aio-libs/aiohttp/pull/2499>`_) * Implement ``ClientTimeout`` class and support socket read timeout. (`#2768 <https://github.com/aio-libs/aiohttp/pull/2768>`_) * Enable logging when ``aiohttp.web`` is used as a program (`#2956 <https://github.com/aio-libs/aiohttp/pull/2956>`_) * Add canonical property to resources (`#2968 <https://github.com/aio-libs/aiohttp/pull/2968>`_) * Forbid reading response BODY after release (`#2983 <https://github.com/aio-libs/aiohttp/pull/2983>`_) * Implement base protocol class to avoid a dependency from internal ``asyncio.streams.FlowControlMixin`` (`#2986 <https://github.com/aio-libs/aiohttp/pull/2986>`_) * Cythonize ``@helpers.reify``, 5% boost on macro benchmark (`#2995 <https://github.com/aio-libs/aiohttp/pull/2995>`_) * Optimize HTTP parser (`#3015 <https://github.com/aio-libs/aiohttp/pull/3015>`_) * Implement ``runner.addresses`` property. (`#3036 <https://github.com/aio-libs/aiohttp/pull/3036>`_) * Use ``bytearray`` instead of a list of ``bytes`` in websocket reader. It improves websocket message reading a little. (`#3039 <https://github.com/aio-libs/aiohttp/pull/3039>`_) * Remove heartbeat on closing connection on keepalive timeout. The used hack violates HTTP protocol. (`#3041 <https://github.com/aio-libs/aiohttp/pull/3041>`_) * Limit websocket message size on reading to 4 MB by default. (`#3045 <https://github.com/aio-libs/aiohttp/pull/3045>`_) ------------------------------------------------------------------- Sat Apr 14 17:22:15 UTC 2018 - arun@gmx.de - update to version 3.1.3: * Fix cancellation broadcast during DNS resolve (#2910) ------------------------------------------------------------------- Thu Apr 12 20:47:59 UTC 2018 - arun@gmx.de - update to version 3.1.2: * Make LineTooLong exception more detailed about actual data size (#2863) * Call on_chunk_sent when write_eof takes as a param the last chunk (#2909) - changes from version 3.1.1: * Support asynchronous iterators (and asynchronous generators as well) in both client and server API as request / response BODY payloads. (#2802) ------------------------------------------------------------------- Fri Mar 23 15:16:21 UTC 2018 - tbechtold@suse.com - update to 3.1.0: - Relax JSON content-type checking in the ``ClientResponse.json()`` to allow "application/xxx+json" instead of strict "application/json". (#2206) - Bump C HTTP parser to version 2.8 (#2730) - Accept a coroutine as an application factory in ``web.run_app`` and gunicorn worker. (#2739) - Implement application cleanup context (``app.cleanup_ctx`` property). (#2747) - Make ``writer.write_headers`` a coroutine. (#2762) - Add tracking signals for getting request/response bodies. (#2767) - Deprecate ClientResponseError.code in favor of .status to keep similarity with response classes. (#2781) - Implement ``app.add_routes()`` method. (#2787) - Implement ``web.static()`` and ``RouteTableDef.static()`` API. (#2795) - Install a test event loop as default by ``asyncio.set_event_loop()``. The change affects aiohttp test utils but backward compatibility is not broken for 99.99% of use cases. (#2804) - Refactor ``ClientResponse`` constructor: make logically required constructor arguments mandatory, drop ``_post_init()`` method. (#2820) - Use ``app.add_routes()`` in server docs everywhere (#2830) - Websockets refactoring, all websocket writer methods are converted into coroutines. (#2836) - Provide ``Content-Range`` header for ``Range`` requests (#2844) - Fix websocket client return EofStream. (#2784) - Fix websocket demo. (#2789) - Property ``BaseRequest.http_range`` now returns a python-like slice when requesting the tail of the range. It's now indicated by a negative value in ``range.start`` rather then in ``range.stop`` (#2805) - Close a connection if an unexpected exception occurs while sending a request - Fix firing DNS tracing events. (#2841) - Change ``ClientResponse.json()`` documentation to reflect that it now allows "application/xxx+json" content-types (#2206) - Document behavior when cchardet detects encodings that are unknown to Python. - Add diagrams for tracing request life style. (#2748) - Drop removed functionality for passing ``StreamReader`` as data at client side. (#2793) ------------------------------------------------------------------- Sat Feb 17 14:41:39 UTC 2018 - alarrosa@suse.com - update to version 3.0.1 * async/await everywhere. The minimal supported Python version is 3.5.3 now. * Application Runners. * Client Tracing. Now it is possible by registering special signal handlers on every request processing stage. * HTTPS support * Dropped obsolete API. The release dropped a lot of already deprecated features. * The full changelog can be read at https://aiohttp.readthedocs.io/en/stable/changes.html - Add python3-idna_ssl, python3-Pygments and python3-aiohttp-theme to BuildRequires. - Add Requires: python3-idna_ssl - Fix tests by removing a file and adding a patch to remove another failing test due to a DeprecationWarning being issued by pytest because of a problem in python-pytest-timeout. * remove-failing-tests-due-to-pytest-timeout-issues.patch ------------------------------------------------------------------- Sun Dec 31 09:00:05 UTC 2017 - adrian@suse.de - update to version 2.3.7 ------------------------------------------------------------------- Sun Dec 10 08:39:51 UTC 2017 - adrian@suse.de - add MarkupSafe as build depdency to fix documentaion generation ------------------------------------------------------------------- Wed Dec 6 03:01:31 UTC 2017 - arun@gmx.de - update to version 2.3.6: * Correct request.app context (for handlers not just middlewares). (#2577) ------------------------------------------------------------------- Sun Dec 3 19:10:33 UTC 2017 - arun@gmx.de - specfile: * require pluggy - update to version 2.3.5: * Fix compatibility with pytest 3.3+ (#2565) - changes from version 2.3.4: * Make request.app point to proper application instance when using nested applications (with middlewares). (#2550) * Change base class of ClientConnectorSSLError to ClientSSLError from ClientConnectorError. (#2563) * Return client connection back to free pool on error in connector.connect(). (#2567) ------------------------------------------------------------------- Sun Nov 19 05:10:08 UTC 2017 - arun@gmx.de - update to version 2.3.3: * Having a ; in Response content type does not assume it contains a charset anymore. (#2197) * Use getattr(asyncio, ‘async’) for keeping compatibility with Python 3.7. (#2476) * Ignore NotImplementedError raised by set_child_watcher from uvloop. (#2491) * Fix warning in ClientSession.__del__ by stopping to try to close it. (#2523) * Fixed typo’s in Third-party libraries page. And added async-v20 to the list (#2510) ------------------------------------------------------------------- Thu Nov 9 06:33:40 UTC 2017 - arun@gmx.de - specfile: * updated requirements according to requirement/ci-wheel.txt in tar-ball * removed 'changes' from %doc - update to version 2.3.2: * Fix passing client max size on cloning request obj. (#2385) * Fix ClientConnectorSSLError and ClientProxyConnectionError for proxy connector. (#2408) * Drop generated _http_parser shared object from tarball distribution. (#2414) * Fix connector convert OSError to ClientConnectorError. (#2423) * Fix connection attempts for multiple dns hosts. (#2424) * Fix ValueError for AF_INET6 sockets if a preexisting INET6 socket to the aiohttp.web.run_app function. (#2431) * _SessionRequestContextManager closes the session properly now. (#2441) * Rename from_env to trust_env in client reference. (#2451) - changes from version 2.3.1: * Relax attribute lookup in warning about old-styled middleware (#2340) - changes from version 2.3.0: * Features + Add SSL related params to ClientSession.request (#1128) + Make enable_compression work on HTTP/1.0 (#1828) + Deprecate registering synchronous web handlers (#1993) + Switch to multidict 3.0. All HTTP headers preserve casing now but compared in case-insensitive way. (#1994) + Improvement for normalize_path_middleware. Added possibility to handle URLs with query string. (#1995) + Use towncrier for CHANGES.txt build (#1997) + Implement trust_env=True param in ClientSession. (#1998) + Added variable to customize proxy headers (#2001) + Implement router.add_routes and router decorators. (#2004) + Deprecated BaseRequest.has_body in favor of BaseRequest.can_read_body Added BaseRequest.body_exists attribute that stays static for the lifetime of the request (#2005) + Provide BaseRequest.loop attribute (#2024) + Make _CoroGuard awaitable and fix ClientSession.close warning message (#2026) + Responses to redirects without Location header are returned instead of raising a RuntimeError (#2030) + Added get_client, get_server, setUpAsync and tearDownAsync methods to AioHTTPTestCase (#2032) + Add automatically a SafeChildWatcher to the test loop (#2058) + add ability to disable automatic response decompression (#2110) + Add support for throttling DNS request, avoiding the requests saturation when there is a miss in the DNS cache and many requests getting into the connector at the same time. (#2111) + Use request for getting access log information instead of message/transport pair. Add RequestBase.remote property for accessing to IP of client initiated HTTP request. (#2123) + json() raises a ContentTypeError exception if the content-type does not meet the requirements instead of raising a generic ClientResponseError. (#2136) + Make the HTTP client able to return HTTP chunks when chunked transfer encoding is used. (#2150) + add append_version arg into StaticResource.url and StaticResource.url_for methods for getting an url with hash (version) of the file. (#2157) + Fix parsing the Forwarded header. * commas and semicolons are allowed inside quoted-strings; * empty forwarded-pairs (as in for=_1;;by=_2) are allowed; * non-standard parameters are allowed (although this alone could be easily done in the previous parser). (#2173) + Don’t require ssl module to run. aiohttp does not require SSL to function. The code paths involved with SSL will only be hit upon SSL usage. Raise RuntimeError if HTTPS protocol is required but ssl module is not present. (#2221) + Accept coroutine fixtures in pytest plugin (#2223) + Call shutdown_asyncgens before event loop closing on Python 3.6. (#2227) + Speed up Signals when there are no receivers (#2229) + Raise InvalidURL instead of ValueError on fetches with invalid URL. (#2241) + Move DummyCookieJar into cookiejar.py (#2242) + run_app: Make print=None disable printing (#2260) + Support brotli encoding (generic-purpose lossless compression algorithm) (#2270) + Add server support for WebSockets Per-Message Deflate. Add client option to add deflate compress header in WebSockets request header. If calling ClientSession.ws_connect() with compress=15 the client will support deflate compress negotiation. (#2273) + Support verify_ssl, fingerprint, ssl_context and proxy_headers by client.ws_connect. (#2292) + Added aiohttp.ClientConnectorSSLError when connection fails due ssl.SSLError (#2294) + aiohttp.web.Application.make_handler support access_log_class (#2315) + Build HTTP parser extension in non-strict mode by default. (#2332) * Bugfixes + Clear auth information on redirecting to other domain (#1699) + Fix missing app.loop on startup hooks during tests (#2060) + Fix issue with synchronous session closing when using ClientSession as an asynchronous context manager. (#2063) + Fix issue with CookieJar incorrectly expiring cookies in some edge cases. (#2084) + Force use of IPv4 during test, this will make tests run in a Docker container (#2104) + Warnings about unawaited coroutines now correctly point to the user’s code. (#2106) + Fix issue with IndexError being raised by the StreamReader.iter_chunks() generator. (#2112) + Support HTTP 308 Permanent redirect in client class. (#2114) + Fix FileResponse sending empty chunked body on 304. (#2143) + Do not add Content-Length: 0 to GET/HEAD/TRACE/OPTIONS requests by default. (#2167) + Fix parsing the Forwarded header according to RFC 7239. (#2170) + Securely determining remote/scheme/host #2171 (#2171) + Fix header name parsing, if name is split into multiple lines (#2183) + Handle session close during connection, KeyError: <aiohttp.connector._TransportPlaceholder> (#2193) + Fixes uncaught TypeError in helpers.guess_filename if name is not a string (#2201) + Raise OSError on async DNS lookup if resolved domain is an alias for another one, which does not have an A or CNAME record. (#2231) + Fix incorrect warning in StreamReader. (#2251) + Properly clone state of web request (#2284) + Fix C HTTP parser for cases when status line is split into different TCP packets. (#2311) + Fix web.FileResponse overriding user supplied Content-Type (#2317) * Improved Documentation + Add a note about possible performance degradation in await resp.text() if charset was not provided by Content-Type HTTP header. Pass explicit encoding to solve it. (#1811) + Drop disqus widget from documentation pages. (#2018) + Add a graceful shutdown section to the client usage documentation. (#2039) + Document connector_owner parameter. (#2072) + Update the doc of web.Application (#2081) + Fix mistake about access log disabling. (#2085) + Add example usage of on_startup and on_shutdown signals by creating and disposing an aiopg connection engine. (#2131) + Document encoded=True for yarl.URL, it disables all yarl transformations. (#2198) + Document that all app’s middleware factories are run for every request. (#2225) + Reflect the fact that default resolver is threaded one starting from aiohttp 1.1 (#2228) * Deprecations and Removals + Drop deprecated Server.finish_connections (#2006) + Drop %O format from logging, use %b instead. Drop %e format from logging, environment variables are not supported anymore. (#2123) + Drop deprecated secure_proxy_ssl_header support (#2171) + Removed TimeService in favor of simple caching. TimeService also had a bug where it lost about 0.5 seconds per second. (#2176) + Drop unused response_factory from static files API (#2290) * Misc + #2013, #2014, #2048, #2094, #2149, #2187, #2214, #2225, #2243, #2248 ------------------------------------------------------------------- Wed Sep 20 15:49:32 UTC 2017 - aloisio@gmx.com - Fixed build on non Factory targets ------------------------------------------------------------------- Mon Sep 11 15:24:42 UTC 2017 - jengelh@inai.de - Repair package description grammar. ------------------------------------------------------------------- Thu Aug 24 07:57:17 UTC 2017 - sebix+novell.com@sebix.at - first singlespec package - fixes boo#1054580 boo#1054581
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor