Allow lax response parsing on Py parser #7663

Dreamsorcerer · 2023-10-06T16:24:49Z

No description provided.

for more information, see https://pre-commit.ci

aiohttp/http_parser.py

for more information, see https://pre-commit.ci

codecov · 2023-10-06T19:24:34Z

Codecov Report

Merging #7663 (0c83209) into master (317bf95) will increase coverage by 0.00%.
Report is 2 commits behind head on master.
The diff coverage is 97.39%.

@@           Coverage Diff           @@
##           master    #7663   +/-   ##
=======================================
  Coverage   97.36%   97.36%           
=======================================
  Files         106      106           
  Lines       31550    31619   +69     
  Branches     3595     3619   +24     
=======================================
+ Hits        30718    30786   +68     
  Misses        630      630           
- Partials      202      203    +1

Flag	Coverage Δ
CI-GHA	`97.28% <97.39%> (+<0.01%)`	⬆️
OS-Linux	`96.95% <97.39%> (+<0.01%)`	⬆️
OS-Windows	`95.43% <97.39%> (+0.02%)`	⬆️
OS-macOS	`96.61% <97.39%> (+0.01%)`	⬆️
Py-3.10.11	`95.35% <97.39%> (+0.02%)`	⬆️
Py-3.10.13	`96.81% <97.39%> (-0.01%)`	⬇️
Py-3.11.5	`96.49% <90.43%> (-0.03%)`	⬇️
Py-3.8.10	`95.32% <97.39%> (+0.02%)`	⬆️
Py-3.8.18	`96.74% <97.39%> (+<0.01%)`	⬆️
Py-3.9.13	`95.31% <97.39%> (+0.02%)`	⬆️
Py-3.9.18	`96.77% <97.39%> (+<0.01%)`	⬆️
Py-pypy7.3.11	`96.27% <90.43%> (-0.03%)`	⬇️
VM-macos	`96.61% <97.39%> (+0.01%)`	⬆️
VM-ubuntu	`96.95% <97.39%> (+<0.01%)`	⬆️
VM-windows	`95.43% <97.39%> (+0.02%)`	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
tests/test_http_parser.py	`99.16% <100.00%> (+0.05%)`	⬆️
aiohttp/http_parser.py	`98.15% <94.54%> (-0.16%)`	⬇️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

patchback · 2023-10-06T19:32:38Z

Backport to 3.8: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply bd5f924 on top of patchback/backports/3.8/bd5f92437173aae77cb128a1ebb8bf58effd13b5/pr-7663

Backporting merged PR #7663 into master

Ensure you have a local repo clone of your fork. Unless you cloned it
from the upstream, this would be your origin remote.
Make sure you have an upstream repo added as a remote too. In these
instructions you'll refer to it by the name upstream. If you don't
have it, here's how you can add it:
```
$ git remote add upstream https://github.com/aio-libs/aiohttp.git
```

Ensure you have the latest copy of upstream and prepare a branch
that will hold the backported code:

$ git fetch upstream
$ git checkout -b patchback/backports/3.8/bd5f92437173aae77cb128a1ebb8bf58effd13b5/pr-7663 upstream/3.8

Now, cherry-pick PR Allow lax response parsing on Py parser #7663 contents into that branch:
```
$ git cherry-pick -x bd5f92437173aae77cb128a1ebb8bf58effd13b5
```
If it'll yell at you with something like fatal: Commit bd5f92437173aae77cb128a1ebb8bf58effd13b5 is a merge but no -m option was given., add -m 1 as follows instead:
```
$ git cherry-pick -m1 -x bd5f92437173aae77cb128a1ebb8bf58effd13b5
```
At this point, you'll probably encounter some merge conflicts. You must
resolve them in to preserve the patch from PR Allow lax response parsing on Py parser #7663 as close to the
original as possible.

Push this branch to your fork on GitHub:

$ git push origin patchback/backports/3.8/bd5f92437173aae77cb128a1ebb8bf58effd13b5/pr-7663

Create a PR, ensure that the CI is green. If it's not — update it so that
the tests and any other checks pass. This is it!
Now relax and wait for the maintainers to process your pull request
when they have some cycles to do reviews. Don't worry — they'll tell you if
any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

patchback · 2023-10-06T19:32:44Z

Backport to 3.9: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply bd5f924 on top of patchback/backports/3.9/bd5f92437173aae77cb128a1ebb8bf58effd13b5/pr-7663

Backporting merged PR #7663 into master

Ensure you have a local repo clone of your fork. Unless you cloned it
from the upstream, this would be your origin remote.
Make sure you have an upstream repo added as a remote too. In these
instructions you'll refer to it by the name upstream. If you don't
have it, here's how you can add it:
```
$ git remote add upstream https://github.com/aio-libs/aiohttp.git
```

Ensure you have the latest copy of upstream and prepare a branch
that will hold the backported code:

$ git fetch upstream
$ git checkout -b patchback/backports/3.9/bd5f92437173aae77cb128a1ebb8bf58effd13b5/pr-7663 upstream/3.9

Now, cherry-pick PR Allow lax response parsing on Py parser #7663 contents into that branch:
```
$ git cherry-pick -x bd5f92437173aae77cb128a1ebb8bf58effd13b5
```
If it'll yell at you with something like fatal: Commit bd5f92437173aae77cb128a1ebb8bf58effd13b5 is a merge but no -m option was given., add -m 1 as follows instead:
```
$ git cherry-pick -m1 -x bd5f92437173aae77cb128a1ebb8bf58effd13b5
```
At this point, you'll probably encounter some merge conflicts. You must
resolve them in to preserve the patch from PR Allow lax response parsing on Py parser #7663 as close to the
original as possible.

Push this branch to your fork on GitHub:

$ git push origin patchback/backports/3.9/bd5f92437173aae77cb128a1ebb8bf58effd13b5/pr-7663

Create a PR, ensure that the CI is green. If it's not — update it so that
the tests and any other checks pass. This is it!
Now relax and wait for the maintainers to process your pull request
when they have some cycles to do reviews. Don't worry — they'll tell you if
any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

(cherry picked from commit bd5f924)

(cherry picked from commit bd5f924) --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [aiohttp](https://togithub.com/aio-libs/aiohttp) | `==3.8.5` -> `==3.8.6` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/aiohttp/3.8.6?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/aiohttp/3.8.6?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/aiohttp/3.8.5/3.8.6?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/aiohttp/3.8.5/3.8.6?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>aio-libs/aiohttp (aiohttp)</summary> ### [`v3.8.6`](https://togithub.com/aio-libs/aiohttp/blob/HEAD/CHANGES.rst#386-2023-10-07) [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6) \================== ## Security bugfixes - Upgraded the vendored copy of llhttp\_ to v9.1.3 -- by :user:`Dreamsorcerer` Thanks to :user:`kenballus` for reporting this, see GHSA-pjjw-qhg8-p2p9. .. \_llhttp: https://llhttp.org `#7647 <https://github.com/aio-libs/aiohttp/issues/7647>`\_ - Updated Python parser to comply with RFCs 9110/9112 -- by :user:`Dreamorcerer` Thanks to :user:`kenballus` for reporting this, see GHSA-gfw2-4jvh-wgfg. `#7663 <https://github.com/aio-libs/aiohttp/issues/7663>`\_ ## Deprecation - Added `fallback_charset_resolver` parameter in `ClientSession` to allow a user-supplied character set detection function. Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use `fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection>`\_. `#7561 <https://github.com/aio-libs/aiohttp/issues/7561>`\_ ## Features - Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:`Dreamsorcerer` `#7490 <https://github.com/aio-libs/aiohttp/issues/7490>`\_ ## Bugfixes - Fixed `PermissionError` when `.netrc` is unreadable due to permissions. `#7237 <https://github.com/aio-libs/aiohttp/issues/7237>`\_ - Fixed output of parsing errors pointing to a `\n`. -- by :user:`Dreamsorcerer` `#7468 <https://github.com/aio-libs/aiohttp/issues/7468>`\_ - Fixed `GunicornWebWorker` max_requests_jitter not working. `#7518 <https://github.com/aio-libs/aiohttp/issues/7518>`\_ - Fixed sorting in `filter_cookies` to use cookie with longest path. -- by :user:`marq24`. `#7577 <https://github.com/aio-libs/aiohttp/issues/7577>`\_ - Fixed display of `BadStatusLine` messages from llhttp\_. -- by :user:`Dreamsorcerer` `#7651 <https://github.com/aio-libs/aiohttp/issues/7651>`\_ *** </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/allenporter/pyrainbird).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.8.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.8.6</h2> <h2>Security bugfixes</h2> <ul> <li> <p>Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:<code>Dreamsorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9</a>.</p> <p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7647">#7647</a>)</p> </li> <li> <p>Updated Python parser to comply with RFCs 9110/9112 -- by :user:<code>Dreamorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg</a>.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7663">#7663</a>)</p> </li> </ul> <h2>Deprecation</h2> <ul> <li> <p>Added <code>fallback_charset_resolver</code> parameter in <code>ClientSession</code> to allow a user-supplied character set detection function.</p> <p>Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use <code>fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection></code>_.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7561">#7561</a>)</p> </li> </ul> <h2>Features</h2> <ul> <li> <p>Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:<code>Dreamsorcerer</code></p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7490">#7490</a>)</p> </li> </ul> <h2>Bugfixes</h2> <ul> <li> <p>Fixed <code>PermissionError</code> when <code>.netrc</code> is unreadable due to permissions.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7237">#7237</a>)</p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.8.6 (2023-10-07)</h1> <h2>Security bugfixes</h2> <ul> <li> <p>Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:<code>Dreamsorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9</a>.</p> <p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p> <p><code>[#7647](aio-libs/aiohttp#7647) <https://github.com/aio-libs/aiohttp/issues/7647></code>_</p> </li> <li> <p>Updated Python parser to comply with RFCs 9110/9112 -- by :user:<code>Dreamorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg</a>.</p> <p><code>[#7663](aio-libs/aiohttp#7663) <https://github.com/aio-libs/aiohttp/issues/7663></code>_</p> </li> </ul> <h2>Deprecation</h2> <ul> <li> <p>Added <code>fallback_charset_resolver</code> parameter in <code>ClientSession</code> to allow a user-supplied character set detection function.</p> <p>Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use <code>fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection></code>_.</p> <p><code>[#7561](aio-libs/aiohttp#7561) <https://github.com/aio-libs/aiohttp/issues/7561></code>_</p> </li> </ul> <h2>Features</h2> <ul> <li> <p>Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:<code>Dreamsorcerer</code></p> <p><code>[#7490](aio-libs/aiohttp#7490) <https://github.com/aio-libs/aiohttp/issues/7490></code>_</p> </li> </ul> <h2>Bugfixes</h2> <ul> <li>Fixed <code>PermissionError</code> when <code>.netrc</code> is unreadable due to permissions.</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aio-libs/aiohttp/commit/996de2629ef6b4c2934a7c04dfd49d0950d4c43b"><code>996de26</code></a> Release v3.8.6 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7668">#7668</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8c128d4f042ca36ebdc55ecdd76099b7722331ba"><code>8c128d4</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7651">#7651</a>/45f98b7d backport][3.8] Fix BadStatusLine message (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7666">#7666</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/89b7df157886ff390cdcdc44ecf3c277045838b1"><code>89b7df1</code></a> Allow lax response parsing on Py parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7663">#7663</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7664">#7664</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/d5c12ba890557a575c313bb3017910d7616fce3d"><code>d5c12ba</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7661">#7661</a>/85713a48 backport][3.8] Update Python parser for RFCs 9110/9112 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7">#7</a>...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8a3977acac632d1f02aa7e047da51e27a717d724"><code>8a3977a</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7272">#7272</a>/b2a7983a backport][3.8] Fix Read The Docs config (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7650">#7650</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/bcc416e533796d04fb8124ef1e7686b1f338767a"><code>bcc416e</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7647">#7647</a>/1303350e backport][3.8] Upgrade to llhttp 9.1.3 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7648">#7648</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/b30c0cd2c96e57cc273ffe29c0313487b364f15a"><code>b30c0cd</code></a> Remove chardet/charset-normalizer. (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7589">#7589</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/5946c7436044bae14617ef06ee7c530ed72622da"><code>5946c74</code></a> CookieJar - return 'best-match' and not LIFO (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7577">#7577</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7588">#7588</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8c4ec62f5ba514479ef1c2e74741bc7fa33be3f4"><code>8c4ec62</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7518">#7518</a>/8bd42e74 backport][3.8] Fix GunicornWebWorker max_requests_jitter n...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/a0d234df392bd5cd67d378d31c9531c5ac87c07f"><code>a0d234d</code></a> Use lenient headers for response parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7490">#7490</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7492">#7492</a>)</li> <li>Additional commits viewable in <a href="https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.8.5&new-version=3.8.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.8.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.8.6</h2> <h2>Security bugfixes</h2> <ul> <li> <p>Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:<code>Dreamsorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9</a>.</p> <p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7647">#7647</a>)</p> </li> <li> <p>Updated Python parser to comply with RFCs 9110/9112 -- by :user:<code>Dreamorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg</a>.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7663">#7663</a>)</p> </li> </ul> <h2>Deprecation</h2> <ul> <li> <p>Added <code>fallback_charset_resolver</code> parameter in <code>ClientSession</code> to allow a user-supplied character set detection function.</p> <p>Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use <code>fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection></code>_.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7561">#7561</a>)</p> </li> </ul> <h2>Features</h2> <ul> <li> <p>Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:<code>Dreamsorcerer</code></p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7490">#7490</a>)</p> </li> </ul> <h2>Bugfixes</h2> <ul> <li> <p>Fixed <code>PermissionError</code> when <code>.netrc</code> is unreadable due to permissions.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7237">#7237</a>)</p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.8.6 (2023-10-07)</h1> <h2>Security bugfixes</h2> <ul> <li> <p>Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:<code>Dreamsorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9</a>.</p> <p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p> <p><code>[#7647](aio-libs/aiohttp#7647) <https://github.com/aio-libs/aiohttp/issues/7647></code>_</p> </li> <li> <p>Updated Python parser to comply with RFCs 9110/9112 -- by :user:<code>Dreamorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg</a>.</p> <p><code>[#7663](aio-libs/aiohttp#7663) <https://github.com/aio-libs/aiohttp/issues/7663></code>_</p> </li> </ul> <h2>Deprecation</h2> <ul> <li> <p>Added <code>fallback_charset_resolver</code> parameter in <code>ClientSession</code> to allow a user-supplied character set detection function.</p> <p>Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use <code>fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection></code>_.</p> <p><code>[#7561](aio-libs/aiohttp#7561) <https://github.com/aio-libs/aiohttp/issues/7561></code>_</p> </li> </ul> <h2>Features</h2> <ul> <li> <p>Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:<code>Dreamsorcerer</code></p> <p><code>[#7490](aio-libs/aiohttp#7490) <https://github.com/aio-libs/aiohttp/issues/7490></code>_</p> </li> </ul> <h2>Bugfixes</h2> <ul> <li>Fixed <code>PermissionError</code> when <code>.netrc</code> is unreadable due to permissions.</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aio-libs/aiohttp/commit/996de2629ef6b4c2934a7c04dfd49d0950d4c43b"><code>996de26</code></a> Release v3.8.6 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7668">#7668</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8c128d4f042ca36ebdc55ecdd76099b7722331ba"><code>8c128d4</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7651">#7651</a>/45f98b7d backport][3.8] Fix BadStatusLine message (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7666">#7666</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/89b7df157886ff390cdcdc44ecf3c277045838b1"><code>89b7df1</code></a> Allow lax response parsing on Py parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7663">#7663</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7664">#7664</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/d5c12ba890557a575c313bb3017910d7616fce3d"><code>d5c12ba</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7661">#7661</a>/85713a48 backport][3.8] Update Python parser for RFCs 9110/9112 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7">#7</a>...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8a3977acac632d1f02aa7e047da51e27a717d724"><code>8a3977a</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7272">#7272</a>/b2a7983a backport][3.8] Fix Read The Docs config (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7650">#7650</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/bcc416e533796d04fb8124ef1e7686b1f338767a"><code>bcc416e</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7647">#7647</a>/1303350e backport][3.8] Upgrade to llhttp 9.1.3 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7648">#7648</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/b30c0cd2c96e57cc273ffe29c0313487b364f15a"><code>b30c0cd</code></a> Remove chardet/charset-normalizer. (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7589">#7589</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/5946c7436044bae14617ef06ee7c530ed72622da"><code>5946c74</code></a> CookieJar - return 'best-match' and not LIFO (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7577">#7577</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7588">#7588</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8c4ec62f5ba514479ef1c2e74741bc7fa33be3f4"><code>8c4ec62</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7518">#7518</a>/8bd42e74 backport][3.8] Fix GunicornWebWorker max_requests_jitter n...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/a0d234df392bd5cd67d378d31c9531c5ac87c07f"><code>a0d234d</code></a> Use lenient headers for response parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7490">#7490</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7492">#7492</a>)</li> <li>Additional commits viewable in <a href="https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.8.5&new-version=3.8.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fynnfluegge/doc-comments-ai/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.8.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.8.6</h2> <h2>Security bugfixes</h2> <ul> <li> <p>Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:<code>Dreamsorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9</a>.</p> <p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7647">#7647</a>)</p> </li> <li> <p>Updated Python parser to comply with RFCs 9110/9112 -- by :user:<code>Dreamorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg</a>.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7663">#7663</a>)</p> </li> </ul> <h2>Deprecation</h2> <ul> <li> <p>Added <code>fallback_charset_resolver</code> parameter in <code>ClientSession</code> to allow a user-supplied character set detection function.</p> <p>Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use <code>fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection></code>_.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7561">#7561</a>)</p> </li> </ul> <h2>Features</h2> <ul> <li> <p>Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:<code>Dreamsorcerer</code></p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7490">#7490</a>)</p> </li> </ul> <h2>Bugfixes</h2> <ul> <li> <p>Fixed <code>PermissionError</code> when <code>.netrc</code> is unreadable due to permissions.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7237">#7237</a>)</p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.8.6 (2023-10-07)</h1> <h2>Security bugfixes</h2> <ul> <li> <p>Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:<code>Dreamsorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9</a>.</p> <p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p> <p><code>[#7647](aio-libs/aiohttp#7647) <https://github.com/aio-libs/aiohttp/issues/7647></code>_</p> </li> <li> <p>Updated Python parser to comply with RFCs 9110/9112 -- by :user:<code>Dreamorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg</a>.</p> <p><code>[#7663](aio-libs/aiohttp#7663) <https://github.com/aio-libs/aiohttp/issues/7663></code>_</p> </li> </ul> <h2>Deprecation</h2> <ul> <li> <p>Added <code>fallback_charset_resolver</code> parameter in <code>ClientSession</code> to allow a user-supplied character set detection function.</p> <p>Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use <code>fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection></code>_.</p> <p><code>[#7561](aio-libs/aiohttp#7561) <https://github.com/aio-libs/aiohttp/issues/7561></code>_</p> </li> </ul> <h2>Features</h2> <ul> <li> <p>Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:<code>Dreamsorcerer</code></p> <p><code>[#7490](aio-libs/aiohttp#7490) <https://github.com/aio-libs/aiohttp/issues/7490></code>_</p> </li> </ul> <h2>Bugfixes</h2> <ul> <li>Fixed <code>PermissionError</code> when <code>.netrc</code> is unreadable due to permissions.</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aio-libs/aiohttp/commit/996de2629ef6b4c2934a7c04dfd49d0950d4c43b"><code>996de26</code></a> Release v3.8.6 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7668">#7668</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8c128d4f042ca36ebdc55ecdd76099b7722331ba"><code>8c128d4</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7651">#7651</a>/45f98b7d backport][3.8] Fix BadStatusLine message (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7666">#7666</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/89b7df157886ff390cdcdc44ecf3c277045838b1"><code>89b7df1</code></a> Allow lax response parsing on Py parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7663">#7663</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7664">#7664</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/d5c12ba890557a575c313bb3017910d7616fce3d"><code>d5c12ba</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7661">#7661</a>/85713a48 backport][3.8] Update Python parser for RFCs 9110/9112 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7">#7</a>...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8a3977acac632d1f02aa7e047da51e27a717d724"><code>8a3977a</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7272">#7272</a>/b2a7983a backport][3.8] Fix Read The Docs config (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7650">#7650</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/bcc416e533796d04fb8124ef1e7686b1f338767a"><code>bcc416e</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7647">#7647</a>/1303350e backport][3.8] Upgrade to llhttp 9.1.3 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7648">#7648</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/b30c0cd2c96e57cc273ffe29c0313487b364f15a"><code>b30c0cd</code></a> Remove chardet/charset-normalizer. (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7589">#7589</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/5946c7436044bae14617ef06ee7c530ed72622da"><code>5946c74</code></a> CookieJar - return 'best-match' and not LIFO (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7577">#7577</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7588">#7588</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8c4ec62f5ba514479ef1c2e74741bc7fa33be3f4"><code>8c4ec62</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7518">#7518</a>/8bd42e74 backport][3.8] Fix GunicornWebWorker max_requests_jitter n...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/a0d234df392bd5cd67d378d31c9531c5ac87c07f"><code>a0d234d</code></a> Use lenient headers for response parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7490">#7490</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7492">#7492</a>)</li> <li>Additional commits viewable in <a href="https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.8.5&new-version=3.8.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fynnfluegge/codeqai/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.8.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.8.6</h2> <h2>Security bugfixes</h2> <ul> <li> <p>Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:<code>Dreamsorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9</a>.</p> <p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7647">#7647</a>)</p> </li> <li> <p>Updated Python parser to comply with RFCs 9110/9112 -- by :user:<code>Dreamorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg</a>.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7663">#7663</a>)</p> </li> </ul> <h2>Deprecation</h2> <ul> <li> <p>Added <code>fallback_charset_resolver</code> parameter in <code>ClientSession</code> to allow a user-supplied character set detection function.</p> <p>Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use <code>fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection></code>_.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7561">#7561</a>)</p> </li> </ul> <h2>Features</h2> <ul> <li> <p>Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:<code>Dreamsorcerer</code></p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7490">#7490</a>)</p> </li> </ul> <h2>Bugfixes</h2> <ul> <li> <p>Fixed <code>PermissionError</code> when <code>.netrc</code> is unreadable due to permissions.</p> <p>(<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7237">#7237</a>)</p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.8.6 (2023-10-07)</h1> <h2>Security bugfixes</h2> <ul> <li> <p>Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:<code>Dreamsorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9</a>.</p> <p>.. _llhttp: <a href="https://llhttp.org">https://llhttp.org</a></p> <p><code>[#7647](aio-libs/aiohttp#7647) <https://github.com/aio-libs/aiohttp/issues/7647></code>_</p> </li> <li> <p>Updated Python parser to comply with RFCs 9110/9112 -- by :user:<code>Dreamorcerer</code></p> <p>Thanks to :user:<code>kenballus</code> for reporting this, see <a href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg</a>.</p> <p><code>[#7663](aio-libs/aiohttp#7663) <https://github.com/aio-libs/aiohttp/issues/7663></code>_</p> </li> </ul> <h2>Deprecation</h2> <ul> <li> <p>Added <code>fallback_charset_resolver</code> parameter in <code>ClientSession</code> to allow a user-supplied character set detection function.</p> <p>Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use <code>fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection></code>_.</p> <p><code>[#7561](aio-libs/aiohttp#7561) <https://github.com/aio-libs/aiohttp/issues/7561></code>_</p> </li> </ul> <h2>Features</h2> <ul> <li> <p>Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:<code>Dreamsorcerer</code></p> <p><code>[#7490](aio-libs/aiohttp#7490) <https://github.com/aio-libs/aiohttp/issues/7490></code>_</p> </li> </ul> <h2>Bugfixes</h2> <ul> <li>Fixed <code>PermissionError</code> when <code>.netrc</code> is unreadable due to permissions.</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aio-libs/aiohttp/commit/996de2629ef6b4c2934a7c04dfd49d0950d4c43b"><code>996de26</code></a> Release v3.8.6 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7668">#7668</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8c128d4f042ca36ebdc55ecdd76099b7722331ba"><code>8c128d4</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7651">#7651</a>/45f98b7d backport][3.8] Fix BadStatusLine message (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7666">#7666</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/89b7df157886ff390cdcdc44ecf3c277045838b1"><code>89b7df1</code></a> Allow lax response parsing on Py parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7663">#7663</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7664">#7664</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/d5c12ba890557a575c313bb3017910d7616fce3d"><code>d5c12ba</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7661">#7661</a>/85713a48 backport][3.8] Update Python parser for RFCs 9110/9112 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7">#7</a>...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8a3977acac632d1f02aa7e047da51e27a717d724"><code>8a3977a</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7272">#7272</a>/b2a7983a backport][3.8] Fix Read The Docs config (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7650">#7650</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/bcc416e533796d04fb8124ef1e7686b1f338767a"><code>bcc416e</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7647">#7647</a>/1303350e backport][3.8] Upgrade to llhttp 9.1.3 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7648">#7648</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/b30c0cd2c96e57cc273ffe29c0313487b364f15a"><code>b30c0cd</code></a> Remove chardet/charset-normalizer. (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7589">#7589</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/5946c7436044bae14617ef06ee7c530ed72622da"><code>5946c74</code></a> CookieJar - return 'best-match' and not LIFO (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7577">#7577</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7588">#7588</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/8c4ec62f5ba514479ef1c2e74741bc7fa33be3f4"><code>8c4ec62</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7518">#7518</a>/8bd42e74 backport][3.8] Fix GunicornWebWorker max_requests_jitter n...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/a0d234df392bd5cd67d378d31c9531c5ac87c07f"><code>a0d234d</code></a> Use lenient headers for response parser (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7490">#7490</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/7492">#7492</a>)</li> <li>Additional commits viewable in <a href="https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.8.5&new-version=3.8.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/astronomer/ask-astro/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Allow lax response parsing on Py parser.

aff7774

Dreamsorcerer added backport-3.8 backport-3.9 Trigger automatic backporting to the 3.9 release branch by Patchback robot labels Oct 6, 2023

Dreamsorcerer requested review from webknjaz and asvetlov as code owners October 6, 2023 16:24

pre-commit-ci bot and others added 2 commits October 6, 2023 16:25

[pre-commit.ci] auto fixes from pre-commit.com hooks

497da9d

for more information, see https://pre-commit.ci

Create 7663.feature

0469a6d

psf-chronographer bot added the bot:chronographer:provided There is a change note present in this PR label Oct 6, 2023

Dreamsorcerer added 3 commits October 6, 2023 17:31

Update test_http_parser.py

b39e59f

Update test_http_parser.py

f8496ae

Update http_parser.py

363da5c

Dreamsorcerer commented Oct 6, 2023

View reviewed changes

aiohttp/http_parser.py Outdated Show resolved Hide resolved

Dreamsorcerer and others added 8 commits October 6, 2023 17:46

Update aiohttp/http_parser.py

4c8869e

[pre-commit.ci] auto fixes from pre-commit.com hooks

01d5a0d

for more information, see https://pre-commit.ci

Update test_http_parser.py

38b0f8b

Update test_http_parser.py

0447178

[pre-commit.ci] auto fixes from pre-commit.com hooks

eb81107

for more information, see https://pre-commit.ci

Fixes

22c7d1b

[pre-commit.ci] auto fixes from pre-commit.com hooks

cfca57e

for more information, see https://pre-commit.ci

Update test_http_parser.py

0c83209

Dreamsorcerer enabled auto-merge (squash) October 6, 2023 19:15

Dreamsorcerer merged commit bd5f924 into master Oct 6, 2023
26 of 31 checks passed

Dreamsorcerer deleted the lax-parser branch October 6, 2023 19:32

Dreamsorcerer added a commit that referenced this pull request Oct 6, 2023

Allow lax response parsing on Py parser (#7663)

d824982

(cherry picked from commit bd5f924)

Dreamsorcerer added a commit that referenced this pull request Oct 6, 2023

Allow lax response parsing on Py parser (#7663)

58f47f0

(cherry picked from commit bd5f924)

Dreamsorcerer added a commit that referenced this pull request Oct 6, 2023

Allow lax response parsing on Py parser (#7663) (#7665)

b282ff9

(cherry picked from commit bd5f924)

Dreamsorcerer added a commit that referenced this pull request Oct 6, 2023

Allow lax response parsing on Py parser (#7663) (#7664)

89b7df1

(cherry picked from commit bd5f924) --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow lax response parsing on Py parser #7663

Allow lax response parsing on Py parser #7663

Dreamsorcerer commented Oct 6, 2023

codecov bot commented Oct 6, 2023

patchback bot commented Oct 6, 2023 •

edited

patchback bot commented Oct 6, 2023 •

edited

Allow lax response parsing on Py parser #7663

Allow lax response parsing on Py parser #7663

Conversation

Dreamsorcerer commented Oct 6, 2023

codecov bot commented Oct 6, 2023

Codecov Report

patchback bot commented Oct 6, 2023 • edited

Backport to 3.8: 💔 cherry-picking failed — conflicts found

Backporting merged PR #7663 into master

patchback bot commented Oct 6, 2023 • edited

Backport to 3.9: 💔 cherry-picking failed — conflicts found

Backporting merged PR #7663 into master

patchback bot commented Oct 6, 2023 •

edited

patchback bot commented Oct 6, 2023 •

edited