Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump aiohttp from 3.8.4 to 3.8.5 in /scripts/check_urls #4824

Merged
merged 5 commits into from
Jul 25, 2023
Merged

chore(deps): bump aiohttp from 3.8.4 to 3.8.5 in /scripts/check_urls #4824

merged 5 commits into from
Jul 25, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 20, 2023

Bumps aiohttp from 3.8.4 to 3.8.5.

Release notes

Sourced from aiohttp's releases.

3.8.5

Security bugfixes

  • Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz and :user:Dreamsorcerer.

    Thanks to :user:sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see GHSA-45c4-8wx5-qw6w.

    .. _llhttp: https://llhttp.org

    (#7346)

Features

  • Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

    (#7366)

Bugfixes

  • Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

    (#3355)

Changelog

Sourced from aiohttp's changelog.

3.8.5 (2023-07-19)

Security bugfixes

  • Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz and :user:Dreamsorcerer.

    Thanks to :user:sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see GHSA-45c4-8wx5-qw6w.

    .. _llhttp: https://llhttp.org

    [#7346](https://github.com/aio-libs/aiohttp/issues/7346) <https://github.com/aio-libs/aiohttp/issues/7346>_

Features

  • Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

    [#7366](https://github.com/aio-libs/aiohttp/issues/7366) <https://github.com/aio-libs/aiohttp/issues/7366>_

Bugfixes

  • Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

    [#3355](https://github.com/aio-libs/aiohttp/issues/3355) <https://github.com/aio-libs/aiohttp/issues/3355>_

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump aiohttp from 3.8.4 to 3.8.5 in /scripts/check_urls
a05a0b6 
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.4 to 3.8.5.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/v3.8.5/CHANGES.rst)
- [Commits](aio-libs/aiohttp@v3.8.4...v3.8.5)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner July 20, 2023 16:28
@dependabot dependabot bot added dependencies python Pull requests that update Python code labels Jul 20, 2023
@dependabot dependabot bot temporarily deployed to dev July 20, 2023 16:28 Inactive
@codecov
Copy link

codecov bot commented Jul 20, 2023
edited
Loading

Codecov Report

Merging #4824 (6f2d604) into master (a8b33cc) will not change coverage.
The diff coverage is n/a.

❗ Current head 6f2d604 differs from pull request most recent head 36d6460. Consider uploading reports for the commit 36d6460 to get more accurate results

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #4824   +/-   ##
=======================================
  Coverage   47.30%   47.30%           
=======================================
  Files        1736     1736           
  Lines       32058    32058           
  Branches     8045     8045           
=======================================
  Hits        15164    15164           
  Misses      16832    16832           
  Partials       62       62

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a8b33cc...36d6460. Read the comment docs.

@CrisTofani CrisTofani temporarily deployed to dev July 21, 2023 13:47 — with GitHub Actions Inactive
@pagopa-github-bot
Copy link
Collaborator

pagopa-github-bot commented Jul 21, 2023
edited
Loading

Warnings
⚠️ Please include a Pivotal story or Jira ticket at the beginning of the PR title

Example of PR titles that include pivotal stories:

  • single story: [#123456] my PR title
  • multiple stories: [#123456,#123457,#123458] my PR title

Example of PR titles that include Jira tickets:

  • single story: [PROJID-123] my PR title
  • multiple stories: [PROJID-1,PROJID-2,PROJID-3] my PR title

Generated by 🚫 dangerJS against 36d6460

@CrisTofani CrisTofani temporarily deployed to dev July 21, 2023 14:18 — with GitHub Actions Inactive
@Vangaorth Vangaorth temporarily deployed to dev July 25, 2023 09:33 — with GitHub Actions Inactive
Vangaorth
Vangaorth approved these changes Jul 25, 2023
View reviewed changes
Copy link
Contributor

@Vangaorth Vangaorth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Vangaorth Vangaorth temporarily deployed to dev July 25, 2023 09:58 — with GitHub Actions Inactive
@Vangaorth Vangaorth merged commit fa136e5 into master Jul 25, 2023
5 checks passed
@Vangaorth Vangaorth deleted the dependabot/pip/scripts/check_urls/aiohttp-3.8.5 branch July 25, 2023 10:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CrisTofani CrisTofani CrisTofani approved these changes

@Vangaorth Vangaorth Vangaorth approved these changes

Assignees
No one assigned
Labels
dependencies python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pagopa-github-bot @CrisTofani @Vangaorth