aio-libs/aiohttp - CodSpeed

aiohttp

Blog Docs Changelog

Performance History

Latest Results

Bump actions/cache from 5.0.5 to 6.0.0 (#12986) Bumps [actions/cache](https://github.com/actions/cache) from 5.0.5 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update packages, migrate to ESM by <a href="https://github.com/Samirat"><code>@Samirat</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1760">actions/cache#1760</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v6.0.0">https://github.com/actions/cache/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h3>6.0.0</h3> <ul> <li>Updated <code>@actions/cache</code> to ^6.0.1, <code>@actions/core</code> to ^3.0.1, <code>@actions/exec</code> to ^3.0.0, <code>@actions/io</code> to ^3.0.2</li> <li>Migrated to ESM module system</li> <li>Upgraded Jest to v30 and test infrastructure to be ESM compatible</li> </ul> <h3>5.0.4</h3> <ul> <li>Bump <code>minimatch</code> to v3.1.5 (fixes ReDoS via globstar patterns)</li> <li>Bump <code>undici</code> to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)</li> <li>Bump <code>fast-xml-parser</code> to v5.5.6</li> </ul> <h3>5.0.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/2c8a9bd7457de244a408f35966fab2fb45fda9c8"><code>2c8a9bd</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1760">#1760</a> from actions/samirat/esm_migration_and_package_update</li> <li><a href="https://github.com/actions/cache/commit/e9b91fdc3fea7d79165fceb79042ef45c2d51023"><code>e9b91fd</code></a> Prettier fixes</li> <li><a href="https://github.com/actions/cache/commit/e4884b8ff7f92ef6b52c79eda480bbc86e685adb"><code>e4884b8</code></a> Rebuild dist</li> <li><a href="https://github.com/actions/cache/commit/10baf0191a3c426ea0fa4a3253a5c04233b6e18f"><code>10baf01</code></a> Fixed licenses</li> <li><a href="https://github.com/actions/cache/commit/e39b386c9004d72a15d864ade8c0b3a702d47a37"><code>e39b386</code></a> Fix test mock return order</li> <li><a href="https://github.com/actions/cache/commit/b6928203372a8571ff984c0c883ef3a1adfb0c06"><code>b692820</code></a> PR feedback</li> <li><a href="https://github.com/actions/cache/commit/60749128a44d25d3c520a489e576380cf00ff3f1"><code>6074912</code></a> Rebuild dist bundles as ESM to match type:module</li> <li><a href="https://github.com/actions/cache/commit/5a912e8b4af820fa082a0e75cfd2c782f8fbfe0e"><code>5a912e8</code></a> Fix lint and jest issues</li> <li><a href="https://github.com/actions/cache/commit/b9bf592b98b6a5d0cad9929c76247de1cac78abe"><code>b9bf592</code></a> Update documentation for v6 release</li> <li><a href="https://github.com/actions/cache/commit/80f777761d0990932f64ed2740522d7226a49062"><code>80f7777</code></a> Update packages, migrate to ESM</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/v5.0.5...v6.0.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=5.0.5&new-version=6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

master

33 minutes ago

Bump actions/cache from 5.0.5 to 6.0.0 Bumps [actions/cache](https://github.com/actions/cache) from 5.0.5 to 6.0.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v5.0.5...v6.0.0) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot/github_actions/3.15/actions/cache-6.0.0

21 hours ago

Bump actions/cache from 5.0.5 to 6.0.0 Bumps [actions/cache](https://github.com/actions/cache) from 5.0.5 to 6.0.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v5.0.5...v6.0.0) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot/github_actions/actions/cache-6.0.0

21 hours ago

Bump coverage from 7.14.2 to 7.14.3 (#12982) Bumps [coverage](https://github.com/coveragepy/coveragepy) from 7.14.2 to 7.14.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst">coverage's changelog</a>.</em></p> <blockquote> <h2>Version 7.14.3 — 2026-06-22</h2> <ul> <li> <p>Fix: the default <code>...</code> exclusion rule now also matches function bodies whose closing return-type bracket is on its own line (for example, after a long <code>-> dict[ ... ]</code> annotation that a formatter has split over multiple lines). Closes <code>issue 2185</code><em>, thanks <code>Mengjia Shang <pull 2196_></code></em>.</p> </li> <li> <p>Fix: On 3.13t, we incorrectly issued <code>Couldn't import C tracer</code> errors. We can't import the C tracer because in 7.14.2 we stopped shipping compiled wheels for 3.13t. Thanks, <code>Hugo van Kemenade <pull 2203_></code>_.</p> </li> </ul> <p>.. _issue 2185: <a href="https://redirect.github.com/coveragepy/coveragepy/issues/2185">coveragepy/coveragepy#2185</a> .. _pull 2196: <a href="https://redirect.github.com/coveragepy/coveragepy/pull/2196">coveragepy/coveragepy#2196</a> .. _pull 2203: <a href="https://redirect.github.com/coveragepy/coveragepy/pull/2203">coveragepy/coveragepy#2203</a></p> <p>.. _changes_7-14-2:</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/coveragepy/coveragepy/commit/22f13eacc2258aee53198b6176db1ca89c32a12e"><code>22f13ea</code></a> docs: sample HTML for 7.14.3</li> <li><a href="https://github.com/coveragepy/coveragepy/commit/2ca4e5fe61a551fc55e48428c8140cb7d325566a"><code>2ca4e5f</code></a> docs: prep for 7.14.3</li> <li><a href="https://github.com/coveragepy/coveragepy/commit/01d714e5cb457177e999e78fde0c438283f7e4db"><code>01d714e</code></a> docs: add changelog entry for <a href="https://redirect.github.com/coveragepy/coveragepy/issues/2203">#2203</a></li> <li><a href="https://github.com/coveragepy/coveragepy/commit/f36248d7ba313734d4fcf3d6eab713b5eba2c259"><code>f36248d</code></a> fix: don't emit 'Couldn't import C tracer' warning for 3.13t (<a href="https://redirect.github.com/coveragepy/coveragepy/issues/2203">#2203</a>)</li> <li><a href="https://github.com/coveragepy/coveragepy/commit/86d73d1c4c60bdb2ea03f982cd4e33c77879ba77"><code>86d73d1</code></a> docs: thanks, Mengjia Shang</li> <li><a href="https://github.com/coveragepy/coveragepy/commit/3d4ae3cb7c77f7521d91200a1e5de13425bbdff4"><code>3d4ae3c</code></a> docs: add the <a href="https://redirect.github.com/coveragepy/coveragepy/issues/2196">#2196</a> pr link to CHANGES</li> <li><a href="https://github.com/coveragepy/coveragepy/commit/f4b2b4d35e1b7cd8f33f1ee88d354b0debeeed08"><code>f4b2b4d</code></a> fix: exclude <code>...</code> bodies after multi-line return-type annotations (<a href="https://redirect.github.com/coveragepy/coveragepy/issues/2185">#2185</a>) (#...</li> <li><a href="https://github.com/coveragepy/coveragepy/commit/1980ed0730956f0cc179e8568e1c8ee848f2d42b"><code>1980ed0</code></a> chore: bump sigstore/gh-action-sigstore-python (<a href="https://redirect.github.com/coveragepy/coveragepy/issues/2201">#2201</a>)</li> <li><a href="https://github.com/coveragepy/coveragepy/commit/bca3217a1dadf35fa1d444722ec9f05dd5819089"><code>bca3217</code></a> build: since we don't ship 3.13t, don't test it</li> <li><a href="https://github.com/coveragepy/coveragepy/commit/77550d83b2f35818a1ca8931289b81d161222031"><code>77550d8</code></a> docs: oops, mismatched pull requests</li> <li>Additional commits viewable in <a href="https://github.com/coveragepy/coveragepy/compare/7.14.2...7.14.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coverage&package-manager=pip&previous-version=7.14.2&new-version=7.14.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

master

1 day ago

Apply suggestion from @Dreamsorcerer

fix-client-leak

1 day ago

Close request body Payload on mid-upload disconnect The HTTP client did not close the request-body Payload when the body write failed part-way through (e.g. the server resets the TCP connection mid-upload). For file-backed bodies (open(path, "rb"), pathlib.Path, or FormData with a file field), the underlying OS file descriptor was leaked until garbage collection, so repeated failed uploads to a peer that disconnects mid-upload accumulate descriptors and can exhaust RLIMIT_NOFILE, denying service to the client process. This mirrors the server-side fix (Response.write_eof try/finally close) on the symmetric client path. The body is closed in ClientSession._request's terminal except BaseException handler, alongside the existing close on the success path and the redirect-abort branches. Closing here (rather than in ClientRequest._write_bytes) preserves the retry_persistent_connection path, which continues the request loop and must keep the body intact for retry. Payload.close() is idempotent, so this is safe even where abort branches already close the body.

fix-client-leak

1 day ago

Redundant check

fix-digest-auth2

1 day ago

Apply suggestion from @Dreamsorcerer

fix-digest-auth2

1 day ago

Latest Branches

0%

Bump actions/cache from 5.0.5 to 6.0.0#12987

21 hours ago

4977cab

dependabot/github_actions/3.15/actions/cache-6.0.0

0%

Bump actions/cache from 5.0.5 to 6.0.0#12986

21 hours ago

169c6db

dependabot/github_actions/actions/cache-6.0.0

0%

Close request body Payload on exception#12985

1 day ago

8ce8c69

fix-client-leak

© 2026 CodSpeed Technology

Home Terms Privacy Docs