CHANGES.rst

3.9.5 (2024-04-16)

Bug fixes

• Fixed "Unclosed client session" when initialization of :py~aiohttp.ClientSession fails -- by NewGlad.

  Related issues and pull requests on GitHub: 8253.

• Fixed regression (from 8280) with adding Content-Disposition to the form-data part after appending to writer -- by Dreamsorcerer/Olegt0rr.

  Related issues and pull requests on GitHub: 8332.

• Added default Content-Disposition in multipart/form-data responses to avoid broken form-data responses -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8335.

---

3.9.4 (2024-04-11)

Bug fixes

• The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by webknjaz.

  Related issues and pull requests on GitHub: 8089.

• Treated values of Accept-Encoding header as case-insensitive when checking for gzip files -- by steverep.

  Related issues and pull requests on GitHub: 8104.

• Improved the DNS resolution performance on cache hit -- by bdraco.

  This is achieved by avoiding an asyncio task creation in this case.

  Related issues and pull requests on GitHub: 8163.

• Changed the type annotations to allow dict on aiohttp.MultipartWriter.append, aiohttp.MultipartWriter.append_json and aiohttp.MultipartWriter.append_form -- by cakemanny

  Related issues and pull requests on GitHub: 7741.

• Ensure websocket transport is closed when client does not close it -- by bdraco.

  The transport could remain open if the client did not close it. This change ensures the transport is closed when the client does not close it.

  Related issues and pull requests on GitHub: 8200.

• Leave websocket transport open if receive times out or is cancelled -- by bdraco.

  This restores the behavior prior to the change in #7978.

  Related issues and pull requests on GitHub: 8251.

• Fixed content not being read when an upgrade request was not supported with the pure Python implementation. -- by bdraco.

  Related issues and pull requests on GitHub: 8252.

• Fixed a race condition with incoming connections during server shutdown -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8271.

• Fixed multipart/form-data compliance with 7578 -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8280.

• Fixed blocking I/O in the event loop while processing files in a POST request -- by bdraco.

  Related issues and pull requests on GitHub: 8283.

• Escaped filenames in static view -- by bdraco.

  Related issues and pull requests on GitHub: 8317.

• Fixed the pure python parser to mark a connection as closing when a response has no length -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8320.

Features

• Upgraded llhttp to 9.2.1, and started rejecting obsolete line folding in Python parser to match -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8146, 8292.

Deprecations (removal in next major release)

• Deprecated content_transfer_encoding parameter in :pyFormData.add_field() <aiohttp.FormData.add_field> -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8280.

Improved documentation

• Added a note about canceling tasks to avoid delaying server shutdown -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8267.

Contributor-facing changes

• The pull request template is now asking the contributors to answer a question about the long-term maintenance challenges they envision as a result of merging their patches -- by webknjaz.

  Related issues and pull requests on GitHub: 8099.

• Updated CI and documentation to use NPM clean install and upgrade node to version 18 -- by steverep.

  Related issues and pull requests on GitHub: 8116.

• A pytest fixture hello_txt was introduced to aid static file serving tests in test_web_sendfile_functional.py. It dynamically provisions hello.txt file variants shared across the tests in the module.

  -- by steverep

  Related issues and pull requests on GitHub: 8136.

Packaging updates and notes for downstreams

• Added an internal pytest marker for tests which should be skipped by packagers (use -m 'not internal' to disable them) -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8299.

---

3.9.3 (2024-01-29)

Bug fixes

• Fixed backwards compatibility breakage (in 3.9.2) of ssl parameter when set outside of ClientSession (e.g. directly in TCPConnector) -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 8097, 8098.

Miscellaneous internal changes

• Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures.

  Related issues and pull requests on GitHub: 3957.

---

3.9.2 (2024-01-28)

Bug fixes

• Fixed server-side websocket connection leak.

  Related issues and pull requests on GitHub: 7978.

• Fixed web.FileResponse doing blocking I/O in the event loop.

  Related issues and pull requests on GitHub: 8012.

• Fixed double compress when compression enabled and compressed file exists in server file responses.

  Related issues and pull requests on GitHub: 8014.

• Added runtime type check for ClientSession timeout parameter.

  Related issues and pull requests on GitHub: 8021.

• Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by pajod.

  Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with 9110#section-5.6.2 and are not known to be of any legitimate use.

  Related issues and pull requests on GitHub: 8074.

• Improved validation of paths for static resources requests to the server -- by bdraco.

  Related issues and pull requests on GitHub: 8079.

Features

• Added support for passing :pyTrue to ssl parameter in ClientSession while deprecating :pyNone -- by xiangyan99.

  Related issues and pull requests on GitHub: 7698.

Breaking changes

• Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon -- by pajod.

  Invalid request lines with anything but a dot between the HTTP major and minor version are now rejected. Invalid header field names containing question mark or slash are now rejected. Such requests are incompatible with 9110#section-5.6.2 and are not known to be of any legitimate use.

  Related issues and pull requests on GitHub: 8074.

Improved documentation

• Fixed examples of fallback_charset_resolver function in the client_advanced document. -- by henry0312.

  Related issues and pull requests on GitHub: 7995.

• The Sphinx setup was updated to avoid showing the empty changelog draft section in the tagged release documentation builds on Read The Docs -- by webknjaz.

  Related issues and pull requests on GitHub: 8067.

Packaging updates and notes for downstreams

• The changelog categorization was made clearer. The contributors can now mark their fragment files more accurately -- by webknjaz.

  The new category tags are:

  • bugfix
  • feature
  • deprecation
  • breaking (previously, removal)
  • doc
  • packaging
  • contrib
  • misc

  Related issues and pull requests on GitHub: 8066.

Contributor-facing changes

• Updated contributing/Tests coverage <aiohttp-contributing> section to show how we use codecov -- by Dreamsorcerer.

  Related issues and pull requests on GitHub: 7916.

• The changelog categorization was made clearer. The contributors can now mark their fragment files more accurately -- by webknjaz.

  The new category tags are:

  • bugfix
  • feature
  • deprecation
  • breaking (previously, removal)
  • doc
  • packaging
  • contrib
  • misc

  Related issues and pull requests on GitHub: 8066.

Miscellaneous internal changes

• Replaced all tmpdir fixtures with tmp_path in test suite.

  Related issues and pull requests on GitHub: 3551.

---

3.9.1 (2023-11-26)

Bugfixes

• Fixed importing aiohttp under PyPy on Windows.

  #7848

• Fixed async concurrency safety in websocket compressor.

  #7865

• Fixed ClientResponse.close() releasing the connection instead of closing.

  #7869

• Fixed a regression where connection may get closed during upgrade. -- by Dreamsorcerer

  #7879

• Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by Dreamsorcerer

  #7895

---

3.9.0 (2023-11-18)

Features

• Introduced AppKey for static typing support of Application storage. See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config

  #5864

• Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called. The period can be adjusted with the shutdown_timeout parameter. -- by Dreamsorcerer. See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown

  #7188

• Added handler_cancellation parameter to cancel web handler on client disconnection. -- by mosquito This (optionally) reintroduces a feature removed in a previous release. Recommended for those looking for an extra level of protection against denial-of-service attacks.

  #7056

• Added support for setting response header parameters max_line_size and max_field_size.

  #2304

• Added auto_decompress parameter to ClientSession.request to override ClientSession._auto_decompress. -- by Daste745

  #3751

• Changed raise_for_status to allow a coroutine.

  #3892

• Added client brotli compression support (optional with runtime check).

  #5219

• Added client_max_size to BaseRequest.clone() to allow overriding the request body size. -- anesabml.

  #5704

• Added a middleware type alias aiohttp.typedefs.Middleware.

  #5898

• Exported HTTPMove which can be used to catch any redirection request that has a location -- dreamsorcerer.

  #6594

• Changed the path parameter in web.run_app() to accept a pathlib.Path object.

  #6839

• Performance: Skipped filtering CookieJar when the jar is empty or all cookies have expired.

  #7819

• Performance: Only check origin if insecure scheme and there are origins to treat as secure, in CookieJar.filter_cookies().

  #7821

• Performance: Used timestamp instead of datetime to achieve faster cookie expiration in CookieJar.

  #7824

• Added support for passing a custom server name parameter to HTTPS connection.

  #7114

• Added support for using Basic Auth credentials from .netrc file when making HTTP requests with the :py~aiohttp.ClientSession trust_env argument is set to True. -- by yuvipanda.

  #7131

• Turned access log into no-op when the logger is disabled.

  #7240

• Added typing information to RawResponseMessage. -- by Gobot1234

  #7365

• Removed async-timeout for Python 3.11+ (replaced with asyncio.timeout() on newer releases).

  #7502

• Added support for brotlicffi as an alternative to brotli (fixing Brotli support on PyPy).

  #7611

• Added WebSocketResponse.get_extra_info() to access a protocol transport's extra info.

  #7078

• Allow link argument to be set to None/empty in HTTP 451 exception.

  #7689

Bugfixes

• Implemented stripping the trailing dots from fully-qualified domain names in Host headers and TLS context when acting as an HTTP client. This allows the client to connect to URLs with FQDN host name like https://example.com./. -- by martin-sucha.

  #3636

• Fixed client timeout not working when incoming data is always available without waiting. -- by Dreamsorcerer.

  #5854

• Fixed readuntil to work with a delimiter of more than one character.

  #6701

• Added __repr__ to EmptyStreamReader to avoid AttributeError.

  #6916

• Fixed bug when using TCPConnector with ttl_dns_cache=0.

  #7014

• Fixed response returned from expect handler being thrown away. -- by Dreamsorcerer

  #7025

• Avoided raising UnicodeDecodeError in multipart and in HTTP headers parsing.

  #7044

• Changed sock_read timeout to start after writing has finished, avoiding read timeouts caused by an unfinished write. -- by dtrifiro

  #7149

• Fixed missing query in tracing method URLs when using yarl 1.9+.

  #7259

• Changed max 32-bit timestamp to an aware datetime object, for consistency with the non-32-bit one, and to avoid a DeprecationWarning on Python 3.12.

  #7302

• Fixed EmptyStreamReader.iter_chunks() never ending. -- by mind1m

  #7616

• Fixed a rare RuntimeError: await wasn't used with future exception. -- by stalkerg

  #7785

• Fixed issue with insufficient HTTP method and version validation.

  #7700

• Added check to validate that absolute URIs have schemes.

  #7712

• Fixed unhandled exception when Python HTTP parser encounters unpaired Unicode surrogates.

  #7715

• Updated parser to disallow invalid characters in header field names and stop accepting LF as a request line separator.

  #7719

• Fixed Python HTTP parser not treating 204/304/1xx as an empty body.

  #7755

• Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3.

  #7756

• Fixed an issue when a client request is closed before completing a chunked payload. -- by Dreamsorcerer

  #7764

• Edge Case Handling for ResponseParser for missing reason value.

  #7776

• Fixed ClientWebSocketResponse.close_code being erroneously set to None when there are concurrent async tasks receiving data and closing the connection.

  #7306

• Added HTTP method validation.

  #6533

• Fixed arbitrary sequence types being allowed to inject values via version parameter. -- by Dreamsorcerer

  #7835

• Performance: Fixed increase in latency with small messages from websocket compression changes.

  #7797

Improved Documentation

• Fixed the ClientResponse.release's type in the doc. Changed from comethod to method.

  #5836

• Added information on behavior of base_url parameter in ClientSession.

  #6647

• Fixed ClientResponseError docs.

  #6700

• Updated Redis code examples to follow the latest API.

  #6907

• Added a note about possibly needing to update headers when using on_response_prepare. -- by Dreamsorcerer

  #7283

• Completed trust_env parameter description to honor wss_proxy, ws_proxy or no_proxy env.

  #7325

• Expanded SSL documentation with more examples (e.g. how to use certifi). -- by Dreamsorcerer

  #7334

• Fix, update, and improve client exceptions documentation.

  #7733

Deprecations and Removals

• Added shutdown_timeout parameter to BaseRunner, while deprecating shutdown_timeout parameter from BaseSite. -- by Dreamsorcerer

  #7718

• Dropped Python 3.6 support.

  #6378

• Dropped Python 3.7 support. -- by Dreamsorcerer

  #7336

• Removed support for abandoned tokio event loop. -- by Dreamsorcerer

  #7281

Misc

• Made print argument in run_app() optional.

  #3690

• Improved performance of ceil_timeout in some cases.

  #6316

• Changed importing Gunicorn to happen on-demand, decreasing import time by ~53%. -- Dreamsorcerer

  #6591

• Improved import time by replacing http.server with http.HTTPStatus.

  #6903

• Fixed annotation of ssl parameter to disallow True. -- by Dreamsorcerer.

  #7335

---

3.8.6 (2023-10-07)

Security bugfixes

• Upgraded the vendored copy of llhttp to v9.1.3 -- by Dreamsorcerer

  Thanks to kenballus for reporting this, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9.

  #7647

• Updated Python parser to comply with RFCs 9110/9112 -- by Dreamorcerer

  Thanks to kenballus for reporting this, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg.

  #7663

Deprecation

• Added fallback_charset_resolver parameter in ClientSession to allow a user-supplied character set detection function.

  Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use fallback_charset_resolver.

  #7561

Features

• Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by Dreamsorcerer

  #7490

Bugfixes

• Fixed PermissionError when .netrc is unreadable due to permissions.

  #7237

• Fixed output of parsing errors pointing to a \n. -- by Dreamsorcerer

  #7468

• Fixed GunicornWebWorker max_requests_jitter not working.

  #7518

• Fixed sorting in filter_cookies to use cookie with longest path. -- by marq24.

  #7577

• Fixed display of BadStatusLine messages from llhttp. -- by Dreamsorcerer

  #7651

---

3.8.5 (2023-07-19)

Security bugfixes

• Upgraded the vendored copy of llhttp to v8.1.1 -- by webknjaz and Dreamsorcerer.

  Thanks to sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w.

  #7346

Features

• Added information to C parser exceptions to show which character caused the error. -- by Dreamsorcerer

  #7366

Bugfixes

• Fixed a transport is None error -- by Dreamsorcerer.

  #3355

---

3.8.4 (2023-02-12)

Bugfixes

• Fixed incorrectly overwriting cookies with the same name and domain, but different path. #6638
• Fixed ConnectionResetError not being raised after client disconnection in SSL environments. #7180

---

3.8.3 (2022-09-21)

Attention

This is the last aiohttp <index> release tested under Python 3.6. The 3.9 stream is dropping it from the CI and the distribution package metadata.

Bugfixes

• Increased the upper boundary of the multidict:index dependency to allow for the version 6 -- by hugovk.

  It used to be limited below version 7 in aiohttp <index> v3.8.1 but was lowered in v3.8.2 via 6550 and never brought back, causing problems with dependency pins when upgrading. aiohttp <index> v3.8.3 fixes that by recovering the original boundary of < 7. #6950

---

3.8.2 (2022-09-20, subsequently yanked on 2022-09-21)

Bugfixes

• Support registering OPTIONS HTTP method handlers via RouteTableDef. #4663
• Started supporting authority-form and absolute-form URLs on the server-side. #6227
• Fix Python 3.11 alpha incompatibilities by using Cython 0.29.25 #6396
• Remove a deprecated usage of pytest.warns(None) #6663
• Fix regression where asyncio.CancelledError occurs on client disconnection. #6719

• Export :py~aiohttp.web.PrefixedSubAppResource under :pyaiohttp.web -- by Dreamsorcerer.

  This fixes a regression introduced by 3469. #6889

• Dropped the object type possibility from the :pyaiohttp.ClientSession.timeout property return type declaration. #6917, #6923

Improved Documentation

• Added clarification on configuring the app object with settings such as a db connection. #4137
• Edited the web.run_app declaration. #6401
• Dropped the object type possibility from the :pyaiohttp.ClientSession.timeout property return type declaration. #6917, #6923

Deprecations and Removals

• Drop Python 3.5 support, aiohttp works on 3.6+ now. #4046

Misc

• #6369, #6399, #6550, #6708, #6757, #6857, #6872

---

3.8.1 (2021-11-14)

Bugfixes

• Fix the error in handling the return value of getaddrinfo. getaddrinfo will return an (int, bytes) tuple, if CPython could not handle the address family. It will cause an index out of range error in aiohttp. For example, if user compile CPython with --disable-ipv6 option, but his system enable the ipv6. #5901
• Do not install "examples" as a top-level package. #6189
• Restored ability to connect IPv6-only host. #6195
• Remove Signal from __all__, replace aiohttp.Signal with aiosignal.Signal in docs #6201
• Made chunked encoding HTTP header check stricter. #6305

Improved Documentation

• update quick starter demo codes. #6240
• Added an explanation of how tiny timeouts affect performance to the client reference document. #6274
• Add flake8-docstrings to flake8 configuration, enable subset of checks. #6276
• Added information on running complex applications with additional tasks/processes -- Dreamsorcerer. #6278

Misc

• #6205

---

3.8.0 (2021-10-31)

Features

• Added a GunicornWebWorker feature for extending the aiohttp server configuration by allowing the 'wsgi' coroutine to return web.AppRunner object. #2988
• Switch from http-parser to llhttp #3561
• Use Brotli instead of brotlipy #3803
• Disable implicit switch-back to pure python mode. The build fails loudly if aiohttp cannot be compiled with C Accelerators. Use AIOHTTP_NO_EXTENSIONS=1 to explicitly disable C Extensions complication and switch to Pure-Python mode. Note that Pure-Python mode is significantly slower than compiled one. #3828
• Make access log use local time with timezone #3853
• Implemented readuntil in StreamResponse #4054
• FileResponse now supports ETag. #4594
• Add a request handler type alias aiohttp.typedefs.Handler. #4686

• AioHTTPTestCase is more async friendly now.

  For people who use unittest and are used to use :py~unittest.TestCase it will be easier to write new test cases like the sync version of the :py~unittest.TestCase class, without using the decorator @unittest_run_loop, just async def test_*. The only difference is that for the people using python3.7 and below a new dependency is needed, it is asynctestcase. #4700

• Add validation of HTTP header keys and values to prevent header injection. #4818
• Add predicate to AbstractCookieJar.clear. Add AbstractCookieJar.clear_domain to clean all domain and subdomains cookies only. #4942
• Add keepalive_timeout parameter to web.run_app. #5094
• Tracing for client sent headers #5105
• Make type hints for http parser stricter #5267
• Add final declarations for constants. #5275
• Switch to external frozenlist and aiosignal libraries. #5293

• Don't send secure cookies by insecure transports.

  By default, the transport is secure if https or wss scheme is used. Use CookieJar(treat_as_secure_origin="http://127.0.0.1") to override the default security checker. #5571

• Always create a new event loop in aiohttp.web.run_app(). This adds better compatibility with asyncio.run() or if trying to run multiple apps in sequence. #5572
• Add aiohttp.pytest_plugin.AiohttpClient for static typing of pytest plugin. #5585
• Added a socket_factory argument to BaseTestServer. #5844
• Add compression strategy parameter to enable_compression method. #5909
• Added support for Python 3.10 to Github Actions CI/CD workflows and fix the related deprecation warnings -- Hanaasagi. #5927
• Switched chardet to charset-normalizer for guessing the HTTP payload body encoding -- Ousret. #5930
• Added optional auto_decompress argument for HttpRequestParser #5957
• Added support for HTTPS proxies to the extent CPython's :pyasyncio supports it -- by bmbouter, jborean93 and webknjaz. #5992
• Added base_url parameter to the initializer of ~aiohttp.ClientSession. #6013
• Add Trove classifier and create binary wheels for 3.10. -- hugovk. #6079
• Started shipping platform-specific wheels with the musl tag targeting typical Alpine Linux runtimes — asvetlov. #6139
• Started shipping platform-specific arm64 wheels for Apple Silicon — asvetlov. #6139

Bugfixes

• Modify _drain_helper() to handle concurrent await resp.write(...) or ws.send_json(...) calls without race-condition. #2934
• Started using MultiLoopChildWatcher when it's available under POSIX while setting up the test I/O loop. #3450
• Only encode content-disposition filename parameter using percent-encoding. Other parameters are encoded to quoted-string or RFC2231 extended parameter value. #4012
• Fixed HTTP client requests to honor no_proxy environment variables. #4431
• Fix supporting WebSockets proxies configured via environment variables. #4648
• Change return type on URLDispatcher to UrlMappingMatchInfo to improve type annotations. #4748
• Ensure a cleanup context is cleaned up even when an exception occurs during startup. #4799
• Added a new exception type for Unix socket client errors which provides a more useful error message. #4984
• Remove Transfer-Encoding and Content-Type headers for 204 in StreamResponse #5106
• Only depend on typing_extensions for Python <3.8 #5107
• Add ABNORMAL_CLOSURE and BAD_GATEWAY to WSCloseCode #5192
• Fix cookies disappearing from HTTPExceptions. #5233
• StaticResource prefixes no longer match URLs with a non-folder prefix. For example routes.static('/foo', '/foo') no longer matches the URL /foobar. Previously, this would attempt to load the file /foo/ar. #5250
• Acquire the connection before running traces to prevent race condition. #5259
• Add missing slots to `_RequestContextManager and _WSRequestContextManager #5329
• Ensure sending a zero byte file does not throw an exception (round 2) #5380
• Set "text/plain" when data is an empty string in client requests. #5392
• Stop automatically releasing the ClientResponse object on calls to the ok property for the failed requests. #5403
• Include query parameters from params keyword argument in tracing URL. #5432
• Fix annotations #5466
• Fixed the multipart POST requests processing to always release file descriptors for the tempfile.Temporaryfile-created _io.BufferedRandom instances of files sent within multipart request bodies via HTTP POST requests -- by webknjaz. #5494
• Fix 0 being incorrectly treated as an immediate timeout. #5527
• Fixes failing tests when an environment variable <scheme>_proxy is set. #5554
• Replace deprecated app handler design in tests/autobahn/server.py with call to web.run_app; replace deprecated aiohttp.ws_connect calls in tests/autobahn/client.py with aiohttp.ClienSession.ws_connect. #5606
• Fixed test for HTTPUnauthorized that access the text argument. This is not used in any part of the code, so it's removed now. #5657
• Remove incorrect default from docs #5727
• Remove external test dependency to http://httpbin.org #5840
• Don't cancel current task when entering a cancelled timer. #5853
• Added params keyword argument to ClientSession.ws_connect. -- hoh. #5868
• Uses :py~asyncio.ThreadedChildWatcher under POSIX to allow setting up test loop in non-main thread. #5877
• Fix the error in handling the return value of getaddrinfo. getaddrinfo will return an (int, bytes) tuple, if CPython could not handle the address family. It will cause a index out of range error in aiohttp. For example, if user compile CPython with --disable-ipv6 option but his system enable the ipv6. #5901
• Removed the deprecated loop argument from the asyncio.sleep/gather calls #5905
• Return None from request.if_modified_since, request.if_unmodified_since, request.if_range and response.last_modified when corresponding http date headers are invalid. #5925
• Fix resetting SIGCHLD signals in Gunicorn aiohttp Worker to fix subprocesses that capture output having an incorrect returncode. #6130
• Raise 400: Content-Length can't be present with Transfer-Encoding if both Content-Length and Transfer-Encoding are sent by peer by both C and Python implementations #6182

Improved Documentation

• Refactored OpenAPI/Swagger aiohttp addons, added aio-openapi #5326
• Fixed docs on request cookies type, so it matches what is actually used in the code (a read-only dictionary-like object). #5725
• Documented that the HTTP client Authorization header is removed on redirects to a different host or protocol. #5850

Misc

• #3927, #4247, #4247, #5389, #5457, #5486, #5494, #5515, #5625, #5635, #5648, #5657, #5890, #5914, #5932, #6002, #6045, #6131, #6156, #6165, #6166

---

3.7.4.post0 (2021-03-06)

Misc

• Bumped upper bound of the chardet runtime dependency to allow their v4.0 version stream. #5366

---

3.7.4 (2021-02-25)

Bugfixes

• (SECURITY BUG) Started preventing open redirects in the aiohttp.web.normalize_path_middleware middleware. For more details, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg.

  Thanks to Beast Glatisant for finding the first instance of this issue and Jelmer Vernooij for reporting and tracking it down in aiohttp. #5497

• Fix interpretation difference of the pure-Python and the Cython-based HTTP parsers construct a yarl.URL object for HTTP request-target.

  Before this fix, the Python parser would turn the URI's absolute-path for //some-path into / while the Cython code preserved it as //some-path. Now, both do the latter. #5498

---

3.7.3 (2020-11-18)

Features

• Use Brotli instead of brotlipy #3803
• Made exceptions pickleable. Also changed the repr of some exceptions. #4077

Bugfixes

• Raise a ClientResponseError instead of an AssertionError for a blank HTTP Reason Phrase. #3532
• Fix web_middlewares.normalize_path_middleware behavior for patch without slash. #3669
• Fix overshadowing of overlapped sub-applications prefixes. #3701
• Make BaseConnector.close() a coroutine and wait until the client closes all connections. Drop deprecated "with Connector():" syntax. #3736
• Reset the sock_read timeout each time data is received for a aiohttp.client response. #3808
• Fixed type annotation for add_view method of UrlDispatcher to accept any subclass of View #3880
• Fixed querying the address families from DNS that the current host supports. #5156
• Change return type of MultipartReader.__aiter__() and BodyPartReader.__aiter__() to AsyncIterator. #5163
• Provide x86 Windows wheels. #5230

Improved Documentation

• Add documentation for aiohttp.web.FileResponse. #3958
• Removed deprecation warning in tracing example docs #3964
• Fixed wrong "Usage" docstring of aiohttp.client.request. #4603
• Add aiohttp-pydantic to third party libraries #5228

Misc

• #4102

---

3.7.2 (2020-10-27)

Bugfixes

• Fixed static files handling for loops without .sendfile() support #5149

---

3.7.1 (2020-10-25)

Bugfixes

• Fixed a type error caused by the conditional import of Protocol. #5111
• Server doesn't send Content-Length for 1xx or 204 #4901
• Fix run_app typing #4957
• Always require typing_extensions library. #5107
• Fix a variable-shadowing bug causing ThreadedResolver.resolve to return the resolved IP as the hostname in each record, which prevented validation of HTTPS connections. #5110
• Added annotations to all public attributes. #5115
• Fix flaky test_when_timeout_smaller_second #5116
• Ensure sending a zero byte file does not throw an exception #5124
• Fix a bug in web.run_app() about Python version checking on Windows #5127

---

3.7.0 (2020-10-24)

Features

• Response headers are now prepared prior to running on_response_prepare hooks, directly before headers are sent to the client. #1958
• Add a quote_cookie option to CookieJar, a way to skip quotation wrapping of cookies containing special characters. #2571
• Call AccessLogger.log with the current exception available from sys.exc_info(). #3557
• web.UrlDispatcher.add_routes and web.Application.add_routes return a list of registered AbstractRoute instances. AbstractRouteDef.register (and all subclasses) return a list of registered resources registered resource. #3866
• Added properties of default ClientSession params to ClientSession class so it is available for introspection #3882
• Don't cancel web handler on peer disconnection, raise OSError on reading/writing instead. #4080
• Implement BaseRequest.get_extra_info() to access a protocol transports' extra info. #4189
• Added ClientSession.timeout property. #4191
• allow use of SameSite in cookies. #4224
• Use loop.sendfile() instead of custom implementation if available. #4269
• Apply SO_REUSEADDR to test server's socket. #4393
• Use .raw_host instead of slower .host in client API #4402
• Allow configuring the buffer size of input stream by passing read_bufsize argument. #4453
• Pass tests on Python 3.8 for Windows. #4513
• Add method and url attributes to TraceRequestChunkSentParams and TraceResponseChunkReceivedParams. #4674
• Add ClientResponse.ok property for checking status code under 400. #4711
• Don't ceil timeouts that are smaller than 5 seconds. #4850
• TCPSite now listens by default on all interfaces instead of just IPv4 when None is passed in as the host. #4894
• Bump http_parser to 2.9.4 #5070

Bugfixes

• Fix keepalive connections not being closed in time #3296
• Fix failed websocket handshake leaving connection hanging. #3380
• Fix tasks cancellation order on exit. The run_app task needs to be cancelled first for cleanup hooks to run with all tasks intact. #3805
• Don't start heartbeat until _writer is set #4062
• Fix handling of multipart file uploads without a content type. #4089
• Preserve view handler function attributes across middlewares #4174
• Fix the string representation of ServerDisconnectedError. #4175
• Raising RuntimeError when trying to get encoding from not read body #4214
• Remove warning messages from noop. #4282
• Raise ClientPayloadError if FormData re-processed. #4345
• Fix a warning about unfinished task in web_protocol.py #4408
• Fixed 'deflate' compression. According to RFC 2616 now. #4506
• Fixed OverflowError on platforms with 32-bit time_t #4515
• Fixed request.body_exists returns wrong value for methods without body. #4528
• Fix connecting to link-local IPv6 addresses. #4554
• Fix a problem with connection waiters that are never awaited. #4562

• Always make sure transport is not closing before reuse a connection.

  Reuse a protocol based on keepalive in headers is unreliable. For example, uWSGI will not support keepalive even it serves a HTTP 1.1 request, except explicitly configure uWSGI with a --http-keepalive option.

  Servers designed like uWSGI could cause aiohttp intermittently raise a ConnectionResetException when the protocol poll runs out and some protocol is reused. #4587

• Handle the last CRLF correctly even if it is received via separate TCP segment. #4630
• Fix the register_resource function to validate route name before splitting it so that route name can include python keywords. #4691
• Improve typing annotations for web.Request, aiohttp.ClientResponse and multipart module. #4736
• Fix resolver task is not awaited when connector is cancelled #4795
• Fix a bug "Aiohttp doesn't return any error on invalid request methods" #4798
• Fix HEAD requests for static content. #4809
• Fix incorrect size calculation for memoryview #4890
• Add HTTPMove to _all__. #4897
• Fixed the type annotations in the tracing module. #4912
• Fix typing for multipart __aiter__. #4931
• Fix for race condition on connections in BaseConnector that leads to exceeding the connection limit. #4936
• Add forced UTF-8 encoding for application/rdap+json responses. #4938
• Fix inconsistency between Python and C http request parsers in parsing pct-encoded URL. #4972
• Fix connection closing issue in HEAD request. #5012
• Fix type hint on BaseRunner.addresses (from List[str] to List[Any]) #5086
• Make web.run_app() more responsive to Ctrl+C on Windows for Python < 3.8. It slightly increases CPU load as a side effect. #5098

Improved Documentation

• Fix example code in client quick-start #3376
• Updated the docs so there is no contradiction in ttl_dns_cache default value #3512
• Add 'Deploy with SSL' to docs. #4201
• Change typing of the secure argument on StreamResponse.set_cookie from Optional[str] to Optional[bool] #4204
• Changes ttl_dns_cache type from int to Optional[int]. #4270
• Simplify README hello word example and add a documentation page for people coming from requests. #4272
• Improve some code examples in the documentation involving websockets and starting a simple HTTP site with an AppRunner. #4285
• Fix typo in code example in Multipart docs #4312
• Fix code example in Multipart section. #4314
• Update contributing guide so new contributors read the most recent version of that guide. Update command used to create test coverage reporting. #4810
• Spelling: Change "canonize" to "canonicalize". #4986
• Add aiohttp-sse-client library to third party usage list. #5084

Misc

• #2856, #4218, #4250

---

3.6.3 (2020-10-12)

Bugfixes

• Pin yarl to <1.6.0 to avoid buggy behavior that will be fixed by the next aiohttp release.

3.6.2 (2019-10-09)

Features

• Made exceptions pickleable. Also changed the repr of some exceptions. #4077
• Use Iterable type hint instead of Sequence for Application middleware parameter. #4125

Bugfixes

• Reset the sock_read timeout each time data is received for a aiohttp.ClientResponse. #3808
• Fix handling of expired cookies so they are not stored in CookieJar. #4063
• Fix misleading message in the string representation of ClientConnectorError; self.ssl == None means default SSL context, not SSL disabled #4097
• Don't clobber HTTP status when using FileResponse. #4106

Improved Documentation

• Added minimal required logging configuration to logging documentation. #2469
• Update docs to reflect proxy support. #4100
• Fix typo in code example in testing docs. #4108

Misc

• #4102

---

3.6.1 (2019-09-19)

Features

• Compatibility with Python 3.8. #4056

Bugfixes

• correct some exception string format #4068
• Emit a warning when ssl.OP_NO_COMPRESSION is unavailable because the runtime is built against an outdated OpenSSL. #4052
• Update multidict requirement to >= 4.5 #4057

Improved Documentation

• Provide pytest-aiohttp namespace for pytest fixtures in docs. #3723

---

3.6.0 (2019-09-06)

Features

• Add support for Named Pipes (Site and Connector) under Windows. This feature requires Proactor event loop to work. #3629
• Removed Transfer-Encoding: chunked header from websocket responses to be compatible with more http proxy servers. #3798
• Accept non-GET request for starting websocket handshake on server side. #3980

Bugfixes

• Raise a ClientResponseError instead of an AssertionError for a blank HTTP Reason Phrase. #3532
• Fix an issue where cookies would sometimes not be set during a redirect. #3576

• Change normalize_path_middleware to use '308 Permanent Redirect' instead of 301.

  This behavior should prevent clients from being unable to use PUT/POST methods on endpoints that are redirected because of a trailing slash. #3579

• Drop the processed task from all_tasks() list early. It prevents logging about a task with unhandled exception when the server is used in conjunction with asyncio.run(). #3587
• Signal type annotation changed from Signal[Callable[['TraceConfig'], Awaitable[None]]] to Signal[Callable[ClientSession, SimpleNamespace, ...]. #3595
• Use sanitized URL as Location header in redirects #3614
• Improve typing annotations for multipart.py along with changes required by mypy in files that references multipart.py. #3621
• Close session created inside aiohttp.request when unhandled exception occurs #3628
• Cleanup per-chunk data in generic data read. Memory leak fixed. #3631
• Use correct type for add_view and family #3633
• Fix _keepalive field in __slots__ of RequestHandler. #3644
• Properly handle ConnectionResetError, to silence the "Cannot write to closing transport" exception when clients disconnect uncleanly. #3648
• Suppress pytest warnings due to test_utils classes #3660
• Fix overshadowing of overlapped sub-application prefixes. #3701
• Fixed return type annotation for WSMessage.json() #3720
• Properly expose TooManyRedirects publicly as documented. #3818
• Fix missing brackets for IPv6 in proxy CONNECT request #3841
• Make the signature of aiohttp.test_utils.TestClient.request match asyncio.ClientSession.request according to the docs #3852
• Use correct style for re-exported imports, makes mypy --strict mode happy. #3868
• Fixed type annotation for add_view method of UrlDispatcher to accept any subclass of View #3880
• Made cython HTTP parser set Reason-Phrase of the response to an empty string if it is missing. #3906
• Add URL to the string representation of ClientResponseError. #3959
• Accept istr keys in LooseHeaders type hints. #3976
• Fixed race conditions in _resolve_host caching and throttling when tracing is enabled. #4013
• For URLs like "unix://localhost/..." set Host HTTP header to "localhost" instead of "localhost:None". #4039

Improved Documentation

• Modify documentation for Background Tasks to remove deprecated usage of event loop. #3526
• use if __name__ == '__main__': in server examples. #3775
• Update documentation reference to the default access logger. #3783
• Improve documentation for web.BaseRequest.path and web.BaseRequest.raw_path. #3791
• Removed deprecation warning in tracing example docs #3964

---

3.5.4 (2019-01-12)

Bugfixes

• Fix stream .read() / .readany() / .iter_any() which used to return a partial content only in case of compressed content #3525

3.5.3 (2019-01-10)

Bugfixes

• Fix type stubs for aiohttp.web.run_app(access_log=True) and fix edge case of access_log=True and the event loop being in debug mode. #3504
• Fix aiohttp.ClientTimeout type annotations to accept None for fields #3511
• Send custom per-request cookies even if session jar is empty #3515
• Restore Linux binary wheels publishing on PyPI

---

3.5.2 (2019-01-08)

Features

• FileResponse from web_fileresponse.py uses a ThreadPoolExecutor to work with files asynchronously. I/O based payloads from payload.py uses a ThreadPoolExecutor to work with I/O objects asynchronously. #3313
• Internal Server Errors in plain text if the browser does not support HTML. #3483

Bugfixes

• Preserve MultipartWriter parts headers on write. Refactor the way how Payload.headers are handled. Payload instances now always have headers and Content-Type defined. Fix Payload Content-Disposition header reset after initial creation. #3035
• Log suppressed exceptions in GunicornWebWorker. #3464
• Remove wildcard imports. #3468
• Use the same task for app initialization and web server handling in gunicorn workers. It allows to use Python3.7 context vars smoothly. #3471
• Fix handling of chunked+gzipped response when first chunk does not give uncompressed data #3477
• Replace collections.MutableMapping with collections.abc.MutableMapping to avoid a deprecation warning. #3480
• Payload.size type annotation changed from Optional[float] to Optional[int]. #3484
• Ignore done tasks when cancels pending activities on web.run_app finalization. #3497

Improved Documentation

• Add documentation for aiohttp.web.HTTPException. #3490

Misc

• #3487

---

3.5.1 (2018-12-24)

• Fix a regression about ClientSession._requote_redirect_url modification in debug mode.

3.5.0 (2018-12-22)

Features

• The library type annotations are checked in strict mode now.
• Add support for setting cookies for individual request (#2387)
• Application.add_domain implementation (#2809)
• The default app in the request returned by test_utils.make_mocked_request can now have objects assigned to it and retrieved using the [] operator. (#3174)
• Make request.url accessible when transport is closed. (#3177)
• Add zlib_executor_size argument to Response constructor to allow compression to run in a background executor to avoid blocking the main thread and potentially triggering health check failures. (#3205)
• Enable users to set ClientTimeout in aiohttp.request (#3213)
• Don't raise a warning if NETRC environment variable is not set and ~/.netrc file doesn't exist. (#3267)
• Add default logging handler to web.run_app If the Application.debug flag is set and the default logger aiohttp.access is used, access logs will now be output using a *stderr* StreamHandler if no handlers are attached. Furthermore, if the default logger has no log level set, the log level will be set to DEBUG. (#3324 <#3324>`_)
• Add method argument to session.ws_connect(). Sometimes server API requires a different HTTP method for WebSocket connection establishment. For example, Docker exec needs POST. (#3378)
• Create a task per request handling. (#3406)

Bugfixes

• Enable passing access_log_class via handler_args (#3158)
• Return empty bytes with end-of-chunk marker in empty stream reader. (#3186)
• Accept CIMultiDictProxy instances for headers argument in web.Response constructor. (#3207)
• Don't uppercase HTTP method in parser (#3233)
• Make method match regexp RFC-7230 compliant (#3235)
• Add app.pre_frozen state to properly handle startup signals in sub-applications. (#3237)
• Enhanced parsing and validation of helpers.BasicAuth.decode. (#3239)
• Change imports from collections module in preparation for 3.8. (#3258)
• Ensure Host header is added first to ClientRequest to better replicate browser (#3265)
• Fix forward compatibility with Python 3.8: importing ABCs directly from the collections module will not be supported anymore. (#3273)
• Keep the query string by normalize_path_middleware. (#3278)
• Fix missing parameter raise_for_status for aiohttp.request() (#3290)
• Bracket IPv6 addresses in the HOST header (#3304)
• Fix default message for server ping and pong frames. (#3308)
• Fix tests/test_connector.py typo and tests/autobahn/server.py duplicate loop def. (#3337)
• Fix false-negative indicator end_of_HTTP_chunk in StreamReader.readchunk function (#3361)
• Release HTTP response before raising status exception (#3364)
• Fix task cancellation when sendfile() syscall is used by static file handling. (#3383)
• Fix stack trace for asyncio.TimeoutError which was not logged, when it is caught in the handler. (#3414)

Improved Documentation

• Improve documentation of Application.make_handler parameters. (#3152)
• Fix BaseRequest.raw_headers doc. (#3215)
• Fix typo in TypeError exception reason in web.Application._handle (#3229)
• Make server access log format placeholder %b documentation reflect behavior and docstring. (#3307)

Deprecations and Removals

• Deprecate modification of session.requote_redirect_url (#2278)
• Deprecate stream.unread_data() (#3260)
• Deprecated use of boolean in resp.enable_compression() (#3318)
• Encourage creation of aiohttp public objects inside a coroutine (#3331)
• Drop dead Connection.detach() and Connection.writer. Both methods were broken for more than 2 years. (#3358)
• Deprecate app.loop, request.loop, client.loop and connector.loop properties. (#3374)
• Deprecate explicit debug argument. Use asyncio debug mode instead. (#3381)
• Deprecate body parameter in HTTPException (and derived classes) constructor. (#3385)
• Deprecate bare connector close, use async with connector: and await connector.close() instead. (#3417)
• Deprecate obsolete read_timeout and conn_timeout in ClientSession constructor. (#3438)

Misc

• #3341, #3351

---

3.4.4 (2018-09-05)

• Fix installation from sources when compiling toolkit is not available (#3241)

---

3.4.3 (2018-09-04)

• Add app.pre_frozen state to properly handle startup signals in sub-applications. (#3237)

---

3.4.2 (2018-09-01)

• Fix iter_chunks type annotation (#3230)

---

3.4.1 (2018-08-28)

• Fix empty header parsing regression. (#3218)
• Fix BaseRequest.raw_headers doc. (#3215)
• Fix documentation building on ReadTheDocs (#3221)

---

3.4.0 (2018-08-25)

Features

• Add type hints (#3049)
• Add raise_for_status request parameter (#3073)
• Add type hints to HTTP client (#3092)
• Minor server optimizations (#3095)
• Preserve the cause when HTTPException is raised from another exception. (#3096)
• Add close_boundary option in MultipartWriter.write method. Support streaming (#3104)
• Added a remove_slash option to the normalize_path_middleware factory. (#3173)
• The class AbstractRouteDef is importable from aiohttp.web. (#3183)

Bugfixes

• Prevent double closing when client connection is released before the last data_received() callback. (#3031)
• Make redirect with normalize_path_middleware work when using url encoded paths. (#3051)
• Postpone web task creation to connection establishment. (#3052)
• Fix sock_read timeout. (#3053)
• When using a server-request body as the data= argument of a client request, iterate over the content with readany instead of readline to avoid Line too long errors. (#3054)
• fix UrlDispatcher has no attribute add_options, add web.options (#3062)
• correct filename in content-disposition with multipart body (#3064)
• Many HTTP proxies has buggy keepalive support. Let's not reuse connection but close it after processing every response. (#3070)
• raise 413 "Payload Too Large" rather than raising ValueError in request.post() Add helpful debug message to 413 responses (#3087)
• Fix StreamResponse equality, now that they are MutableMapping objects. (#3100)
• Fix server request objects comparison (#3116)
• Do not hang on 206 Partial Content response with Content-Encoding: gzip (#3123)
• Fix timeout precondition checkers (#3145)

Improved Documentation

• Add a new FAQ entry that clarifies that you should not reuse response objects in middleware functions. (#3020)
• Add FAQ section "Why is creating a ClientSession outside of an event loop dangerous?" (#3072)
• Fix link to Rambler (#3115)
• Fix TCPSite documentation on the Server Reference page. (#3146)
• Fix documentation build configuration file for Windows. (#3147)
• Remove no longer existing lingering_timeout parameter of Application.make_handler from documentation. (#3151)
• Mention that app.make_handler is deprecated, recommend to use runners API instead. (#3157)

Deprecations and Removals

• Drop loop.current_task() from helpers.current_task() (#2826)
• Drop reader parameter from request.multipart(). (#3090)

---

3.3.2 (2018-06-12)

• Many HTTP proxies has buggy keepalive support. Let's not reuse connection but close it after processing every response. (#3070)
• Provide vendor source files in tarball (#3076)

---

3.3.1 (2018-06-05)

• Fix sock_read timeout. (#3053)
• When using a server-request body as the data= argument of a client request, iterate over the content with readany instead of readline to avoid Line too long errors. (#3054)

---

3.3.0 (2018-06-01)

Features

• Raise ConnectionResetError instead of CancelledError on trying to write to a closed stream. (#2499)
• Implement ClientTimeout class and support socket read timeout. (#2768)
• Enable logging when aiohttp.web is used as a program (#2956)
• Add canonical property to resources (#2968)
• Forbid reading response BODY after release (#2983)
• Implement base protocol class to avoid a dependency from internal asyncio.streams.FlowControlMixin (#2986)
• Cythonize @helpers.reify, 5% boost on macro benchmark (#2995)
• Optimize HTTP parser (#3015)
• Implement runner.addresses property. (#3036)
• Use bytearray instead of a list of bytes in websocket reader. It improves websocket message reading a little. (#3039)
• Remove heartbeat on closing connection on keepalive timeout. The used hack violates HTTP protocol. (#3041)
• Limit websocket message size on reading to 4 MB by default. (#3045)

Bugfixes

• Don't reuse a connection with the same URL but different proxy/TLS settings (#2981)
• When parsing the Forwarded header, the optional port number is now preserved. (#3009)

Improved Documentation

• Make Change Log more visible in docs (#3029)
• Make style and grammar improvements on the FAQ page. (#3030)
• Document that signal handlers should be async functions since aiohttp 3.0 (#3032)

Deprecations and Removals

• Deprecate custom application's router. (#3021)

Misc

• #3008, #3011

---

3.2.1 (2018-05-10)

• Don't reuse a connection with the same URL but different proxy/TLS settings (#2981)

---

3.2.0 (2018-05-06)

Features

• Raise TooManyRedirects exception when client gets redirected too many times instead of returning last response. (#2631)
• Extract route definitions into separate web_routedef.py file (#2876)
• Raise an exception on request body reading after sending response. (#2895)
• ClientResponse and RequestInfo now have real_url property, which is request url without fragment part being stripped (#2925)
• Speed up connector limiting (#2937)
• Added and links property for ClientResponse object (#2948)
• Add request.config_dict for exposing nested applications data. (#2949)
• Speed up HTTP headers serialization, server micro-benchmark runs 5% faster now. (#2957)
• Apply assertions in debug mode only (#2966)

Bugfixes

• expose property app for TestClient (#2891)
• Call on_chunk_sent when write_eof takes as a param the last chunk (#2909)
• A closing bracket was added to __repr__ of resources (#2935)
• Fix compression of FileResponse (#2942)
• Fixes some bugs in the limit connection feature (#2964)

Improved Documentation

• Drop async_timeout usage from documentation for client API in favor of timeout parameter. (#2865)
• Improve Gunicorn logging documentation (#2921)
• Replace multipart writer .serialize() method with .write() in documentation. (#2965)

Deprecations and Removals

• Deprecate Application.make_handler() (#2938)

Misc

• #2958

---

3.1.3 (2018-04-12)

• Fix cancellation broadcast during DNS resolve (#2910)

---

3.1.2 (2018-04-05)

• Make LineTooLong exception more detailed about actual data size (#2863)
• Call on_chunk_sent when write_eof takes as a param the last chunk (#2909)

---

3.1.1 (2018-03-27)

• Support asynchronous iterators (and asynchronous generators as well) in both client and server API as request / response BODY payloads. (#2802)

---

3.1.0 (2018-03-21)

Welcome to aiohttp 3.1 release.

This is an incremental release, fully backward compatible with aiohttp 3.0.

But we have added several new features.

The most visible one is app.add_routes() (an alias for existing app.router.add_routes(). The addition is very important because all aiohttp docs now uses app.add_routes() call in code snippets. All your existing code still do register routes / resource without any warning but you've got the idea for a favorite way: noisy app.router.add_get() is replaced by app.add_routes().

The library does not make a preference between decorators:

routes = web.RouteTableDef()

@routes.get('/')
async def hello(request):
    return web.Response(text="Hello, world")

app.add_routes(routes)

and route tables as a list:

async def hello(request):
    return web.Response(text="Hello, world")

app.add_routes([web.get('/', hello)])

Both ways are equal, user may decide basing on own code taste.

Also we have a lot of minor features, bug fixes and documentation updates, see below.

Features

• Relax JSON content-type checking in the ClientResponse.json() to allow "application/xxx+json" instead of strict "application/json". (#2206)
• Bump C HTTP parser to version 2.8 (#2730)
• Accept a coroutine as an application factory in web.run_app and gunicorn worker. (#2739)
• Implement application cleanup context (app.cleanup_ctx property). (#2747)
• Make writer.write_headers a coroutine. (#2762)
• Add tracking signals for getting request/response bodies. (#2767)
• Deprecate ClientResponseError.code in favor of .status to keep similarity with response classes. (#2781)
• Implement app.add_routes() method. (#2787)
• Implement web.static() and RouteTableDef.static() API. (#2795)
• Install a test event loop as default by asyncio.set_event_loop(). The change affects aiohttp test utils but backward compatibility is not broken for 99.99% of use cases. (#2804)
• Refactor ClientResponse constructor: make logically required constructor arguments mandatory, drop _post_init() method. (#2820)
• Use app.add_routes() in server docs everywhere (#2830)
• Websockets refactoring, all websocket writer methods are converted into coroutines. (#2836)
• Provide Content-Range header for Range requests (#2844)

Bugfixes

• Fix websocket client return EofStream. (#2784)
• Fix websocket demo. (#2789)
• Property BaseRequest.http_range now returns a python-like slice when requesting the tail of the range. It's now indicated by a negative value in range.start rather then in range.stop (#2805)
• Close a connection if an unexpected exception occurs while sending a request (#2827)
• Fix firing DNS tracing events. (#2841)

Improved Documentation

• Document behavior when cchardet detects encodings that are unknown to Python. (#2732)
• Add diagrams for tracing request life style. (#2748)
• Drop removed functionality for passing StreamReader as data at client side. (#2793)