Skip to content

Python: Bump aiohttp from 3.13.3 to 3.14.1 in /python#14053

Open
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/uv/python/aiohttp-3.14.0
Open

Python: Bump aiohttp from 3.13.3 to 3.14.1 in /python#14053
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/uv/python/aiohttp-3.14.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 3, 2026
edited by Copilot AI
Loading

Copy link
Copy Markdown
Contributor

Motivation and Context

Dependabot security alerts now require aiohttp >= 3.14.1, so the previous bump to 3.14.0 is no longer sufficient.

Description

  • Updated the Python lockfile to resolve aiohttp at 3.14.1 (instead of 3.14.0).
  • Regenerated python/uv.lock accordingly.
  • No source code functionality changes were introduced.

Contribution Checklist

@dependabot
Bump aiohttp from 3.13.3 to 3.14.0 in /python
6766881 
---
updated-dependencies:
- dependency-name: aiohttp
  dependency-version: 3.14.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file. Used by Dependabot. python:uv Pull requests that update python:uv code labels Jun 3, 2026
Copilot AI review requested due to automatic review settings June 3, 2026 23:20
@dependabot dependabot Bot requested a review from a team as a code owner June 3, 2026 23:20
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file. Used by Dependabot. python:uv Pull requests that update python:uv code labels Jun 3, 2026
Copilot AI reviewed Jun 3, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@dependabot dependabot Bot mentioned this pull request Jun 3, 2026
Closed
@moonbox3 moonbox3 added the python Pull requests for the Python Semantic Kernel label Jun 3, 2026
@github-actions github-actions Bot changed the title Bump aiohttp from 3.13.3 to 3.14.0 in /python Python: Bump aiohttp from 3.13.3 to 3.14.0 in /python Jun 3, 2026
github-actions[bot]
github-actions Bot reviewed Jun 3, 2026
View reviewed changes

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automated Code Review

Reviewers: 4 | Confidence: 61% | Result: All clear

Reviewed: Correctness, Security Reliability, Test Coverage, Design Approach

Automated review by dependabot[bot]'s agents

@moonbox3

moonbox3 commented Jun 17, 2026

Copy link
Copy Markdown
Collaborator

@copilot: update this PR to bump aiohttp to 3.14.1 instead of 3.14.0 and regenerate python/uv.lock. Current Dependabot alerts require aiohttp>=3.14.1.

Copilot AI commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

@copilot: update this PR to bump aiohttp to 3.14.1 instead of 3.14.0 and regenerate python/uv.lock. Current Dependabot alerts require aiohttp>=3.14.1.

Updated in commit ac385eb. python/uv.lock now resolves aiohttp to 3.14.1 and was regenerated accordingly.

Copilot AI changed the title Python: Bump aiohttp from 3.13.3 to 3.14.0 in /python Python: Bump aiohttp from 3.13.3 to 3.14.1 in /python Jun 17, 2026
Copilot AI requested a review from moonbox3 June 17, 2026 06:06
@dependabot @github

dependabot Bot commented on behalf of github Jun 17, 2026

Copy link
Copy Markdown
Contributor Author

A newer version of aiohttp exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

@moonbox3 moonbox3 requested a review from eavanvalkenburg June 17, 2026 11:49
@moonbox3 moonbox3 enabled auto-merge June 17, 2026 11:49
@eavanvalkenburg

eavanvalkenburg commented Jun 17, 2026

Copy link
Copy Markdown
Member

@dependabot /recreate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Copilot code review Copilot Copilot left review comments

@eavanvalkenburg eavanvalkenburg eavanvalkenburg approved these changes

@moonbox3 moonbox3 moonbox3 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file. Used by Dependabot. python:uv Pull requests that update python:uv code python Pull requests for the Python Semantic Kernel

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@moonbox3 @eavanvalkenburg