deps(deps): update aiohttp requirement from >=3.9 to >=3.13.5#31
deps(deps): update aiohttp requirement from >=3.9 to >=3.13.5#31dependabot[bot] wants to merge 1 commit into
Conversation
--- updated-dependencies: - dependency-name: aiohttp dependency-version: 3.13.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| ] | ||
| dependencies = [ | ||
| "aiohttp>=3.9", | ||
| "aiohttp>=3.13.5", |
There was a problem hiding this comment.
🔴 aiohttp >=3.13.5 requires Python >=3.9, breaking declared Python 3.8 support
The project declares requires-python = ">=3.8" at pyproject.toml:12 and lists Python 3.8 in its classifiers (pyproject.toml:18), but aiohttp>=3.13.5 requires Python >=3.9 (confirmed via PyPI metadata). Users on Python 3.8 will encounter an unresolvable dependency conflict when trying to install this package. The tooling config also targets Python 3.8 (tool.black target-version at line 77, tool.mypy python_version at line 102).
Either the minimum aiohttp version should be relaxed (e.g., kept at >=3.9 which still has 3.8-compatible releases like 3.9.x), or the project's requires-python and classifiers should be updated to >=3.9.
Prompt for agents
The aiohttp>=3.13.5 dependency requires Python >=3.9, but the project declares requires-python >= 3.8 at pyproject.toml:12 and lists Python 3.8 in classifiers at pyproject.toml:18. The tool configurations also reference Python 3.8 (tool.black target-version at line 77, tool.mypy python_version at line 102).
Two possible approaches:
1. Keep Python 3.8 support: change the aiohttp minimum back to something compatible with 3.8 (e.g. >=3.9 which includes 3.8-compatible releases like aiohttp 3.9.x through 3.10.x).
2. Drop Python 3.8 support: update requires-python to >=3.9, remove the Python 3.8 classifier, and update tool.black target-version and tool.mypy python_version to 3.9.
Was this helpful? React with 👍 or 👎 to provide feedback.
1 participant
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)