Skip to content

Use aiohttp.encode_basic_auth() instead of deprecated BasicAuth#386

Merged
horgh merged 1 commit into
mainfrom
greg/stf-604
Jun 4, 2026
Merged

Use aiohttp.encode_basic_auth() instead of deprecated BasicAuth#386
horgh merged 1 commit into
mainfrom
greg/stf-604

Conversation

@oschwald
Copy link
Copy Markdown
Member

@oschwald oschwald commented Jun 4, 2026

STF-604

As of aiohttp 3.14.0, aiohttp.BasicAuth and the auth= parameter on ClientSession are deprecated and will be removed in aiohttp 4.0, emitting DeprecationWarnings in CI. This builds the Authorization header explicitly with aiohttp.encode_basic_auth() in the async client instead.

Only the async (aiohttp) client is affected; the sync client uses requests (.auth), which is not deprecated.

Changes

  • Migrate AsyncClient._session() to an explicit Authorization header.
  • Raise the minimum aiohttp version to >=3.14.0 (where encode_basic_auth was introduced).
  • Add a webservice test asserting the Authorization header is sent, exercised for both the sync and async clients.

Notes

  • encode_basic_auth() defaults to utf-8 where BasicAuth defaulted to latin1. Irrelevant here (numeric account IDs, ASCII license keys), but worth noting.

🤖 Generated with Claude Code

@oschwald @claude
Use aiohttp.encode_basic_auth() instead of deprecated BasicAuth
d6b22b6 
aiohttp 3.14.0 deprecates aiohttp.BasicAuth and the auth= parameter on
ClientSession, both slated for removal in aiohttp 4.0. Build the
Authorization header explicitly with aiohttp.encode_basic_auth() in the
async client instead, and raise the minimum aiohttp version to 3.14.0
(where encode_basic_auth is available).

encode_basic_auth() defaults to utf-8 where BasicAuth defaulted to
latin1. This is irrelevant here since account IDs are numeric and license
keys are ASCII, but is worth noting.

Adds a webservice test asserting the Authorization header is sent, for
both the sync and async clients.

STF-604

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 4, 2026
View reviewed changes
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the async client to build its Authorization header using aiohttp.encode_basic_auth() instead of the deprecated aiohttp.BasicAuth / auth= parameter. Consequently, the minimum required version of aiohttp has been bumped to 3.14.0 in pyproject.toml and uv.lock, and a corresponding unit test has been added to verify the presence and value of the Authorization header. There are no review comments, and I have no feedback to provide.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

@horgh horgh merged commit fc59ea6 into main Jun 4, 2026
47 checks passed
@horgh horgh deleted the greg/stf-604 branch June 4, 2026 18:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@horgh horgh horgh approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@oschwald @horgh