Update aiohttp requirement from ~=3.8.0 to >=3.8,<3.10

[dependabot]

Updates the requirements on aiohttp to permit the latest version.

Release notes

Sourced from aiohttp's releases.

3.9.1

Bugfixes

• Fixed importing aiohttp under PyPy on Windows.

  (#7848)

• Fixed async concurrency safety in websocket compressor.

  (#7865)

• Fixed ClientResponse.close() releasing the connection instead of closing.

  (#7869)

• Fixed a regression where connection may get closed during upgrade. -- by :user:Dreamsorcerer

  (#7879)

• Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:Dreamsorcerer

  (#7895)

---

Changelog

Sourced from aiohttp's changelog.

3.9.1 (2023-11-26)

Bugfixes

• Fixed importing aiohttp under PyPy on Windows.

  [#7848](https://github.com/aio-libs/aiohttp/issues/7848) <https://github.com/aio-libs/aiohttp/issues/7848>_

• Fixed async concurrency safety in websocket compressor.

  [#7865](https://github.com/aio-libs/aiohttp/issues/7865) <https://github.com/aio-libs/aiohttp/issues/7865>_

• Fixed ClientResponse.close() releasing the connection instead of closing.

  [#7869](https://github.com/aio-libs/aiohttp/issues/7869) <https://github.com/aio-libs/aiohttp/issues/7869>_

• Fixed a regression where connection may get closed during upgrade. -- by :user:Dreamsorcerer

  [#7879](https://github.com/aio-libs/aiohttp/issues/7879) <https://github.com/aio-libs/aiohttp/issues/7879>_

• Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:Dreamsorcerer

  [#7895](https://github.com/aio-libs/aiohttp/issues/7895) <https://github.com/aio-libs/aiohttp/issues/7895>_

---

3.9.0 (2023-11-18)

Features

• Introduced AppKey for static typing support of Application storage. See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config

  [#5864](https://github.com/aio-libs/aiohttp/issues/5864) <https://github.com/aio-libs/aiohttp/issues/5864>_

• Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called. The period can be adjusted with the shutdown_timeout parameter. -- by :user:Dreamsorcerer. See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown

  [#7188](https://github.com/aio-libs/aiohttp/issues/7188) <https://github.com/aio-libs/aiohttp/issues/7188>_

• Added handler_cancellation <https://docs.aiohttp.org/en/stable/web_advanced.html#web-handler-cancellation>_ parameter to cancel web handler on client disconnection. -- by :user:mosquito This (optionally) reintroduces a feature removed in a previous release.

... (truncated)

Commits

• 6333c02 Release v3.9.1 (#7911)
• 9dbd273 [PR #7673/aa7d1a8f backport][3.9] Document release process (#7909)
• dd175b6 Fix regression with connection upgrade (#7879) (#7908)
• 946523d Fix flaky websocket test (#7902) (#7904)
• ddc2a26 [PR #7896/9a7cfe77 backport][3.9] Fix some flaky tests (#7900)
• 2ae4d6f Message is not upgraded if Upgrade header is missing (#7895) (#7898)
• bb11101 Restore async concurrency safety to websocket compressor (#7865) (#7889)
• 6dd0122 Update dependabot.yml (#7888)
• 41a9f1f Bump mypy from 1.7.0 to 1.7.1 (#7882)
• a049701 Fix usage of proxy.py in test_proxy_functional (#7773) (#7876)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (1790405) 87.71% compared to head (8522eea) 87.71%.

Additional details and impacted files

@@           Coverage Diff           @@
##           master      #12   +/-   ##
=======================================
  Coverage   87.71%   87.71%           
=======================================
  Files          51       51           
  Lines        5382     5382           
=======================================
  Hits         4721     4721           
  Misses        661      661           

Flag	Coverage Δ
unittests	87.71% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.