Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@

## Ongoing

- Add PEP 740 digital attestations (workaround until included in `uv publish`)
- Pin GitHub acions including our own from gh-actions
- Add PEP 740 digital attestations (workaround until included in `uv publish`), pin GitHub acions including our own from gh-actions, via PR [#891](https://github.com/plugwise/python-plugwise/pull/891)
- Solve aiohttp BasicAuth deprecation via PR [#890](https://github.com/plugwise/python-plugwise/pull/890)

## v1.12.0

Expand Down
26 changes: 15 additions & 11 deletions plugwise/smilecomm.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,13 @@
from plugwise.util import escape_illegal_xml_characters

# This way of importing aiohttp is because of patch/mocking in testing (aiohttp timeouts)
from aiohttp import BasicAuth, ClientError, ClientResponse, ClientSession, ClientTimeout
from aiohttp import (
ClientError,
ClientResponse,
ClientSession,
ClientTimeout,
encode_basic_auth,
)
Comment thread
coderabbitai[bot] marked this conversation as resolved.
from defusedxml import ElementTree as etree


Expand All @@ -42,7 +48,9 @@ def __init__(
if host.count(":") > 2: # pragma: no cover
host = f"[{host}]"

self._auth = BasicAuth(username, password=password)
self._base_header = {
"Authorization": encode_basic_auth(username, password=password)
}
Comment thread
coderabbitai[bot] marked this conversation as resolved.
self._endpoint = f"http://{host}:{str(port)}" # Sensitive

async def _request(
Expand All @@ -58,28 +66,24 @@ async def _request(
try:
match method:
case "delete":
resp = await self._websession.delete(url, auth=self._auth)
resp = await self._websession.delete(url, headers=self._base_header)
case "get":
# Work-around for Stretchv2, should not hurt the other smiles
headers = {"Accept-Encoding": "gzip"}
resp = await self._websession.get(
url, headers=headers, auth=self._auth
)
headers = {**self._base_header, "Accept-Encoding": "gzip"}
resp = await self._websession.get(url, headers=headers)
case "post":
headers = {"Content-type": "text/xml"}
headers = {**self._base_header, "Content-type": "text/xml"}
resp = await self._websession.post(
url,
headers=headers,
data=data,
auth=self._auth,
)
case "put":
headers = {"Content-type": "text/xml"}
headers = {**self._base_header, "Content-type": "text/xml"}
resp = await self._websession.put(
url,
headers=headers,
data=data,
auth=self._auth,
)
except (
ClientError
Expand Down
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ maintainers = [
requires-python = ">=3.13"
dependencies = [
"aiofiles",
"aiohttp",
"aiohttp>=3.14",

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should figure out where (if any) this comes from, I've purposely did not set the specific version to ingest whatever we get from the core package constraints and requirements. As core specifies ==3.14.1

@bouwew bouwew Jul 5, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The BasicAuth depreciation is solved by using the encode_basic_auth() function, which is introduced in aiohttp version 3.14.0, see https://github.com/aio-libs/aiohttp/releases/tag/v3.14.0

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Which is appropriately set through our setup scripts from https://github.com/home-assistant/core/blob/d6fe80d208b2dc96a34447fc749b31f4d249fdd2/homeassistant/package_constraints.txt#L9 so while we could >= it we shouldn't necessarily have to but we can surely add it here, we just need to make sure that we update it ourselves whenever core moves

"defusedxml",
"munch",
"python-dateutil",
Expand Down