chore: ignore .claude/ dir (CLAUDE.md now lives under .claude/)

Signed-off-by: disqualifier <dev@disqualifier.me>

.gitignore

@@ -1,5 +1,5 @@
 # claude
-CLAUDE.md
+.claude/
 
 # python
 __pycache__/

README.md

@@ -11,17 +11,19 @@ and swap the HTTP client while inheriting everything else.
 `requirements.txt`:
 
 ```
-aioweb @ git+ssh://git@git.rethinkstudios.io/rethink-public/aioweb.git@v0.1.3
+aioweb @ git+ssh://git@git.rethinkstudios.io/rethink-public/aioweb.git@v0.1.5
 ```
 
 Direct:
 
 ```bash
-pip install "aioweb @ git+ssh://git@git.rethinkstudios.io/rethink-public/aioweb.git@v0.1.3"
+pip install "aioweb @ git+ssh://git@git.rethinkstudios.io/rethink-public/aioweb.git@v0.1.5"
 ```
 
 Requires `aiohttp` and `yarl` (pulled transitively).
 
+Drop the `@v0.1.5` suffix from the line above to install the latest unpinned.
+
 ## Usage
 
 ```python
@@ -147,4 +149,4 @@ Two changes can't be shimmed without re-introducing the bugs they fix:
 
 ## Versioning
 
-Tagged `vX.Y.Z`. Pin the tag in `requirements.txt`.
+Releases are tagged `vX.Y.Z`. The install line above pins a release; drop the `@vX.Y.Z` suffix to install the latest unpinned. Pin deliberately for reproducible installs.

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "aioweb"
-version = "0.1.3"
+version = "0.1.5"
 description = "Async HTTP session wrapper over aiohttp — proxies, header overwrites, retries, previews. Config-free, installable."
 requires-python = ">=3.10"
 dependencies = [

src/aioweb/preview.py

@@ -35,9 +35,11 @@ class RequestPreview:
         parts = [f"curl -X {shlex.quote(self.details['method'])}"]
         for header, value in (self.details["headers"] or {}).items():
             parts.append(f"-H {shlex.quote(f'{header}: {value}')}")
-        if self.details["data"]:
+        if self.details["data"] is not None:
             parts.append(f"--data {shlex.quote(str(self.details['data']))}")
-        elif self.details["json"]:
+        elif self.details["json"] is not None:
+            # is-not-None, not truthiness: an empty-but-valid body ({} / []) must still
+            # render rather than being dropped as falsy
             parts.append(f"--data {shlex.quote(_json.dumps(self.details['json']))}")
         parts.append(shlex.quote(str(self.details["url"])))
         if self.details["proxy"]:

src/aioweb/responses.py

@@ -92,7 +92,9 @@ class Response:
         """parsed JSON content, or None if not valid JSON"""
         try:
             return _json.loads(self.text())
-        except _json.JSONDecodeError:
+        except (_json.JSONDecodeError, UnicodeDecodeError):
+            # text() decodes the body and can raise UnicodeDecodeError on a non-UTF-8
+            # payload — that's a "not valid JSON" outcome, not an error to propagate
             return None
 
     def raise_for_status(self):

src/aioweb/session.py

@@ -124,10 +124,13 @@ class ExtendedSession:
     def _apply_overwrites(self, request_headers):
         """apply static overwrites and ephemeral headers to a request's headers"""
         request_headers = dict(request_headers or {})
-        for header, value in self.header_overwrites.items():
+        # snapshot the shared override dicts so a concurrent mutation (e.g. a command
+        # editing ephemerals on a shared session) can't raise "dict changed size during
+        # iteration" — the loop body is sync, but the snapshot is cheap insurance
+        for header, value in list(self.header_overwrites.items()):
             if self.inject or header in request_headers:
                 request_headers[header] = value
-        for header, value_callable in self.ephemeral_headers.items():
+        for header, value_callable in list(self.ephemeral_headers.items()):
             if self.inject or header in request_headers:
                 value = value_callable()
                 if isinstance(value, dict):
@@ -313,10 +316,13 @@ class ExtendedSession:
             if debug and result.redirect_chain:
                 log.info("redirect chain: %s", result.redirect_chain)
             return result
-        except (aiohttp.ClientError, asyncio.TimeoutError) as error:
+        except asyncio.TimeoutError as error:
             # a total ClientTimeout raises a bare asyncio.TimeoutError, which is NOT an
-            # aiohttp.ClientError subclass — wrap it into the same typed path so direct
-            # callers get a consistent failure instead of a raw timeout
+            # aiohttp.ClientError subclass — wrap it as ServerTimeoutError (which IS both
+            # a ClientError AND a TimeoutError) so direct callers get a typed failure and
+            # request_with_retries can still label it a timeout
+            raise aiohttp.ServerTimeoutError(f"timeout for {url}: {error}") from error
+        except aiohttp.ClientError as error:
             raise aiohttp.ClientError(f"client error for {url}: {error}") from error
 
     async def request_with_retries(
@@ -361,6 +367,12 @@ class ExtendedSession:
             log.error("all %d attempts failed for %s (last status %s)",
                       attempts, url, exhausted.response.status_code)
             return exhausted.response
+        except asyncio.TimeoutError:
+            # request() wraps a total timeout as ServerTimeoutError (a ClientError AND a
+            # TimeoutError); catch the timeout case first so it's labeled a timeout rather
+            # than falling into the generic client-error branch below
+            log.error("all %d attempts timed out for %s", attempts, url)
+            return FailureResponse(reason="timeout", url=url)
         except aiohttp.ClientError as error:
             log.error("all %d attempts failed for %s (client error: %s)", attempts, url, error)
             return FailureResponse(reason=f"client error: {error}", url=url)