The Fix
Added `RequestKey` and `ResponseKey` classes for static typing checks in request and response context storages, similar to `AppKey` for `Application`.
Based on closed aio-libs/aiohttp issue #11762 · PR/commit linked
@@ -0,0 +1,4 @@
@@ -0,0 +1,4 @@
+Added ``RequestKey`` and ``ResponseKey`` classes,
+which enable static type checking for request & response
+context storages in the same way that ``AppKey`` does for ``Application``
repro.py
# If we add a base class and alias it with NewType
class BaseKey:
... # existing AppKey logic moves here
AppKey = NewType("AppKey", BaseKey)
# this would change the way AppKey instances are created
some_app_key = AppKey(BaseKey("some_app_key", SomeClass))
verify
Re-run the minimal reproduction on your broken version, then apply the fix and re-run.
fix.md
Option A — Apply the official fix\nAdded `RequestKey` and `ResponseKey` classes for static typing checks in request and response context storages, similar to `AppKey` for `Application`.\nWhen NOT to use: This fix should not be used if existing code relies on the previous key implementations without type safety.\n\n
Why This Fix Works in Production
- Trigger: 3. Keep `AppKey` as an alias to the new name to avoid introducing a breaking change (with a deprecation warning, perhaps).
- Mechanism: The lack of typing support for Request and Response storages led to potential type safety issues
Production impact:
- If left unfixed, this can cause silent data inconsistencies that propagate (bad cache entries, incorrect downstream decisions).
Why This Breaks in Prod
- The lack of typing support for Request and Response storages led to potential type safety issues
- Production symptom (often without a traceback): 3. Keep `AppKey` as an alias to the new name to avoid introducing a breaking change (with a deprecation warning, perhaps).
Proof / Evidence
- GitHub issue: #11762
- Fix PR: https://github.com/aio-libs/aiohttp/pull/11766
- Reproduced locally: No (not executed)
- Last verified: 2026-02-09
- Confidence: 0.70
- Did this fix it?: Yes (upstream fix exists)
- Own content ratio: 0.63
Discussion
High-signal excerpts from the issue thread (symptoms, repros, edge-cases).
“We could also consider adding a separate name to avoid mixing keys between Application and Request.”
“In that case, adding a base class with existing AppKey logic and sub-classing it multiple times should be better, unless I'm missing something. NewType can…”
“> In that case, adding a base class with existing AppKey logic and sub-classing it multiple times should be better, unless I'm missing something. Yeah,…”
“@Dreamsorcerer, that would remove the need for renaming & deprecating”
Failure Signature (Search String)
- 3. Keep `AppKey` as an alias to the new name to avoid introducing a breaking change (with a deprecation warning, perhaps).
- I think we could just alias them with NewType. My thinking is that it'd avoid a key that exists on the Application being accidentally used on the Request where it'd produce a
Copy-friendly signature
signature.txt
Failure Signature
-----------------
3. Keep `AppKey` as an alias to the new name to avoid introducing a breaking change (with a deprecation warning, perhaps).
I think we could just alias them with NewType. My thinking is that it'd avoid a key that exists on the Application being accidentally used on the Request where it'd produce a KeyError, marginally improving type safety.
Error Message
Signature-only (no traceback captured)
error.txt
Error Message
-------------
3. Keep `AppKey` as an alias to the new name to avoid introducing a breaking change (with a deprecation warning, perhaps).
I think we could just alias them with NewType. My thinking is that it'd avoid a key that exists on the Application being accidentally used on the Request where it'd produce a KeyError, marginally improving type safety.
Minimal Reproduction
repro.py
# If we add a base class and alias it with NewType
class BaseKey:
... # existing AppKey logic moves here
AppKey = NewType("AppKey", BaseKey)
# this would change the way AppKey instances are created
some_app_key = AppKey(BaseKey("some_app_key", SomeClass))
What Broke
Developers faced difficulties in ensuring type safety when using Request and Response context storages.
Why It Broke
The lack of typing support for Request and Response storages led to potential type safety issues
Fix Options (Details)
Option A — Apply the official fix
Added `RequestKey` and `ResponseKey` classes for static typing checks in request and response context storages, similar to `AppKey` for `Application`.
When NOT to use: This fix should not be used if existing code relies on the previous key implementations without type safety.
Fix reference: https://github.com/aio-libs/aiohttp/pull/11766
Last verified: 2026-02-09. Validate in your environment.
When NOT to Use This Fix
- This fix should not be used if existing code relies on the previous key implementations without type safety.
Verify Fix
verify
Re-run the minimal reproduction on your broken version, then apply the fix and re-run.
Did This Fix Work in Your Case?
Quick signal helps us prioritize which fixes to verify and improve.
Prevention
- Capture the exact failing error string in logs and tests so you can reproduce via a minimal script.
- Pin production dependencies and upgrade only with a reproducible test that hits the failing path.
Related Issues
No related fixes found.
Sources
We don’t republish the full GitHub discussion text. Use the links above for context.