Skip to content

Commit

Permalink
Bump urllib3 from 1.26.15 to 2.0.2 (#197)
Browse files Browse the repository at this point in the history 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.15 to
2.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.0.2</h2>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data was still available to be read even if the
underlying socket is closed. This prevents a compressed response from
being truncated. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3009">urllib3/urllib3#3009</a>)</li>
</ul>
<h2>2.0.1</h2>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2991">#2991</a>)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
</ul>
<h2>2.0.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2.0
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h1>Removed</h1>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/883">#883</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2336">#2336</a>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function. This behavior was deprecated in
May 2000 in RFC 2818. Instead only <code>subjectAltName</code> is used
to verify the hostname by default. To enable verifying the hostname
against <code>commonName</code> use
<code>SSLContext.hostname_checks_common_name = True</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2113">#2113</a>).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
Python is moving to require OpenSSL with PEP 644 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support. When an incompatible OpenSSL version is detected
an <code>ImportError</code> is raised (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2082">#2082</a>).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2044">#2044</a>).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2086">#2086</a>).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2648">#2648</a>).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code> function
instead of the <code>urllib3.request</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2269">#2269</a>).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2233">#2233</a>).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2339">#2339</a>).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Deprecated</h1>
<ul>
<li>Deprecated <code>HTTPResponse.getheaders()</code> and
<code>HTTPResponse.getheader()</code> which will be removed in urllib3
v2.1.0. Instead use <code>HTTPResponse.headers</code> and
<code>HTTPResponse.headers.get(name, default)</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1543">#1543</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2814">#2814</a>).</li>
<li>Deprecated <code>urllib3.contrib.pyopenssl</code> module which will
be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2691">#2691</a>).</li>
<li>Deprecated <code>urllib3.contrib.securetransport</code> module which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2692">#2692</a>).</li>
<li>Deprecated <code>ssl_version</code> option in favor of
<code>ssl_minimum_version</code>. <code>ssl_version</code> will be
removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Deprecated the <code>strict</code> parameter as it's not longer
needed in Python 3.x. It will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2267">#2267</a>)</li>
<li>Deprecated the <code>NewConnectionError.pool</code> attribute which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2271">#2271</a>).</li>
<li>Deprecated <code>format_header_param_html5</code> and
<code>format_header_param</code> in favor of
<code>format_multipart_header_param</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>RequestField.header_formatter</code> parameter
which will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>HTTPSConnection.set_cert()</code> method. Instead
pass parameters to the <code>HTTPSConnection</code> constructor (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Deprecated <code>HTTPConnection.request_chunked()</code> method
which will be removed in urllib3 v2.1.0. Instead pass
<code>chunked=True</code> to <code>HTTPConnection.request()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Added</h1>
<ul>
<li>Added top-level <code>urllib3.request</code> function which uses a
preconfigured module-global <code>PoolManager</code> instance (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2150">#2150</a>).</li>
<li>Added the <code>json</code> parameter to
<code>urllib3.request()</code>, <code>PoolManager.request()</code>, and
<code>ConnectionPool.request()</code> methods to send JSON bodies in
requests. Using this parameter will set the header <code>Content-Type:
application/json</code> if <code>Content-Type</code> isn't already
defined. Added support for parsing JSON response bodies with
<code>HTTPResponse.json()</code> method (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2243">#2243</a>).</li>
<li>Added type hints to the <code>urllib3</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Added <code>ssl_minimum_version</code> and
<code>ssl_maximum_version</code> options which set
<code>SSLContext.minimum_version</code> and
<code>SSLContext.maximum_version</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Added support for Zstandard (RFC 8878) when <code>zstandard</code>
1.18.0 or later is installed. Added the <code>zstd</code> extra which
installs the <code>zstandard</code> package (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1992">#1992</a>).</li>
<li>Added <code>urllib3.response.BaseHTTPResponse</code> class. All
future response classes will be subclasses of
<code>BaseHTTPResponse</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2083">#2083</a>).</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.0.2 (2023-05-03)</h1>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data
was still available to be read even if the underlying socket is closed.
This prevents
a compressed response from being truncated.
(<code>[#3009](urllib3/urllib3#3009)
&lt;https://github.com/urllib3/urllib3/issues/3009&gt;</code>__)</li>
</ul>
<h1>2.0.1 (2023-04-30)</h1>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<code>[#2991](urllib3/urllib3#2991)
&lt;https://github.com/urllib3/urllib3/issues/2991&gt;</code>__)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty.
(<code>[#2998](urllib3/urllib3#2998)
&lt;https://github.com/urllib3/urllib3/issues/2998&gt;</code>__)</li>
</ul>
<h1>2.0.0 (2023-04-26)</h1>
<p>Read the <code>v2.0 migration guide
&lt;https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html&gt;</code>__
for help upgrading to the latest version of urllib3.</p>
<h2>Removed</h2>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6
(<code>[#883](urllib3/urllib3#883)
&lt;https://github.com/urllib3/urllib3/issues/883&gt;</code><strong>,
<code>[#2336](urllib3/urllib3#2336)
&lt;https://github.com/urllib3/urllib3/issues/2336&gt;</code></strong>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only
<code>subjectAltName</code>
is used to verify the hostname by default. To enable verifying the
hostname against
<code>commonName</code> use <code>SSLContext.hostname_checks_common_name
= True</code>
(<code>[#2113](urllib3/urllib3#2113)
&lt;https://github.com/urllib3/urllib3/issues/2113&gt;</code>__).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require
OpenSSL with PEP 644
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support.
When an incompatible OpenSSL version is detected an
<code>ImportError</code> is raised
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure
(<code>[#2082](urllib3/urllib3#2082)
&lt;https://github.com/urllib3/urllib3/issues/2082&gt;</code>__).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment
(<code>[#2044](urllib3/urllib3#2044)
&lt;https://github.com/urllib3/urllib3/issues/2044&gt;</code>__).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code>
(<code>[#2086](urllib3/urllib3#2086)
&lt;https://github.com/urllib3/urllib3/issues/2086&gt;</code>__).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code>
(<code>[#2648](urllib3/urllib3#2648)
&lt;https://github.com/urllib3/urllib3/issues/2648&gt;</code>__).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used
(<code>[#1897](urllib3/urllib3#1897)
&lt;https://github.com/urllib3/urllib3/issues/1897&gt;</code>__).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code>
function instead of the <code>urllib3.request</code> module
(<code>[#2269](urllib3/urllib3#2269)
&lt;https://github.com/urllib3/urllib3/issues/2269&gt;</code>__).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library
(<code>[#2233](urllib3/urllib3#2233)
&lt;https://github.com/urllib3/urllib3/issues/2233&gt;</code>__).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<code>[#2339](urllib3/urllib3#2339)
&lt;https://github.com/urllib3/urllib3/issues/2339&gt;</code>__).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code>
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code>
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code>
(<code>[#1985](urllib3/urllib3#1985)
&lt;https://github.com/urllib3/urllib3/issues/1985&gt;</code>__).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code>
(<code>[#1985](urllib3/urllib3#1985)
&lt;https://github.com/urllib3/urllib3/issues/1985&gt;</code>__).</li>
<li>Removed the <code>strict</code> parameter/attribute from
<code>HTTPConnection</code>, <code>HTTPSConnection</code>,
<code>HTTPConnectionPool</code>, <code>HTTPSConnectionPool</code>, and
<code>HTTPResponse</code>
(<code>[#2064](urllib3/urllib3#2064)
&lt;https://github.com/urllib3/urllib3/issues/2064&gt;</code>__).</li>
</ul>
<h2>Deprecated</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/b234aaf7ccbcb64012d8b33d21eb8bc9f768935d"><code>b234aaf</code></a>
Release 2.0.2</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/d8dcdd7c236430af15f6ccd47fb3d00c408bb1c0"><code>d8dcdd7</code></a>
Reflect removal of <code>strict</code> in the 2.0.0 changelog</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4714836a667eb4837d005eb89d34fae60b9dc6cc"><code>4714836</code></a>
Continue reading the response stream if there is buffered decompressed
data</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/6351614959b6599fe53312223c972daba75a671f"><code>6351614</code></a>
Show urllib3.request() in README (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3006">#3006</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/08237ad0729f4ec2e0bd093cf08e518025d2001d"><code>08237ad</code></a>
Fix flaky test_ssl_failure_midway_through_conn</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b85e93d619a323b92c2954da852857e0119d71b8"><code>b85e93d</code></a>
Release 2.0.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/09b36c693ca7d9d92d77b434648832d919543dcb"><code>09b36c6</code></a>
Improve assert_fingerprint changelog and tests</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/02ae65a45654bb3ced12b9ad22278c11e214aaf8"><code>02ae65a</code></a>
Fix HTTPResponse.read(0) when underlying buffer is empty (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4fb8da2d4e7b7488b432118efe1007d00c81bb53"><code>4fb8da2</code></a>
Ensure SSLSocket is closed after failure verifying cert hostname or
fingerprint</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/7052b83d543d9554e542ff04688cf473b1fbaa53"><code>7052b83</code></a>
Delete 0002-Stop-relying-on-removed-DEFAULT_CIPHERS.patch (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2996">#2996</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.15...2.0.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.15&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] committed May 5, 2023
1 parent 57709d7 commit 3e2b213
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion requirements.txt
View file
Expand Up @@ -25,5 +25,5 @@ tomli==2.0.1
tomlkit==0.11.8
typing_extensions==4.5.0
ujson==5.7.0
urllib3==1.26.15
urllib3==2.0.2
wrapt==1.15.0

0 comments on commit 3e2b213

Please sign in to comment.