Skip to content

Commit

Permalink
Merge #283
Browse files Browse the repository at this point in the history 
283: Bump requests from 2.25.1 to 2.26.0 r=alallema a=dependabot[bot]

Bumps [requests](https://github.com/psf/requests) from 2.25.1 to 2.26.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/psf/requests/blob/master/HISTORY.md">requests's changelog</a>.</em></p>
<blockquote>
<h2>2.26.0 (2021-07-13)</h2>
<p><strong>Improvements</strong></p>
<ul>
<li>
<p>Requests now supports Brotli compression, if either the <code>brotli</code> or
<code>brotlicffi</code> package is installed. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5783">#5783</a>)</p>
</li>
<li>
<p><code>Session.send</code> now correctly resolves proxy configurations from both
the Session and Request. Behavior now matches <code>Session.request</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5681">#5681</a>)</p>
</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Fixed a race condition in zip extraction when using Requests in parallel
from zip archive. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5707">#5707</a>)</li>
</ul>
<p><strong>Dependencies</strong></p>
<ul>
<li>
<p>Instead of <code>chardet</code>, use the MIT-licensed <code>charset_normalizer</code> for Python3
to remove license ambiguity for projects bundling requests. If <code>chardet</code>
is already installed on your machine it will be used instead of <code>charset_normalizer</code>
to keep backwards compatibility. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5797">#5797</a>)</p>
<p>You can also install <code>chardet</code> while installing requests by
specifying <code>[use_chardet_on_py3]</code> extra as follows:</p>
<pre lang="shell"><code>pip install &quot;requests[use_chardet_on_py3]&quot;
</code></pre>
<p>Python2 still depends upon the <code>chardet</code> module.</p>
</li>
<li>
<p>Requests now supports <code>idna</code> 3.x on Python 3. <code>idna</code> 2.x will continue to
be used on Python 2 installations. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5711">#5711</a>)</p>
</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>
<p>The <code>requests[security]</code> extra has been converted to a no-op install.
PyOpenSSL is no longer the recommended secure option for Requests. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5867">#5867</a>)</p>
</li>
<li>
<p>Requests has officially dropped support for Python 3.5. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5867">#5867</a>)</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/psf/requests/commit/a1a6a549a0143d9b32717dbe3d75cd543ae5a4f6"><code>a1a6a54</code></a> v2.26.0</li>
<li><a href="https://github.com/psf/requests/commit/e253eba5ed8922affe50089548a15fbda298fefd"><code>e253eba</code></a> Stop abusing pytest-httpbin to test commonName support</li>
<li><a href="https://github.com/psf/requests/commit/f6c0619d892a41dcf84933810ffda89e9f6b10d4"><code>f6c0619</code></a> Disable requests[security] and remove 3.5 support references</li>
<li><a href="https://github.com/psf/requests/commit/33cf965f7271ab4978ed551754db37865c4085db"><code>33cf965</code></a> Allow idna 3.x to be installed on Python 3.x</li>
<li><a href="https://github.com/psf/requests/commit/5351469472eccee7ed1a6cae53341446c520d807"><code>5351469</code></a> Add support for brotli decoding (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5783">#5783</a>)</li>
<li><a href="https://github.com/psf/requests/commit/24630743cecd3d0e9db7bee7e47381dbadf2d789"><code>2463074</code></a> Avoid zip extract racing condition by using read+write instead extract (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5707">#5707</a>)</li>
<li><a href="https://github.com/psf/requests/commit/2ed84f55b22f19a1e1e8eea2e50963dce62052d3"><code>2ed84f5</code></a> Switch LGPL'd chardet for MIT licensed charset_normalizer (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5797">#5797</a>)</li>
<li><a href="https://github.com/psf/requests/commit/33d448eb21bbbf643cc1f61493b0b606d8352aea"><code>33d448e</code></a> Pin Flask to &lt;2.0 to fix the test suite</li>
<li><a href="https://github.com/psf/requests/commit/1466ad713cf84738cd28f1224a7ab4a19e50e361"><code>1466ad7</code></a> Fix GitHub links (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5835">#5835</a>)</li>
<li><a href="https://github.com/psf/requests/commit/f6d43b03fbb9a1e75ed63a9aa15738a8fce99b50"><code>f6d43b0</code></a> Updated to new be-cordial-or-be-on-your-way URL and CoC now references Python...</li>
<li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.25.1...v2.26.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.25.1&new-version=2.26.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@bors @dependabot
bors[bot] and dependabot[bot] committed Aug 17, 2021
2 parents aac8cb3 + 67d4da5 commit a6428e1
Showing 1 changed file with 42 additions and 33 deletions.
75 changes: 42 additions & 33 deletions Pipfile.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit a6428e1

Please sign in to comment.