New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate [secure] extra #2680
Milestone
Comments
You can make You'll also be able to use pypi stats to see how many people install it You can then yank |
6 tasks
This was referenced Aug 4, 2022
fyunusa
added a commit
to fyunusa/selenium
that referenced
this issue
Aug 10, 2022
pyOpenSSL and urllib3[secure] are deprecated in the upcoming release (1.26.12) urllib3/urllib3#2680
This was referenced Aug 10, 2022
symonk
pushed a commit
to SeleniumHQ/selenium
that referenced
this issue
Aug 14, 2022
* Update setup.py pyOpenSSL and urllib3[secure] are deprecated in the upcoming release of (1.26.12) Removed [secure] extra from the urllib3 dependencies * Removed [secure] extra from urllib3 dependencies pyOpenSSL and urllib3[secure] are deprecated in the upcoming release (1.26.12) urllib3/urllib3#2680 * Removed urllib [secure] Removed urllib3[secure] dependency
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this issue
Aug 22, 2022
1.26.12 (2022-08-22) -------------------- * Deprecated the `urllib3[secure]` extra and the `urllib3.contrib.pyopenssl` module. Both will be removed in v2.x. See this `GitHub issue <https://github.com/urllib3/urllib3/issues/2680>`_ for justification and info on how to migrate.
github-merge-queue bot
pushed a commit
to bazelbuild/rules_python
that referenced
this issue
Oct 4, 2023
…stall (#1444) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.11 to 1.26.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would raise an <code>OverflowError</code> on Python 3.9 and earlier.</li> </ul> <h1>1.26.10 (2022-07-07)</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li><a href="https://github.com/urllib3/urllib3/commit/18e92145e9cddbabdf51c98f54202aa37fd5d4c8"><code>18e9214</code></a> Use trusted publishing for PyPI</li> <li><a href="https://github.com/urllib3/urllib3/commit/d25cf83bbae850a290fe34ed1610ae55c0558b36"><code>d25cf83</code></a> [1.26] Fix invalid test_ssl_failure_midway_through_conn</li> <li><a href="https://github.com/urllib3/urllib3/commit/25cca389496b86ee809c21e5b641aeaa74809263"><code>25cca38</code></a> [1.26] Fix test_ssl_object_attributes</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.25.11...1.26.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.25.11&new-version=1.26.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bazelbuild/rules_python/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
david-lyft
pushed a commit
to lyft/omnibot
that referenced
this issue
Oct 4, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would raise an <code>OverflowError</code> on Python 3.9 and earlier.</li> </ul> <h1>1.26.10 (2022-07-07)</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li><a href="https://github.com/urllib3/urllib3/commit/18e92145e9cddbabdf51c98f54202aa37fd5d4c8"><code>18e9214</code></a> Use trusted publishing for PyPI</li> <li><a href="https://github.com/urllib3/urllib3/commit/d25cf83bbae850a290fe34ed1610ae55c0558b36"><code>d25cf83</code></a> [1.26] Fix invalid test_ssl_failure_midway_through_conn</li> <li><a href="https://github.com/urllib3/urllib3/commit/25cca389496b86ee809c21e5b641aeaa74809263"><code>25cca38</code></a> [1.26] Fix test_ssl_object_attributes</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.5...1.26.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.5&new-version=1.26.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lyft/omnibot/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 tasks
mergify bot
pushed a commit
to aws/aws-cdk
that referenced
this issue
Oct 6, 2023
…k/aws-lambda-python-alpha/test/lambda-handler-project/shared (#27387) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.7 to 1.26.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would raise an <code>OverflowError</code> on Python 3.9 and earlier.</li> </ul> <h1>1.26.10 (2022-07-07)</h1> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li><a href="https://github.com/urllib3/urllib3/commit/18e92145e9cddbabdf51c98f54202aa37fd5d4c8"><code>18e9214</code></a> Use trusted publishing for PyPI</li> <li><a href="https://github.com/urllib3/urllib3/commit/d25cf83bbae850a290fe34ed1610ae55c0558b36"><code>d25cf83</code></a> [1.26] Fix invalid test_ssl_failure_midway_through_conn</li> <li><a href="https://github.com/urllib3/urllib3/commit/25cca389496b86ee809c21e5b641aeaa74809263"><code>25cca38</code></a> [1.26] Fix test_ssl_object_attributes</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.7...1.26.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.7&new-version=1.26.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts). </details>
github-actions bot
pushed a commit
to bacalhau-project/bacalhau
that referenced
this issue
Oct 11, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.11 to 1.26.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li><a href="https://github.com/urllib3/urllib3/commit/18e92145e9cddbabdf51c98f54202aa37fd5d4c8"><code>18e9214</code></a> Use trusted publishing for PyPI</li> <li><a href="https://github.com/urllib3/urllib3/commit/d25cf83bbae850a290fe34ed1610ae55c0558b36"><code>d25cf83</code></a> [1.26] Fix invalid test_ssl_failure_midway_through_conn</li> <li><a href="https://github.com/urllib3/urllib3/commit/25cca389496b86ee809c21e5b641aeaa74809263"><code>25cca38</code></a> [1.26] Fix test_ssl_object_attributes</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.11...1.26.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.11&new-version=1.26.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
wdbaruni
pushed a commit
to bacalhau-project/bacalhau
that referenced
this issue
Oct 16, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.11 to 1.26.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li><a href="https://github.com/urllib3/urllib3/commit/18e92145e9cddbabdf51c98f54202aa37fd5d4c8"><code>18e9214</code></a> Use trusted publishing for PyPI</li> <li><a href="https://github.com/urllib3/urllib3/commit/d25cf83bbae850a290fe34ed1610ae55c0558b36"><code>d25cf83</code></a> [1.26] Fix invalid test_ssl_failure_midway_through_conn</li> <li><a href="https://github.com/urllib3/urllib3/commit/25cca389496b86ee809c21e5b641aeaa74809263"><code>25cca38</code></a> [1.26] Fix test_ssl_object_attributes</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.11...1.26.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.11&new-version=1.26.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
meteorcloudy
pushed a commit
to bazelbuild/continuous-integration
that referenced
this issue
Oct 18, 2023
…1761) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.18</h2> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)</li> </ul> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.18 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a> Release 1.26.18 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a> Merge pull request from GHSA-g4mx-q9vg-27p4</li> <li><a href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a> [1.26] Use vendored six in urllib3.contrib.securetransport</li> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.5...1.26.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.5&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bazelbuild/continuous-integration/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot
pushed a commit
to bazelbuild/rules_python
that referenced
this issue
Oct 18, 2023
…tory_entry_points (#1500) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.7 to 1.26.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.18</h2> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)</li> </ul> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.18 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a> Release 1.26.18 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a> Merge pull request from GHSA-g4mx-q9vg-27p4</li> <li><a href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a> [1.26] Use vendored six in urllib3.contrib.securetransport</li> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.7...1.26.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.7&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bazelbuild/rules_python/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
kylesurowiec
pushed a commit
to kylesurowiec/spotify-coverflow
that referenced
this issue
Oct 22, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.18</h2> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)</li> </ul> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.18 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a> Release 1.26.18 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a> Merge pull request from GHSA-g4mx-q9vg-27p4</li> <li><a href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a> [1.26] Use vendored six in urllib3.contrib.securetransport</li> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.5...1.26.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.5&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/kylesurowiec/spotify-coverflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Qalthos
pushed a commit
to ansible/pylibssh
that referenced
this issue
Oct 30, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.18</h2> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)</li> </ul> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.18 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a> Release 1.26.18 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a> Merge pull request from GHSA-g4mx-q9vg-27p4</li> <li><a href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a> [1.26] Use vendored six in urllib3.contrib.securetransport</li> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.5...1.26.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.5&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ansible/pylibssh/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
VadVergasov
pushed a commit
to VadVergasov/vkparserbot
that referenced
this issue
Nov 13, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.7 to 2.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.1.0</h2> <p>Read the <a href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2 migration guide</a> for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li> <li>Removed support for the end-of-life Python 3.7. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3065">#3065</a>)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3174">#3174</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.1.0 (2023-11-13)</h1> <p>Read the <code>v2 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html></code>__ for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<code>[#2680](urllib3/urllib3#2680) <https://github.com/urllib3/urllib3/issues/2680></code>__)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<code>[#2681](urllib3/urllib3#2681) <https://github.com/urllib3/urllib3/issues/2681></code>__)</li> <li>Removed support for the end-of-life Python 3.7. (<code>[#3143](urllib3/urllib3#3143) <https://github.com/urllib3/urllib3/issues/3143></code>__)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<code>[#3065](urllib3/urllib3#3065) <https://github.com/urllib3/urllib3/issues/3065></code>__)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<code>[#3174](urllib3/urllib3#3174) <https://github.com/urllib3/urllib3/issues/3174></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/69be2992f8a25a1f27e49f339e4d5b98dec07462"><code>69be299</code></a> Release 2.1.0</li> <li><a href="https://github.com/urllib3/urllib3/commit/77f71d3fbc6b747849e0205929d0e519ba77457b"><code>77f71d3</code></a> Mention myself in README</li> <li><a href="https://github.com/urllib3/urllib3/commit/e601a0e8826fc734712f298e92c1a87cee1a08a7"><code>e601a0e</code></a> Check _has_route <em>within</em> the test function (<a href="https://redirect.github.com/urllib3/urllib3/issues/3187">#3187</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/f7cd7f3f632cf5224f627536f02c2abf7e4146d1"><code>f7cd7f3</code></a> Stop naming urllib3/requests tests "integration" (<a href="https://redirect.github.com/urllib3/urllib3/issues/3182">#3182</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/6fc4260934b4a780c01a685f3f7982055e1c73e2"><code>6fc4260</code></a> Use more precise type checks</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fa8ea621579edf4eb94addc9fb1bc5873256381"><code>5fa8ea6</code></a> Fix lint on Python 3.12</li> <li><a href="https://github.com/urllib3/urllib3/commit/872768312273d67ca9b9481028c11acaf213da86"><code>8727683</code></a> Remove Sphinx version pin</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fc48e711b33c08eea1c1ea8209870f45e8baf05"><code>5fc48e7</code></a> Treat x-gzip content encoding as gzip</li> <li><a href="https://github.com/urllib3/urllib3/commit/ff764a01499203a7c6fbe2e6c0a5a670cf26745c"><code>ff764a0</code></a> Allow loading CA certificates from memory for proxies (<a href="https://redirect.github.com/urllib3/urllib3/issues/3150">#3150</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b99cc396b2b760362469796d086fae118aec7fb7"><code>b99cc39</code></a> Replace deprecated set-output in GitHub Actions</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.0.7...2.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.7&new-version=2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
apereocas-bot
pushed a commit
to apereo/cas
that referenced
this issue
Nov 13, 2023
[![Mend Renovate logo banner](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [urllib3](https://togithub.com/urllib3/urllib3) ([changelog](https://togithub.com/urllib3/urllib3/blob/main/CHANGES.rst)) | `==2.0.7` -> `==2.1.0` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/urllib3/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/urllib3/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/urllib3/2.0.7/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/urllib3/2.0.7/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>urllib3/urllib3 (urllib3)</summary> ### [`v2.1.0`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#210-2023-11-13) [Compare Source](https://togithub.com/urllib3/urllib3/compare/2.0.7...2.1.0) \================== Read the `v2 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html>`\__ for help upgrading to the latest version of urllib3. ## Removals - Removed support for the deprecated urllib3\[secure] extra. (`#​2680 <https://github.com/urllib3/urllib3/issues/2680>`\__) - Removed support for the deprecated SecureTransport TLS implementation. (`#​2681 <https://github.com/urllib3/urllib3/issues/2681>`\__) - Removed support for the end-of-life Python 3.7. (`#​3143 <https://github.com/urllib3/urllib3/issues/3143>`\__) ## Bugfixes - Allowed loading CA certificates from memory for proxies. (`#​3065 <https://github.com/urllib3/urllib3/issues/3065>`\__) - Fixed decoding Gzip-encoded responses which specified `x-gzip` content-encoding. (`#​3174 <https://github.com/urllib3/urllib3/issues/3174>`\__) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 10pm every weekday,before 6am every weekday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/apereo/cas). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->
VadVergasov
pushed a commit
to VadVergasov/HometaskBot
that referenced
this issue
Nov 18, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.7 to 2.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.1.0</h2> <p>Read the <a href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2 migration guide</a> for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li> <li>Removed support for the end-of-life Python 3.7. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3065">#3065</a>)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3174">#3174</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.1.0 (2023-11-13)</h1> <p>Read the <code>v2 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html></code>__ for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<code>[#2680](urllib3/urllib3#2680) <https://github.com/urllib3/urllib3/issues/2680></code>__)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<code>[#2681](urllib3/urllib3#2681) <https://github.com/urllib3/urllib3/issues/2681></code>__)</li> <li>Removed support for the end-of-life Python 3.7. (<code>[#3143](urllib3/urllib3#3143) <https://github.com/urllib3/urllib3/issues/3143></code>__)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<code>[#3065](urllib3/urllib3#3065) <https://github.com/urllib3/urllib3/issues/3065></code>__)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<code>[#3174](urllib3/urllib3#3174) <https://github.com/urllib3/urllib3/issues/3174></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/69be2992f8a25a1f27e49f339e4d5b98dec07462"><code>69be299</code></a> Release 2.1.0</li> <li><a href="https://github.com/urllib3/urllib3/commit/77f71d3fbc6b747849e0205929d0e519ba77457b"><code>77f71d3</code></a> Mention myself in README</li> <li><a href="https://github.com/urllib3/urllib3/commit/e601a0e8826fc734712f298e92c1a87cee1a08a7"><code>e601a0e</code></a> Check _has_route <em>within</em> the test function (<a href="https://redirect.github.com/urllib3/urllib3/issues/3187">#3187</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/f7cd7f3f632cf5224f627536f02c2abf7e4146d1"><code>f7cd7f3</code></a> Stop naming urllib3/requests tests "integration" (<a href="https://redirect.github.com/urllib3/urllib3/issues/3182">#3182</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/6fc4260934b4a780c01a685f3f7982055e1c73e2"><code>6fc4260</code></a> Use more precise type checks</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fa8ea621579edf4eb94addc9fb1bc5873256381"><code>5fa8ea6</code></a> Fix lint on Python 3.12</li> <li><a href="https://github.com/urllib3/urllib3/commit/872768312273d67ca9b9481028c11acaf213da86"><code>8727683</code></a> Remove Sphinx version pin</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fc48e711b33c08eea1c1ea8209870f45e8baf05"><code>5fc48e7</code></a> Treat x-gzip content encoding as gzip</li> <li><a href="https://github.com/urllib3/urllib3/commit/ff764a01499203a7c6fbe2e6c0a5a670cf26745c"><code>ff764a0</code></a> Allow loading CA certificates from memory for proxies (<a href="https://redirect.github.com/urllib3/urllib3/issues/3150">#3150</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b99cc396b2b760362469796d086fae118aec7fb7"><code>b99cc39</code></a> Replace deprecated set-output in GitHub Actions</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.0.7...2.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.7&new-version=2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
VadVergasov
pushed a commit
to VadVergasov/MailRedirector
that referenced
this issue
Nov 18, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.7 to 2.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.1.0</h2> <p>Read the <a href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2 migration guide</a> for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li> <li>Removed support for the end-of-life Python 3.7. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3065">#3065</a>)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3174">#3174</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.1.0 (2023-11-13)</h1> <p>Read the <code>v2 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html></code>__ for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<code>[#2680](urllib3/urllib3#2680) <https://github.com/urllib3/urllib3/issues/2680></code>__)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<code>[#2681](urllib3/urllib3#2681) <https://github.com/urllib3/urllib3/issues/2681></code>__)</li> <li>Removed support for the end-of-life Python 3.7. (<code>[#3143](urllib3/urllib3#3143) <https://github.com/urllib3/urllib3/issues/3143></code>__)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<code>[#3065](urllib3/urllib3#3065) <https://github.com/urllib3/urllib3/issues/3065></code>__)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<code>[#3174](urllib3/urllib3#3174) <https://github.com/urllib3/urllib3/issues/3174></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/69be2992f8a25a1f27e49f339e4d5b98dec07462"><code>69be299</code></a> Release 2.1.0</li> <li><a href="https://github.com/urllib3/urllib3/commit/77f71d3fbc6b747849e0205929d0e519ba77457b"><code>77f71d3</code></a> Mention myself in README</li> <li><a href="https://github.com/urllib3/urllib3/commit/e601a0e8826fc734712f298e92c1a87cee1a08a7"><code>e601a0e</code></a> Check _has_route <em>within</em> the test function (<a href="https://redirect.github.com/urllib3/urllib3/issues/3187">#3187</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/f7cd7f3f632cf5224f627536f02c2abf7e4146d1"><code>f7cd7f3</code></a> Stop naming urllib3/requests tests "integration" (<a href="https://redirect.github.com/urllib3/urllib3/issues/3182">#3182</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/6fc4260934b4a780c01a685f3f7982055e1c73e2"><code>6fc4260</code></a> Use more precise type checks</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fa8ea621579edf4eb94addc9fb1bc5873256381"><code>5fa8ea6</code></a> Fix lint on Python 3.12</li> <li><a href="https://github.com/urllib3/urllib3/commit/872768312273d67ca9b9481028c11acaf213da86"><code>8727683</code></a> Remove Sphinx version pin</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fc48e711b33c08eea1c1ea8209870f45e8baf05"><code>5fc48e7</code></a> Treat x-gzip content encoding as gzip</li> <li><a href="https://github.com/urllib3/urllib3/commit/ff764a01499203a7c6fbe2e6c0a5a670cf26745c"><code>ff764a0</code></a> Allow loading CA certificates from memory for proxies (<a href="https://redirect.github.com/urllib3/urllib3/issues/3150">#3150</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b99cc396b2b760362469796d086fae118aec7fb7"><code>b99cc39</code></a> Replace deprecated set-output in GitHub Actions</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.0.7...2.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.7&new-version=2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
kai687
pushed a commit
to kai687/sphinxawesome-theme
that referenced
this issue
Nov 27, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.7 to 2.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.1.0</h2> <p>Read the <a href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2 migration guide</a> for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li> <li>Removed support for the end-of-life Python 3.7. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3065">#3065</a>)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3174">#3174</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.1.0 (2023-11-13)</h1> <p>Read the <code>v2 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html></code>__ for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<code>[#2680](urllib3/urllib3#2680) <https://github.com/urllib3/urllib3/issues/2680></code>__)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<code>[#2681](urllib3/urllib3#2681) <https://github.com/urllib3/urllib3/issues/2681></code>__)</li> <li>Removed support for the end-of-life Python 3.7. (<code>[#3143](urllib3/urllib3#3143) <https://github.com/urllib3/urllib3/issues/3143></code>__)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<code>[#3065](urllib3/urllib3#3065) <https://github.com/urllib3/urllib3/issues/3065></code>__)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<code>[#3174](urllib3/urllib3#3174) <https://github.com/urllib3/urllib3/issues/3174></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/69be2992f8a25a1f27e49f339e4d5b98dec07462"><code>69be299</code></a> Release 2.1.0</li> <li><a href="https://github.com/urllib3/urllib3/commit/77f71d3fbc6b747849e0205929d0e519ba77457b"><code>77f71d3</code></a> Mention myself in README</li> <li><a href="https://github.com/urllib3/urllib3/commit/e601a0e8826fc734712f298e92c1a87cee1a08a7"><code>e601a0e</code></a> Check _has_route <em>within</em> the test function (<a href="https://redirect.github.com/urllib3/urllib3/issues/3187">#3187</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/f7cd7f3f632cf5224f627536f02c2abf7e4146d1"><code>f7cd7f3</code></a> Stop naming urllib3/requests tests "integration" (<a href="https://redirect.github.com/urllib3/urllib3/issues/3182">#3182</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/6fc4260934b4a780c01a685f3f7982055e1c73e2"><code>6fc4260</code></a> Use more precise type checks</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fa8ea621579edf4eb94addc9fb1bc5873256381"><code>5fa8ea6</code></a> Fix lint on Python 3.12</li> <li><a href="https://github.com/urllib3/urllib3/commit/872768312273d67ca9b9481028c11acaf213da86"><code>8727683</code></a> Remove Sphinx version pin</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fc48e711b33c08eea1c1ea8209870f45e8baf05"><code>5fc48e7</code></a> Treat x-gzip content encoding as gzip</li> <li><a href="https://github.com/urllib3/urllib3/commit/ff764a01499203a7c6fbe2e6c0a5a670cf26745c"><code>ff764a0</code></a> Allow loading CA certificates from memory for proxies (<a href="https://redirect.github.com/urllib3/urllib3/issues/3150">#3150</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b99cc396b2b760362469796d086fae118aec7fb7"><code>b99cc39</code></a> Replace deprecated set-output in GitHub Actions</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.0.7...2.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.7&new-version=2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Teqed
added a commit
to Teqed/FediFetcher
that referenced
this issue
Dec 11, 2023
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.7 to 2.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.1.0</h2> <p>Read the <a href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2 migration guide</a> for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li> <li>Removed support for the end-of-life Python 3.7. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3065">#3065</a>)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3174">#3174</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.1.0 (2023-11-13)</h1> <p>Read the <code>v2 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html></code>__ for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<code>[#2680](urllib3/urllib3#2680) <https://github.com/urllib3/urllib3/issues/2680></code>__)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<code>[#2681](urllib3/urllib3#2681) <https://github.com/urllib3/urllib3/issues/2681></code>__)</li> <li>Removed support for the end-of-life Python 3.7. (<code>[#3143](urllib3/urllib3#3143) <https://github.com/urllib3/urllib3/issues/3143></code>__)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<code>[#3065](urllib3/urllib3#3065) <https://github.com/urllib3/urllib3/issues/3065></code>__)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<code>[#3174](urllib3/urllib3#3174) <https://github.com/urllib3/urllib3/issues/3174></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/69be2992f8a25a1f27e49f339e4d5b98dec07462"><code>69be299</code></a> Release 2.1.0</li> <li><a href="https://github.com/urllib3/urllib3/commit/77f71d3fbc6b747849e0205929d0e519ba77457b"><code>77f71d3</code></a> Mention myself in README</li> <li><a href="https://github.com/urllib3/urllib3/commit/e601a0e8826fc734712f298e92c1a87cee1a08a7"><code>e601a0e</code></a> Check _has_route <em>within</em> the test function (<a href="https://redirect.github.com/urllib3/urllib3/issues/3187">#3187</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/f7cd7f3f632cf5224f627536f02c2abf7e4146d1"><code>f7cd7f3</code></a> Stop naming urllib3/requests tests "integration" (<a href="https://redirect.github.com/urllib3/urllib3/issues/3182">#3182</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/6fc4260934b4a780c01a685f3f7982055e1c73e2"><code>6fc4260</code></a> Use more precise type checks</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fa8ea621579edf4eb94addc9fb1bc5873256381"><code>5fa8ea6</code></a> Fix lint on Python 3.12</li> <li><a href="https://github.com/urllib3/urllib3/commit/872768312273d67ca9b9481028c11acaf213da86"><code>8727683</code></a> Remove Sphinx version pin</li> <li><a href="https://github.com/urllib3/urllib3/commit/5fc48e711b33c08eea1c1ea8209870f45e8baf05"><code>5fc48e7</code></a> Treat x-gzip content encoding as gzip</li> <li><a href="https://github.com/urllib3/urllib3/commit/ff764a01499203a7c6fbe2e6c0a5a670cf26745c"><code>ff764a0</code></a> Allow loading CA certificates from memory for proxies (<a href="https://redirect.github.com/urllib3/urllib3/issues/3150">#3150</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b99cc396b2b760362469796d086fae118aec7fb7"><code>b99cc39</code></a> Replace deprecated set-output in GitHub Actions</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.0.7...2.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.7&new-version=2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
CrisTofani
added a commit
to pagopa/io-app
that referenced
this issue
Dec 14, 2023
…ls (#5133) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.6 to 1.26.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.18</h2> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)</li> </ul> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.18 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a> Release 1.26.18 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a> Merge pull request from GHSA-g4mx-q9vg-27p4</li> <li><a href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a> [1.26] Use vendored six in urllib3.contrib.securetransport</li> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.6...1.26.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.6&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pagopa/io-app/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Cristiano Tofani <cri.tofani@gmail.com>
CrisTofani
pushed a commit
to pagopa/io-app
that referenced
this issue
Dec 14, 2023
…e_button_exists (#5132) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.6 to 1.26.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.18</h2> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)</li> </ul> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.18 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a> Release 1.26.18 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a> Merge pull request from GHSA-g4mx-q9vg-27p4</li> <li><a href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a> [1.26] Use vendored six in urllib3.contrib.securetransport</li> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.6...1.26.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.6&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pagopa/io-app/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
copybara-service bot
pushed a commit
to grpc/grpc
that referenced
this issue
Jan 10, 2024
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.18</h2> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)</li> </ul> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.18 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a> Release 1.26.18 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a> Merge pull request from GHSA-g4mx-q9vg-27p4</li> <li><a href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a> [1.26] Use vendored six in urllib3.contrib.securetransport</li> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.5...1.26.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.5&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/grpc/grpc/network/alerts). </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Closes #34714 COPYBARA_INTEGRATE_REVIEW=#34714 from grpc:dependabot/pip/urllib3-1.26.18 3281b12 PiperOrigin-RevId: 597334547
github-actions bot
added a commit
to MaRDI4NFDI/open-interfaces
that referenced
this issue
Feb 5, 2024
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.7 to 2.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.2.0</h2> <h2>🖥️ urllib3 now works in the browser</h2> <p>:tada: <strong>This release adds experimental support for <a href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using urllib3 in the browser with Pyodide</a>!</strong> 🎉</p> <p>Thanks to Joe Marshall (<a href="https://github.com/joemarshall"><code>@joemarshall</code></a>) for contributing this feature. This change was possible thanks to work done in urllib3 v2.0 to detach our API from <code>http.client</code>. Please report all bugs to the <a href="https://github.com/urllib3/urllib3/issues">urllib3 issue tracker</a>.</p> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Added support for <a href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten and Pyodide</a>, including streaming support in cross-origin isolated browser environments where threading is enabled. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li> <li>Added support for <code>HTTPResponse.read1()</code> method. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li> <li>Added rudimentary support for HTTP/2. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li> <li>Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li> <li>Fixed <code>HTTPConnection.proxy_is_verified</code> and <code>HTTPSConnection.proxy_is_verified</code> to be always set to a boolean after connecting to a proxy. It could be <code>None</code> in some cases previously. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li> <li>Fixed an issue where <code>headers</code> passed in a request with <code>json=</code> would be mutated (<a href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li> <li>Fixed <code>HTTPSConnection.is_verified</code> to be set to <code>False</code> when connecting from a HTTPS proxy to an HTTP target. It was set to <code>True</code> previously. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li> <li>Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (<a href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li> <li>Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (<a href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li> </ul> <p>Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the <code>--integration</code> pytest flag. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p> <h2>2.1.0</h2> <p>Read the <a href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2 migration guide</a> for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li> <li>Removed support for the end-of-life Python 3.7. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Allowed loading CA certificates from memory for proxies. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3065">#3065</a>)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3174">#3174</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.2.0 (2024-01-30)</h1> <ul> <li>Added support for <code>Emscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html></code><strong>, including streaming support in cross-origin isolated browser environments where threading is enabled. (<code>[#2951](urllib3/urllib3#2951) <https://github.com/urllib3/urllib3/issues/2951></code></strong>)</li> <li>Added support for <code>HTTPResponse.read1()</code> method. (<code>[#3186](urllib3/urllib3#3186) <https://github.com/urllib3/urllib3/issues/3186></code>__)</li> <li>Added rudimentary support for HTTP/2. (<code>[#3284](urllib3/urllib3#3284) <https://github.com/urllib3/urllib3/issues/3284></code>__)</li> <li>Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (<code>[#2244](urllib3/urllib3#2244) <https://github.com/urllib3/urllib3/issues/2244></code>__)</li> <li>Fixed <code>HTTPConnection.proxy_is_verified</code> and <code>HTTPSConnection.proxy_is_verified</code> to be always set to a boolean after connecting to a proxy. It could be <code>None</code> in some cases previously. (<code>[#3130](urllib3/urllib3#3130) <https://github.com/urllib3/urllib3/issues/3130></code>__)</li> <li>Fixed an issue where <code>headers</code> passed in a request with <code>json=</code> would be mutated (<code>[#3203](urllib3/urllib3#3203) <https://github.com/urllib3/urllib3/issues/3203></code>__)</li> <li>Fixed <code>HTTPSConnection.is_verified</code> to be set to <code>False</code> when connecting from a HTTPS proxy to an HTTP target. It was set to <code>True</code> previously. (<code>[#3267](urllib3/urllib3#3267) <https://github.com/urllib3/urllib3/issues/3267></code>__)</li> <li>Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (<code>[#3268](urllib3/urllib3#3268) <https://github.com/urllib3/urllib3/issues/3268></code>__)</li> <li>Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (<code>[#3325](urllib3/urllib3#3325) <https://github.com/urllib3/urllib3/issues/3325></code>__)</li> <li>Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the <code>--integration</code> pytest flag. (<code>[#3181](urllib3/urllib3#3181) <https://github.com/urllib3/urllib3/issues/3181></code>__)</li> </ul> <h1>2.1.0 (2023-11-13)</h1> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<code>[#2680](urllib3/urllib3#2680) <https://github.com/urllib3/urllib3/issues/2680></code>__)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<code>[#2681](urllib3/urllib3#2681) <https://github.com/urllib3/urllib3/issues/2681></code>__)</li> <li>Removed support for the end-of-life Python 3.7. (<code>[#3143](urllib3/urllib3#3143) <https://github.com/urllib3/urllib3/issues/3143></code>__)</li> <li>Allowed loading CA certificates from memory for proxies. (<code>[#3065](urllib3/urllib3#3065) <https://github.com/urllib3/urllib3/issues/3065></code>__)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<code>[#3174](urllib3/urllib3#3174) <https://github.com/urllib3/urllib3/issues/3174></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/04df048cf4b1c3790c56e26c659db764aad62d6f"><code>04df048</code></a> Release 2.2.0</li> <li><a href="https://github.com/urllib3/urllib3/commit/2aec09f6a1727dd54f65b9069ef8f168ef40a885"><code>2aec09f</code></a> Add documentation for Emscripten support</li> <li><a href="https://github.com/urllib3/urllib3/commit/6d2f0f63b066ce6064b16ba97dc5cf3f70d5d44a"><code>6d2f0f6</code></a> Annotate response attribute <code>length_remaining</code> in BaseHTTPResponse (<a href="https://redirect.github.com/urllib3/urllib3/issues/3317">#3317</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/d7bb83b48c23d8dd429c20a43ac3da74ea6e9df0"><code>d7bb83b</code></a> Fix TLS 1.3 post-handshake auth</li> <li><a href="https://github.com/urllib3/urllib3/commit/8c8e26dab401121e9fccc8e8e8958609ccb045f5"><code>8c8e26d</code></a> Hide H2Connection inside _LockedObject (<a href="https://redirect.github.com/urllib3/urllib3/issues/3318">#3318</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/26a07dbd3267b174439f1fca0ab473dc79f473dc"><code>26a07db</code></a> Make BaseHTTPResponse a base class of HTTP2Response (<a href="https://redirect.github.com/urllib3/urllib3/issues/3311">#3311</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/71e7c35662a4b2ba8543194cc132616065dfc56a"><code>71e7c35</code></a> Allow testing HTTP/1.1 and HTTP/2 in the same test (<a href="https://redirect.github.com/urllib3/urllib3/issues/3310">#3310</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/89ed0d6a65138f6d641e92ae4e0da0cdc7d66870"><code>89ed0d6</code></a> Add test-pypy 3.8 3.9 3.10 nox sessions (<a href="https://redirect.github.com/urllib3/urllib3/issues/3304">#3304</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/fb6cf2dba92bba8bdd734deb4d6fde44c19849b9"><code>fb6cf2d</code></a> Pin to pypy-3.9-v7.3.13 to not timeout CI</li> <li><a href="https://github.com/urllib3/urllib3/commit/03f7b65a47d87036674a7909ca6c57d4b5cf1a81"><code>03f7b65</code></a> Skip memray on pypy (<a href="https://redirect.github.com/urllib3/urllib3/issues/3286">#3286</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.0.7...2.2.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.7&new-version=2.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
github-merge-queue bot
pushed a commit
to Aiven-Open/kio
that referenced
this issue
Mar 1, 2024
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.7 to 2.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.2.1</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Fixed issue where <code>InsecureRequestWarning</code> was emitted for HTTPS connections when using Emscripten. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li> <li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically casting non-proxy headers to <code>HTTPHeaderDict</code>. This change was premature as it did not apply to proxy headers and <code>HTTPHeaderDict</code> does not handle byte header values correctly yet. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li> <li>Changed <code>ProtocolError</code> to <code>InvalidChunkLength</code> when response terminates before the chunk length is sent. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li> <li>Changed <code>ProtocolError</code> to be more verbose on incomplete reads with excess content. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li> </ul> <h2>2.2.0</h2> <h2>🖥️ urllib3 now works in the browser</h2> <p>:tada: <strong>This release adds experimental support for <a href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using urllib3 in the browser with Pyodide</a>!</strong> 🎉</p> <p>Thanks to Joe Marshall (<a href="https://github.com/joemarshall"><code>@joemarshall</code></a>) for contributing this feature. This change was possible thanks to work done in urllib3 v2.0 to detach our API from <code>http.client</code>. Please report all bugs to the <a href="https://github.com/urllib3/urllib3/issues">urllib3 issue tracker</a>.</p> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Added support for <a href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten and Pyodide</a>, including streaming support in cross-origin isolated browser environments where threading is enabled. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li> <li>Added support for <code>HTTPResponse.read1()</code> method. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li> <li>Added rudimentary support for HTTP/2. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li> <li>Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li> <li>Fixed <code>HTTPConnection.proxy_is_verified</code> and <code>HTTPSConnection.proxy_is_verified</code> to be always set to a boolean after connecting to a proxy. It could be <code>None</code> in some cases previously. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li> <li>Fixed an issue where <code>headers</code> passed in a request with <code>json=</code> would be mutated (<a href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li> <li>Fixed <code>HTTPSConnection.is_verified</code> to be set to <code>False</code> when connecting from a HTTPS proxy to an HTTP target. It was set to <code>True</code> previously. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li> <li>Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (<a href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li> <li>Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (<a href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li> </ul> <p>Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the <code>--integration</code> pytest flag. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p> <h2>2.1.0</h2> <p>Read the <a href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2 migration guide</a> for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li> <li>Removed support for the end-of-life Python 3.7. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.2.1 (2024-02-16)</h1> <ul> <li>Fixed issue where <code>InsecureRequestWarning</code> was emitted for HTTPS connections when using Emscripten. (<code>[#3331](urllib3/urllib3#3331) <https://github.com/urllib3/urllib3/issues/3331></code>__)</li> <li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically casting non-proxy headers to <code>HTTPHeaderDict</code>. This change was premature as it did not apply to proxy headers and <code>HTTPHeaderDict</code> does not handle byte header values correctly yet. (<code>[#3343](urllib3/urllib3#3343) <https://github.com/urllib3/urllib3/issues/3343></code>__)</li> <li>Changed <code>InvalidChunkLength</code> to <code>ProtocolError</code> when response terminates before the chunk length is sent. (<code>[#2860](urllib3/urllib3#2860) <https://github.com/urllib3/urllib3/issues/2860></code>__)</li> <li>Changed <code>ProtocolError</code> to be more verbose on incomplete reads with excess content. (<code>[#3261](urllib3/urllib3#3261) <https://github.com/urllib3/urllib3/issues/3261></code>__)</li> </ul> <h1>2.2.0 (2024-01-30)</h1> <ul> <li>Added support for <code>Emscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html></code><strong>, including streaming support in cross-origin isolated browser environments where threading is enabled. (<code>[#2951](urllib3/urllib3#2951) <https://github.com/urllib3/urllib3/issues/2951></code></strong>)</li> <li>Added support for <code>HTTPResponse.read1()</code> method. (<code>[#3186](urllib3/urllib3#3186) <https://github.com/urllib3/urllib3/issues/3186></code>__)</li> <li>Added rudimentary support for HTTP/2. (<code>[#3284](urllib3/urllib3#3284) <https://github.com/urllib3/urllib3/issues/3284></code>__)</li> <li>Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (<code>[#2244](urllib3/urllib3#2244) <https://github.com/urllib3/urllib3/issues/2244></code>__)</li> <li>Fixed <code>HTTPConnection.proxy_is_verified</code> and <code>HTTPSConnection.proxy_is_verified</code> to be always set to a boolean after connecting to a proxy. It could be <code>None</code> in some cases previously. (<code>[#3130](urllib3/urllib3#3130) <https://github.com/urllib3/urllib3/issues/3130></code>__)</li> <li>Fixed an issue where <code>headers</code> passed in a request with <code>json=</code> would be mutated (<code>[#3203](urllib3/urllib3#3203) <https://github.com/urllib3/urllib3/issues/3203></code>__)</li> <li>Fixed <code>HTTPSConnection.is_verified</code> to be set to <code>False</code> when connecting from a HTTPS proxy to an HTTP target. It was set to <code>True</code> previously. (<code>[#3267](urllib3/urllib3#3267) <https://github.com/urllib3/urllib3/issues/3267></code>__)</li> <li>Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (<code>[#3268](urllib3/urllib3#3268) <https://github.com/urllib3/urllib3/issues/3268></code>__)</li> <li>Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (<code>[#3325](urllib3/urllib3#3325) <https://github.com/urllib3/urllib3/issues/3325></code>__)</li> <li>Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the <code>--integration</code> pytest flag. (<code>[#3181](urllib3/urllib3#3181) <https://github.com/urllib3/urllib3/issues/3181></code>__)</li> </ul> <h1>2.1.0 (2023-11-13)</h1> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<code>[#2680](urllib3/urllib3#2680) <https://github.com/urllib3/urllib3/issues/2680></code>__)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<code>[#2681](urllib3/urllib3#2681) <https://github.com/urllib3/urllib3/issues/2681></code>__)</li> <li>Removed support for the end-of-life Python 3.7. (<code>[#3143](urllib3/urllib3#3143) <https://github.com/urllib3/urllib3/issues/3143></code>__)</li> <li>Allowed loading CA certificates from memory for proxies. (<code>[#3065](urllib3/urllib3#3065) <https://github.com/urllib3/urllib3/issues/3065></code>__)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<code>[#3174](urllib3/urllib3#3174) <https://github.com/urllib3/urllib3/issues/3174></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a> Release 2.2.1</li> <li><a href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a> Stop casting request headers to HTTPHeaderDict (<a href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a> Fix docstring of retries parameter</li> <li><a href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a> Distinguish between truncated and excess content in response (<a href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a> Fix InsecureRequestWarning for HTTPS Emscripten requests (<a href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a> Ensure no remote connections during testing (<a href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a> Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a> Add nox session to start local Pyodide console</li> <li><a href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a> Fix ssl_version tests for upcoming migration to pytest 8</li> <li><a href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a> Remove TODO about informational responses (<a href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.0.7...2.2.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.7&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
yairsimantov20
pushed a commit
to port-labs/ocean
that referenced
this issue
Apr 24, 2024
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.18 to 2.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.2.1</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Fixed issue where <code>InsecureRequestWarning</code> was emitted for HTTPS connections when using Emscripten. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li> <li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically casting non-proxy headers to <code>HTTPHeaderDict</code>. This change was premature as it did not apply to proxy headers and <code>HTTPHeaderDict</code> does not handle byte header values correctly yet. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li> <li>Changed <code>ProtocolError</code> to <code>InvalidChunkLength</code> when response terminates before the chunk length is sent. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li> <li>Changed <code>ProtocolError</code> to be more verbose on incomplete reads with excess content. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li> </ul> <h2>2.2.0</h2> <h2>🖥️ urllib3 now works in the browser</h2> <p>:tada: <strong>This release adds experimental support for <a href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using urllib3 in the browser with Pyodide</a>!</strong> 🎉</p> <p>Thanks to Joe Marshall (<a href="https://github.com/joemarshall"><code>@joemarshall</code></a>) for contributing this feature. This change was possible thanks to work done in urllib3 v2.0 to detach our API from <code>http.client</code>. Please report all bugs to the <a href="https://github.com/urllib3/urllib3/issues">urllib3 issue tracker</a>.</p> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Added support for <a href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten and Pyodide</a>, including streaming support in cross-origin isolated browser environments where threading is enabled. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li> <li>Added support for <code>HTTPResponse.read1()</code> method. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li> <li>Added rudimentary support for HTTP/2. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li> <li>Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li> <li>Fixed <code>HTTPConnection.proxy_is_verified</code> and <code>HTTPSConnection.proxy_is_verified</code> to be always set to a boolean after connecting to a proxy. It could be <code>None</code> in some cases previously. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li> <li>Fixed an issue where <code>headers</code> passed in a request with <code>json=</code> would be mutated (<a href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li> <li>Fixed <code>HTTPSConnection.is_verified</code> to be set to <code>False</code> when connecting from a HTTPS proxy to an HTTP target. It was set to <code>True</code> previously. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li> <li>Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (<a href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li> <li>Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (<a href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li> </ul> <p>Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the <code>--integration</code> pytest flag. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p> <h2>2.1.0</h2> <p>Read the <a href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2 migration guide</a> for help upgrading to the latest version of urllib3.</p> <h2>Removals</h2> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<a href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li> <li>Removed support for the end-of-life Python 3.7. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.2.1 (2024-02-16)</h1> <ul> <li>Fixed issue where <code>InsecureRequestWarning</code> was emitted for HTTPS connections when using Emscripten. (<code>[#3331](urllib3/urllib3#3331) <https://github.com/urllib3/urllib3/issues/3331></code>__)</li> <li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically casting non-proxy headers to <code>HTTPHeaderDict</code>. This change was premature as it did not apply to proxy headers and <code>HTTPHeaderDict</code> does not handle byte header values correctly yet. (<code>[#3343](urllib3/urllib3#3343) <https://github.com/urllib3/urllib3/issues/3343></code>__)</li> <li>Changed <code>InvalidChunkLength</code> to <code>ProtocolError</code> when response terminates before the chunk length is sent. (<code>[#2860](urllib3/urllib3#2860) <https://github.com/urllib3/urllib3/issues/2860></code>__)</li> <li>Changed <code>ProtocolError</code> to be more verbose on incomplete reads with excess content. (<code>[#3261](urllib3/urllib3#3261) <https://github.com/urllib3/urllib3/issues/3261></code>__)</li> </ul> <h1>2.2.0 (2024-01-30)</h1> <ul> <li>Added support for <code>Emscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html></code><strong>, including streaming support in cross-origin isolated browser environments where threading is enabled. (<code>[#2951](urllib3/urllib3#2951) <https://github.com/urllib3/urllib3/issues/2951></code></strong>)</li> <li>Added support for <code>HTTPResponse.read1()</code> method. (<code>[#3186](urllib3/urllib3#3186) <https://github.com/urllib3/urllib3/issues/3186></code>__)</li> <li>Added rudimentary support for HTTP/2. (<code>[#3284](urllib3/urllib3#3284) <https://github.com/urllib3/urllib3/issues/3284></code>__)</li> <li>Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (<code>[#2244](urllib3/urllib3#2244) <https://github.com/urllib3/urllib3/issues/2244></code>__)</li> <li>Fixed <code>HTTPConnection.proxy_is_verified</code> and <code>HTTPSConnection.proxy_is_verified</code> to be always set to a boolean after connecting to a proxy. It could be <code>None</code> in some cases previously. (<code>[#3130](urllib3/urllib3#3130) <https://github.com/urllib3/urllib3/issues/3130></code>__)</li> <li>Fixed an issue where <code>headers</code> passed in a request with <code>json=</code> would be mutated (<code>[#3203](urllib3/urllib3#3203) <https://github.com/urllib3/urllib3/issues/3203></code>__)</li> <li>Fixed <code>HTTPSConnection.is_verified</code> to be set to <code>False</code> when connecting from a HTTPS proxy to an HTTP target. It was set to <code>True</code> previously. (<code>[#3267](urllib3/urllib3#3267) <https://github.com/urllib3/urllib3/issues/3267></code>__)</li> <li>Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (<code>[#3268](urllib3/urllib3#3268) <https://github.com/urllib3/urllib3/issues/3268></code>__)</li> <li>Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (<code>[#3325](urllib3/urllib3#3325) <https://github.com/urllib3/urllib3/issues/3325></code>__)</li> <li>Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the <code>--integration</code> pytest flag. (<code>[#3181](urllib3/urllib3#3181) <https://github.com/urllib3/urllib3/issues/3181></code>__)</li> </ul> <h1>2.1.0 (2023-11-13)</h1> <ul> <li>Removed support for the deprecated urllib3[secure] extra. (<code>[#2680](urllib3/urllib3#2680) <https://github.com/urllib3/urllib3/issues/2680></code>__)</li> <li>Removed support for the deprecated SecureTransport TLS implementation. (<code>[#2681](urllib3/urllib3#2681) <https://github.com/urllib3/urllib3/issues/2681></code>__)</li> <li>Removed support for the end-of-life Python 3.7. (<code>[#3143](urllib3/urllib3#3143) <https://github.com/urllib3/urllib3/issues/3143></code>__)</li> <li>Allowed loading CA certificates from memory for proxies. (<code>[#3065](urllib3/urllib3#3065) <https://github.com/urllib3/urllib3/issues/3065></code>__)</li> <li>Fixed decoding Gzip-encoded responses which specified <code>x-gzip</code> content-encoding. (<code>[#3174](urllib3/urllib3#3174) <https://github.com/urllib3/urllib3/issues/3174></code>__)</li> </ul> <h1>2.0.7 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>2.0.6 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a> Release 2.2.1</li> <li><a href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a> Stop casting request headers to HTTPHeaderDict (<a href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a> Fix docstring of retries parameter</li> <li><a href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a> Distinguish between truncated and excess content in response (<a href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a> Fix InsecureRequestWarning for HTTPS Emscripten requests (<a href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a> Ensure no remote connections during testing (<a href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a> Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a> Add nox session to start local Pyodide console</li> <li><a href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a> Fix ssl_version tests for upcoming migration to pytest 8</li> <li><a href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a> Remove TODO about informational responses (<a href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.18...2.2.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.18&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
keinsell
pushed a commit
to keinsell/neuronek
that referenced
this issue
Apr 28, 2024
…rces/psychonautwiki-tripsit (#405) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.18</h2> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)</li> </ul> <h2>1.26.17</h2> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (GHSA-v845-jxx5-vc9f)</li> </ul> <h2>1.26.16</h2> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<a href="https://redirect.github.com/urllib3/urllib3/issues/2954">#2954</a>)</li> </ul> <h2>1.26.15</h2> <ul> <li>Fix socket timeout value when HTTPConnection is reused (<a href="https://redirect.github.com/urllib3/urllib3/issues/2645">urllib3/urllib3#2645</a>)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<a href="https://redirect.github.com/urllib3/urllib3/issues/2899">urllib3/urllib3#2899</a>)</li> <li>Fix IDNA handling of 'x80' byte (<a href="https://redirect.github.com/urllib3/urllib3/issues/2901">urllib3/urllib3#2901</a>)</li> </ul> <h2>1.26.14</h2> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/2850">#2850</a>)</li> <li>Removed deprecated <code>HTTPResponse.getheaders()</code> calls in <code>urllib3.contrib</code> module.</li> </ul> <h2>1.26.13</h2> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h2>1.26.12</h2> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <a href="https://redirect.github.com/urllib3/urllib3/issues/2680">GitHub issue</a> for justification and info on how to migrate.</li> </ul> <h2>1.26.11</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.</li> </ul> <h2>1.26.10</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p> <p>:closed_lock_with_key: <strong>This is the first release to be signed with Sigstore!</strong> You can verify the distributables using the <code>.sig</code> and <code>.crt</code> files included on this release.</p> <ul> <li>Removed support for Python 3.5</li> <li>Fixed an issue where a <code>ProxyError</code> recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.</li> </ul> <h2>1.26.9</h2> <p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.18 (2023-10-17)</h1> <ul> <li>Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.</li> </ul> <h1>1.26.17 (2023-10-02)</h1> <ul> <li>Added the <code>Cookie</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>. (<code>[#3139](urllib3/urllib3#3139) <https://github.com/urllib3/urllib3/pull/3139></code>_)</li> </ul> <h1>1.26.16 (2023-05-23)</h1> <ul> <li>Fixed thread-safety issue where accessing a <code>PoolManager</code> with many distinct origins would cause connection pools to be closed while requests are in progress (<code>[#2954](urllib3/urllib3#2954) <https://github.com/urllib3/urllib3/pull/2954></code>_)</li> </ul> <h1>1.26.15 (2023-03-10)</h1> <ul> <li>Fix socket timeout value when <code>HTTPConnection</code> is reused (<code>[#2645](urllib3/urllib3#2645) <https://github.com/urllib3/urllib3/issues/2645></code>__)</li> <li>Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (<code>[#2899](urllib3/urllib3#2899) <https://github.com/urllib3/urllib3/issues/2899></code>__)</li> <li>Fix IDNA handling of '\x80' byte (<code>[#2901](urllib3/urllib3#2901) <https://github.com/urllib3/urllib3/issues/2901></code>__)</li> </ul> <h1>1.26.14 (2023-01-11)</h1> <ul> <li>Fixed parsing of port 0 (zero) returning None, instead of 0. (<code>[#2850](urllib3/urllib3#2850) <https://github.com/urllib3/urllib3/issues/2850></code>__)</li> <li>Removed deprecated getheaders() calls in contrib module. Fixed the type hint of <code>PoolKey.key_retries</code> by adding <code>bool</code> to the union. (<code>[#2865](urllib3/urllib3#2865) <https://github.com/urllib3/urllib3/issues/2865></code>__)</li> </ul> <h1>1.26.13 (2022-11-23)</h1> <ul> <li>Deprecated the <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods.</li> <li>Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.</li> <li>Fixed a deprecation warning when using cryptography v39.0.0.</li> <li>Removed the <code><4</code> in the <code>Requires-Python</code> packaging metadata field.</li> </ul> <h1>1.26.12 (2022-08-22)</h1> <ul> <li>Deprecated the <code>urllib3[secure]</code> extra and the <code>urllib3.contrib.pyopenssl</code> module. Both will be removed in v2.x. See this <code>GitHub issue <https://github.com/urllib3/urllib3/issues/2680></code>_ for justification and info on how to migrate.</li> </ul> <h1>1.26.11 (2022-07-25)</h1> <ul> <li>Fixed an issue where reading more than 2 GiB in a call to <code>HTTPResponse.read</code> would</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a> Release 1.26.18 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a> Merge pull request from GHSA-g4mx-q9vg-27p4</li> <li><a href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a> [1.26] Use vendored six in urllib3.contrib.securetransport</li> <li><a href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a> Release 1.26.17</li> <li><a href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a> Backport GHSA-v845-jxx5-vc9f (<a href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a> Fix installing <code>brotli</code> extra on Python 2.7</li> <li><a href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a> [1.26] Configure OS for RTD to fix building docs</li> <li><a href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a> [1.26] Improve error message when calling urllib3.request() (<a href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a> [1.26] Run coverage even with failed jobs</li> <li><a href="https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8"><code>d94029b</code></a> Release 1.26.16</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.26.5...1.26.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.5&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/keinsell/neuronek/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Are you seeing a DeprecationWarning?
Hello! If you're seeing one of the below messages in
DeprecationWarning
you're in the right place:These warnings mean you're using deprecated code. But no worries! You can stop the deprecation warnings by following these steps:
If you're using Python 2.7.10 or later and OpenSSL 1.1.1+ (this is almost everyone) then you won't need the
urllib3[secure]
extra orurllib3.contrib.pyopenssl
module. Both were necessary a long time ago, but aren't necessary any more! You can read more context below if you're interested.If you're using an old version of Requests (ie <2.26.0) then you should upgrade to a newer version. Requests v2.26.0 stopped using
urllib3[secure]
andurllib3.contrib.pyopenssl
and didn't encounter any issues for users upgrading.If you're using an old version of Selenium (ie <4.4.3) then you should upgrade to a newer version. Selenium v4.4.1 stopped using urllib3[secure], but only in v4.4.3 was an appropriate dependency on certifi added.
Ensure that you're not installing
urllib3[secure]
anywhere, either in arequirements.txt
or directly. You should remove all instances of[secure]
and instead only installurllib3
.Ensure that your code isn't using theWe've decided to undeprecate this module in Undeprecate pyOpenSSL third-party module #3126.urllib3.contrib.pyopenssl
module.Ensure that none of your dependencies are installing the
urllib3[secure]
extra. We have created a list of projects using theurllib3[secure]
extra which we have notified and created a PR for each but not all have responded. If you find additional packages then notifying the package about this issue is appreciated.Ensure that none of your dependencies are using theWe've decided to undeprecate this module in Undeprecate pyOpenSSL third-party module #3126.urllib3.contrib.pyopenssl
module. If you find a package that is using this module then I suggest notifying the package by pointing to this issue.Finally, to silence the DeprecationWarning, uninstall the
urllib3-secure-extra
package with:Context
There are not nearly as many reasons to use the pyOpenSSL TLS implementation as there previously were. The primary motivations behind creating the implementation were to support SNI before it was available in Python's
ssl
module everywhere. Requests started using this implementation unconditionally by default but two years ago this was changed to only on Python versions without SNI support. I suspect this number is shrinking.The
[secure]
extra began as a way to install all dependencies for our pyOpenSSL TLS implementation but now is only an unfortunate misnomer as it's no more secure than our default implementation on all supported Python versions.My proposal for now is:
DeprecationWarning
whenurllib3.contrib.pyopenssl.inject_into_urllib3
is called and point to the documentation.[secure]
extra on as many packages as possible. If any actually require one of the dependencies (pyOpenSSL, certifi, idna) then add that dependency explicitly to their packages'install_requires
. Remove use ofinject_into_urllib3
if used anywhere in the package.inject_into_urllib3
on GitHub and see what we find? If there are big projects using it we should alert them.Timeline for deprecation and removal
In a urllib3 v2.1.0:
[secure]
extra empty.inject_into_urllib3
function raise an exception with a URL to the documentation.In a version after that:
[secure]
extrainject_into_urllib3
function andpyopenssl
contrib module.The text was updated successfully, but these errors were encountered: