Update dependency urllib3 to v1.26.9
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| urllib3 (source) | minor |
==1.24.3 -> ==1.26.9
|
Release Notes
urllib3/urllib3
v1.26.9
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
- Changed
urllib3[brotli]extra to favor installing Brotli libraries that are still receiving updates likebrotliandbrotlicffiinstead ofbrotlipy. This change does not impact behavior of urllib3, only which dependencies are installed. - Fixed a socket leaking when
HTTPSConnection.connect()raises an exception. - Fixed
server_hostnamebeing forwarded fromPoolManagertoHTTPConnectionPoolwhen requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.
v1.26.8
- Added extra message to
urllib3.exceptions.ProxyErrorwhen urllib3 detects that a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP. - Added a mention of the size of the connection pool when discarding a connection due to the pool being full.
- Added explicit support for Python 3.11.
- Deprecated the
Retry.MAX_BACKOFFclass property in favor ofRetry.DEFAULT_MAX_BACKOFFto better match the rest of the default parameter names.Retry.MAX_BACKOFFis removed in v2.0. - Changed location of the vendored
ssl.match_hostnamefunction fromurllib3.packages.ssl_match_hostnametourllib3.util.ssl_match_hostnameto ensure Python 3.10+ compatibility after being repackaged by downstream distributors. - Fixed absolute imports, all imports are now relative.
v1.26.7
===================
- Fixed a bug with HTTPS hostname verification involving IP addresses and lack of SNI. (Issue #2400)
- Fixed a bug where IPv6 braces weren't stripped during certificate hostname matching. (Issue #2240)
v1.26.6
===================
- Deprecated the
urllib3.contrib.ntlmpoolmodule. urllib3 is not able to support it properly due toreasons listed in this issue <https://github.com/urllib3/urllib3/issues/2282>_. If you are a user of this module please leave a comment. - Changed
HTTPConnection.request_chunked()to not erroneously emit multipleTransfer-Encodingheaders in the case that one is already specified. - Fixed typo in deprecation message to recommend
Retry.DEFAULT_ALLOWED_METHODS.
v1.26.5
===================
- Fixed deprecation warnings emitted in Python 3.10.
- Updated vendored
sixlibrary to 1.16.0. - Improved performance of URL parser when splitting the authority component.
v1.26.4
===================
- Changed behavior of the default
SSLContextwhen connecting to HTTPS proxy during HTTPS requests. The defaultSSLContextnow setscheck_hostname=True.
v1.26.3
===================
-
Fixed bytes and string comparison issue with headers (Pull #2141)
-
Changed
ProxySchemeUnknownerror message to be more actionable if the user supplies a proxy URL without a scheme. (Pull #2107)
v1.26.2
===================
- Fixed an issue where
wrap_socketandCERT_REQUIREDwouldn't be imported properly on Python 2.7.8 and earlier (Pull #2052)
v1.26.1
===================
- Fixed an issue where two
User-Agentheaders would be sent if aUser-Agentheader key is passed asbytes(Pull #2047)
v1.26.0
===================
-
NOTE: urllib3 v2.0 will drop support for Python 2.
Read more in the v2.0 Roadmap <https://urllib3.readthedocs.io/en/latest/v2-roadmap.html>_. -
Added support for HTTPS proxies contacting HTTPS servers (Pull #1923, Pull #1806)
-
Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that still wish to use TLS earlier than 1.2 without a deprecation warning should opt-in explicitly by setting
ssl_version=ssl.MROTOCOL_TLSv1_1(Pull #2002) Starting in urllib3 v2.0: Connections that receive aDeprecationWarningwill fail -
Deprecated
RetryoptionsRetry.DEFAULT_METHOD_WHITELIST,Retry.DEFAULT_REDIRECT_HEADERS_BLACKLISTandRetry(method_whitelist=...)in favor ofRetry.DEFAULT_ALLOWED_METHODS,Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT, andRetry(allowed_methods=...)(Pull #2000) Starting in urllib3 v2.0: Deprecated options will be removed -
Added default
User-Agentheader to every request (Pull #1750) -
Added
urllib3.util.SKIP_HEADERfor skippingUser-Agent,Accept-Encoding, andHostheaders from being automatically emitted with requests (Pull #2018) -
Collapse
transfer-encoding: chunkedrequest data and framing into the samesocket.send()call (Pull #1906) -
Send
http/1.1ALPN identifier with every TLS handshake by default (Pull #1894) -
Properly terminate SecureTransport connections when CA verification fails (Pull #1977)
-
Don't emit an
SNIMissingWarningwhen passingserver_hostname=Noneto SecureTransport (Pull #1903) -
Disabled requesting TLSv1.2 session tickets as they weren't being used by urllib3 (Pull #1970)
-
Suppress
BrokenPipeErrorwhen writing request body after the server has closed the socket (Pull #1524) -
Wrap
ssl.SSLErrorthat can be raised from reading a socket (e.g. "bad MAC") into anurllib3.exceptions.SSLError(Pull #1939)
v1.25.11
====================
-
Fix retry backoff time parsed from
Retry-Afterheader when given in the HTTP date format. The HTTP date was parsed as the local timezone rather than accounting for the timezone in the HTTP date (typically UTC) (Pull #1932, Pull #1935, Pull #1938, Pull #1949) -
Fix issue where an error would be raised when the
SSLKEYLOGFILEenvironment variable was set to the empty string. NowSSLContext.keylog_fileis not set in this situation (Pull #2016)
v1.25.10
====================
-
Added support for
SSLKEYLOGFILEenvironment variable for logging TLS session keys with use with programs like Wireshark for decrypting captured web traffic (Pull #1867) -
Fixed loading of SecureTransport libraries on macOS Big Sur due to the new dynamic linker cache (Pull #1905)
-
Collapse chunked request bodies data and framing into one call to
send()to reduce the number of TCP packets by 2-4x (Pull #1906) -
Don't insert
NoneintoConnectionPoolif the pool was empty when requesting a connection (Pull #1866) -
Avoid
hasattrcall inBrotliDecoder.decompress()(Pull #1858)
v1.25.9
===================
-
Added
InvalidProxyConfigurationWarningwhich is raised when erroneously specifying an HTTPS proxy URL. urllib3 doesn't currently support connecting to HTTPS proxies but will soon be able to and we would like users to migrate properly without much breakage.See
this GitHub issue <https://github.com/urllib3/urllib3/issues/1850>_ for more information on how to fix your proxy config. (Pull #1851) -
Drain connection after
PoolManagerredirect (Pull #1817) -
Ensure
load_verify_locationsraisesSSLErrorfor all backends (Pull #1812) -
Rename
VerifiedHTTPSConnectiontoHTTPSConnection(Pull #1805) -
Allow the CA certificate data to be passed as a string (Pull #1804)
-
Raise
ValueErrorif method contains control characters (Pull #1800) -
Add
__repr__toTimeout(Pull #1795)
v1.25.8
===================
v1.25.7
===================
-
Preserve
chunkedparameter on retries (Pull #1715, Pull #1734) -
Allow unset
SERVER_SOFTWAREin App Engine (Pull #1704, Issue #1470) -
Fix issue where URL fragment was sent within the request target. (Pull #1732)
-
Fix issue where an empty query section in a URL would fail to parse. (Pull #1732)
-
Remove TLS 1.3 support in SecureTransport due to Apple removing support (Pull #1703)
v1.25.6
===================
- Fix issue where tilde (
~) characters were incorrectly percent-encoded in the path. (Pull #1692)
v1.25.5
===================
- Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which
caused certificate verification to be enabled when using
cert_reqs=CERT_NONE. (Issue #1682)
v1.25.4
===================
-
Propagate Retry-After header settings to subsequent retries. (Pull #1607)
-
Fix edge case where Retry-After header was still respected even when explicitly opted out of. (Pull #1607)
-
Remove dependency on
rfc3986for URL parsing. -
Fix issue where URLs containing invalid characters within
Url.authwould raise an exception instead of percent-encoding those characters. -
Add support for
HTTMResponse.auto_close = Falsewhich makes HTTP responses work well with BufferedReaders and otheriomodule features. (Pull #1652) -
Percent-encode invalid characters in URL for
HTTPConnectionPool.request()(Pull #1673)
v1.25.3
===================
-
Change
HTTPSConnectionto load system CA certificates whenca_certs,ca_cert_dir, andssl_contextare unspecified. (Pull #1608, Issue #1603) -
Upgrade bundled rfc3986 to v1.3.2. (Pull #1609, Issue #1605)
v1.25.2
===================
-
Change
is_ipaddressto not detect IPvFuture addresses. (Pull #1583) -
Change
parse_urlto percent-encode invalid characters within the path, query, and target components. (Pull #1586)
v1.25.1
====================
-
Fix retry backoff time parsed from
Retry-Afterheader when given in the HTTP date format. The HTTP date was parsed as the local timezone rather than accounting for the timezone in the HTTP date (typically UTC) (Pull #1932, Pull #1935, Pull #1938, Pull #1949) -
Fix issue where an error would be raised when the
SSLKEYLOGFILEenvironment variable was set to the empty string. NowSSLContext.keylog_fileis not set in this situation (Pull #2016)
v1.25
====================
-
Fix retry backoff time parsed from
Retry-Afterheader when given in the HTTP date format. The HTTP date was parsed as the local timezone rather than accounting for the timezone in the HTTP date (typically UTC) (Pull #1932, Pull #1935, Pull #1938, Pull #1949) -
Fix issue where an error would be raised when the
SSLKEYLOGFILEenvironment variable was set to the empty string. NowSSLContext.keylog_fileis not set in this situation (Pull #2016)
Configuration
-
If you want to rebase/retry this MR, click this checkbox.
This MR has been generated by Renovate Bot.