Update dependency urllib3 to v1.26.9
This MR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| urllib3 (source) | ironbank-pypi | minor |
1.25.10 -> 1.26.9
|
| urllib3 (source) | minor |
==1.25.10 -> ==1.26.9
|
Release Notes
urllib3/urllib3
v1.26.9
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
- Changed
urllib3[brotli]extra to favor installing Brotli libraries that are still receiving updates likebrotliandbrotlicffiinstead ofbrotlipy. This change does not impact behavior of urllib3, only which dependencies are installed. - Fixed a socket leaking when
HTTPSConnection.connect()raises an exception. - Fixed
server_hostnamebeing forwarded fromPoolManagertoHTTPConnectionPoolwhen requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.
v1.26.8
- Added extra message to
urllib3.exceptions.ProxyErrorwhen urllib3 detects that a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP. - Added a mention of the size of the connection pool when discarding a connection due to the pool being full.
- Added explicit support for Python 3.11.
- Deprecated the
Retry.MAX_BACKOFFclass property in favor ofRetry.DEFAULT_MAX_BACKOFFto better match the rest of the default parameter names.Retry.MAX_BACKOFFis removed in v2.0. - Changed location of the vendored
ssl.match_hostnamefunction fromurllib3.packages.ssl_match_hostnametourllib3.util.ssl_match_hostnameto ensure Python 3.10+ compatibility after being repackaged by downstream distributors. - Fixed absolute imports, all imports are now relative.
v1.26.7
===================
- Fixed a bug with HTTPS hostname verification involving IP addresses and lack of SNI. (Issue #2400)
- Fixed a bug where IPv6 braces weren't stripped during certificate hostname matching. (Issue #2240)
v1.26.6
===================
- Deprecated the
urllib3.contrib.ntlmpoolmodule. urllib3 is not able to support it properly due toreasons listed in this issue <https://github.com/urllib3/urllib3/issues/2282>_. If you are a user of this module please leave a comment. - Changed
HTTPConnection.request_chunked()to not erroneously emit multipleTransfer-Encodingheaders in the case that one is already specified. - Fixed typo in deprecation message to recommend
Retry.DEFAULT_ALLOWED_METHODS.
v1.26.5
===================
- Fixed deprecation warnings emitted in Python 3.10.
- Updated vendored
sixlibrary to 1.16.0. - Improved performance of URL parser when splitting the authority component.
v1.26.4
===================
- Changed behavior of the default
SSLContextwhen connecting to HTTPS proxy during HTTPS requests. The defaultSSLContextnow setscheck_hostname=True.
v1.26.3
===================
-
Fixed bytes and string comparison issue with headers (Pull #2141)
-
Changed
ProxySchemeUnknownerror message to be more actionable if the user supplies a proxy URL without a scheme. (Pull #2107)
v1.26.2
===================
- Fixed an issue where
wrap_socketandCERT_REQUIREDwouldn't be imported properly on Python 2.7.8 and earlier (Pull #2052)
v1.26.1
===================
- Fixed an issue where two
User-Agentheaders would be sent if aUser-Agentheader key is passed asbytes(Pull #2047)
v1.26.0
===================
-
NOTE: urllib3 v2.0 will drop support for Python 2.
Read more in the v2.0 Roadmap <https://urllib3.readthedocs.io/en/latest/v2-roadmap.html>_. -
Added support for HTTPS proxies contacting HTTPS servers (Pull #1923, Pull #1806)
-
Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that still wish to use TLS earlier than 1.2 without a deprecation warning should opt-in explicitly by setting
ssl_version=ssl.MROTOCOL_TLSv1_1(Pull #2002) Starting in urllib3 v2.0: Connections that receive aDeprecationWarningwill fail -
Deprecated
RetryoptionsRetry.DEFAULT_METHOD_WHITELIST,Retry.DEFAULT_REDIRECT_HEADERS_BLACKLISTandRetry(method_whitelist=...)in favor ofRetry.DEFAULT_ALLOWED_METHODS,Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT, andRetry(allowed_methods=...)(Pull #2000) Starting in urllib3 v2.0: Deprecated options will be removed -
Added default
User-Agentheader to every request (Pull #1750) -
Added
urllib3.util.SKIP_HEADERfor skippingUser-Agent,Accept-Encoding, andHostheaders from being automatically emitted with requests (Pull #2018) -
Collapse
transfer-encoding: chunkedrequest data and framing into the samesocket.send()call (Pull #1906) -
Send
http/1.1ALPN identifier with every TLS handshake by default (Pull #1894) -
Properly terminate SecureTransport connections when CA verification fails (Pull #1977)
-
Don't emit an
SNIMissingWarningwhen passingserver_hostname=Noneto SecureTransport (Pull #1903) -
Disabled requesting TLSv1.2 session tickets as they weren't being used by urllib3 (Pull #1970)
-
Suppress
BrokenPipeErrorwhen writing request body after the server has closed the socket (Pull #1524) -
Wrap
ssl.SSLErrorthat can be raised from reading a socket (e.g. "bad MAC") into anurllib3.exceptions.SSLError(Pull #1939)
v1.25.11
====================
-
Fix retry backoff time parsed from
Retry-Afterheader when given in the HTTP date format. The HTTP date was parsed as the local timezone rather than accounting for the timezone in the HTTP date (typically UTC) (Pull #1932, Pull #1935, Pull #1938, Pull #1949) -
Fix issue where an error would be raised when the
SSLKEYLOGFILEenvironment variable was set to the empty string. NowSSLContext.keylog_fileis not set in this situation (Pull #2016)
Configuration
-
If you want to rebase/retry this MR, click this checkbox.
This MR has been generated by Renovate Bot.