Sourced from urllib3's releases.
\n\n\n2.2.2
\n🚀 urllib3 is fundraising for HTTP/2 support
\nurllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.
\nThank you for your support.
\nChanges
\n\n
\n- Added the
\nProxy-Authorizationheader to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set viaRetry.remove_headers_on_redirect.- Allowed passing negative integers as
\namtto read methods ofhttp.client.HTTPResponseas an alternative toNone. (#3122)- Fixed return types representing copying actions to use
\ntyping.Self. (#3363)Full Changelog: https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2
\n2.2.1
\n🚀 urllib3 is fundraising for HTTP/2 support
\nurllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.
\nThank you for your support.
\nChanges
\n\n
\n- Fixed issue where
\nInsecureRequestWarningwas emitted for HTTPS connections when using Emscripten. (#3331)- Fixed
\nHTTPConnectionPool.urlopento stop automatically casting non-proxy headers toHTTPHeaderDict. This change was premature as it did not apply to proxy headers andHTTPHeaderDictdoes not handle byte header values correctly yet. (#3343)- Changed
\nProtocolErrortoInvalidChunkLengthwhen response terminates before the chunk length is sent. (#2860)- Changed
\nProtocolErrorto be more verbose on incomplete reads with excess content. (#3261)2.2.0
\n🖥️ urllib3 now works in the browser
\n:tada: This release adds experimental support for using urllib3 in the browser with Pyodide! :tada:
\nThanks to Joe Marshall (
\n@joemarshall) for contributing this feature. This change was possible thanks to work done in urllib3 v2.0 to detach our API fromhttp.client. Please report all bugs to the urllib3 issue tracker.🚀 urllib3 is fundraising for HTTP/2 support
\nurllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.
\nThank you for your support.
\nChanges
\n\n
\n\n- Added support for Emscripten and Pyodide, including streaming support in cross-origin isolated browser environments where threading is enabled. (#2951)
\n- Added support for
\nHTTPResponse.read1()method. (#3186)- Added rudimentary support for HTTP/2. (#3284)
\n- Fixed issue where requests against urls with trailing dots were failing due to SSL errors\nwhen using proxy. (#2244)
\n- Fixed
\nHTTPConnection.proxy_is_verifiedandHTTPSConnection.proxy_is_verifiedto be always set to a boolean after connecting to a proxy. It could beNonein some cases previously. (#3130)
... (truncated)
\nSourced from urllib3's changelog.
\n\n\n2.2.2 (2024-06-17)
\n\n
\n- Added the
\nProxy-Authorizationheader to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set viaRetry.remove_headers_on_redirect.- Allowed passing negative integers as
\namtto read methods ofhttp.client.HTTPResponseas an alternative toNone. ([#3122](https://github.com/urllib3/urllib3/issues/3122) <https://github.com/urllib3/urllib3/issues/3122>__)- Fixed return types representing copying actions to use
\ntyping.Self. ([#3363](https://github.com/urllib3/urllib3/issues/3363) <https://github.com/urllib3/urllib3/issues/3363>__)2.2.1 (2024-02-16)
\n\n
\n- Fixed issue where
\nInsecureRequestWarningwas emitted for HTTPS connections when using Emscripten. ([#3331](https://github.com/urllib3/urllib3/issues/3331) <https://github.com/urllib3/urllib3/issues/3331>__)- Fixed
\nHTTPConnectionPool.urlopento stop automatically casting non-proxy headers toHTTPHeaderDict. This change was premature as it did not apply to proxy headers andHTTPHeaderDictdoes not handle byte header values correctly yet. ([#3343](https://github.com/urllib3/urllib3/issues/3343) <https://github.com/urllib3/urllib3/issues/3343>__)- Changed
\nInvalidChunkLengthtoProtocolErrorwhen response terminates before the chunk length is sent. ([#2860](https://github.com/urllib3/urllib3/issues/2860) <https://github.com/urllib3/urllib3/issues/2860>__)- Changed
\nProtocolErrorto be more verbose on incomplete reads with excess content. ([#3261](https://github.com/urllib3/urllib3/issues/3261) <https://github.com/urllib3/urllib3/issues/3261>__)2.2.0 (2024-01-30)
\n\n
\n- Added support for
\nEmscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html>, including streaming support in cross-origin isolated browser environments where threading is enabled. ([#2951](https://github.com/urllib3/urllib3/issues/2951) <https://github.com/urllib3/urllib3/issues/2951>)- Added support for
\nHTTPResponse.read1()method. ([#3186](https://github.com/urllib3/urllib3/issues/3186) <https://github.com/urllib3/urllib3/issues/3186>__)- Added rudimentary support for HTTP/2. (
\n[#3284](https://github.com/urllib3/urllib3/issues/3284) <https://github.com/urllib3/urllib3/issues/3284>__)- Fixed issue where requests against urls with trailing dots were failing due to SSL errors\nwhen using proxy. (
\n[#2244](https://github.com/urllib3/urllib3/issues/2244) <https://github.com/urllib3/urllib3/issues/2244>__)- Fixed
\nHTTPConnection.proxy_is_verifiedandHTTPSConnection.proxy_is_verified\nto be always set to a boolean after connecting to a proxy. It could be\nNonein some cases previously. ([#3130](https://github.com/urllib3/urllib3/issues/3130) <https://github.com/urllib3/urllib3/issues/3130>__)- Fixed an issue where
\nheaderspassed in a request withjson=would be mutated ([#3203](https://github.com/urllib3/urllib3/issues/3203) <https://github.com/urllib3/urllib3/issues/3203>__)- Fixed
\nHTTPSConnection.is_verifiedto be set toFalsewhen connecting\nfrom a HTTPS proxy to an HTTP target. It was set toTruepreviously. ([#3267](https://github.com/urllib3/urllib3/issues/3267) <https://github.com/urllib3/urllib3/issues/3267>__)- Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (
\n[#3268](https://github.com/urllib3/urllib3/issues/3268) <https://github.com/urllib3/urllib3/issues/3268>__)- Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (
\n[#3325](https://github.com/urllib3/urllib3/issues/3325) <https://github.com/urllib3/urllib3/issues/3325>__)- Note for downstream distributors: To run integration tests, you now need to run the tests a second\ntime with the
\n--integrationpytest flag. ([#3181](https://github.com/urllib3/urllib3/issues/3181) <https://github.com/urllib3/urllib3/issues/3181>__)2.1.0 (2023-11-13)
\n\n
\n- Removed support for the deprecated urllib3[secure] extra. (
\n[#2680](https://github.com/urllib3/urllib3/issues/2680) <https://github.com/urllib3/urllib3/issues/2680>__)- Removed support for the deprecated SecureTransport TLS implementation. (
\n[#2681](https://github.com/urllib3/urllib3/issues/2681) <https://github.com/urllib3/urllib3/issues/2681>__)- Removed support for the end-of-life Python 3.7. (
\n[#3143](https://github.com/urllib3/urllib3/issues/3143) <https://github.com/urllib3/urllib3/issues/3143>__)- Allowed loading CA certificates from memory for proxies. (
\n[#3065](https://github.com/urllib3/urllib3/issues/3065) <https://github.com/urllib3/urllib3/issues/3065>__)- Fixed decoding Gzip-encoded responses which specified
\nx-gzipcontent-encoding. ([#3174](https://github.com/urllib3/urllib3/issues/3174) <https://github.com/urllib3/urllib3/issues/3174>__)
27e2a5c Release 2.2.2 (#3406)accff72 Merge pull request from GHSA-34jh-p97f-mpxf34be4a5 Pin CFFI to a new release candidate instead of a Git commit (#3398)da41058 Bump browser-actions/setup-chrome from 1.6.0 to 1.7.1 (#3399)b07a669 Bump github/codeql-action from 2.13.4 to 3.25.6 (#3396)b8589ec Measure coverage with v4 of artifact actions (#3394)f3bdc55 Allow triggering CI manually (#3391)5239265 Fix HTTP version in debug log (#3316)b34619f Bump actions/checkout to 4.1.4 (#3387)9961d14 Bump browser-actions/setup-chrome from 1.5.0 to 1.6.0 (#3386)bd81538 2024.07.04 (#295)06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)124f4ad 2024.06.02 (#291)c2196ce --- (#290)fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)Sourced from zipp's changelog.
\n\n\nv3.19.1
\nBugfixes
\n\n
\n- Improved handling of malformed zip files. (#119)
\nv3.19.0
\nFeatures
\n\n
\n- Implement is_symlink. (#117)
\nv3.18.2
\nNo significant changes.
\nv3.18.1
\nNo significant changes.
\nv3.18.0
\nFeatures
\n\n
\n- Bypass ZipFile.namelist in glob for better performance. (#106)
\n- Refactored glob functionality to support a more generalized solution with support for platform-specific path separators. (#108)
\nBugfixes
\n\n
\n- Add special accounting for pypy when computing the stack level for text encoding warnings. (#114)
\n
6d1cb72 Finalizefd604bd Merge pull request #120 from jaraco/bugfix/119-malformed-pathsc18417e Add news fragment.58115d2 Employ SanitizedNames in CompleteDirs. Fixes broken test.564fcc1 Add SanitizedNames mixin.79a309f Add some assertions about malformed paths.2d015c2 Merge https://github.com/jaraco/skeletona595a0f Rename extras to align with core metadata spec.608f90a Finalize3a22d72 Merge pull request #118 from jaraco/feature/is-symlinkSourced from setuptools's changelog.
\n\n\nv70.0.0
\nFeatures
\n\n
\n- Emit a warning when
\n[tools.setuptools]is present inpyproject.tomland will be ignored. -- by :user:SnoopJ(#4150)- Improved
\nAttributeErrorerror message ifpkg_resources.EntryPoint.requireis called without extras or distribution\nGracefully "do nothing" when trying to activate apkg_resources.Distributionwith aNonelocation, rather than raising aTypeError\n-- by :user:Avasam(#4262)- Typed the dynamically defined variables from
\npkg_resources-- by :user:Avasam(#4267)- Modernized and refactored VCS handling in package_index. (#4332)
\nBugfixes
\n\n
\n- In install command, use super to call the superclass methods. Avoids race conditions when monkeypatching from _distutils_system_mod occurs late. (#4136)
\n- Fix finder template for lenient editable installs of implicit nested namespaces\nconstructed by using
\npackage_dirto reorganise directory structure. (#4278)- Fix an error with
\nUnicodeDecodeErrorhandling inpkg_resourceswhen trying to read files in UTF-8 with a fallback -- by :user:Avasam(#4348)Improved Documentation
\n\n
\n- Uses RST substitution to put badges in 1 line. (#4312)
\nDeprecations and Removals
\n\n
\n\n- \n
\nFurther adoption of UTF-8 in
\nsetuptools.\nThis change regards mostly files produced and consumed during the build process\n(e.g. metadata files, script wrappers, automatically updated config files, etc..)\nAlthough precautions were taken to minimize disruptions, some edge cases might\nbe subject to backwards incompatibility.Support for
\n"locale"encoding is now deprecated. (#4309)- \n
\nRemove
\nsetuptools.convert_pathafter long deprecation period.\nThis function was never defined bysetuptoolsitself, but rather a\nside-effect of an import for internal usage. (#4322)- \n
\nRemove fallback for customisations of
\ndistutils'build.sub_commandafter long\ndeprecated period.\nUsers are advised to importbuilddirectly fromsetuptools.command.build. (#4322)- \n
\nRemoved
\ntyping_extensionsfrom vendored dependencies -- by :user:Avasam(#4324)- \n
\nRemove deprecated
\nsetuptools.dep_util.\nThe provided alternative issetuptools.modified. (#4360)
... (truncated)
\n5cbf12a Workaround for release error in v709c1bcc3 Bump version: 69.5.1 → 70.0.04dc0c31 Remove deprecated setuptools.dep_util (#4360)6c1ef57 Remove xfail now that test passes. Ref #4371.d14fa01 Add all site-packages dirs when creating simulated environment for test_edita...6b7f7a1 Prevent bin folders to be taken as extern packages when vendoring (#4370)69141f6 Add doctest for vendorised bin folder2a53cc1 Prevent 'bin' folders to be taken as extern packages7208628 Replace call to deprecated validate_pyproject command (#4363)96d681a Remove call to deprecated validate_pyproject commandSourced from requests's releases.
\n\n\nv2.32.2
\n2.32.2 (2024-05-21)
\nDeprecations
\n\n
\n- \n
\nTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed
\n_get_connectionto\na new public API,get_connection_with_tls_context. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\nget_connectionis considered deprecated in all versions of Requests>=2.32.0.A minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (#6710)
\nv2.32.1
\n2.32.1 (2024-05-20)
\nBugfixes
\n\n
\n- Add missing test certs to the sdist distributed on PyPI.
\nv2.32.0
\n2.32.0 (2024-05-20)
\n🐍 PYCON US 2024 EDITION 🐍
\nSecurity
\n\n
\n- Fixed an issue where setting
\nverify=Falseon the first request from a\nSession will cause subsequent requests to the same origin to also ignore\ncert verification, regardless of the value ofverify.\n(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)Improvements
\n\n
\n- \n
verify=Truenow reuses a global SSLContext which should improve\nrequest time variance between first and subsequent requests. It should\nalso minimize certificate load time on Windows systems when using a Python\nversion built with OpenSSL 3.x. (#6667)- Requests now supports optional use of character detection\n(
\nchardetorcharset_normalizer) when repackaged or vendored.\nThis enablespipand other projects to minimize their vendoring\nsurface area. TheResponse.text()andapparent_encodingAPIs\nwill default toutf-8if neither library is present. (#6702)Bugfixes
\n\n\n
... (truncated)
\nSourced from requests's changelog.
\n\n\n2.32.2 (2024-05-21)
\nDeprecations
\n\n
\n- \n
\nTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed
\n_get_connectionto\na new public API,get_connection_with_tls_context. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\nget_connectionis considered deprecated in all versions of Requests>=2.32.0.A minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (#6710)
\n2.32.1 (2024-05-20)
\nBugfixes
\n\n
\n- Add missing test certs to the sdist distributed on PyPI.
\n2.32.0 (2024-05-20)
\nSecurity
\n\n
\n- Fixed an issue where setting
\nverify=Falseon the first request from a\nSession will cause subsequent requests to the same origin to also ignore\ncert verification, regardless of the value ofverify.\n(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)Improvements
\n\n
\n- \n
verify=Truenow reuses a global SSLContext which should improve\nrequest time variance between first and subsequent requests. It should\nalso minimize certificate load time on Windows systems when using a Python\nversion built with OpenSSL 3.x. (#6667)- Requests now supports optional use of character detection\n(
\nchardetorcharset_normalizer) when repackaged or vendored.\nThis enablespipand other projects to minimize their vendoring\nsurface area. TheResponse.text()andapparent_encodingAPIs\nwill default toutf-8if neither library is present. (#6702)Bugfixes
\n\n
\n- Fixed bug in length detection where emoji length was incorrectly\ncalculated in the request content-length. (#6589)
\n- Fixed deserialization bug in JSONDecodeError. (#6629)
\n- Fixed bug where an extra leading
\n/(path separator) could lead\nurllib3 to unnecessarily reparse the request URI. (#6644)Deprecations
\n\n
... (truncated)
\n88dce9d v2.32.2c98e4d1 Merge pull request #6710 from nateprewitt/api_rename92075b3 Add deprecation warningaa1461b Move _get_connection to get_connection_with_tls_context970e8ce v2.32.1d6ebc4a v2.32.09a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection555b870 Allow character detection dependencies to be optional in post-packaging stepsd6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test