mooquant
mooquant copied to clipboard
Published
20 hours ago •
bopo
bopo
Update urllib3 to 1.25.7
This PR updates urllib3 from 1.22 to 1.25.7.
Changelog
1.25.7
-------------------
* Preserve ``chunked`` parameter on retries (Pull 1715, Pull 1734)
* Allow unset ``SERVER_SOFTWARE`` in App Engine (Pull 1704, Issue 1470)
* Fix issue where URL fragment was sent within the request target. (Pull 1732)
* Fix issue where an empty query section in a URL would fail to parse. (Pull 1732)
* Remove TLS 1.3 support in SecureTransport due to Apple removing support (Pull 1703)
1.25.6
-------------------
* Fix issue where tilde (``~``) characters were incorrectly
percent-encoded in the path. (Pull 1692)
1.25.5
-------------------
* Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which
caused certificate verification to be enabled when using ``cert_reqs=CERT_NONE``.
(Issue 1682)
1.25.4
-------------------
* Propagate Retry-After header settings to subsequent retries. (Pull 1607)
* Fix edge case where Retry-After header was still respected even when
explicitly opted out of. (Pull 1607)
* Remove dependency on ``rfc3986`` for URL parsing.
* Fix issue where URLs containing invalid characters within ``Url.auth`` would
raise an exception instead of percent-encoding those characters.
* Add support for ``HTTPResponse.auto_close = False`` which makes HTTP responses
work well with BufferedReaders and other ``io`` module features. (Pull 1652)
* Percent-encode invalid characters in URL for ``HTTPConnectionPool.request()`` (Pull 1673)
1.25.3
-------------------
* Change ``HTTPSConnection`` to load system CA certificates
when ``ca_certs``, ``ca_cert_dir``, and ``ssl_context`` are
unspecified. (Pull 1608, Issue 1603)
* Upgrade bundled rfc3986 to v1.3.2. (Pull 1609, Issue 1605)
1.25.2
-------------------
* Change ``is_ipaddress`` to not detect IPvFuture addresses. (Pull 1583)
* Change ``parse_url`` to percent-encode invalid characters within the
path, query, and target components. (Pull 1586)
1.25.1
-------------------
* Add support for Google's ``Brotli`` package. (Pull 1572, Pull 1579)
* Upgrade bundled rfc3986 to v1.3.1 (Pull 1578)
1.25
-----------------
* Require and validate certificates by default when using HTTPS (Pull 1507)
* Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant. (Pull 1487)
* Added support for ``key_password`` for ``HTTPSConnectionPool`` to use
encrypted ``key_file`` without creating your own ``SSLContext`` object. (Pull 1489)
* Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext``
implementations. (Pull 1496)
* Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft. (Issue 303, PR 1492)
* Fixed issue where OpenSSL would block if an encrypted client private key was
given and no password was given. Instead an ``SSLError`` is raised. (Pull 1489)
* Added support for Brotli content encoding. It is enabled automatically if
``brotlipy`` package is installed which can be requested with
``urllib3[brotli]`` extra. (Pull 1532)
* Drop ciphers using DSS key exchange from default TLS cipher suites.
Improve default ciphers when using SecureTransport. (Pull 1496)
* Implemented a more efficient ``HTTPResponse.__iter__()`` method. (Issue 1483)
1.24.3
-------------------
* Apply fix for CVE-2019-9740. (Pull 1591)
1.24.2
-------------------
* Don't load system certificates by default when any other ``ca_certs``, ``ca_certs_dir`` or
``ssl_context`` parameters are specified.
* Remove Authorization header regardless of case when redirecting to cross-site. (Issue 1510)
* Add support for IPv6 addresses in subjectAltName section of certificates. (Issue 1269)
1.24.1
-------------------
* Remove quadratic behavior within ``GzipDecoder.decompress()`` (Issue 1467)
* Restored functionality of ``ciphers`` parameter for ``create_urllib3_context()``. (Issue 1462)
1.24
-----------------
* Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull 1449)
* Test against Python 3.7 on AppVeyor. (Pull 1453)
* Early-out ipv6 checks when running on App Engine. (Pull 1450)
* Change ambiguous description of backoff_factor (Pull 1436)
* Add ability to handle multiple Content-Encodings (Issue 1441 and Pull 1442)
* Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue 1405).
* Add a server_hostname parameter to HTTPSConnection which allows for
overriding the SNI hostname sent in the handshake. (Pull 1397)
* Drop support for EOL Python 2.6 (Pull 1429 and Pull 1430)
* Fixed bug where responses with header Content-Type: message/* erroneously
raised HeaderParsingError, resulting in a warning being logged. (Pull 1439)
* Move urllib3 to src/urllib3 (Pull 1409)
1.23
-----------------
* Allow providing a list of headers to strip from requests when redirecting
to a different host. Defaults to the ``Authorization`` header. Different
headers can be set via ``Retry.remove_headers_on_redirect``. (Issue 1316)
* Fix ``util.selectors._fileobj_to_fd`` to accept ``long`` (Issue 1247).
* Dropped Python 3.3 support. (Pull 1242)
* Put the connection back in the pool when calling stream() or read_chunked() on
a chunked HEAD response. (Issue 1234)
* Fixed pyOpenSSL-specific ssl client authentication issue when clients
attempted to auth via certificate + chain (Issue 1060)
* Add the port to the connectionpool connect print (Pull 1251)
* Don't use the ``uuid`` module to create multipart data boundaries. (Pull 1380)
* ``read_chunked()`` on a closed response returns no chunks. (Issue 1088)
* Add Python 2.6 support to ``contrib.securetransport`` (Pull 1359)
* Added support for auth info in url for SOCKS proxy (Pull 1363)
Links
- PyPI: https://pypi.org/project/urllib3
- Changelog: https://pyup.io/changelogs/urllib3/
- Docs: https://urllib3.readthedocs.io/
