JuryA / landscape_api_py3

Client for the Landscape API (Python 3)
https://landscape-api-py3.readthedocs.io/
MIT License
2 stars 3 forks source link

Scheduled weekly dependency update for week 06 #808

Closed pyup-bot closed 2 days ago

pyup-bot commented 9 months ago

Update certifi from 2022.9.24 to 2024.2.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links - PyPI: https://pypi.org/project/certifi - Repo: https://github.com/certifi/python-certifi

Update jinja2 from 3.1.2 to 3.1.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links - PyPI: https://pypi.org/project/jinja2 - Homepage: https://palletsprojects.com/p/jinja/

Update pygments from 2.13.0 to 2.17.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links - PyPI: https://pypi.org/project/pygments

Update requests from 2.28.1 to 2.31.0.

Changelog ### 2.31.0 ``` ------------------- **Security** - Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential forwarding of `Proxy-Authorization` headers to destination servers when following HTTPS redirects. When proxies are defined with user info (https://user:passproxy:8080), Requests will construct a `Proxy-Authorization` header that is attached to the request to authenticate with the proxy. In cases where Requests receives a redirect response, it previously reattached the `Proxy-Authorization` header incorrectly, resulting in the value being sent through the tunneled connection to the destination server. Users who rely on defining their proxy credentials in the URL are *strongly* encouraged to upgrade to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy credentials once the change has been fully deployed. Users who do not use a proxy or do not supply their proxy credentials through the user information portion of their proxy URL are not subject to this vulnerability. Full details can be read in our [Github Security Advisory](https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q) and [CVE-2023-32681](https://nvd.nist.gov/vuln/detail/CVE-2023-32681). ``` ### 2.30.0 ``` ------------------- **Dependencies** - ⚠️ Added support for urllib3 2.0. ⚠️ This may contain minor breaking changes so we advise careful testing and reviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html prior to upgrading. Users who wish to stay on urllib3 1.x can pin to `urllib3<2`. ``` ### 2.29.0 ``` ------------------- **Improvements** - Requests now defers chunked requests to the urllib3 implementation to improve standardization. (6226) - Requests relaxes header component requirements to support bytes/str subclasses. (6356) ``` ### 2.28.2 ``` ------------------- **Dependencies** - Requests now supports charset\_normalizer 3.x. (6261) **Bugfixes** - Updated MissingSchema exception to suggest https scheme rather than http. (6188) ```
Links - PyPI: https://pypi.org/project/requests - Changelog: https://data.safetycli.com/changelogs/requests/ - Docs: https://requests.readthedocs.io

Update urllib3 from 1.26.11 to 2.2.0.

Changelog ### 2.1.0 ``` Read the [v2 migration guide](https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html) for help upgrading to the latest version of urllib3. Removals - Removed support for the deprecated urllib3[secure] extra. ([2680](https://github.com/urllib3/urllib3/issues/2680)) - Removed support for the deprecated SecureTransport TLS implementation. ([2681](https://github.com/urllib3/urllib3/issues/2681)) - Removed support for the end-of-life Python 3.7. ([3143](https://github.com/urllib3/urllib3/issues/3143)) Bugfixes - Allowed loading CA certificates from memory for proxies. ([3065](https://github.com/urllib3/urllib3/issues/3065)) - Fixed decoding Gzip-encoded responses which specified `x-gzip` content-encoding. ([3174](https://github.com/urllib3/urllib3/issues/3174)) ``` ### 2.0.7 ``` * Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4) ``` ### 2.0.6 ``` * Added the `Cookie` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via `Retry.remove_headers_on_redirect`. (GHSA-v845-jxx5-vc9f) ``` ### 2.0.5 ``` - Allowed pyOpenSSL third-party module without any deprecation warning. [3126](https://github.com/urllib3/urllib3/issues/3126) - Fixed default ``blocksize`` of ``HTTPConnection`` classes to match high-level classes. Previously was 8KiB, now 16KiB. [3066](https://github.com/urllib3/urllib3/issues/3066>) ``` ### 2.0.4 ``` - Added support for union operators to ``HTTPHeaderDict`` (2254) - Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (3078) - Fixed ``urllib3.connection.HTTPConnection`` to raise the ``http.client.connect`` audit event to have the same behavior as the standard library HTTP client (2757) - Relied on the standard library for checking hostnames in supported PyPy releases (3087) ``` ### 2.0.3 ``` - Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. [3020](https://github.com/urllib3/urllib3/issues/3020) - Deprecated URLs which don't have an explicit scheme [2950](https://github.com/urllib3/urllib3/pull/2950) - Fixed response decoding with Zstandard when compressed data is made of several frames. [3008](https://github.com/urllib3/urllib3/issues/3008) - Fixed ``assert_hostname=False`` to correctly skip hostname check. [3051](https://github.com/urllib3/urllib3/issues/3051) ``` ### 2.0.2 ``` * Fixed `HTTPResponse.stream()` to continue yielding bytes if buffered decompressed data was still available to be read even if the underlying socket is closed. This prevents a compressed response from being truncated. (https://github.com/urllib3/urllib3/issues/3009) ``` ### 2.0.1 ``` - Fixed a socket leak when fingerprint or hostname verifications fail. (2991) - Fixed an error when ``HTTPResponse.read(0)`` was the first ``read`` call or when the internal response body buffer was otherwise empty. (2998) ``` ### 2.0.0 ``` Read the [v2.0 migration guide](https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html) for help upgrading to the latest version of urllib3. Removed - Removed support for Python 2.7, 3.5, and 3.6 ([883](https://github.com/urllib3/urllib3/issues/883), [#2336](https://github.com/urllib3/urllib3/issues/2336)). - Removed fallback on certificate `commonName` in `match_hostname()` function. This behavior was deprecated in May 2000 in RFC 2818. Instead only `subjectAltName` is used to verify the hostname by default. To enable verifying the hostname against `commonName` use `SSLContext.hostname_checks_common_name = True` ([2113](https://github.com/urllib3/urllib3/issues/2113)). - Removed support for Python with an `ssl` module compiled with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 ([2168](https://github.com/urllib3/urllib3/issues/2168)). - Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support. When an incompatible OpenSSL version is detected an `ImportError` is raised ([2168](https://github.com/urllib3/urllib3/issues/2168)). - Removed the list of default ciphers for OpenSSL 1.1.1+ and SecureTransport as their own defaults are already secure ([2082](https://github.com/urllib3/urllib3/issues/2082)). - Removed `urllib3.contrib.appengine.AppEngineManager` and support for Google App Engine Standard Environment ([2044](https://github.com/urllib3/urllib3/issues/2044)). - Removed deprecated `Retry` options `method_whitelist`, `DEFAULT_REDIRECT_HEADERS_BLACKLIST` ([2086](https://github.com/urllib3/urllib3/issues/2086)). - Removed `urllib3.HTTPResponse.from_httplib` ([2648](https://github.com/urllib3/urllib3/issues/2648)). - Removed default value of `None` for the `request_context` parameter of `urllib3.PoolManager.connection_from_pool_key`. This change should have no effect on users as the default value of `None` was an invalid option and was never used ([1897](https://github.com/urllib3/urllib3/issues/1897)). - Removed the `urllib3.request` module. `urllib3.request.RequestMethods` has been made a private API. This change was made to ensure that `from urllib3 import request` imported the top-level `request()` function instead of the `urllib3.request` module ([2269](https://github.com/urllib3/urllib3/issues/2269)). - Removed support for SSLv3.0 from the `urllib3.contrib.pyopenssl` even when support is available from the compiled OpenSSL library ([2233](https://github.com/urllib3/urllib3/issues/2233)). - Removed the deprecated `urllib3.contrib.ntlmpool` module ([2339](https://github.com/urllib3/urllib3/issues/2339)). - Removed `DEFAULT_CIPHERS`, `HAS_SNI`, `USE_DEFAULT_SSLCONTEXT_CIPHERS`, from the private module `urllib3.util.ssl_` ([2168](https://github.com/urllib3/urllib3/issues/2168)). - Removed `urllib3.exceptions.SNIMissingWarning` ([2168](https://github.com/urllib3/urllib3/issues/2168)). - Removed the `_prepare_conn` method from `HTTPConnectionPool`. Previously this was only used to call `HTTPSConnection.set_cert()` by `HTTPSConnectionPool` ([1985](https://github.com/urllib3/urllib3/issues/1985)). - Removed `tls_in_tls_required` property from `HTTPSConnection`. This is now determined from the `scheme` parameter in `HTTPConnection.set_tunnel()` ([1985](https://github.com/urllib3/urllib3/issues/1985)). Deprecated - Deprecated `HTTPResponse.getheaders()` and `HTTPResponse.getheader()` which will be removed in urllib3 v2.1.0. Instead use `HTTPResponse.headers` and `HTTPResponse.headers.get(name, default)`. ([1543](https://github.com/urllib3/urllib3/issues/1543), [#2814](https://github.com/urllib3/urllib3/issues/2814)). - Deprecated `urllib3.contrib.pyopenssl` module which will be removed in urllib3 v2.1.0 ([2691](https://github.com/urllib3/urllib3/issues/2691)). - Deprecated `urllib3.contrib.securetransport` module which will be removed in urllib3 v2.1.0 ([2692](https://github.com/urllib3/urllib3/issues/2692)). - Deprecated `ssl_version` option in favor of `ssl_minimum_version`. `ssl_version` will be removed in urllib3 v2.1.0 ([2110](https://github.com/urllib3/urllib3/issues/2110)). - Deprecated the `strict` parameter as it's not longer needed in Python 3.x. It will be removed in urllib3 v2.1.0 ([2267](https://github.com/urllib3/urllib3/issues/2267)) - Deprecated the `NewConnectionError.pool` attribute which will be removed in urllib3 v2.1.0 ([2271](https://github.com/urllib3/urllib3/issues/2271)). - Deprecated `format_header_param_html5` and `format_header_param` in favor of `format_multipart_header_param` ([2257](https://github.com/urllib3/urllib3/issues/2257)). - Deprecated `RequestField.header_formatter` parameter which will be removed in urllib3 v2.1.0 ([2257](https://github.com/urllib3/urllib3/issues/2257)). - Deprecated `HTTPSConnection.set_cert()` method. Instead pass parameters to the `HTTPSConnection` constructor ([1985](https://github.com/urllib3/urllib3/issues/1985)). - Deprecated `HTTPConnection.request_chunked()` method which will be removed in urllib3 v2.1.0. Instead pass `chunked=True` to `HTTPConnection.request()` ([1985](https://github.com/urllib3/urllib3/issues/1985)). Added - Added top-level `urllib3.request` function which uses a preconfigured module-global `PoolManager` instance ([2150](https://github.com/urllib3/urllib3/issues/2150)). - Added the `json` parameter to `urllib3.request()`, `PoolManager.request()`, and `ConnectionPool.request()` methods to send JSON bodies in requests. Using this parameter will set the header `Content-Type: application/json` if `Content-Type` isn't already defined. Added support for parsing JSON response bodies with `HTTPResponse.json()` method ([2243](https://github.com/urllib3/urllib3/issues/2243)). - Added type hints to the `urllib3` module ([1897](https://github.com/urllib3/urllib3/issues/1897)). - Added `ssl_minimum_version` and `ssl_maximum_version` options which set `SSLContext.minimum_version` and `SSLContext.maximum_version` ([2110](https://github.com/urllib3/urllib3/issues/2110)). - Added support for Zstandard (RFC 8878) when `zstandard` 1.18.0 or later is installed. Added the `zstd` extra which installs the `zstandard` package ([1992](https://github.com/urllib3/urllib3/issues/1992)). - Added `urllib3.response.BaseHTTPResponse` class. All future response classes will be subclasses of `BaseHTTPResponse` ([2083](https://github.com/urllib3/urllib3/issues/2083)). - Added `FullPoolError` which is raised when `PoolManager(block=True)` and a connection is returned to a full pool ([2197](https://github.com/urllib3/urllib3/issues/2197)). - Added `HTTPHeaderDict` to the top-level `urllib3` namespace ([2216](https://github.com/urllib3/urllib3/issues/2216)). - Added support for configuring header merging behavior with HTTPHeaderDict When using a `HTTPHeaderDict` to provide headers for a request, by default duplicate header values will be repeated. But if `combine=True` is passed into a call to `HTTPHeaderDict.add`, then the added header value will be merged in with an existing value into a comma-separated list (`X-My-Header: foo, bar`) ([2242](https://github.com/urllib3/urllib3/issues/2242)). - Added `NameResolutionError` exception when a DNS error occurs ([2305](https://github.com/urllib3/urllib3/issues/2305)). - Added `proxy_assert_hostname` and `proxy_assert_fingerprint` kwargs to `ProxyManager` ([2409](https://github.com/urllib3/urllib3/issues/2409)). - Added a configurable `backoff_max` parameter to the `Retry` class. If a custom `backoff_max` is provided to the `Retry` class, it will replace the `Retry.DEFAULT_BACKOFF_MAX` ([2494](https://github.com/urllib3/urllib3/issues/2494)). - Added the `authority` property to the Url class as per RFC 3986 3.2. This property should be used in place of `netloc` for users who want to include the userinfo (auth) component of the URI ([2520](https://github.com/urllib3/urllib3/issues/2520)). - Added the `scheme` parameter to `HTTPConnection.set_tunnel` to configure the scheme of the origin being tunnelled to ([1985](https://github.com/urllib3/urllib3/issues/1985)). - Added the `is_closed`, `is_connected` and `has_connected_to_proxy` properties to `HTTPConnection` ([1985](https://github.com/urllib3/urllib3/issues/1985)). - Added optional `backoff_jitter` parameter to `Retry`. ([2952](https://github.com/urllib3/urllib3/issues/2952)) Changed - Changed `urllib3.response.HTTPResponse.read` to respect the semantics of `io.BufferedIOBase` regardless of compression. Specifically, this method: - Only returns an empty bytes object to indicate EOF (that is, the response has been fully consumed). - Never returns more bytes than requested. - Can issue any number of system calls: zero, one or multiple. If you want each `urllib3.response.HTTPResponse.read` call to issue a single system call, you need to disable decompression by setting `decode_content=False` ([2128](https://github.com/urllib3/urllib3/issues/2128)). - Changed `urllib3.HTTPConnection.getresponse` to return an instance of `urllib3.HTTPResponse` instead of `http.client.HTTPResponse` ([2648](https://github.com/urllib3/urllib3/issues/2648)). - Changed `ssl_version` to instead set the corresponding `SSLContext.minimum_version` and `SSLContext.maximum_version` values. Regardless of `ssl_version` passed `SSLContext` objects are now constructed using `ssl.PROTOCOL_TLS_CLIENT` ([2110](https://github.com/urllib3/urllib3/issues/2110)). - Changed default `SSLContext.minimum_version` to be `TLSVersion.TLSv1_2` in line with Python 3.10 ([2373](https://github.com/urllib3/urllib3/issues/2373)). - Changed `ProxyError` to wrap any connection error (timeout, TLS, DNS) that occurs when connecting to the proxy ([2482](https://github.com/urllib3/urllib3/pull/2482)). - Changed `urllib3.util.create_urllib3_context` to not override the system cipher suites with a default value. The new default will be cipher suites configured by the operating system ([2168](https://github.com/urllib3/urllib3/issues/2168)). - Changed `multipart/form-data` header parameter formatting matches the WHATWG HTML Standard as of 2021-06-10. Control characters in filenames are no longer percent encoded ([2257](https://github.com/urllib3/urllib3/issues/2257)). - Changed the error raised when connecting via HTTPS when the `ssl` module isn't available from `SSLError` to `ImportError` ([2589](https://github.com/urllib3/urllib3/issues/2589)). - Changed `HTTPConnection.request()` to always use lowercase chunk boundaries when sending requests with `Transfer-Encoding: chunked` ([2515](https://github.com/urllib3/urllib3/issues/2515)). - Changed `enforce_content_length` default to True, preventing silent data loss when reading streamed responses ([2514](https://github.com/urllib3/urllib3/issues/2514)). - Changed internal implementation of `HTTPHeaderDict` to use `dict` instead of `collections.OrderedDict` for better performance ([2080](https://github.com/urllib3/urllib3/issues/2080)). - Changed the `urllib3.contrib.pyopenssl` module to wrap `OpenSSL.SSL.Error` with `ssl.SSLError` in `PyOpenSSLContext.load_cert_chain` ([2628](https://github.com/urllib3/urllib3/issues/2628)). - Changed usage of the deprecated `socket.error` to `OSError` ([2120](https://github.com/urllib3/urllib3/issues/2120)). - Changed all parameters in the `HTTPConnection` and `HTTPSConnection` constructors to be keyword-only except `host` and `port` ([1985](https://github.com/urllib3/urllib3/issues/1985)). - Changed `HTTPConnection.getresponse()` to set the socket timeout from `HTTPConnection.timeout` value before reading data from the socket. This previously was done manually by the `HTTPConnectionPool` calling `HTTPConnection.sock.settimeout(...)` ([1985](https://github.com/urllib3/urllib3/issues/1985)). - Changed the `_proxy_host` property to `_tunnel_host` in `HTTPConnectionPool` to more closely match how the property is used (value in `HTTPConnection.set_tunnel()`) ([1985](https://github.com/urllib3/urllib3/issues/1985)). - Changed name of `Retry.BACK0FF_MAX` to be `Retry.DEFAULT_BACKOFF_MAX`. - Changed TLS handshakes to use `SSLContext.check_hostname` when possible ([2452](https://github.com/urllib3/urllib3/pull/2452)). - Changed `server_hostname` to behave like other parameters only used by `HTTPSConnectionPool` ([2537](https://github.com/urllib3/urllib3/pull/2537)). - Changed the default `blocksize` to 16KB to match OpenSSL's default read amounts ([2348](https://github.com/urllib3/urllib3/pull/2348)). - Changed `HTTPResponse.read()` to raise an error when calling with `decode_content=False` after using `decode_content=True` to prevent data loss ([2800](https://github.com/urllib3/urllib3/issues/2800)). Fixed - Fixed thread-safety issue where accessing a `PoolManager` with many distinct origins would cause connection pools to be closed while requests are in progress ([1252](https://github.com/urllib3/urllib3/issues/1252)). - Fixed an issue where an `HTTPConnection` instance would erroneously reuse the socket read timeout value from reading the previous response instead of a newly configured connect timeout. Instead now if `HTTPConnection.timeout` is updated before sending the next request the new timeout value will be used ([2645](https://github.com/urllib3/urllib3/issues/2645)). - Fixed `socket.error.errno` when raised from pyOpenSSL's `OpenSSL.SSL.SysCallError` ([2118](https://github.com/urllib3/urllib3/issues/2118)). - Fixed the default value of `HTTPSConnection.socket_options` to match `HTTPConnection` ([2213](https://github.com/urllib3/urllib3/issues/2213)). - Fixed a bug where `headers` would be modified by the `remove_headers_on_redirect` feature ([2272](https://github.com/urllib3/urllib3/issues/2272)). - Fixed a reference cycle bug in `urllib3.util.connection.create_connection()` ([2277](https://github.com/urllib3/urllib3/issues/2277)). - Fixed a socket leak if `HTTPConnection.connect()` fails ([2571](https://github.com/urllib3/urllib3/pull/2571)). - Fixed `urllib3.contrib.pyopenssl.WrappedSocket` and `urllib3.contrib.securetransport.WrappedSocket` close methods ([2970](https://github.com/urllib3/urllib3/issues/2970)) ``` ### 2.0.0a4 ``` - Removed the `setup.py` shim, `python setup.py install` will print `[Errno 2] No such file or directory` instead of a warning to use pip ([2975](https://github.com/urllib3/urllib3/issues/2975)) - Added optional `backoff_jitter` parameter to `Retry` ([2952](https://github.com/urllib3/urllib3/issues/2952)) - Fixed URL encoding by removing \'!\' from the \'unreserved\' character set specified in RFC 3986 ([2899](https://github.com/urllib3/urllib3/issues/2899)) - Fixed a sign error in a check for whether a character is in the ASCII range ([2901](https://github.com/urllib3/urllib3/issues/2901)) - Fixed `urllib3.contrib.pyopenssl.WrappedSocket` and `urllib3.contrib.securetransport.WrappedSocket` close methods ([2970](https://github.com/urllib3/urllib3/issues/2970)) ``` ### 2.0.0a3 ``` **Read the [v2.0 migration guide](https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html) for help upgrading to the latest version of urllib3.** - Fixed logging error when using `add_stderr_logger` (2839) - Fixed parsing of port 0 (zero) returning None, instead of 0 (2850) - Fixed the type hint of `PoolKey.key_retries` by adding `bool` to the union (2865) ``` ### 2.0.0a2 ``` **Read the [v2.0 migration guide](https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html) for help upgrading to the latest version of urllib3.** * Changed `HTTPResponse.read()` to raise an error when calling with `decode_content=False` after using `decode_content=True` to prevent data loss (https://github.com/urllib3/urllib3/issues/2800). * Changed `HTTPResponse.getheaders()` and `.getheader()` to previous behavior in 1.26.x. Instead we are deprecating these methods in favor of `HTTPResponse.headers.items()` and `HTTPResponse.headers.get()`. Both deprecated methods will be removed in v2.1.0 (https://github.com/urllib3/urllib3/issues/2814) * Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid. (https://github.com/urllib3/urllib3/pull/2806) * Fixed deprecation warning when using cryptography v39.0.0. This fix requires using pyOpenSSL>=17.1.0 and cryptography>=1.9. (https://github.com/urllib3/urllib3/pull/2829) ``` ### 2.0.0a1 ``` **Read the [v2.0 migration guide](https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html) for help upgrading to the latest version of urllib3!** Added * Added type hints to the ``urllib3`` module ([1897](https://github.com/urllib3/urllib3/issues/1897)). * Added ``ssl_minimum_version`` and ``ssl_maximum_version`` options which set ``SSLContext.minimum_version`` and ``SSLContext.maximum_version`` ([2110](https://github.com/urllib3/urllib3/issues/2110)). * Added support for Zstandard (RFC 8878) when ``zstandard`` 1.18.0 or later is installed. Added the ``zstd`` extra which installs the ``zstandard`` package ([1992](https://github.com/urllib3/urllib3/issues/1992)). * Added ``urllib3.response.BaseHTTPResponse`` class. All future response classes will be subclasses of ``BaseHTTPResponse`` ([2083](https://github.com/urllib3/urllib3/issues/2083)). * Added top-level ``urllib3.request`` function which uses a preconfigured module-global ``PoolManager`` instance ([2150](https://github.com/urllib3/urllib3/issues/2150)). * Added ``FullPoolError`` which is raised when ``PoolManager(block=True)`` and a connection is returned to a full pool ([2197](https://github.com/urllib3/urllib3/issues/2197)). * Added ``HTTPHeaderDict`` to the top-level ``urllib3`` namespace ([2216](https://github.com/urllib3/urllib3/issues/2216)). * Added the ``json`` parameter to ``urllib3.request()``, ``PoolManager.request()``, and ``ConnectionPool.request()`` methods to send JSON bodies in requests. Using this parameter will set the header ``Content-Type: application/json`` if ``Content-Type`` isn't already defined. Added support for parsing JSON response bodies with ``HTTPResponse.json()`` method ([2243](https://github.com/urllib3/urllib3/issues/2243)). * Added support for configuring header merging behavior with HTTPHeaderDict When using a ``HTTPHeaderDict`` to provide headers for a request, by default duplicate header values will be repeated. But if ``combine=True`` is passed into a call to ``HTTPHeaderDict.add``, then the added header value will be merged in with an existing value into a comma-separated list (``X-My-Header: foo, bar``) ([2242](https://github.com/urllib3/urllib3/issues/2242)). * Added ``NameResolutionError`` exception when a DNS error occurs ([2305](https://github.com/urllib3/urllib3/issues/2305)). * Added ``proxy_assert_hostname`` and ``proxy_assert_fingerprint`` kwargs to ``ProxyManager`` ([2409](https://github.com/urllib3/urllib3/issues/2409)). * Added a configurable ``backoff_max`` parameter to the ``Retry`` class. If a custom ``backoff_max`` is provided to the ``Retry`` class, it will replace the ``Retry.DEFAULT_BACKOFF_MAX`` ([2494](https://github.com/urllib3/urllib3/issues/2494)). * Added the ``authority`` property to the Url class as per RFC 3986 3.2. This property should be used in place of ``netloc`` for users who want to include the userinfo (auth) component of the URI ([2520](https://github.com/urllib3/urllib3/issues/2520)). * Added the ``scheme`` parameter to ``HTTPConnection.set_tunnel`` to configure the scheme of the origin being tunnelled to ([1985](https://github.com/urllib3/urllib3/issues/1985)). * Added the ``is_closed``, ``is_connected`` and ``has_connected_to_proxy`` properties to ``HTTPConnection`` ([1985](https://github.com/urllib3/urllib3/issues/1985)). Removed * Removed support for Python 2.7, 3.5, and 3.6 ([883](https://github.com/urllib3/urllib3/issues/883), [#2336](https://github.com/urllib3/urllib3/issues/2336)). * Removed fallback on certificate ``commonName`` in ``match_hostname()`` function. This behavior was deprecated in May 2000 in RFC 2818. Instead only ``subjectAltName`` is used to verify the hostname by default. To enable verifying the hostname against ``commonName`` use ``SSLContext.hostname_checks_common_name = True`` ([2113](https://github.com/urllib3/urllib3/issues/2113)). * Removed support for Python with an ``ssl`` module compiled with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 ([2168](https://github.com/urllib3/urllib3/issues/2168)). * Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support. When an incompatible OpenSSL version is detected an ``ImportError`` is raised ([2168](https://github.com/urllib3/urllib3/issues/2168)). * Removed the list of default ciphers for OpenSSL 1.1.1+ and SecureTransport as their own defaults are already secure ([2082](https://github.com/urllib3/urllib3/issues/2082)). * Removed ``urllib3.contrib.appengine.AppEngineManager`` and support for Google App Engine Standard Environment ([2044](https://github.com/urllib3/urllib3/issues/2044)). * Removed deprecated ``Retry`` options ``method_whitelist``, ``DEFAULT_REDIRECT_HEADERS_BLACKLIST`` ([2086](https://github.com/urllib3/urllib3/issues/2086)). * Removed ``urllib3.HTTPResponse.from_httplib`` ([2648](https://github.com/urllib3/urllib3/issues/2648)). * Removed default value of ``None`` for the ``request_context`` parameter of ``urllib3.PoolManager.connection_from_pool_key``. This change should have no effect on users as the default value of ``None`` was an invalid option and was never used ([1897](https://github.com/urllib3/urllib3/issues/1897)). * Removed the ``urllib3.request`` module. ``urllib3.request.RequestMethods`` has been made a private API. This change was made to ensure that ``from urllib3 import request`` imported the top-level ``request()`` function instead of the ``urllib3.request`` module ([2269](https://github.com/urllib3/urllib3/issues/2269)). * Removed support for SSLv3.0 from the ``urllib3.contrib.pyopenssl`` even when support is available from the compiled OpenSSL library ([2233](https://github.com/urllib3/urllib3/issues/2233)). * Removed the deprecated ``urllib3.contrib.ntlmpool`` module ([2339](https://github.com/urllib3/urllib3/issues/2339)). * Removed ``DEFAULT_CIPHERS``, ``HAS_SNI``, ``USE_DEFAULT_SSLCONTEXT_CIPHERS``, from the private module ``urllib3.util.ssl_`` ([2168](https://github.com/urllib3/urllib3/issues/2168)). * Removed ``urllib3.exceptions.SNIMissingWarning`` ([2168](https://github.com/urllib3/urllib3/issues/2168)). * Removed the ``_prepare_conn`` method from ``HTTPConnectionPool``. Previously this was only used to call ``HTTPSConnection.set_cert()`` by ``HTTPSConnectionPool`` ([1985](https://github.com/urllib3/urllib3/issues/1985)). * Removed ``tls_in_tls_required`` property from ``HTTPSConnection``. This is now determined from the ``scheme`` parameter in ``HTTPConnection.set_tunnel()`` ([1985](https://github.com/urllib3/urllib3/issues/1985)). Changed * Changed ``urllib3.response.HTTPResponse.read`` to respect the semantics of ``io.BufferedIOBase`` regardless of compression. Specifically, this method: * Only returns an empty bytes object to indicate EOF (that is, the response has been fully consumed). * Never returns more bytes than requested. * Can issue any number of system calls: zero, one or multiple. If you want each ``urllib3.response.HTTPResponse.read`` call to issue a single system call, you need to disable decompression by setting ``decode_content=False`` ([2128](https://github.com/urllib3/urllib3/issues/2128)). * Changed ``ssl_version`` to instead set the corresponding ``SSLContext.minimum_version`` and ``SSLContext.maximum_version`` values. Regardless of ``ssl_version`` passed ``SSLContext`` objects are now constructed using ``ssl.PROTOCOL_TLS_CLIENT`` ([2110](https://github.com/urllib3/urllib3/issues/2110)). * Changed default ``SSLContext.minimum_version`` to be ``TLSVersion.TLSv1_2`` in line with Python 3.10 ([2373](https://github.com/urllib3/urllib3/issues/2373)). * Changed ``ProxyError`` to wrap any connection error (timeout, TLS, DNS) that occurs when connecting to the proxy ([2482](https://github.com/urllib3/urllib3/pull/2482)). * Changed ``urllib3.util.create_urllib3_context`` to not override the system cipher suites with a default value. The new default will be cipher suites configured by the operating system ([2168](https://github.com/urllib3/urllib3/issues/2168)). * Changed ``multipart/form-data`` header parameter formatting matches the WHATWG HTML Standard as of 2021-06-10. Control characters in filenames are no longer percent encoded ([2257](https://github.com/urllib3/urllib3/issues/2257)). * Changed ``urllib3.HTTPConnection.getresponse`` to return an instance of ``urllib3.HTTPResponse`` instead of ``http.client.HTTPResponse`` ([2648](https://github.com/urllib3/urllib3/issues/2648)). * Changed return type of ``HTTPResponse.getheaders()`` method to return a list of key-value tuples to match CPython ([1543](https://github.com/urllib3/urllib3/issues/1543)). * Changed the error raised when connecting via HTTPS when the ``ssl`` module isn't available from ``SSLError`` to ``ImportError`` ([2589](https://github.com/urllib3/urllib3/issues/2589)). * Changed ``HTTPConnection.request()`` to always use lowercase chunk boundaries when sending requests with ``Transfer-Encoding: chunked`` ([2515](https://github.com/urllib3/urllib3/issues/2515)). * Changed `enforce_content_length` default to True, preventing silent data loss when reading streamed responses ([2514](https://github.com/urllib3/urllib3/issues/2514)). * Changed internal implementation of ``HTTPHeaderDict`` to use ``dict`` instead of ``collections.OrderedDict`` for better performance ([2080](https://github.com/urllib3/urllib3/issues/2080)). * Changed the ``urllib3.contrib.pyopenssl`` module to wrap ``OpenSSL.SSL.Error`` with ``ssl.SSLError`` in ``PyOpenSSLContext.load_cert_chain`` ([2628](https://github.com/urllib3/urllib3/issues/2628)). * Changed usage of the deprecated ``socket.error`` to ``OSError`` ([2120](https://github.com/urllib3/urllib3/issues/2120)). * Changed all parameters in the ``HTTPConnection`` and ``HTTPSConnection`` constructors to be keyword-only except ``host`` and ``port`` ([1985](https://github.com/urllib3/urllib3/issues/1985)). * Changed ``urllib3.util.is_connection_dropped()`` to use ``HTTPConnection.is_connected`` ([1985](https://github.com/urllib3/urllib3/issues/1985)). * Changed ``HTTPConnection.getresponse()`` to set the socket timeout from ``HTTPConnection.timeout`` value before reading data from the socket. This previously was done manually by the ``HTTPConnectionPool`` calling ``HTTPConnection.sock.settimeout(...)`` ([1985](https://github.com/urllib3/urllib3/issues/1985)). * Changed the ``_proxy_host`` property to ``_tunnel_host`` in ``HTTPConnectionPool`` to more closely match how the property is used (value in ``HTTPConnection.set_tunnel()``) ([1985](https://github.com/urllib3/urllib3/issues/1985)). * Changed name of ``Retry.BACK0FF_MAX`` to be ``Retry.DEFAULT_BACKOFF_MAX``. * Changed TLS handshakes to use ``SSLContext.check_hostname`` when possible ([2452](https://github.com/urllib3/urllib3/pull/2452)). * Changed ``server_hostname`` to behave like other parameters only used by ``HTTPSConnectionPool`` ([2537](https://github.com/urllib3/urllib3/pull/2537)). * Changed the default ``blocksize`` to 16KB to match OpenSSL's default read amounts ([2348](https://github.com/urllib3/urllib3/pull/2348)). Deprecated * Deprecated ``urllib3.contrib.pyopenssl`` module which will be removed in urllib3 v2.1.0 ([2691](https://github.com/urllib3/urllib3/issues/2691)). * Deprecated ``urllib3.contrib.securetransport`` module which will be removed in urllib3 v2.1.0 ([2692](https://github.com/urllib3/urllib3/issues/2692)). * Deprecated ``ssl_version`` option in favor of ``ssl_minimum_version``. ``ssl_version`` will be removed in urllib3 v2.1.0 ([2110](https://github.com/urllib3/urllib3/issues/2110)). * Deprecated the ``strict`` parameter as it's not longer needed in Python 3.x. It will be removed in urllib3 v2.1.0 ([2267](https://github.com/urllib3/urllib3/issues/2267)) * Deprecated the ``NewConnectionError.pool`` attribute which will be removed in urllib3 v2.1.0 ([2271](https://github.com/urllib3/urllib3/issues/2271)). * Deprecated ``format_header_param_html5`` and ``format_header_param`` in favor of ``format_multipart_header_param`` ([2257](https://github.com/urllib3/urllib3/issues/2257)). * Deprecated ``RequestField.header_formatter`` parameter which will be removed in urllib3 v2.1.0 ([2257](https://github.com/urllib3/urllib3/issues/2257)). * Deprecated ``HTTPSConnection.set_cert()`` method. Instead pass parameters to the ``HTTPSConnection`` constructor ([1985](https://github.com/urllib3/urllib3/issues/1985)). * Deprecated ``HTTPConnection.request_chunked()`` method which will be removed in urllib3 v2.1.0. Instead pass ``chunked=True`` to ``HTTPConnection.request()`` ([1985](https://github.com/urllib3/urllib3/issues/1985)). Fixed * Fixed thread-safety issue where accessing a `PoolManager` with many distinct origins would cause connection pools to be closed while requests are in progress ([1252](https://github.com/urllib3/urllib3/issues/1252)). * Fixed an issue where an ``HTTPConnection`` instance would erroneously reuse the socket read timeout value from reading the previous response instead of a newly configured connect timeout. Instead now if ``HTTPConnection.timeout`` is updated before sending the next request the new timeout value will be used ([2645](https://github.com/urllib3/urllib3/issues/2645)). * Fixed ``socket.error.errno`` when raised from pyOpenSSL's ``OpenSSL.SSL.SysCallError`` ([2118](https://github.com/urllib3/urllib3/issues/2118)). * Fixed the default value of ``HTTPSConnection.socket_options`` to match ``HTTPConnection`` ([2213](https://github.com/urllib3/urllib3/issues/2213)). * Fixed a bug where ``headers`` would be modified by the ``remove_headers_on_redirect`` feature ([2272](https://github.com/urllib3/urllib3/issues/2272)). * Fixed a reference cycle bug in ``urllib3.util.connection.create_connection()`` ([2277](https://github.com/urllib3/urllib3/issues/2277)). * Fixed a socket leak if ``HTTPConnection.connect()`` fails ([2571](https://github.com/urllib3/urllib3/pull/2571)). ``` ### 1.26.18 ``` * Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4) ``` ### 1.26.17 ``` * Added the `Cookie` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via `Retry.remove_headers_on_redirect`. (GHSA-v845-jxx5-vc9f) ``` ### 1.26.16 ``` * Fixed thread-safety issue where accessing a `PoolManager` with many distinct origins would cause connection pools to be closed while requests are in progress (2954) ``` ### 1.26.15 ``` * Fix socket timeout value when HTTPConnection is reused (https://github.com/urllib3/urllib3/issues/2645) * Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (https://github.com/urllib3/urllib3/issues/2899) * Fix IDNA handling of 'x80' byte (https://github.com/urllib3/urllib3/issues/2901) ``` ### 1.26.14 ``` * Fixed parsing of port 0 (zero) returning None, instead of 0 (2850) * Removed deprecated `HTTPResponse.getheaders()` calls in `urllib3.contrib` module. ``` ### 1.26.13 ``` * Deprecated the `HTTPResponse.getheaders()` and `HTTPResponse.getheader()` methods. * Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid. * Fixed a deprecation warning when using cryptography v39.0.0. * Removed the `<4` in the `Requires-Python` packaging metadata field. ``` ### 1.26.12 ``` * Deprecated the `urllib3[secure]` extra and the `urllib3.contrib.pyopenssl` module. Both will be removed in v2.x. See this [GitHub issue](https://github.com/urllib3/urllib3/issues/2680) for justification and info on how to migrate. ```
Links - PyPI: https://pypi.org/project/urllib3 - Changelog: https://data.safetycli.com/changelogs/urllib3/
what-the-diff[bot] commented 9 months ago

PR Summary

codecov[bot] commented 9 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 33.67%. Comparing base (ad09368) to head (4cd331b).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #808 +/- ## ======================================= Coverage 33.67% 33.67% ======================================= Files 5 5 Lines 677 677 ======================================= Hits 228 228 Misses 449 449 ``` | [Flag](https://app.codecov.io/gh/JuryA/landscape_api_py3/pull/808/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ji%C5%99%C3%AD+Altman) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/JuryA/landscape_api_py3/pull/808/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ji%C5%99%C3%AD+Altman) | `33.67% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ji%C5%99%C3%AD+Altman#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

pyup-bot commented 2 days ago

Closing this in favor of #613