Changelog
*Sourced from [requests's changelog](https://github.com/kennethreitz/requests/blob/master/HISTORY.md).*
> 2.20.0 (2018-10-18)
> -------------------
>
> **Bugfixes**
>
> - Content-Type header parsing is now case-insensitive (e.g.
> charset=utf8 v Charset=utf8).
> - Fixed exception leak where certain redirect urls would raise
> uncaught urllib3 exceptions.
> - Requests removes Authorization header from requests redirected
> from https to http on the same hostname. (CVE-2018-18074)
> - `should_bypass_proxies` now handles URIs without hostnames (e.g.
> files).
>
> **Dependencies**
>
> - Requests now supports urllib3 v1.24.
>
> **Deprecations**
>
> - Requests has officially stopped support for Python 2.6.
>
> 2.19.1 (2018-06-14)
> -------------------
>
> **Bugfixes**
>
> - Fixed issue where status\_codes.py's `init` function failed trying
> to append to a `__doc__` value of `None`.
>
> 2.19.0 (2018-06-12)
> -------------------
>
> **Improvements**
>
> - Warn user about possible slowdown when using cryptography version
> < 1.3.4
> - Check for invalid host in proxy URL, before forwarding request to
> adapter.
> - Fragments are now properly maintained across redirects. (RFC7231
> 7.1.2)
> - Removed use of cgi module to expedite library load time.
> - Added support for SHA-256 and SHA-512 digest auth algorithms.
> - Minor performance improvement to `Request.content`.
> - Migrate to using collections.abc for 3.7 compatibility.
>
> **Bugfixes**
>
> - Parsing empty `Link` headers with `parse_header_links()` no longer
> return one bogus entry.
> ... (truncated)
Commits
- See full diff in [compare view](https://github.com/requests/requests/commits/v2.20.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
Bumps requests from 2.8.14 to 2.20.0.
Changelog
*Sourced from [requests's changelog](https://github.com/kennethreitz/requests/blob/master/HISTORY.md).* > 2.20.0 (2018-10-18) > ------------------- > > **Bugfixes** > > - Content-Type header parsing is now case-insensitive (e.g. > charset=utf8 v Charset=utf8). > - Fixed exception leak where certain redirect urls would raise > uncaught urllib3 exceptions. > - Requests removes Authorization header from requests redirected > from https to http on the same hostname. (CVE-2018-18074) > - `should_bypass_proxies` now handles URIs without hostnames (e.g. > files). > > **Dependencies** > > - Requests now supports urllib3 v1.24. > > **Deprecations** > > - Requests has officially stopped support for Python 2.6. > > 2.19.1 (2018-06-14) > ------------------- > > **Bugfixes** > > - Fixed issue where status\_codes.py's `init` function failed trying > to append to a `__doc__` value of `None`. > > 2.19.0 (2018-06-12) > ------------------- > > **Improvements** > > - Warn user about possible slowdown when using cryptography version > < 1.3.4 > - Check for invalid host in proxy URL, before forwarding request to > adapter. > - Fragments are now properly maintained across redirects. (RFC7231 > 7.1.2) > - Removed use of cgi module to expedite library load time. > - Added support for SHA-256 and SHA-512 digest auth algorithms. > - Minor performance improvement to `Request.content`. > - Migrate to using collections.abc for 3.7 compatibility. > > **Bugfixes** > > - Parsing empty `Link` headers with `parse_header_links()` no longer > return one bogus entry. > ... (truncated)Commits
- See full diff in [compare view](https://github.com/requests/requests/commits/v2.20.0)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language