Changelog
*Sourced from [urllib3's changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst).*
> 1.24.2 (2019-04-17)
> -------------------
>
> * Don't load system certificates by default when any other ``ca_certs``, ``ca_certs_dir`` or
> ``ssl_context`` parameters are specified.
>
> * Remove Authorization header regardless of case when redirecting to cross-site. (Issue [#1510](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1510))
>
> * Add support for IPv6 addresses in subjectAltName section of certificates. (Issue [#1269](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1269))
>
>
> 1.24.1 (2018-11-02)
> -------------------
>
> * Remove quadratic behavior within ``GzipDecoder.decompress()`` (Issue [#1467](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1467))
>
> * Restored functionality of ``ciphers`` parameter for ``create_urllib3_context()``. (Issue [#1462](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1462))
>
>
> 1.24 (2018-10-16)
> -----------------
>
> * Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull [#1449](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1449))
>
> * Test against Python 3.7 on AppVeyor. (Pull [#1453](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1453))
>
> * Early-out ipv6 checks when running on App Engine. (Pull [#1450](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1450))
>
> * Change ambiguous description of backoff_factor (Pull [#1436](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1436))
>
> * Add ability to handle multiple Content-Encodings (Issue [#1441](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1441) and Pull [#1442](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1442))
>
> * Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue [#1405](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1405)).
>
> * Add a server_hostname parameter to HTTPSConnection which allows for
> overriding the SNI hostname sent in the handshake. (Pull [#1397](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1397))
>
> * Drop support for EOL Python 2.6 (Pull [#1429](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1429) and Pull [#1430](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1430))
>
> * Fixed bug where responses with header Content-Type: message/* erroneously
> raised HeaderParsingError, resulting in a warning being logged. (Pull [#1439](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1439))
>
> * Move urllib3 to src/urllib3 (Pull [#1409](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1409))
>
>
> 1.23 (2018-06-04)
> -----------------
>
> * Allow providing a list of headers to strip from requests when redirecting
> to a different host. Defaults to the ``Authorization`` header. Different
> ... (truncated)
Commits
- [`1efadf4`](https://github.com/urllib3/urllib3/commit/1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1) Release 1.24.2 ([#1564](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1564))
- [`a6ec68a`](https://github.com/urllib3/urllib3/commit/a6ec68a5c5c5743c59fe5c62c635c929586c429b) Merging new release version: 1.24.1
- [`0cedb3b`](https://github.com/urllib3/urllib3/commit/0cedb3b0f1e5d79c89c6db767c534b064b794cf2) Restore context.set_ciphers() to create_urllib3_context() ([#1463](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1463))
- [`0aeba3b`](https://github.com/urllib3/urllib3/commit/0aeba3be0224a930f6ffef254ed12b41303a86d7) Use bytearray to accumulate bytes from gzip ([#1468](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1468))
- [`f8d1c78`](https://github.com/urllib3/urllib3/commit/f8d1c787d9b02a70d66ddbde9c99061d9073d54a) Uninstall oclint to ensure gcc can be brew upgraded ([#1464](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1464))
- [`cd7cfa6`](https://github.com/urllib3/urllib3/commit/cd7cfa613b2678e700597d098ce9bbdc934863e6) Resolve pytest pluggy version conflict ([#1457](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1457))
- [`b548abc`](https://github.com/urllib3/urllib3/commit/b548abc9812a628d3290d0cab83e44f3c31ac6fe) Update changelog for 1.24 release
- [`ef0c745`](https://github.com/urllib3/urllib3/commit/ef0c74542abe69421a86c4d3c6a86fe43cb809a4) Merging new release version: 1.24
- [`a0964d9`](https://github.com/urllib3/urllib3/commit/a0964d9947c07d2b8495726ac23ad251b5d236af) Add missing key_server_hostname variable ([#1449](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1449))
- [`34d8298`](https://github.com/urllib3/urllib3/commit/34d8298ecf93c84f9916457d89701d6d5c807780) Test against Python 3.7 on AppVeyor ([#1453](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1453))
- Additional commits viewable in [compare view](https://github.com/urllib3/urllib3/compare/1.20...1.24.2)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ThreeSixtyGiving/standard/network/alerts).
Bumps urllib3 from 1.20 to 1.24.2.
Changelog
*Sourced from [urllib3's changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst).* > 1.24.2 (2019-04-17) > ------------------- > > * Don't load system certificates by default when any other ``ca_certs``, ``ca_certs_dir`` or > ``ssl_context`` parameters are specified. > > * Remove Authorization header regardless of case when redirecting to cross-site. (Issue [#1510](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1510)) > > * Add support for IPv6 addresses in subjectAltName section of certificates. (Issue [#1269](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1269)) > > > 1.24.1 (2018-11-02) > ------------------- > > * Remove quadratic behavior within ``GzipDecoder.decompress()`` (Issue [#1467](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1467)) > > * Restored functionality of ``ciphers`` parameter for ``create_urllib3_context()``. (Issue [#1462](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1462)) > > > 1.24 (2018-10-16) > ----------------- > > * Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull [#1449](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1449)) > > * Test against Python 3.7 on AppVeyor. (Pull [#1453](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1453)) > > * Early-out ipv6 checks when running on App Engine. (Pull [#1450](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1450)) > > * Change ambiguous description of backoff_factor (Pull [#1436](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1436)) > > * Add ability to handle multiple Content-Encodings (Issue [#1441](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1441) and Pull [#1442](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1442)) > > * Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue [#1405](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1405)). > > * Add a server_hostname parameter to HTTPSConnection which allows for > overriding the SNI hostname sent in the handshake. (Pull [#1397](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1397)) > > * Drop support for EOL Python 2.6 (Pull [#1429](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1429) and Pull [#1430](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1430)) > > * Fixed bug where responses with header Content-Type: message/* erroneously > raised HeaderParsingError, resulting in a warning being logged. (Pull [#1439](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1439)) > > * Move urllib3 to src/urllib3 (Pull [#1409](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1409)) > > > 1.23 (2018-06-04) > ----------------- > > * Allow providing a list of headers to strip from requests when redirecting > to a different host. Defaults to the ``Authorization`` header. Different > ... (truncated)Commits
- [`1efadf4`](https://github.com/urllib3/urllib3/commit/1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1) Release 1.24.2 ([#1564](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1564)) - [`a6ec68a`](https://github.com/urllib3/urllib3/commit/a6ec68a5c5c5743c59fe5c62c635c929586c429b) Merging new release version: 1.24.1 - [`0cedb3b`](https://github.com/urllib3/urllib3/commit/0cedb3b0f1e5d79c89c6db767c534b064b794cf2) Restore context.set_ciphers() to create_urllib3_context() ([#1463](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1463)) - [`0aeba3b`](https://github.com/urllib3/urllib3/commit/0aeba3be0224a930f6ffef254ed12b41303a86d7) Use bytearray to accumulate bytes from gzip ([#1468](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1468)) - [`f8d1c78`](https://github.com/urllib3/urllib3/commit/f8d1c787d9b02a70d66ddbde9c99061d9073d54a) Uninstall oclint to ensure gcc can be brew upgraded ([#1464](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1464)) - [`cd7cfa6`](https://github.com/urllib3/urllib3/commit/cd7cfa613b2678e700597d098ce9bbdc934863e6) Resolve pytest pluggy version conflict ([#1457](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1457)) - [`b548abc`](https://github.com/urllib3/urllib3/commit/b548abc9812a628d3290d0cab83e44f3c31ac6fe) Update changelog for 1.24 release - [`ef0c745`](https://github.com/urllib3/urllib3/commit/ef0c74542abe69421a86c4d3c6a86fe43cb809a4) Merging new release version: 1.24 - [`a0964d9`](https://github.com/urllib3/urllib3/commit/a0964d9947c07d2b8495726ac23ad251b5d236af) Add missing key_server_hostname variable ([#1449](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1449)) - [`34d8298`](https://github.com/urllib3/urllib3/commit/34d8298ecf93c84f9916457d89701d6d5c807780) Test against Python 3.7 on AppVeyor ([#1453](https://github-redirect.dependabot.com/urllib3/urllib3/issues/1453)) - Additional commits viewable in [compare view](https://github.com/urllib3/urllib3/compare/1.20...1.24.2)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ThreeSixtyGiving/standard/network/alerts).