search

deinstapel / eks-rolling-update

EKS Rolling Update is a utility for updating the launch configuration of worker nodes in an EKS cluster.
Apache License 2.0
3 stars 4 forks source link

Update dependency urllib3 to v2 #24

Open Jasper-Ben opened 1 year ago

Jasper-Ben commented 1 year ago

This PR contains the following updates:

Package Update Change
urllib3 (changelog) major <1.26 -> <2.1

Release Notes

urllib3/urllib3 (urllib3) ### [`v2.0.4`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#204-2023-07-19) [Compare Source](https://togithub.com/urllib3/urllib3/compare/2.0.3...2.0.4) \================== - Added support for union operators to `HTTPHeaderDict` (`#​2254 `\__) - Added `BaseHTTPResponse` to `urllib3.__all__` (`#​3078 `\__) - Fixed `urllib3.connection.HTTPConnection` to raise the `http.client.connect` audit event to have the same behavior as the standard library HTTP client (`#​2757 `\__) - Relied on the standard library for checking hostnames in supported PyPy releases (`#​3087 `\__) ### [`v2.0.3`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#203-2023-06-07) [Compare Source](https://togithub.com/urllib3/urllib3/compare/2.0.2...2.0.3) \================== - Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. (`#​3020 `\__) - Deprecated URLs which don't have an explicit scheme (`#​2950 `\_) - Fixed response decoding with Zstandard when compressed data is made of several frames. (`#​3008 `\__) - Fixed `assert_hostname=False` to correctly skip hostname check. (`#​3051 `\__) ### [`v2.0.2`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#202-2023-05-03) [Compare Source](https://togithub.com/urllib3/urllib3/compare/2.0.1...2.0.2) \================== - Fixed `HTTPResponse.stream()` to continue yielding bytes if buffered decompressed data was still available to be read even if the underlying socket is closed. This prevents a compressed response from being truncated. (`#​3009 `\__) ### [`v2.0.1`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#201-2023-04-30) [Compare Source](https://togithub.com/urllib3/urllib3/compare/2.0.0...2.0.1) \================== - Fixed a socket leak when fingerprint or hostname verifications fail. (`#​2991 `\__) - Fixed an error when `HTTPResponse.read(0)` was the first `read` call or when the internal response body buffer was otherwise empty. (`#​2998 `\__) ### [`v2.0.0`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#200-2023-04-26) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.16...2.0.0) \================== Read the `v2.0 migration guide `\__ for help upgrading to the latest version of urllib3. ## Removed - Removed support for Python 2.7, 3.5, and 3.6 (`#​883 `**, `#​2336 `**). - Removed fallback on certificate `commonName` in `match_hostname()` function. This behavior was deprecated in May 2000 in RFC 2818. Instead only `subjectAltName` is used to verify the hostname by default. To enable verifying the hostname against `commonName` use `SSLContext.hostname_checks_common_name = True` (`#​2113 `\__). - Removed support for Python with an `ssl` module compiled with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 (`#​2168 `\__). - Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support. When an incompatible OpenSSL version is detected an `ImportError` is raised (`#​2168 `\__). - Removed the list of default ciphers for OpenSSL 1.1.1+ and SecureTransport as their own defaults are already secure (`#​2082 `\__). - Removed `urllib3.contrib.appengine.AppEngineManager` and support for Google App Engine Standard Environment (`#​2044 `\__). - Removed deprecated `Retry` options `method_whitelist`, `DEFAULT_REDIRECT_HEADERS_BLACKLIST` (`#​2086 `\__). - Removed `urllib3.HTTPResponse.from_httplib` (`#​2648 `\__). - Removed default value of `None` for the `request_context` parameter of `urllib3.PoolManager.connection_from_pool_key`. This change should have no effect on users as the default value of `None` was an invalid option and was never used (`#​1897 `\__). - Removed the `urllib3.request` module. `urllib3.request.RequestMethods` has been made a private API. This change was made to ensure that `from urllib3 import request` imported the top-level `request()` function instead of the `urllib3.request` module (`#​2269 `\__). - Removed support for SSLv3.0 from the `urllib3.contrib.pyopenssl` even when support is available from the compiled OpenSSL library (`#​2233 `\__). - Removed the deprecated `urllib3.contrib.ntlmpool` module (`#​2339 `\__). - Removed `DEFAULT_CIPHERS`, `HAS_SNI`, `USE_DEFAULT_SSLCONTEXT_CIPHERS`, from the private module `urllib3.util.ssl_` (`#​2168 `\__). - Removed `urllib3.exceptions.SNIMissingWarning` (`#​2168 `\__). - Removed the `_prepare_conn` method from `HTTPConnectionPool`. Previously this was only used to call `HTTPSConnection.set_cert()` by `HTTPSConnectionPool` (`#​1985 `\__). - Removed `tls_in_tls_required` property from `HTTPSConnection`. This is now determined from the `scheme` parameter in `HTTPConnection.set_tunnel()` (`#​1985 `\__). - Removed the `strict` parameter/attribute from `HTTPConnection`, `HTTPSConnection`, `HTTPConnectionPool`, `HTTPSConnectionPool`, and `HTTPResponse` (`#​2064 `\__). ## Deprecated - Deprecated `HTTPResponse.getheaders()` and `HTTPResponse.getheader()` which will be removed in urllib3 v2.1.0. Instead use `HTTPResponse.headers` and `HTTPResponse.headers.get(name, default)`. (`#​1543 `**, `#​2814 `**). - Deprecated `urllib3.contrib.pyopenssl` module which will be removed in urllib3 v2.1.0 (`#​2691 `\__). - Deprecated `urllib3.contrib.securetransport` module which will be removed in urllib3 v2.1.0 (`#​2692 `\__). - Deprecated `ssl_version` option in favor of `ssl_minimum_version`. `ssl_version` will be removed in urllib3 v2.1.0 (`#​2110 `\__). - Deprecated the `strict` parameter of `PoolManager.connection_from_context()` as it's not longer needed in Python 3.x. It will be removed in urllib3 v2.1.0 (`#​2267 `\__) - Deprecated the `NewConnectionError.pool` attribute which will be removed in urllib3 v2.1.0 (`#​2271 `\__). - Deprecated `format_header_param_html5` and `format_header_param` in favor of `format_multipart_header_param` (`#​2257 `\__). - Deprecated `RequestField.header_formatter` parameter which will be removed in urllib3 v2.1.0 (`#​2257 `\__). - Deprecated `HTTPSConnection.set_cert()` method. Instead pass parameters to the `HTTPSConnection` constructor (`#​1985 `\__). - Deprecated `HTTPConnection.request_chunked()` method which will be removed in urllib3 v2.1.0. Instead pass `chunked=True` to `HTTPConnection.request()` (`#​1985 `\__). ## Added - Added top-level `urllib3.request` function which uses a preconfigured module-global `PoolManager` instance (`#​2150 `\__). - Added the `json` parameter to `urllib3.request()`, `PoolManager.request()`, and `ConnectionPool.request()` methods to send JSON bodies in requests. Using this parameter will set the header `Content-Type: application/json` if `Content-Type` isn't already defined. Added support for parsing JSON response bodies with `HTTPResponse.json()` method (`#​2243 `\__). - Added type hints to the `urllib3` module (`#​1897 `\__). - Added `ssl_minimum_version` and `ssl_maximum_version` options which set `SSLContext.minimum_version` and `SSLContext.maximum_version` (`#​2110 `\__). - Added support for Zstandard (RFC 8878) when `zstandard` 1.18.0 or later is installed. Added the `zstd` extra which installs the `zstandard` package (`#​1992 `\__). - Added `urllib3.response.BaseHTTPResponse` class. All future response classes will be subclasses of `BaseHTTPResponse` (`#​2083 `\__). - Added `FullPoolError` which is raised when `PoolManager(block=True)` and a connection is returned to a full pool (`#​2197 `\__). - Added `HTTPHeaderDict` to the top-level `urllib3` namespace (`#​2216 `\__). - Added support for configuring header merging behavior with HTTPHeaderDict When using a `HTTPHeaderDict` to provide headers for a request, by default duplicate header values will be repeated. But if `combine=True` is passed into a call to `HTTPHeaderDict.add`, then the added header value will be merged in with an existing value into a comma-separated list (`X-My-Header: foo, bar`) (`#​2242 `\__). - Added `NameResolutionError` exception when a DNS error occurs (`#​2305 `\__). - Added `proxy_assert_hostname` and `proxy_assert_fingerprint` kwargs to `ProxyManager` (`#​2409 `\__). - Added a configurable `backoff_max` parameter to the `Retry` class. If a custom `backoff_max` is provided to the `Retry` class, it will replace the `Retry.DEFAULT_BACKOFF_MAX` (`#​2494 `\__). - Added the `authority` property to the Url class as per RFC 3986 3.2. This property should be used in place of `netloc` for users who want to include the userinfo (auth) component of the URI (`#​2520 `\__). - Added the `scheme` parameter to `HTTPConnection.set_tunnel` to configure the scheme of the origin being tunnelled to (`#​1985 `\__). - Added the `is_closed`, `is_connected` and `has_connected_to_proxy` properties to `HTTPConnection` (`#​1985 `\__). - Added optional `backoff_jitter` parameter to `Retry`. (`#​2952 `\__) ## Changed - Changed `urllib3.response.HTTPResponse.read` to respect the semantics of `io.BufferedIOBase` regardless of compression. Specifically, this method: - Only returns an empty bytes object to indicate EOF (that is, the response has been fully consumed). - Never returns more bytes than requested. - Can issue any number of system calls: zero, one or multiple. If you want each `urllib3.response.HTTPResponse.read` call to issue a single system call, you need to disable decompression by setting `decode_content=False` (`#​2128 `\__). - Changed `urllib3.HTTPConnection.getresponse` to return an instance of `urllib3.HTTPResponse` instead of `http.client.HTTPResponse` (`#​2648 `\__). - Changed `ssl_version` to instead set the corresponding `SSLContext.minimum_version` and `SSLContext.maximum_version` values. Regardless of `ssl_version` passed `SSLContext` objects are now constructed using `ssl.PROTOCOL_TLS_CLIENT` (`#​2110 `\__). - Changed default `SSLContext.minimum_version` to be `TLSVersion.TLSv1_2` in line with Python 3.10 (`#​2373 `\__). - Changed `ProxyError` to wrap any connection error (timeout, TLS, DNS) that occurs when connecting to the proxy (`#​2482 `\__). - Changed `urllib3.util.create_urllib3_context` to not override the system cipher suites with a default value. The new default will be cipher suites configured by the operating system (`#​2168 `\__). - Changed `multipart/form-data` header parameter formatting matches the WHATWG HTML Standard as of 2021-06-10. Control characters in filenames are no longer percent encoded (`#​2257 `\__). - Changed the error raised when connecting via HTTPS when the `ssl` module isn't available from `SSLError` to `ImportError` (`#​2589 `\__). - Changed `HTTPConnection.request()` to always use lowercase chunk boundaries when sending requests with `Transfer-Encoding: chunked` (`#​2515 `\__). - Changed `enforce_content_length` default to True, preventing silent data loss when reading streamed responses (`#​2514 `\__). - Changed internal implementation of `HTTPHeaderDict` to use `dict` instead of `collections.OrderedDict` for better performance (`#​2080 `\__). - Changed the `urllib3.contrib.pyopenssl` module to wrap `OpenSSL.SSL.Error` with `ssl.SSLError` in `PyOpenSSLContext.load_cert_chain` (`#​2628 `\__). - Changed usage of the deprecated `socket.error` to `OSError` (`#​2120 `\__). - Changed all parameters in the `HTTPConnection` and `HTTPSConnection` constructors to be keyword-only except `host` and `port` (`#​1985 `\__). - Changed `HTTPConnection.getresponse()` to set the socket timeout from `HTTPConnection.timeout` value before reading data from the socket. This previously was done manually by the `HTTPConnectionPool` calling `HTTPConnection.sock.settimeout(...)` (`#​1985 `\__). - Changed the `_proxy_host` property to `_tunnel_host` in `HTTPConnectionPool` to more closely match how the property is used (value in `HTTPConnection.set_tunnel()`) (`#​1985 `\__). - Changed name of `Retry.BACK0FF_MAX` to be `Retry.DEFAULT_BACKOFF_MAX`. - Changed TLS handshakes to use `SSLContext.check_hostname` when possible (`#​2452 `\__). - Changed `server_hostname` to behave like other parameters only used by `HTTPSConnectionPool` (`#​2537 `\__). - Changed the default `blocksize` to 16KB to match OpenSSL's default read amounts (`#​2348 `\__). - Changed `HTTPResponse.read()` to raise an error when calling with `decode_content=False` after using `decode_content=True` to prevent data loss (`#​2800 `\__). ## Fixed - Fixed thread-safety issue where accessing a `PoolManager` with many distinct origins would cause connection pools to be closed while requests are in progress (`#​1252 `\__). - Fixed an issue where an `HTTPConnection` instance would erroneously reuse the socket read timeout value from reading the previous response instead of a newly configured connect timeout. Instead now if `HTTPConnection.timeout` is updated before sending the next request the new timeout value will be used (`#​2645 `\__). - Fixed `socket.error.errno` when raised from pyOpenSSL's `OpenSSL.SSL.SysCallError` (`#​2118 `\__). - Fixed the default value of `HTTPSConnection.socket_options` to match `HTTPConnection` (`#​2213 `\__). - Fixed a bug where `headers` would be modified by the `remove_headers_on_redirect` feature (`#​2272 `\__). - Fixed a reference cycle bug in `urllib3.util.connection.create_connection()` (`#​2277 `\__). - Fixed a socket leak if `HTTPConnection.connect()` fails (`#​2571 `\__). - Fixed `urllib3.contrib.pyopenssl.WrappedSocket` and `urllib3.contrib.securetransport.WrappedSocket` close methods (`#​2970 `\__) ### [`v1.26.16`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#12616-2023-05-23) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.15...1.26.16) \==================== - Fixed thread-safety issue where accessing a `PoolManager` with many distinct origins would cause connection pools to be closed while requests are in progress (`#​2954 `\_) ### [`v1.26.15`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#12615-2023-03-10) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.14...1.26.15) \==================== - Fix socket timeout value when `HTTPConnection` is reused (`#​2645 `\__) - Remove "!" character from the unreserved characters in IPv6 Zone ID parsing (`#​2899 `\__) - Fix IDNA handling of '\x80' byte (`#​2901 `\__) ### [`v1.26.14`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#12614-2023-01-11) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.13...1.26.14) \==================== - Fixed parsing of port 0 (zero) returning None, instead of 0. (`#​2850 `\__) - Removed deprecated getheaders() calls in contrib module. Fixed the type hint of `PoolKey.key_retries` by adding `bool` to the union. (`#​2865 `\__) ### [`v1.26.13`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#12613-2022-11-23) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.12...1.26.13) \==================== - Deprecated the `HTTPResponse.getheaders()` and `HTTPResponse.getheader()` methods. - Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid. - Fixed a deprecation warning when using cryptography v39.0.0. - Removed the `<4` in the `Requires-Python` packaging metadata field. ### [`v1.26.12`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#12612-2022-08-22) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.11...1.26.12) \==================== - Deprecated the `urllib3[secure]` extra and the `urllib3.contrib.pyopenssl` module. Both will be removed in v2.x. See this `GitHub issue `\_ for justification and info on how to migrate. ### [`v1.26.11`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#12611-2022-07-25) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.10...1.26.11) \==================== - Fixed an issue where reading more than 2 GiB in a call to `HTTPResponse.read` would raise an `OverflowError` on Python 3.9 and earlier. ### [`v1.26.10`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#12610-2022-07-07) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.9...1.26.10) \==================== - Removed support for Python 3.5 - Fixed an issue where a `ProxyError` recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured. ### [`v1.26.9`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1269-2022-03-16) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.8...1.26.9) \=================== - Changed `urllib3[brotli]` extra to favor installing Brotli libraries that are still receiving updates like `brotli` and `brotlicffi` instead of `brotlipy`. This change does not impact behavior of urllib3, only which dependencies are installed. - Fixed a socket leaking when `HTTPSConnection.connect()` raises an exception. - Fixed `server_hostname` being forwarded from `PoolManager` to `HTTPConnectionPool` when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL. ### [`v1.26.8`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1268-2022-01-07) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.7...1.26.8) \=================== - Added extra message to `urllib3.exceptions.ProxyError` when urllib3 detects that a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP. - Added a mention of the size of the connection pool when discarding a connection due to the pool being full. - Added explicit support for Python 3.11. - Deprecated the `Retry.MAX_BACKOFF` class property in favor of `Retry.DEFAULT_MAX_BACKOFF` to better match the rest of the default parameter names. `Retry.MAX_BACKOFF` is removed in v2.0. - Changed location of the vendored `ssl.match_hostname` function from `urllib3.packages.ssl_match_hostname` to `urllib3.util.ssl_match_hostname` to ensure Python 3.10+ compatibility after being repackaged by downstream distributors. - Fixed absolute imports, all imports are now relative. ### [`v1.26.7`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1267-2021-09-22) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.6...1.26.7) \=================== - Fixed a bug with HTTPS hostname verification involving IP addresses and lack of SNI. (Issue [#​2400](https://togithub.com/urllib3/urllib3/issues/2400)) - Fixed a bug where IPv6 braces weren't stripped during certificate hostname matching. (Issue [#​2240](https://togithub.com/urllib3/urllib3/issues/2240)) ### [`v1.26.6`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1266-2021-06-25) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.5...1.26.6) \=================== - Deprecated the `urllib3.contrib.ntlmpool` module. urllib3 is not able to support it properly due to `reasons listed in this issue `\_. If you are a user of this module please leave a comment. - Changed `HTTPConnection.request_chunked()` to not erroneously emit multiple `Transfer-Encoding` headers in the case that one is already specified. - Fixed typo in deprecation message to recommend `Retry.DEFAULT_ALLOWED_METHODS`. ### [`v1.26.5`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1265-2021-05-26) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.4...1.26.5) \=================== - Fixed deprecation warnings emitted in Python 3.10. - Updated vendored `six` library to 1.16.0. - Improved performance of URL parser when splitting the authority component. ### [`v1.26.4`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1264-2021-03-15) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.3...1.26.4) \=================== - Changed behavior of the default `SSLContext` when connecting to HTTPS proxy during HTTPS requests. The default `SSLContext` now sets `check_hostname=True`. ### [`v1.26.3`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1263-2021-01-26) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.2...1.26.3) \=================== - Fixed bytes and string comparison issue with headers (Pull [#​2141](https://togithub.com/urllib3/urllib3/issues/2141)) - Changed `ProxySchemeUnknown` error message to be more actionable if the user supplies a proxy URL without a scheme. (Pull [#​2107](https://togithub.com/urllib3/urllib3/issues/2107)) ### [`v1.26.2`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1262-2020-11-12) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.1...1.26.2) \=================== - Fixed an issue where `wrap_socket` and `CERT_REQUIRED` wouldn't be imported properly on Python 2.7.8 and earlier (Pull [#​2052](https://togithub.com/urllib3/urllib3/issues/2052)) ### [`v1.26.1`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#12616-2023-05-23) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.0...1.26.1) \==================== - Fixed thread-safety issue where accessing a `PoolManager` with many distinct origins would cause connection pools to be closed while requests are in progress (`#​2954 `\_) ### [`v1.26.0`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#1260-2020-11-10) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.25.11...1.26.0) \=================== - **NOTE: urllib3 v2.0 will drop support for Python 2**. `Read more in the v2.0 Roadmap `\_. - Added support for HTTPS proxies contacting HTTPS servers (Pull [#​1923](https://togithub.com/urllib3/urllib3/issues/1923), Pull [#​1806](https://togithub.com/urllib3/urllib3/issues/1806)) - Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that still wish to use TLS earlier than 1.2 without a deprecation warning should opt-in explicitly by setting `ssl_version=ssl.PROTOCOL_TLSv1_1` (Pull [#​2002](https://togithub.com/urllib3/urllib3/issues/2002)) **Starting in urllib3 v2.0: Connections that receive a `DeprecationWarning` will fail** - Deprecated `Retry` options `Retry.DEFAULT_METHOD_WHITELIST`, `Retry.DEFAULT_REDIRECT_HEADERS_BLACKLIST` and `Retry(method_whitelist=...)` in favor of `Retry.DEFAULT_ALLOWED_METHODS`, `Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT`, and `Retry(allowed_methods=...)` (Pull [#​2000](https://togithub.com/urllib3/urllib3/issues/2000)) **Starting in urllib3 v2.0: Deprecated options will be removed** - Added default `User-Agent` header to every request (Pull [#​1750](https://togithub.com/urllib3/urllib3/issues/1750)) - Added `urllib3.util.SKIP_HEADER` for skipping `User-Agent`, `Accept-Encoding`, and `Host` headers from being automatically emitted with requests (Pull [#​2018](https://togithub.com/urllib3/urllib3/issues/2018)) - Collapse `transfer-encoding: chunked` request data and framing into the same `socket.send()` call (Pull [#​1906](https://togithub.com/urllib3/urllib3/issues/1906)) - Send `http/1.1` ALPN identifier with every TLS handshake by default (Pull [#​1894](https://togithub.com/urllib3/urllib3/issues/1894)) - Properly terminate SecureTransport connections when CA verification fails (Pull [#​1977](https://togithub.com/urllib3/urllib3/issues/1977)) - Don't emit an `SNIMissingWarning` when passing `server_hostname=None` to SecureTransport (Pull [#​1903](https://togithub.com/urllib3/urllib3/issues/1903)) - Disabled requesting TLSv1.2 session tickets as they weren't being used by urllib3 (Pull [#​1970](https://togithub.com/urllib3/urllib3/issues/1970)) - Suppress `BrokenPipeError` when writing request body after the server has closed the socket (Pull [#​1524](https://togithub.com/urllib3/urllib3/issues/1524)) - Wrap `ssl.SSLError` that can be raised from reading a socket (e.g. "bad MAC") into an `urllib3.exceptions.SSLError` (Pull [#​1939](https://togithub.com/urllib3/urllib3/issues/1939))

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Renovate Bot.