Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
HTTPAdapter. (#6716)
Fixed issue where Requests started failing to run on Python versions compiled
without the ssl module. (#6724)
v2.32.2
2.32.2 (2024-05-21)
Deprecations
To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
v2.32.1
2.32.1 (2024-05-20)
Bugfixes
Add missing test certs to the sdist distributed on PyPI.
verify=True now reuses a global SSLContext which should improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (#6667)
Requests now supports optional use of character detection
(chardet or charset_normalizer) when repackaged or vendored.
Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
HTTPAdapter. (#6716)
Fixed issue where Requests started failing to run on Python versions compiled
without the ssl module. (#6724)
2.32.2 (2024-05-21)
Deprecations
To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
2.32.1 (2024-05-20)
Bugfixes
Add missing test certs to the sdist distributed on PyPI.
verify=True now reuses a global SSLContext which should improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (#6667)
Requests now supports optional use of character detection
(chardet or charset_normalizer) when repackaged or vendored.
This enables pip and other projects to minimize their vendoring
surface area. The Response.text() and apparent_encoding APIs
will default to utf-8 if neither library is present. (#6702)
api-change:acm-pca: Added CCPC_LEVEL_1_OR_HIGHER KeyStorageSecurityStandard and SM2 KeyAlgorithm and SM3WITHSM2 SigningAlgorithm for China regions.
api-change:cloudhsmv2: Added 3 new APIs to support backup sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added BackupArn to the output of the DescribeBackups API. Added support for BackupArn in the CreateCluster API.
api-change:connect: This release supports showing PreferredAgentRouting step via DescribeContact API.
api-change:emr: This release provides the support for new allocation strategies i.e. CAPACITY_OPTIMIZED_PRIORITIZED for Spot and PRIORITIZED for On-Demand by taking input of priority value for each instance type for instance fleet clusters.
api-change:glue: Added AttributesToGet parameter to Glue GetDatabases, allowing caller to limit output to include only the database name.
api-change:kinesisanalyticsv2: Support for Flink 1.19 in Managed Service for Apache Flink
api-change:opensearch: This release removes support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains.
api-change:pi: Noting that the filter db.sql.db_id isn't available for RDS for SQL Server DB instances.
api-change:workspaces: Added support for Red Hat Enterprise Linux 8 on Amazon WorkSpaces Personal.
1.34.135
api-change:application-autoscaling: Amazon WorkSpaces customers can now use Application Auto Scaling to automatically scale the number of virtual desktops in a WorkSpaces pool.
api-change:chime-sdk-media-pipelines: Added Amazon Transcribe multi language identification to Chime SDK call analytics. Enabling customers sending single stream audio to generate call recordings using Chime SDK call analytics
api-change:cloudfront: Doc only update for CloudFront that fixes customer-reported issue
api-change:datazone: This release supports the data lineage feature of business data catalog in Amazon DataZone.
api-change:elasticache: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
api-change:mq: This release makes the EngineVersion field optional for both broker and configuration and uses the latest available version by default. The AutoMinorVersionUpgrade field is also now optional for broker creation and defaults to 'true'.
api-change:qconnect: Adds CreateContentAssociation, ListContentAssociations, GetContentAssociation, and DeleteContentAssociation APIs.
api-change:quicksight: Adding support for Repeating Sections, Nested Filters
api-change:rds: Updates Amazon RDS documentation for TAZ export to S3.
api-change:sagemaker: Add capability for Admins to customize Studio experience for the user by showing or hiding Apps and MLTools.
api-change:workspaces: Added support for WorkSpaces Pools.
api-change:eks: Added support for disabling unmanaged addons during cluster creation.
api-change:ivs-realtime: IVS Real-Time now offers customers the ability to upload public keys for customer vended participant tokens.
api-change:kinesisanalyticsv2: This release adds support for new ListApplicationOperations and DescribeApplicationOperation APIs. It adds a new configuration to enable system rollbacks, adds field ApplicationVersionCreateTimestamp for clarity and improves support for pagination for APIs.
api-change:opensearch: This release adds support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains, and provides visibility into the current state of the setup or tear-down.
1.34.133
api-change:autoscaling: Doc only update for Auto Scaling's TargetTrackingMetricDataQuery
api-change:ec2: This release is for the launch of the new u7ib-12tb.224xlarge, R8g, c7gn.metal and mac2-m1ultra.metal instance types
api-change:networkmanager: This is model changes & documentation update for the Asynchronous Error Reporting feature for AWS Cloud WAN. This feature allows customers to view errors that occur while their resources are being provisioned, enabling customers to fix their resources without needing external support.
api-change:workspaces-thin-client: This release adds the deviceCreationTags field to CreateEnvironment API input, UpdateEnvironment API input and GetEnvironment API output.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the primary-deps group with 5 updates in the / directory:
3.21.13.21.32.31.02.32.31.34.741.34.1361.34.741.34.1363.27.13.30.0Updates
marshmallowfrom 3.21.1 to 3.21.3Changelog
Sourced from marshmallow's changelog.
Commits
b9646e3Bump version and update changelog99103a6Remove leaky lru_cache (#2277)47205b5[pre-commit.ci] pre-commit autoupdate (#2276)aaecd5b[pre-commit.ci] pre-commit autoupdatec592536[pre-commit.ci] pre-commit autoupdate (#2269)ee0c903[pre-commit.ci] pre-commit autoupdated4fd5a4[pre-commit.ci] pre-commit autoupdate511b8c5Bump version and update changelog03f56a4Merge pull request #2264 from marshmallow-code/allow_timestamp_058fbbcdEncapsulate timestamp boolean check in utilsUpdates
requestsfrom 2.31.0 to 2.32.3Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
0e322afv2.32.3e188799Don't create default SSLContext if ssl module isn't present (#6724)145b539Merge pull request #6716 from sigmavirus24/bug/6715b1d73ddDon't use default SSLContext with custom poolmanager kwargs6badbacUpdate HISTORY.mda62a2d3Allow for overriding of specific pool key params88dce9dv2.32.2c98e4d1Merge pull request #6710 from nateprewitt/api_rename92075b3Add deprecation warningaa1461bMove _get_connection to get_connection_with_tls_contextUpdates
botocorefrom 1.34.74 to 1.34.136Changelog
Sourced from botocore's changelog.
... (truncated)
Commits
446acfbMerge branch 'release-1.34.136'09a10d8Bumping version to 1.34.1369d5bd52Update endpoints modele3c5915Update to latest modelsce75911Merge branch 'release-1.34.135'1c7af15Merge branch 'release-1.34.135' into develop31053b7Bumping version to 1.34.1355de46c9Update endpoints model4d04705Update to latest modelsc2c38f8Merge branch 'release-1.34.134' into developUpdates
boto3from 1.34.74 to 1.34.136Commits
04045c4Merge branch 'release-1.34.136'c04875bBumping version to 1.34.1365df3444Add changelog entries from botocoredcfb592Merge pull request #4182 from kdaily/kdaily-remove-opsworks-collections-integ...acbe904Do not test opsworks collections359f0b2Merge branch 'release-1.34.135'54246d5Merge branch 'release-1.34.135' into developd9b5ce7Bumping version to 1.34.135857c461Add changelog entries from botocore6221a41Merge branch 'release-1.34.134' into developUpdates
slack-sdkfrom 3.27.1 to 3.30.0Release notes
Sourced from slack-sdk's releases.
Commits
aa3c792version 3.30.0 (#1514)19dda82Update README.md (#1513)b464941feat: add team.externalTeams.list (#1512)75997b2version 3.29.067028d6Add canvases APIs and users.discoverableContacts.lookup API (#1508)862796cfix: update release instructions in maintainers guide (#1507)41cbaa4version 3.28.0 (#1506)abdfc87Fix base url according to official documentation (#1485)5f941f4fix: Add deprecation warnings to Steps from Apps methods (#1504)7d13c3bOmit not-working testsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show