psf/requests (requests)
### [`v2.25.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2250-2020-11-11)
[Compare Source](https://togithub.com/psf/requests/compare/v2.24.0...v2.25.0)
**Improvements**
- Added support for NETRC environment variable. ([#5643](https://togithub.com/psf/requests/issues/5643))
**Dependencies**
- Requests now supports urllib3 v1.26.
**Deprecations**
- Requests v2.25.x will be the last release series with support for Python 3.5.
- The `requests[security]` extra is officially deprecated and will be removed
in Requests v2.26.0.
### [`v2.24.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2240-2020-06-17)
[Compare Source](https://togithub.com/psf/requests/compare/v2.23.0...v2.24.0)
**Improvements**
- pyOpenSSL TLS implementation is now only used if Python
either doesn't have an `ssl` module or doesn't support
SNI. Previously pyOpenSSL was unconditionally used if available.
This applies even if pyOpenSSL is installed via the
`requests[security]` extra ([#5443](https://togithub.com/psf/requests/issues/5443))
- Redirect resolution should now only occur when
`allow_redirects` is True. ([#5492](https://togithub.com/psf/requests/issues/5492))
- No longer perform unnecessary Content-Length calculation for
requests that won't use it. ([#5496](https://togithub.com/psf/requests/issues/5496))
### [`v2.23.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2230-2020-02-19)
[Compare Source](https://togithub.com/psf/requests/compare/v2.22.0...v2.23.0)
**Improvements**
- Remove defunct reference to `prefetch` in Session `__attrs__` ([#5110](https://togithub.com/psf/requests/issues/5110))
**Bugfixes**
- Requests no longer outputs password in basic auth usage warning. ([#5099](https://togithub.com/psf/requests/issues/5099))
**Dependencies**
- Pinning for `chardet` and `idna` now uses major version instead of minor.
This hopefully reduces the need for releases every time a dependency is updated.
### [`v2.22.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2220-2019-05-15)
[Compare Source](https://togithub.com/psf/requests/compare/v2.21.0...v2.22.0)
**Dependencies**
- Requests now supports urllib3 v1.25.2.
(note: 1.25.0 and 1.25.1 are incompatible)
**Deprecations**
- Requests has officially stopped support for Python 3.4.
### [`v2.21.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2210-2018-12-10)
[Compare Source](https://togithub.com/psf/requests/compare/v2.20.1...v2.21.0)
**Dependencies**
- Requests now supports idna v2.8.
### [`v2.20.1`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2201-2018-11-08)
[Compare Source](https://togithub.com/psf/requests/compare/v2.20.0...v2.20.1)
**Bugfixes**
- Fixed bug with unintended Authorization header stripping for
redirects using default ports (http/80, https/443).
### [`v2.20.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2200-2018-10-18)
[Compare Source](https://togithub.com/psf/requests/compare/v2.19.1...v2.20.0)
**Bugfixes**
- Content-Type header parsing is now case-insensitive (e.g.
charset=utf8 v Charset=utf8).
- Fixed exception leak where certain redirect urls would raise
uncaught urllib3 exceptions.
- Requests removes Authorization header from requests redirected
from https to http on the same hostname. (CVE-2018-18074)
- `should_bypass_proxies` now handles URIs without hostnames (e.g.
files).
**Dependencies**
- Requests now supports urllib3 v1.24.
**Deprecations**
- Requests has officially stopped support for Python 2.6.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
==2.19.1->==2.25.0By merging this PR, the below issues will be automatically resolved and closed:
Release Notes
psf/requests (requests)
### [`v2.25.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2250-2020-11-11) [Compare Source](https://togithub.com/psf/requests/compare/v2.24.0...v2.25.0) **Improvements** - Added support for NETRC environment variable. ([#5643](https://togithub.com/psf/requests/issues/5643)) **Dependencies** - Requests now supports urllib3 v1.26. **Deprecations** - Requests v2.25.x will be the last release series with support for Python 3.5. - The `requests[security]` extra is officially deprecated and will be removed in Requests v2.26.0. ### [`v2.24.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2240-2020-06-17) [Compare Source](https://togithub.com/psf/requests/compare/v2.23.0...v2.24.0) **Improvements** - pyOpenSSL TLS implementation is now only used if Python either doesn't have an `ssl` module or doesn't support SNI. Previously pyOpenSSL was unconditionally used if available. This applies even if pyOpenSSL is installed via the `requests[security]` extra ([#5443](https://togithub.com/psf/requests/issues/5443)) - Redirect resolution should now only occur when `allow_redirects` is True. ([#5492](https://togithub.com/psf/requests/issues/5492)) - No longer perform unnecessary Content-Length calculation for requests that won't use it. ([#5496](https://togithub.com/psf/requests/issues/5496)) ### [`v2.23.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2230-2020-02-19) [Compare Source](https://togithub.com/psf/requests/compare/v2.22.0...v2.23.0) **Improvements** - Remove defunct reference to `prefetch` in Session `__attrs__` ([#5110](https://togithub.com/psf/requests/issues/5110)) **Bugfixes** - Requests no longer outputs password in basic auth usage warning. ([#5099](https://togithub.com/psf/requests/issues/5099)) **Dependencies** - Pinning for `chardet` and `idna` now uses major version instead of minor. This hopefully reduces the need for releases every time a dependency is updated. ### [`v2.22.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2220-2019-05-15) [Compare Source](https://togithub.com/psf/requests/compare/v2.21.0...v2.22.0) **Dependencies** - Requests now supports urllib3 v1.25.2. (note: 1.25.0 and 1.25.1 are incompatible) **Deprecations** - Requests has officially stopped support for Python 3.4. ### [`v2.21.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2210-2018-12-10) [Compare Source](https://togithub.com/psf/requests/compare/v2.20.1...v2.21.0) **Dependencies** - Requests now supports idna v2.8. ### [`v2.20.1`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2201-2018-11-08) [Compare Source](https://togithub.com/psf/requests/compare/v2.20.0...v2.20.1) **Bugfixes** - Fixed bug with unintended Authorization header stripping for redirects using default ports (http/80, https/443). ### [`v2.20.0`](https://togithub.com/psf/requests/blob/HEAD/HISTORY.md#2200-2018-10-18) [Compare Source](https://togithub.com/psf/requests/compare/v2.19.1...v2.20.0) **Bugfixes** - Content-Type header parsing is now case-insensitive (e.g. charset=utf8 v Charset=utf8). - Fixed exception leak where certain redirect urls would raise uncaught urllib3 exceptions. - Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074) - `should_bypass_proxies` now handles URIs without hostnames (e.g. files). **Dependencies** - Requests now supports urllib3 v1.24. **Deprecations** - Requests has officially stopped support for Python 2.6.