jamesturk / scrapelib

⛏ a library for scraping unreliable pages
https://jamesturk.github.io/scrapelib/
BSD 2-Clause "Simplified" License
208 stars 40 forks source link

Update urllib3 requirement from ^1.26 to >=1.26,<3.0 #253

Open dependabot[bot] opened 3 months ago

dependabot[bot] commented 3 months ago

Updates the requirements on urllib3 to permit the latest version.

Release notes

Sourced from urllib3's releases.

2.0.7

  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)
Changelog

Sourced from urllib3's changelog.

2.0.7 (2023-10-17)

  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

2.0.6 (2023-10-02)

  • Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.

2.0.5 (2023-09-20)

  • Allowed pyOpenSSL third-party module without any deprecation warning. ([#3126](https://github.com/urllib3/urllib3/issues/3126) <https://github.com/urllib3/urllib3/issues/3126>__)
  • Fixed default blocksize of HTTPConnection classes to match high-level classes. Previously was 8KiB, now 16KiB. ([#3066](https://github.com/urllib3/urllib3/issues/3066) <https://github.com/urllib3/urllib3/issues/3066>__)

2.0.4 (2023-07-19)

  • Added support for union operators to HTTPHeaderDict ([#2254](https://github.com/urllib3/urllib3/issues/2254) <https://github.com/urllib3/urllib3/issues/2254>__)
  • Added BaseHTTPResponse to urllib3.__all__ ([#3078](https://github.com/urllib3/urllib3/issues/3078) <https://github.com/urllib3/urllib3/issues/3078>__)
  • Fixed urllib3.connection.HTTPConnection to raise the http.client.connect audit event to have the same behavior as the standard library HTTP client ([#2757](https://github.com/urllib3/urllib3/issues/2757) <https://github.com/urllib3/urllib3/issues/2757>__)
  • Relied on the standard library for checking hostnames in supported PyPy releases ([#3087](https://github.com/urllib3/urllib3/issues/3087) <https://github.com/urllib3/urllib3/issues/3087>__)

2.0.3 (2023-06-07)

  • Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. ([#3020](https://github.com/urllib3/urllib3/issues/3020) <https://github.com/urllib3/urllib3/issues/3020>__)
  • Deprecated URLs which don't have an explicit scheme ([#2950](https://github.com/urllib3/urllib3/issues/2950) <https://github.com/urllib3/urllib3/pull/2950>_)
  • Fixed response decoding with Zstandard when compressed data is made of several frames. ([#3008](https://github.com/urllib3/urllib3/issues/3008) <https://github.com/urllib3/urllib3/issues/3008>__)
  • Fixed assert_hostname=False to correctly skip hostname check. ([#3051](https://github.com/urllib3/urllib3/issues/3051) <https://github.com/urllib3/urllib3/issues/3051>__)

2.0.2 (2023-05-03)

  • Fixed HTTPResponse.stream() to continue yielding bytes if buffered decompressed data was still available to be read even if the underlying socket is closed. This prevents a compressed response from being truncated. ([#3009](https://github.com/urllib3/urllib3/issues/3009) <https://github.com/urllib3/urllib3/issues/3009>__)

2.0.1 (2023-04-30)

  • Fixed a socket leak when fingerprint or hostname verifications fail. ([#2991](https://github.com/urllib3/urllib3/issues/2991) <https://github.com/urllib3/urllib3/issues/2991>__)
  • Fixed an error when HTTPResponse.read(0) was the first read call or when the internal response body buffer was otherwise empty. ([#2998](https://github.com/urllib3/urllib3/issues/2998) <https://github.com/urllib3/urllib3/issues/2998>__)

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)