Preserve chunked parameter on retries (Pull #1715, Pull #1734)
Allow unset SERVER_SOFTWARE in App Engine (Pull #1704, Issue #1470)
Fix issue where URL fragment was sent within the request target. (Pull #1732)
Fix issue where an empty query section in a URL would fail to parse. (Pull #1732)
Remove TLS 1.3 support in SecureTransport due to Apple removing support (Pull #1703)
1.25.6 (2019-09-24)
Fix issue where tilde (~) characters were incorrectly
percent-encoded in the path. (Pull #1692)
1.25.5 (2019-09-19)
Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which
caused certificate verification to be enabled when using cert_reqs=CERT_NONE.
(Issue #1682)
1.25.4 (2019-09-19)
Propagate Retry-After header settings to subsequent retries. (Pull #1607)
Fix edge case where Retry-After header was still respected even when
explicitly opted out of. (Pull #1607)
Remove dependency on rfc3986 for URL parsing.
Fix issue where URLs containing invalid characters within Url.auth would
raise an exception instead of percent-encoding those characters.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/joshblum/profbit/network/alerts).
dependabot[bot]
commented
3 years ago
Bumps urllib3 from 1.25.3 to 1.25.8.
Release notes
Sourced from urllib3's releases.
Changelog
Sourced from urllib3's changelog.
... (truncated)
Commits
2a57bc5Release 1.25.8 (#1788)a2697e7Optimize _encode_invalid_chars (#1787)d2a5a59Move IPv6 test skips in server fixturesd44f0e5Factorize test certificates serialization84abc7fGenerate IPV6 certificates using trustme6a15b18Run IPv6 Tornado server from fixture4903840Use trustme to generate IP_SAN cert9971e27Empty responses should have no lines.62ef68eUse trustme to generate NO_SAN certsfd2666eUse fixture to configure NO_SAN test certsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/joshblum/profbit/network/alerts).