OPT: Update dependency urllib3 to v1.26.17 [SECURITY]

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
urllib3 (changelog)	1.26.16 -> 1.26.17

GitHub Vulnerability Alerts

CVE-2023-43804

urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a Cookie header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly.

Users must handle redirects themselves instead of relying on urllib3's automatic redirects to achieve safe processing of the Cookie header, thus we decided to strip the header by default in order to further protect users who aren't using the correct approach.

Affected usages

We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited:

• Using an affected version of urllib3 (patched in v1.26.17 and v2.0.6)
• Using the Cookie header on requests, which is mostly typical for impersonating a browser.
• Not disabling HTTP redirects
• Either not using HTTPS or for the origin server to redirect to a malicious origin.

Remediation

• Upgrading to at least urllib3 v1.26.17 or v2.0.6
• Disabling HTTP redirects using redirects=False when sending requests.
• Not using the Cookie header.

---

Release Notes

urllib3/urllib3 (urllib3)

### [`v1.26.17`](https://togithub.com/urllib3/urllib3/compare/1.26.16...1.26.17) [Compare Source](https://togithub.com/urllib3/urllib3/compare/1.26.16...1.26.17)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[codecov[bot]]

Codecov Report

All modified lines are covered by tests :white_check_mark:

Comparison is base (f6a5ac7) 92.87% compared to head (8b127b5) 92.87%. Report is 1 commits behind head on main.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #53 +/- ## ======================================= Coverage 92.87% 92.87% ======================================= Files 28 28 Lines 730 730 Branches 76 76 ======================================= Hits 678 678 Misses 42 42 Partials 10 10 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.