Bump urllib3 from 1.26.3 to 1.26.7

[dependabot[bot]]

Bumps urllib3 from 1.26.3 to 1.26.7.

Release notes

Sourced from urllib3's releases.

1.26.7

:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap

• Fixed a bug with HTTPS hostname verification involving IP addresses and lack of SNI
• Fixed a bug where IPv6 braces weren't stripped during certificate hostname matching

If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors

1.26.6

:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap

• Deprecated the urllib3.contrib.ntlmpool module. urllib3 is not able to support it properly due to reasons listed in this issue. If you are a user of this module please leave a comment.
• Changed HTTPConnection.request_chunked() to not erroneously emit multiple Transfer-Encoding headers in the case that one is already specified.
• Fixed typo in deprecation message to recommend Retry.DEFAULT_ALLOWED_METHODS.

If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors

1.26.5

:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap

• Fixed deprecation warnings emitted in Python 3.10.
• Updated vendored six library to 1.16.0.
• Improved performance of URL parser when splitting the authority component.

If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors

1.26.4

:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap

• Changed behavior of the default SSLContext when connecting to HTTPS proxy during HTTPS requests. The default SSLContext now sets check_hostname=True.

If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors

Changelog

Sourced from urllib3's changelog.

1.26.7 (2021-09-22)

• Fixed a bug with HTTPS hostname verification involving IP addresses and lack of SNI. (Issue #2400)
• Fixed a bug where IPv6 braces weren't stripped during certificate hostname matching. (Issue #2240)

1.26.6 (2021-06-25)

• Deprecated the urllib3.contrib.ntlmpool module. urllib3 is not able to support it properly due to reasons listed in this issue <https://github.com/urllib3/urllib3/issues/2282>_. If you are a user of this module please leave a comment.
• Changed HTTPConnection.request_chunked() to not erroneously emit multiple Transfer-Encoding headers in the case that one is already specified.
• Fixed typo in deprecation message to recommend Retry.DEFAULT_ALLOWED_METHODS.

1.26.5 (2021-05-26)

• Fixed deprecation warnings emitted in Python 3.10.
• Updated vendored six library to 1.16.0.
• Improved performance of URL parser when splitting the authority component.

1.26.4 (2021-03-15)

• Changed behavior of the default SSLContext when connecting to HTTPS proxy during HTTPS requests. The default SSLContext now sets check_hostname=True.

Commits

• 342aff5 Release 1.26.7
• 77acdd1 Backport #2241 and create test for IPv6 proxy cert hostname verification
• 906d982 Rely on urllib3 hostname matching for HTTPS proxy validation
• 13603ec [1.26.x] Reraise error after free in certificate array from PEM loader
• ba95e9e Release 1.26.6
• 6930dde [1.26] Run integration tests in GitHub Actions
• 79d9249 [1.26] Fix typo 'tox' -> 'nox' in contributing docs
• 9518995 Update readthedocs URLs in 1.26.x branch to point to 1.26.x docs
• eb28aec Don't emit multiple Transfer-Encoding headers in request_chunked()
• 2eead3e Deprecate the urllib3.contrib.ntlmpool module
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[mezidia-inspector[bot]]

Nice to meet you, @dependabot[bot]. Thank you for creating a pull request. There are some tasks for you:

• [ ] Need at least one label
• [ ] Need at least one assignee
• [ ] Need a milestone
• [ ] Make a pull request draft at first

To close issue send comment "close", to reopen - "reopen", to merge - "merge"

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

[mezidia-inspector[bot]]

Okay, @dependabot[bot], see you next time

To reopen pull request type the comment "reopen"