Bumps the pip group with 3 updates in the /monitoring/end_to_end_bag_test directory: certifi, requests and urllib3.
Bumps the pip group with 4 updates in the /python_client directory: certifi, requests, urllib3 and py.
Bumps the pip group with 5 updates in the /scripts directory:
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of Proxy-Authorization headers to destination servers when
following HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a Proxy-Authorization header that is attached to the request to
authenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the Proxy-Authorization header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of Proxy-Authorization headers to destination servers when
following HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a Proxy-Authorization header that is attached to the request to
authenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the Proxy-Authorization header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)
1.26.17
Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (GHSA-v845-jxx5-vc9f)
1.26.16
Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954)
Fixed parsing of port 0 (zero) returning None, instead of 0 (#2850)
Removed deprecated HTTPResponse.getheaders() calls in urllib3.contrib module.
1.26.13
Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.
Fixed a deprecation warning when using cryptography v39.0.0.
Removed the <4 in the Requires-Python packaging metadata field.
1.26.12
Deprecated the urllib3[secure] extra and the urllib3.contrib.pyopenssl module. Both will be removed in v2.x. See this GitHub issue for justification and info on how to migrate.
1.26.11
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
:closed_lock_with_key: This is the first release to be signed with Sigstore! You can verify the distributables using the .sig and .crt files included on this release.
Removed support for Python 3.5
Fixed an issue where a ProxyError recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
1.26.9
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
1.26.17 (2023-10-02)
Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. ([#3139](https://github.com/urllib3/urllib3/issues/3139) <https://github.com/urllib3/urllib3/pull/3139>_)
1.26.16 (2023-05-23)
Fixed thread-safety issue where accessing a PoolManager with many distinct origins
would cause connection pools to be closed while requests are in progress ([#2954](https://github.com/urllib3/urllib3/issues/2954) <https://github.com/urllib3/urllib3/pull/2954>_)
1.26.15 (2023-03-10)
Fix socket timeout value when HTTPConnection is reused ([#2645](https://github.com/urllib3/urllib3/issues/2645) <https://github.com/urllib3/urllib3/issues/2645>__)
Remove "!" character from the unreserved characters in IPv6 Zone ID parsing
([#2899](https://github.com/urllib3/urllib3/issues/2899) <https://github.com/urllib3/urllib3/issues/2899>__)
Fix IDNA handling of '\x80' byte ([#2901](https://github.com/urllib3/urllib3/issues/2901) <https://github.com/urllib3/urllib3/issues/2901>__)
1.26.14 (2023-01-11)
Fixed parsing of port 0 (zero) returning None, instead of 0. ([#2850](https://github.com/urllib3/urllib3/issues/2850) <https://github.com/urllib3/urllib3/issues/2850>__)
Removed deprecated getheaders() calls in contrib module. Fixed the type hint of PoolKey.key_retries by adding bool to the union. ([#2865](https://github.com/urllib3/urllib3/issues/2865) <https://github.com/urllib3/urllib3/issues/2865>__)
1.26.13 (2022-11-23)
Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
Fixed an issue where parsing a URL with leading zeroes in the port would be rejected
even when the port number after removing the zeroes was valid.
Fixed a deprecation warning when using cryptography v39.0.0.
Removed the <4 in the Requires-Python packaging metadata field.
1.26.12 (2022-08-22)
Deprecated the urllib3[secure] extra and the urllib3.contrib.pyopenssl module.
Both will be removed in v2.x. See this GitHub issue <https://github.com/urllib3/urllib3/issues/2680>_
for justification and info on how to migrate.
1.26.11 (2022-07-25)
Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of Proxy-Authorization headers to destination servers when
following HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a Proxy-Authorization header that is attached to the request to
authenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the Proxy-Authorization header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of Proxy-Authorization headers to destination servers when
following HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a Proxy-Authorization header that is attached to the request to
authenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the Proxy-Authorization header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)
1.26.17
Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (GHSA-v845-jxx5-vc9f)
1.26.16
Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954)
Fixed parsing of port 0 (zero) returning None, instead of 0 (#2850)
Removed deprecated HTTPResponse.getheaders() calls in urllib3.contrib module.
1.26.13
Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.
Fixed a deprecation warning when using cryptography v39.0.0.
Removed the <4 in the Requires-Python packaging metadata field.
1.26.12
Deprecated the urllib3[secure] extra and the urllib3.contrib.pyopenssl module. Both will be removed in v2.x. See this GitHub issue for justification and info on how to migrate.
1.26.11
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
:closed_lock_with_key: This is the first release to be signed with Sigstore! You can verify the distributables using the .sig and .crt files included on this release.
Removed support for Python 3.5
Fixed an issue where a ProxyError recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
1.26.9
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
1.26.17 (2023-10-02)
Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. ([#3139](https://github.com/urllib3/urllib3/issues/3139) <https://github.com/urllib3/urllib3/pull/3139>_)
1.26.16 (2023-05-23)
Fixed thread-safety issue where accessing a PoolManager with many distinct origins
would cause connection pools to be closed while requests are in progress ([#2954](https://github.com/urllib3/urllib3/issues/2954) <https://github.com/urllib3/urllib3/pull/2954>_)
1.26.15 (2023-03-10)
Fix socket timeout value when HTTPConnection is reused ([#2645](https://github.com/urllib3/urllib3/issues/2645) <https://github.com/urllib3/urllib3/issues/2645>__)
Remove "!" character from the unreserved characters in IPv6 Zone ID parsing
([#2899](https://github.com/urllib3/urllib3/issues/2899) <https://github.com/urllib3/urllib3/issues/2899>__)
Fix IDNA handling of '\x80' byte ([#2901](https://github.com/urllib3/urllib3/issues/2901) <https://github.com/urllib3/urllib3/issues/2901>__)
1.26.14 (2023-01-11)
Fixed parsing of port 0 (zero) returning None, instead of 0. ([#2850](https://github.com/urllib3/urllib3/issues/2850) <https://github.com/urllib3/urllib3/issues/2850>__)
Removed deprecated getheaders() calls in contrib module. Fixed the type hint of PoolKey.key_retries by adding bool to the union. ([#2865](https://github.com/urllib3/urllib3/issues/2865) <https://github.com/urllib3/urllib3/issues/2865>__)
1.26.13 (2022-11-23)
Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
Fixed an issue where parsing a URL with leading zeroes in the port would be rejected
even when the port number after removing the zeroes was valid.
Fixed a deprecation warning when using cryptography v39.0.0.
Removed the <4 in the Requires-Python packaging metadata field.
1.26.12 (2022-08-22)
Deprecated the urllib3[secure] extra and the urllib3.contrib.pyopenssl module.
Both will be removed in v2.x. See this GitHub issue <https://github.com/urllib3/urllib3/issues/2680>_
for justification and info on how to migrate.
1.26.11 (2022-07-25)
Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would
Fix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)
Update vendored apipkg: 1.4 => 1.5
Update vendored iniconfig: 1.0.0 => 1.1.1
1.9.0 (2020-06-24)
Add type annotation stubs for the following modules:
py.error
py.iniconfig
py.path (not including SVN paths)
py.io
py.xml
There are no plans to type other modules at this time.
The type annotations are provided in external .pyi files, not inline in the
code, and may therefore contain small errors or omissions. If you use py
in conjunction with a type checker, and encounter any type errors you believe
should be accepted, please report it in an issue.
1.8.2 (2020-06-15)
On Windows, py.path.locals which differ only in case now have the same
Python hash value. Previously, such paths were considered equal but had
different hashes, which is not allowed and breaks the assumptions made by
dicts, sets and other users of hashes.
1.8.1 (2019-12-27)
Handle FileNotFoundError when trying to import pathlib in path.common
on Python 3.4 (#207).
py.path.local.samefile now works correctly in Python 3 on Windows when dealing with symlinks.
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of Proxy-Authorization headers to destination servers when
following HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a Proxy-Authorization header that is attached to the request to
authenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the Proxy-Authorization header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of Proxy-Authorization headers to destination servers when
following HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a Proxy-Authorization header that is attached to the request to
authenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the Proxy-Authorization header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)
1.26.17
Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (GHSA-v845-jxx5-vc9f)
1.26.16
Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954)
Fixed parsing of port 0 (zero) returning None, instead of 0 (#2850)
Removed deprecated HTTPResponse.getheaders() calls in urllib3.contrib module.
1.26.13
Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.
Fixed a deprecation warning when using cryptography v39.0.0.
Removed the <4 in the Requires-Python packaging metadata field.
1.26.12
Deprecated the urllib3[secure] extra and the urllib3.contrib.pyopenssl module. Both will be removed in v2.x. See this GitHub issue for justification and info on how to migrate.
1.26.11
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
:closed_lock_with_key: This is the first release to be signed with Sigstore! You can verify the distributables using the .sig and .crt files included on this release.
Removed support for Python 3.5
Fixed an issue where a ProxyError recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
1.26.9
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
1.26.17 (2023-10-02)
Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. ([#3139](https://github.com/urllib3/urllib3/issues/3139) <https://github.com/urllib3/urllib3/pull/3139>_)
1.26.16 (2023-05-23)
Fixed thread-safety issue where accessing a PoolManager with many distinct origins
would cause connection pools to be closed while requests are in progress ([#2954](https://github.com/urllib3/urllib3/issues/2954) <https://github.com/urllib3/urllib3/pull/2954>_)
1.26.15 (2023-03-10)
Fix socket timeout value when HTTPConnection is reused ([#2645](https://github.com/urllib3/urllib3/issues/2645) <https://github.com/urllib3/urllib3/issues/2645>__)
Remove "!" character from the unreserved characters in IPv6 Zone ID parsing
([#2899](https://github.com/urllib3/urllib3/issues/2899) <https://github.com/urllib3/urllib3/issues/2899>__)
Fix IDNA handling of '\x80' byte ([#2901](https://github.com/urllib3/urllib3/issues/2901) <https://github.com/urllib3/urllib3/issues/2901>__)
1.26.14 (2023-01-11)
Fixed parsing of port 0 (zero) returning None, instead of 0. ([#2850](https://github.com/urllib3/urllib3/issues/2850) <https://github.com/urllib3/urllib3/issues/2850>__)
Removed deprecated getheaders() calls in contrib module. Fixed the type hint of PoolKey.key_retries by adding bool to the union. ([#2865](https://github.com/urllib3/urllib3/issues/2865) <https://github.com/urllib3/urllib3/issues/2865>__)
1.26.13 (2022-11-23)
Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
Fixed an issue where parsing a URL with leading zeroes in the port would be rejected
even when the port number after removing the zeroes was valid.
Fixed a deprecation warning when using cryptography v39.0.0.
Removed the <4 in the Requires-Python packaging metadata field.
1.26.12 (2022-08-22)
Deprecated the urllib3[secure] extra and the urllib3.contrib.pyopenssl module.
Both will be removed in v2.x. See this GitHub issue <https://github.com/urllib3/urllib3/issues/2680>_
for justification and info on how to migrate.
1.26.11 (2022-07-25)
Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would
* Fixed a null-pointer-dereference and segfault that could occur when creating
a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
issue. **CVE-2024-26130**
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields ``SMIMECapabilities``
and ``SignatureAlgorithmIdentifier`` should now be correctly encoded according to the
definitions in :rfc:`2633` :rfc:`3370`.
.. _v42-0-3:
42.0.3 - 2024-02-15
Fixed an initialization issue that caused key loading failures for some
users.
.. _v42-0-2:
42.0.2 - 2024-01-30
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1.
* Fixed an issue that prevented the use of Python buffer protocol objects in
``sign`` and ``verify`` methods on asymmetric keys.
* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exchange`,
``X25519PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchange`,
``X448PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange`,
and ``DHPrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange`.
.. _v42-0-1:
42.0.1 - 2024-01-24
Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey
:meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign.
Resolved compatibility issue with loading certain RSA public keys in
:func:~cryptography.hazmat.primitives.serialization.load_pem_public_key.
Bumps the pip group with 3 updates in the /monitoring/end_to_end_bag_test directory: certifi, requests and urllib3. Bumps the pip group with 4 updates in the /python_client directory: certifi, requests, urllib3 and py. Bumps the pip group with 5 updates in the /scripts directory:
2022.6.15
2023.7.22
2.28.1
2.31.0
1.26.12
1.26.18
37.0.4
42.0.4
3.1.2
3.1.3
Updates
certifi
from 2020.4.5.1 to 2023.7.22Commits
8fb96ed
2023.07.22afe7722
Bump actions/setup-python from 4.6.1 to 4.7.0 (#230)2038739
Bump dessant/lock-threads from 3.0.0 to 4.0.1 (#229)44df761
Hash pin Actions and enable dependabot (#228)8b3d7ba
2023.05.0753da240
ci: Add Python 3.12-dev to the testing (#224)c2fc3b1
Create a Security Policy (#222)c211ef4
Set up permissions to github workflows (#218)2087de5
Don't let deprecation warning fail CI (#219)e0b9fc5
remove paragraphs about 1024-bit roots from READMEUpdates
requests
from 2.23.0 to 2.31.0Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
147c851
v2.31.074ea7cf
Merge pull request from GHSA-j8r2-6x86-q33q3022253
test on pypy 3.8 and pypy 3.9 on windows and macos (#6424)b639e66
test on py3.12 (#6448)d3d5044
Fixed a small typo (#6452)2ad18e0
v2.30.0f2629e9
Remove strict parameter (#6434)87d63de
v2.29.051716c4
enable the warnings plugin (#6416)a7da1ab
try on ubuntu 22.04 (#6418)Updates
urllib3
from 1.25.9 to 1.26.18Release notes
Sourced from urllib3's releases.
... (truncated)
Changelog
Sourced from urllib3's changelog.
... (truncated)
Commits
9c2c230
Release 1.26.18 (#3159)b594c5c
Merge pull request from GHSA-g4mx-q9vg-27p4944f0eb
[1.26] Use vendored six in urllib3.contrib.securetransportc9016bf
Release 1.26.170122035
Backport GHSA-v845-jxx5-vc9f (#3139)e63989f
Fix installingbrotli
extra on Python 2.72e7a24d
[1.26] Configure OS for RTD to fix building docs57181d6
[1.26] Improve error message when calling urllib3.request() (#3058)3c01480
[1.26] Run coverage even with failed jobsd94029b
Release 1.26.16Updates
certifi
from 2019.3.9 to 2023.7.22Commits
8fb96ed
2023.07.22afe7722
Bump actions/setup-python from 4.6.1 to 4.7.0 (#230)2038739
Bump dessant/lock-threads from 3.0.0 to 4.0.1 (#229)44df761
Hash pin Actions and enable dependabot (#228)8b3d7ba
2023.05.0753da240
ci: Add Python 3.12-dev to the testing (#224)c2fc3b1
Create a Security Policy (#222)c211ef4
Set up permissions to github workflows (#218)2087de5
Don't let deprecation warning fail CI (#219)e0b9fc5
remove paragraphs about 1024-bit roots from READMEUpdates
requests
from 2.21.0 to 2.31.0Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
147c851
v2.31.074ea7cf
Merge pull request from GHSA-j8r2-6x86-q33q3022253
test on pypy 3.8 and pypy 3.9 on windows and macos (#6424)b639e66
test on py3.12 (#6448)d3d5044
Fixed a small typo (#6452)2ad18e0
v2.30.0f2629e9
Remove strict parameter (#6434)87d63de
v2.29.051716c4
enable the warnings plugin (#6416)a7da1ab
try on ubuntu 22.04 (#6418)Updates
urllib3
from 1.24.2 to 1.26.18Release notes
Sourced from urllib3's releases.
... (truncated)
Changelog
Sourced from urllib3's changelog.
... (truncated)
Commits
9c2c230
Release 1.26.18 (#3159)b594c5c
Merge pull request from GHSA-g4mx-q9vg-27p4944f0eb
[1.26] Use vendored six in urllib3.contrib.securetransportc9016bf
Release 1.26.170122035
Backport GHSA-v845-jxx5-vc9f (#3139)e63989f
Fix installingbrotli
extra on Python 2.72e7a24d
[1.26] Configure OS for RTD to fix building docs57181d6
[1.26] Improve error message when calling urllib3.request() (#3058)3c01480
[1.26] Run coverage even with failed jobsd94029b
Release 1.26.16Updates
py
from 1.8.0 to 1.11.0Changelog
Sourced from py's changelog.
Commits
447bac5
Update CHANGELOG.rst6d003d9
Update CHANGELOG.rst9cf613f
Declare support for Python 3.8-3.10d831150
Update python_requires: Python 3.4 was already droppede68532e
Update CHANGELOG for 1.11.02f03e5a
Merge pull request #258 from blueyed/NO_COLORe116b2b
Merge pull request #275 from pytest-dev/upgrade-vendor-libsf3a1a59
remove build pin againf6cbf28
try to use pipx tox3fe9ad7
try to use preinstalled toxUpdates
certifi
from 2022.6.15 to 2023.7.22Commits
8fb96ed
2023.07.22afe7722
Bump actions/setup-python from 4.6.1 to 4.7.0 (#230)2038739
Bump dessant/lock-threads from 3.0.0 to 4.0.1 (#229)44df761
Hash pin Actions and enable dependabot (#228)8b3d7ba
2023.05.0753da240
ci: Add Python 3.12-dev to the testing (#224)c2fc3b1
Create a Security Policy (#222)c211ef4
Set up permissions to github workflows (#218)2087de5
Don't let deprecation warning fail CI (#219)e0b9fc5
remove paragraphs about 1024-bit roots from READMEUpdates
requests
from 2.28.1 to 2.31.0Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
147c851
v2.31.074ea7cf
Merge pull request from GHSA-j8r2-6x86-q33q3022253
test on pypy 3.8 and pypy 3.9 on windows and macos (#6424)b639e66
test on py3.12 (#6448)d3d5044
Fixed a small typo (#6452)2ad18e0
v2.30.0f2629e9
Remove strict parameter (#6434)87d63de
v2.29.051716c4
enable the warnings plugin (#6416)a7da1ab
try on ubuntu 22.04 (#6418)Updates
urllib3
from 1.26.12 to 1.26.18Release notes
Sourced from urllib3's releases.
... (truncated)
Changelog
Sourced from urllib3's changelog.
... (truncated)
Commits
9c2c230
Release 1.26.18 (#3159)b594c5c
Merge pull request from GHSA-g4mx-q9vg-27p4944f0eb
[1.26] Use vendored six in urllib3.contrib.securetransportc9016bf
Release 1.26.170122035
Backport GHSA-v845-jxx5-vc9f (#3139)e63989f
Fix installingbrotli
extra on Python 2.72e7a24d
[1.26] Configure OS for RTD to fix building docs57181d6
[1.26] Improve error message when calling urllib3.request() (#3058)3c01480
[1.26] Run coverage even with failed jobsd94029b
Release 1.26.16Updates
cryptography
from 37.0.4 to 42.0.4Changelog
Sourced from cryptography's changelog.
... (truncated)
Commits
fe18470
Bump for 42.0.4 release (#10445)aaa2dd0
Fix ASN.1 issues in PKCS#7 and S/MIME signing (#10373) (#10442)7a4d012