Sourced from requests's\nreleases.
\n\n\nv2.32.0
\n2.32.0 (2024-05-20)
\n馃悕 PYCON US 2024 EDITION 馃悕
\nSecurity
\n\n
\n- Fixed an issue where setting
\nverify=False
on the first\nrequest from a\nSession will cause subsequent requests to the same origin to\nalso ignore\ncert verification, regardless of the value ofverify
.\n(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)Improvements
\n\n
\n- \n
verify=True
now reuses a global SSLContext which should\nimprove\nrequest time variance between first and subsequent requests. It should\nalso minimize certificate load time on Windows systems when using a\nPython\nversion built with OpenSSL 3.x. (#6667)- Requests now supports optional use of character detection\n(
\nchardet
orcharset_normalizer
) when\nrepackaged or vendored.\nThis enablespip
and other projects to minimize their\nvendoring\nsurface area. TheResponse.text()
and\napparent_encoding
APIs\nwill default toutf-8
if neither library is present. (#6702)Bugfixes
\n\n
\n- Fixed bug in length detection where emoji length was incorrectly\ncalculated in the request content-length. (#6589)
\n- Fixed deserialization bug in JSONDecodeError. (#6629)
\n- Fixed bug where an extra leading
\n/
(path separator)\ncould lead\nurllib3 to unnecessarily reparse the request URI. (#6644)Deprecations
\n\n
\n- Requests has officially added support for CPython 3.12 (#6503)
\n- Requests has officially added support for PyPy 3.9 and 3.10 (#6641)
\n- Requests has officially dropped support for CPython 3.7 (#6642)
\n- Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641)
\nDocumentation
\n\n
\n- Various typo fixes and doc improvements.
\nPackaging
\n\n
\n- Requests has started adopting some modern packaging practices.\nThe source files for the projects (formerly
\nrequests
) is\nnow located\ninsrc/requests
in the Requests sdist. (#6506)- Starting in Requests 2.33.0, Requests will migrate to a PEP 517\nbuild system\nusing
\nhatchling
. This should not impact the average user,\nbut extremely old\nversions of packaging utilities may have issues with the new packaging\nformat.New Contributors
\n\n
\n\n- \n
@鈥媘atthewarmand
\nmade their first contribution in psf/requests#6258- \n
@鈥媍pzt
made their\nfirst contribution in psf/requests#6456
... (truncated)
\nSourced from requests's\nchangelog.
\n\n\n2.32.0 (2024-05-20)
\nSecurity
\n\n
\n- Fixed an issue where setting
\nverify=False
on the first\nrequest from a\nSession will cause subsequent requests to the same origin to\nalso ignore\ncert verification, regardless of the value ofverify
.\n(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)Improvements
\n\n
\n- \n
verify=True
now reuses a global SSLContext which should\nimprove\nrequest time variance between first and subsequent requests. It should\nalso minimize certificate load time on Windows systems when using a\nPython\nversion built with OpenSSL 3.x. (#6667)- Requests now supports optional use of character detection\n(
\nchardet
orcharset_normalizer
) when\nrepackaged or vendored.\nThis enablespip
and other projects to minimize their\nvendoring\nsurface area. TheResponse.text()
and\napparent_encoding
APIs\nwill default toutf-8
if neither library is present. (#6702)Bugfixes
\n\n
\n- Fixed bug in length detection where emoji length was incorrectly\ncalculated in the request content-length. (#6589)
\n- Fixed deserialization bug in JSONDecodeError. (#6629)
\n- Fixed bug where an extra leading
\n/
(path separator)\ncould lead\nurllib3 to unnecessarily reparse the request URI. (#6644)Deprecations
\n\n
\n- Requests has officially added support for CPython 3.12 (#6503)
\n- Requests has officially added support for PyPy 3.9 and 3.10 (#6641)
\n- Requests has officially dropped support for CPython 3.7 (#6642)
\n- Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641)
\nDocumentation
\n\n
\n- Various typo fixes and doc improvements.
\nPackaging
\n\n
\n- Requests has started adopting some modern packaging practices.\nThe source files for the projects (formerly
\nrequests
) is\nnow located\ninsrc/requests
in the Requests sdist. (#6506)- Starting in Requests 2.33.0, Requests will migrate to a PEP 517\nbuild system\nusing
\nhatchling
. This should not impact the average user,\nbut extremely old\nversions of packaging utilities may have issues with the new packaging\nformat.
d6ebc4a
\nv2.32.09a40d12
\nAvoid reloading root certificates to improve concurrent performance (#6667)0c030f7
\nMerge pull request #6702\nfrom nateprewitt/no_char_detection555b870
\nAllow character detection dependencies to be optional in post-packaging\nstepsd6dded3
\nMerge pull request #6700\nfrom franekmagiera/update-redirect-to-invalid-uri-testbf24b7d
\nUse an invalid URI that will not cause httpbin to throw 5002d5f547
\nPin 3.8 and 3.9 runners back to macos-13 (#6688)f1bb07d
\nMerge pull request #6687\nfrom psf/dependabot/github_actions/github/codeql-act...60047ad
\nBump github/codeql-action from 3.24.0 to 3.25.031ebb81
\nMerge pull request #6682\nfrom frenzymadness/pytest8Sourced from requests's\r\nreleases.
\r\n\r\n\r\nv2.31.0
\r\n2.31.0 (2023-05-22)
\r\nSecurity
\r\n\r\n
\r\n- \r\n
\r\nVersions of Requests between v2.3.0 and v2.30.0 are vulnerable to\r\npotential\r\nforwarding of
\r\nProxy-Authorization
headers to destination\r\nservers when\r\nfollowing HTTPS redirects.When proxies are defined with user info (https://user:pass@proxy:8080),\r\nRequests\r\nwill construct a
\r\nProxy-Authorization
header that is\r\nattached to the request to\r\nauthenticate with the proxy.In cases where Requests receives a redirect response, it previously\r\nreattached\r\nthe
\r\nProxy-Authorization
header incorrectly, resulting in\r\nthe value being\r\nsent through the tunneled connection to the destination server. Users\r\nwho rely on\r\ndefining their proxy credentials in the URL are strongly\r\nencouraged to upgrade\r\nto Requests 2.31.0+ to prevent unintentional leakage and rotate their\r\nproxy\r\ncredentials once the change has been fully deployed.Users who do not use a proxy or do not supply their proxy credentials\r\nthrough\r\nthe user information portion of their proxy URL are not subject to this\r\nvulnerability.
\r\nFull details can be read in our Github\r\nSecurity Advisory\r\nand CVE-2023-32681.
\r\nv2.30.0
\r\n2.30.0 (2023-05-03)
\r\nDependencies
\r\n\r\n
\r\n- \r\n
\r\n鈿狅笍 Added support for urllib3 2.0. 鈿狅笍
\r\nThis may contain minor breaking changes so we advise careful testing\r\nand\r\nreviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html\r\nprior to upgrading.
\r\nUsers who wish to stay on urllib3 1.x can pin to\r\n
\r\nurllib3<2
.v2.29.0
\r\n2.29.0 (2023-04-26)
\r\nImprovements
\r\n\r\n\r\n
... (truncated)
\r\nSourced from requests's\r\nchangelog.
\r\n\r\n\r\n2.31.0 (2023-05-22)
\r\nSecurity
\r\n\r\n
\r\n- \r\n
\r\nVersions of Requests between v2.3.0 and v2.30.0 are vulnerable to\r\npotential\r\nforwarding of
\r\nProxy-Authorization
headers to destination\r\nservers when\r\nfollowing HTTPS redirects.When proxies are defined with user info (https://user:pass@proxy:8080),\r\nRequests\r\nwill construct a
\r\nProxy-Authorization
header that is\r\nattached to the request to\r\nauthenticate with the proxy.In cases where Requests receives a redirect response, it previously\r\nreattached\r\nthe
\r\nProxy-Authorization
header incorrectly, resulting in\r\nthe value being\r\nsent through the tunneled connection to the destination server. Users\r\nwho rely on\r\ndefining their proxy credentials in the URL are strongly\r\nencouraged to upgrade\r\nto Requests 2.31.0+ to prevent unintentional leakage and rotate their\r\nproxy\r\ncredentials once the change has been fully deployed.Users who do not use a proxy or do not supply their proxy credentials\r\nthrough\r\nthe user information portion of their proxy URL are not subject to this\r\nvulnerability.
\r\nFull details can be read in our Github\r\nSecurity Advisory\r\nand CVE-2023-32681.
\r\n2.30.0 (2023-05-03)
\r\nDependencies
\r\n\r\n
\r\n- \r\n
\r\n鈿狅笍 Added support for urllib3 2.0. 鈿狅笍
\r\nThis may contain minor breaking changes so we advise careful testing\r\nand\r\nreviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html\r\nprior to upgrading.
\r\nUsers who wish to stay on urllib3 1.x can pin to\r\n
\r\nurllib3<2
.2.29.0 (2023-04-26)
\r\nImprovements
\r\n\r\n
\r\n- Requests now defers chunked requests to the urllib3 implementation\r\nto improve\r\nstandardization. (#6226)
\r\n- Requests relaxes header component requirements to support bytes/str\r\nsubclasses. (#6356)
\r\n2.28.2 (2023-01-12)
\r\n\r\n
... (truncated)
\r\n147c851
\r\nv2.31.074ea7cf
\r\nMerge pull request from GHSA-j8r2-6x86-q33q3022253
\r\ntest on pypy 3.8 and pypy 3.9 on windows and macos (#6424)b639e66
\r\ntest on py3.12 (#6448)d3d5044
\r\nFixed a small typo (#6452)2ad18e0
\r\nv2.30.0f2629e9
\r\nRemove strict parameter (#6434)87d63de
\r\nv2.29.051716c4
\r\nenable the warnings plugin (#6416)a7da1ab
\r\ntry on ubuntu 22.04 (#6418)ci_config_path
to projects schema (#98)"}},{"before":null,"after":"8aa9afbc1fbdbfeb4e631c4a5055f011680fc79b","ref":"refs/heads/edgarrmondragon-patch-1","pushedAt":"2023-03-24T23:55:43.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"edgarrmondragon","name":"Edgar Ram铆rez Mondrag贸n","path":"/edgarrmondragon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/16805946?s=80&v=4"},"commit":{"message":"feat: Add `ci_config_path` to projects schema\n\nPorted from https://github.com/MeltanoLabs/tap-gitlab/pull/97","shortMessageHtmlLink":"feat: Add ci_config_path
to projects schema"}},{"before":"add7b77c2d6a50688e617ac49f4b35372b458a0d","after":"0036199a5a04e79a7ac0a9f73a6fe39947cecba6","ref":"refs/heads/legacy-stable","pushedAt":"2023-03-24T23:53:56.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"edgarrmondragon","name":"Edgar Ram铆rez Mondrag贸n","path":"/edgarrmondragon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/16805946?s=80&v=4"},"commit":{"message":"feat: Add `ci_config_path` to projects schema (#97)","shortMessageHtmlLink":"feat: Add ci_config_path
to projects schema (#97)"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAET-2VxAA","startCursor":null,"endCursor":null}},"title":"Activity 路 MeltanoLabs/tap-gitlab"}