Sourced from actions/download-artifact's\r\nreleases.
\r\n\r\n\r\nv4.1.7
\r\nWhat's Changed
\r\n\r\n
\r\n- Update
\r\n@actions/artifact
dependency by@bethanyj28
in actions/download-artifact#325Full Changelog: https://github.com/actions/download-artifact/compare/v4.1.6...v4.1.7
\r\nv4.1.6
\r\nWhat's Changed
\r\n\r\n
\r\n- updating
\r\n@actions/artifact
dependency to v2.1.6 by@eggyhead
in actions/download-artifact#324Full Changelog: https://github.com/actions/download-artifact/compare/v4.1.5...v4.1.6
\r\nv4.1.5
\r\nWhat's Changed
\r\n\r\n
\r\n- Update readme with v3/v2/v1 deprecation notice by
\r\n@robherley
in actions/download-artifact#322- Update dependencies
\r\n@actions/core
to v1.10.1 and\r\n@actions/artifact
to v2.1.5Full Changelog: https://github.com/actions/download-artifact/compare/v4.1.4...v4.1.5
\r\nv4.1.4
\r\nWhat's Changed
\r\n\r\n
\r\n- Update
\r\n@actions/artifact
by@bethanyj28
in actions/download-artifact#307Full Changelog: https://github.com/actions/download-artifact/compare/v4...v4.1.4
\r\nv4.1.3
\r\nWhat's Changed
\r\n\r\n
\r\n- Update release-new-action-version.yml by
\r\n@konradpabjan
\r\nin actions/download-artifact#292- Update toolkit dependency with updated unzip logic by
\r\n@bethanyj28
in actions/download-artifact#299- Update
\r\n@actions/artifact
by@bethanyj28
in actions/download-artifact#303New Contributors
\r\n\r\n
\r\n- \r\n
@bethanyj28
made\r\ntheir first contribution in actions/download-artifact#299Full Changelog: https://github.com/actions/download-artifact/compare/v4...v4.1.3
\r\nv4.1.2
\r\n\r\n
\r\n- Bump
\r\n@actions/artifacts
to latest version to include\r\nupdated\r\nGHES host checkv4.1.1
\r\n\r\n
\r\n- Fix transient request timeouts actions/download-artifact#249
\r\n- Bump
\r\n@actions/artifacts
to latest versionv4.1.0
\r\nWhat's Changed
\r\n\r\n
\r\n\r\n- Some cleanup by
\r\n@robherley
in actions/download-artifact#247- Fix default for run-id by
\r\n@stchr
in actions/download-artifact#252
... (truncated)
\r\n65a9edc
\r\nMerge pull request #325\r\nfrom bethanyj28/mainfdd1595
\r\nlicensedc13dba1
\r\nupdate @actions/artifact
dependency0daa75e
\r\nMerge pull request #324\r\nfrom actions/eggyhead/use-artifact-v2.1.69c19ed7
\r\nMerge branch 'main' into eggyhead/use-artifact-v2.1.63d3ea87
\r\nupdating license89af5db
\r\nupdating artifact package v2.1.6b4aefff
\r\nMerge pull request #323\r\nfrom actions/eggyhead/update-artifact-v2158caf195
\r\npackage lock updated7a2ec4
\r\nupdating package versionSourced from urllib3's\r\nreleases.
\r\n\r\n\r\n2.2.2
\r\n🚀 urllib3 is fundraising for HTTP/2 support
\r\nurllib3\r\nis raising ~$40,000 USD to release HTTP/2 support and ensure\r\nlong-term sustainable maintenance of the project after a sharp decline\r\nin financial support for 2023. If your company or organization uses\r\nPython and would benefit from HTTP/2 support in Requests, pip, cloud\r\nSDKs, and thousands of other projects please consider contributing\r\nfinancially to ensure HTTP/2 support is developed sustainably and\r\nmaintained for the long-haul.
\r\nThank you for your support.
\r\nChanges
\r\n\r\n
\r\n- Added the
\r\nProxy-Authorization
header to the list of\r\nheaders to strip from requests when redirecting to a different host. As\r\nbefore, different headers can be set via\r\nRetry.remove_headers_on_redirect
.- Allowed passing negative integers as
\r\namt
to read\r\nmethods ofhttp.client.HTTPResponse
as an alternative to\r\nNone
. (#3122)- Fixed return types representing copying actions to use\r\n
\r\ntyping.Self
. (#3363)Full Changelog: https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2
\r\n2.2.1
\r\n🚀 urllib3 is fundraising for HTTP/2 support
\r\nurllib3\r\nis raising ~$40,000 USD to release HTTP/2 support and ensure\r\nlong-term sustainable maintenance of the project after a sharp decline\r\nin financial support for 2023. If your company or organization uses\r\nPython and would benefit from HTTP/2 support in Requests, pip, cloud\r\nSDKs, and thousands of other projects please consider contributing\r\nfinancially to ensure HTTP/2 support is developed sustainably and\r\nmaintained for the long-haul.
\r\nThank you for your support.
\r\nChanges
\r\n\r\n
\r\n- Fixed issue where
\r\nInsecureRequestWarning
was emitted\r\nfor HTTPS connections when using Emscripten. (#3331)- Fixed
\r\nHTTPConnectionPool.urlopen
to stop automatically\r\ncasting non-proxy headers toHTTPHeaderDict
. This change\r\nwas premature as it did not apply to proxy headers and\r\nHTTPHeaderDict
does not handle byte header values correctly\r\nyet. (#3343)- Changed
\r\nProtocolError
to\r\nInvalidChunkLength
when response terminates before the\r\nchunk length is sent. (#2860)- Changed
\r\nProtocolError
to be more verbose on incomplete\r\nreads with excess content. (#3261)2.2.0
\r\n🖥️ urllib3 now works in the browser
\r\n:tada: This release adds experimental support for using\r\nurllib3 in the browser with Pyodide! :tada:
\r\nThanks to Joe Marshall (
\r\n@joemarshall
)\r\nfor contributing this feature. This change was possible thanks to work\r\ndone in urllib3 v2.0 to detach our API fromhttp.client
.\r\nPlease report all bugs to the urllib3 issue\r\ntracker.🚀 urllib3 is fundraising for HTTP/2 support
\r\nurllib3\r\nis raising ~$40,000 USD to release HTTP/2 support and ensure\r\nlong-term sustainable maintenance of the project after a sharp decline\r\nin financial support for 2023. If your company or organization uses\r\nPython and would benefit from HTTP/2 support in Requests, pip, cloud\r\nSDKs, and thousands of other projects please consider contributing\r\nfinancially to ensure HTTP/2 support is developed sustainably and\r\nmaintained for the long-haul.
\r\nThank you for your support.
\r\nChanges
\r\n\r\n
\r\n\r\n- Added support for Emscripten\r\nand Pyodide, including streaming support in cross-origin isolated\r\nbrowser environments where threading is enabled. (#2951)
\r\n- Added support for
\r\nHTTPResponse.read1()
method. (#3186)- Added rudimentary support for HTTP/2. (#3284)
\r\n- Fixed issue where requests against urls with trailing dots were\r\nfailing due to SSL errors\r\nwhen using proxy. (#2244)
\r\n- Fixed
\r\nHTTPConnection.proxy_is_verified
and\r\nHTTPSConnection.proxy_is_verified
to be always set to a\r\nboolean after connecting to a proxy. It could beNone
in\r\nsome cases previously. (#3130)
... (truncated)
\r\nSourced from urllib3's\r\nchangelog.
\r\n\r\n\r\n2.2.2 (2024-06-17)
\r\n\r\n
\r\n- Added the
\r\nProxy-Authorization
header to the list of\r\nheaders to strip from requests when redirecting to a different host. As\r\nbefore, different headers can be set via\r\nRetry.remove_headers_on_redirect
.- Allowed passing negative integers as
\r\namt
to read\r\nmethods ofhttp.client.HTTPResponse
as an alternative to\r\nNone
.\r\n([#3122](https://github.com/urllib3/urllib3/issues/3122)\r\n<https://github.com/urllib3/urllib3/issues/3122>
__)- Fixed return types representing copying actions to use\r\n
\r\ntyping.Self
.\r\n([#3363](https://github.com/urllib3/urllib3/issues/3363)\r\n<https://github.com/urllib3/urllib3/issues/3363>
__)2.2.1 (2024-02-16)
\r\n\r\n
\r\n- Fixed issue where
\r\nInsecureRequestWarning
was emitted\r\nfor HTTPS connections when using Emscripten.\r\n([#3331](https://github.com/urllib3/urllib3/issues/3331)\r\n<https://github.com/urllib3/urllib3/issues/3331>
__)- Fixed
\r\nHTTPConnectionPool.urlopen
to stop automatically\r\ncasting non-proxy headers toHTTPHeaderDict
. This change\r\nwas premature as it did not apply to proxy headers and\r\nHTTPHeaderDict
does not handle byte header values correctly\r\nyet. ([#3343](https://github.com/urllib3/urllib3/issues/3343)\r\n<https://github.com/urllib3/urllib3/issues/3343>
__)- Changed
\r\nInvalidChunkLength
to\r\nProtocolError
when response terminates before the chunk\r\nlength is sent.\r\n([#2860](https://github.com/urllib3/urllib3/issues/2860)\r\n<https://github.com/urllib3/urllib3/issues/2860>
__)- Changed
\r\nProtocolError
to be more verbose on incomplete\r\nreads with excess content.\r\n([#3261](https://github.com/urllib3/urllib3/issues/3261)\r\n<https://github.com/urllib3/urllib3/issues/3261>
__)2.2.0 (2024-01-30)
\r\n\r\n
\r\n- Added support for
\r\nEmscripten and Pyodide\r\n<https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html>
,\r\nincluding streaming support in cross-origin isolated browser\r\nenvironments where threading is enabled.\r\n([#2951](https://github.com/urllib3/urllib3/issues/2951)\r\n<https://github.com/urllib3/urllib3/issues/2951>
)- Added support for
\r\nHTTPResponse.read1()
method.\r\n([#3186](https://github.com/urllib3/urllib3/issues/3186)\r\n<https://github.com/urllib3/urllib3/issues/3186>
__)- Added rudimentary support for HTTP/2.\r\n(
\r\n[#3284](https://github.com/urllib3/urllib3/issues/3284)\r\n<https://github.com/urllib3/urllib3/issues/3284>
__)- Fixed issue where requests against urls with trailing dots were\r\nfailing due to SSL errors\r\nwhen using proxy.\r\n(
\r\n[#2244](https://github.com/urllib3/urllib3/issues/2244)\r\n<https://github.com/urllib3/urllib3/issues/2244>
__)- Fixed
\r\nHTTPConnection.proxy_is_verified
and\r\nHTTPSConnection.proxy_is_verified
\r\nto be always set to a boolean after connecting to a proxy. It could be\r\nNone
in some cases previously.\r\n([#3130](https://github.com/urllib3/urllib3/issues/3130)\r\n<https://github.com/urllib3/urllib3/issues/3130>
__)- Fixed an issue where
\r\nheaders
passed in a request with\r\njson=
would be mutated\r\n([#3203](https://github.com/urllib3/urllib3/issues/3203)\r\n<https://github.com/urllib3/urllib3/issues/3203>
__)- Fixed
\r\nHTTPSConnection.is_verified
to be set to\r\nFalse
when connecting\r\nfrom a HTTPS proxy to an HTTP target. It was set toTrue
\r\npreviously.\r\n([#3267](https://github.com/urllib3/urllib3/issues/3267)\r\n<https://github.com/urllib3/urllib3/issues/3267>
__)- Fixed handling of new error message from OpenSSL 3.2.0 when\r\nconfiguring an HTTP proxy as HTTPS\r\n(
\r\n[#3268](https://github.com/urllib3/urllib3/issues/3268)\r\n<https://github.com/urllib3/urllib3/issues/3268>
__)- Fixed TLS 1.3 post-handshake auth when the server certificate\r\nvalidation is disabled\r\n(
\r\n[#3325](https://github.com/urllib3/urllib3/issues/3325)\r\n<https://github.com/urllib3/urllib3/issues/3325>
__)- Note for downstream distributors: To run integration tests, you now\r\nneed to run the tests a second\r\ntime with the
\r\n--integration
pytest flag.\r\n([#3181](https://github.com/urllib3/urllib3/issues/3181)\r\n<https://github.com/urllib3/urllib3/issues/3181>
__)2.1.0 (2023-11-13)
\r\n\r\n
\r\n- Removed support for the deprecated urllib3[secure] extra.\r\n(
\r\n[#2680](https://github.com/urllib3/urllib3/issues/2680)\r\n<https://github.com/urllib3/urllib3/issues/2680>
__)- Removed support for the deprecated SecureTransport TLS\r\nimplementation.\r\n(
\r\n[#2681](https://github.com/urllib3/urllib3/issues/2681)\r\n<https://github.com/urllib3/urllib3/issues/2681>
__)- Removed support for the end-of-life Python 3.7.\r\n(
\r\n[#3143](https://github.com/urllib3/urllib3/issues/3143)\r\n<https://github.com/urllib3/urllib3/issues/3143>
__)- Allowed loading CA certificates from memory for proxies.\r\n(
\r\n[#3065](https://github.com/urllib3/urllib3/issues/3065)\r\n<https://github.com/urllib3/urllib3/issues/3065>
__)- Fixed decoding Gzip-encoded responses which specified\r\n
\r\nx-gzip
content-encoding.\r\n([#3174](https://github.com/urllib3/urllib3/issues/3174)\r\n<https://github.com/urllib3/urllib3/issues/3174>
__)
27e2a5c
\r\nRelease 2.2.2 (#3406)accff72
\r\nMerge pull request from GHSA-34jh-p97f-mpxf34be4a5
\r\nPin CFFI to a new release candidate instead of a Git commit (#3398)da41058
\r\nBump browser-actions/setup-chrome from 1.6.0 to 1.7.1 (#3399)b07a669
\r\nBump github/codeql-action from 2.13.4 to 3.25.6 (#3396)b8589ec
\r\nMeasure coverage with v4 of artifact actions (#3394)f3bdc55
\r\nAllow triggering CI manually (#3391)5239265
\r\nFix HTTP version in debug log (#3316)b34619f
\r\nBump actions/checkout to 4.1.4 (#3387)9961d14
\r\nBump browser-actions/setup-chrome from 1.5.0 to 1.6.0 (#3386)bd81538
\r\n2024.07.04 (#295)06a2cbf
\r\nBump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)13bba02
\r\nBump actions/checkout from 4.1.6 to 4.1.7 (#293)e8abcd0
\r\nBump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)124f4ad
\r\n2024.06.02 (#291)c2196ce
\r\n--- (#290)fefdeec
\r\nBump actions/checkout from 4.1.4 to 4.1.5 (#289)3c5fb15
\r\nBump actions/download-artifact from 4.1.6 to 4.1.7 (#286)4a9569a
\r\nBump actions/checkout from 4.1.2 to 4.1.4 (#287)1fc8086
\r\nBump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)Sourced from idna's\r\nreleases.
\r\n\r\n\r\nv3.7
\r\nWhat's Changed
\r\n\r\n
\r\n- Fix issue where specially crafted inputs to encode() could take\r\nexceptionally long amount of time to process. [CVE-2024-3651]
\r\nThanks to Guido Vranken for reporting the issue.
\r\nFull Changelog: https://github.com/kjd/idna/compare/v3.6...v3.7
\r\n
Sourced from idna's\r\nchangelog.
\r\n\r\n\r\n3.7 (2024-04-11)\r\n++++++++++++++++
\r\n\r\n
\r\n- Fix issue where specially crafted inputs to encode() could\r\ntake exceptionally long amount of time to process. [CVE-2024-3651]
\r\nThanks to Guido Vranken for reporting the issue.
\r\n3.6 (2023-11-25)\r\n++++++++++++++++
\r\n\r\n
\r\n- Fix regression to include tests in source distribution.
\r\n3.5 (2023-11-24)\r\n++++++++++++++++
\r\n\r\n
\r\n- Update to Unicode 15.1.0
\r\n- String codec name is now "idna2008" as overriding the\r\nsystem codec\r\n"idna" was not working.
\r\n- Fix typing error for codec encoding
\r\n- "setup.cfg" has been added for this release due to some\r\ndownstream\r\nlack of adherence to PEP 517. Should be removed in a future release\r\nso please prepare accordingly.
\r\n- Removed reliance on a symlink for the "idna-data" tool to\r\ncomport\r\nwith PEP 517 and the Python Packaging User Guide for sdist\r\narchives.
\r\n- Added security reporting protocol for project
\r\nThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for\r\ncontributions\r\nto this release.
\r\n
1d365e1
\r\nRelease v3.7c1b3154
\r\nMerge pull request #172 from\r\nkjd/optimize-contextj0394ec7
\r\nMerge branch 'master' into optimize-contextjcd58a23
\r\nMerge pull request #152 from\r\nelliotwutingfeng/dev5beb28b
\r\nMore efficient resolution of joiner contexts1b12148
\r\nUpdate ossf/scorecard-action to v2.3.1d516b87
\r\nUpdate Github actions/checkout to v4c095c75
\r\nMerge branch 'master' into dev60a0a4c
\r\nFix typo in GitHub Actions workflow key5918a0e
\r\nMerge branch 'master' into devSourced from requests's\r\nreleases.
\r\n\r\n\r\nv2.32.0
\r\n2.32.0 (2024-05-20)
\r\n🐍 PYCON US 2024 EDITION 🐍
\r\nSecurity
\r\n\r\n
\r\n- Fixed an issue where setting
\r\nverify=False
on the first\r\nrequest from a\r\nSession will cause subsequent requests to the same origin to\r\nalso ignore\r\ncert verification, regardless of the value ofverify
.\r\n(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)Improvements
\r\n\r\n
\r\n- \r\n
verify=True
now reuses a global SSLContext which should\r\nimprove\r\nrequest time variance between first and subsequent requests. It should\r\nalso minimize certificate load time on Windows systems when using a\r\nPython\r\nversion built with OpenSSL 3.x. (#6667)- Requests now supports optional use of character detection\r\n(
\r\nchardet
orcharset_normalizer
) when\r\nrepackaged or vendored.\r\nThis enablespip
and other projects to minimize their\r\nvendoring\r\nsurface area. TheResponse.text()
and\r\napparent_encoding
APIs\r\nwill default toutf-8
if neither library is present. (#6702)Bugfixes
\r\n\r\n
\r\n- Fixed bug in length detection where emoji length was incorrectly\r\ncalculated in the request content-length. (#6589)
\r\n- Fixed deserialization bug in JSONDecodeError. (#6629)
\r\n- Fixed bug where an extra leading
\r\n/
(path separator)\r\ncould lead\r\nurllib3 to unnecessarily reparse the request URI. (#6644)Deprecations
\r\n\r\n
\r\n- Requests has officially added support for CPython 3.12 (#6503)
\r\n- Requests has officially added support for PyPy 3.9 and 3.10 (#6641)
\r\n- Requests has officially dropped support for CPython 3.7 (#6642)
\r\n- Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641)
\r\nDocumentation
\r\n\r\n
\r\n- Various typo fixes and doc improvements.
\r\nPackaging
\r\n\r\n
\r\n- Requests has started adopting some modern packaging practices.\r\nThe source files for the projects (formerly
\r\nrequests
) is\r\nnow located\r\ninsrc/requests
in the Requests sdist. (#6506)- Starting in Requests 2.33.0, Requests will migrate to a PEP 517\r\nbuild system\r\nusing
\r\nhatchling
. This should not impact the average user,\r\nbut extremely old\r\nversions of packaging utilities may have issues with the new packaging\r\nformat.New Contributors
\r\n\r\n
\r\n\r\n- \r\n
@matthewarmand
\r\nmade their first contribution in psf/requests#6258- \r\n
@cpzt
made their\r\nfirst contribution in psf/requests#6456
... (truncated)
\r\nSourced from requests's\r\nchangelog.
\r\n\r\n\r\n2.32.0 (2024-05-20)
\r\nSecurity
\r\n\r\n
\r\n- Fixed an issue where setting
\r\nverify=False
on the first\r\nrequest from a\r\nSession will cause subsequent requests to the same origin to\r\nalso ignore\r\ncert verification, regardless of the value ofverify
.\r\n(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)Improvements
\r\n\r\n
\r\n- \r\n
verify=True
now reuses a global SSLContext which should\r\nimprove\r\nrequest time variance between first and subsequent requests. It should\r\nalso minimize certificate load time on Windows systems when using a\r\nPython\r\nversion built with OpenSSL 3.x. (#6667)- Requests now supports optional use of character detection\r\n(
\r\nchardet
orcharset_normalizer
) when\r\nrepackaged or vendored.\r\nThis enablespip
and other projects to minimize their\r\nvendoring\r\nsurface area. TheResponse.text()
and\r\napparent_encoding
APIs\r\nwill default toutf-8
if neither library is present. (#6702)Bugfixes
\r\n\r\n
\r\n- Fixed bug in length detection where emoji length was incorrectly\r\ncalculated in the request content-length. (#6589)
\r\n- Fixed deserialization bug in JSONDecodeError. (#6629)
\r\n- Fixed bug where an extra leading
\r\n/
(path separator)\r\ncould lead\r\nurllib3 to unnecessarily reparse the request URI. (#6644)Deprecations
\r\n\r\n
\r\n- Requests has officially added support for CPython 3.12 (#6503)
\r\n- Requests has officially added support for PyPy 3.9 and 3.10 (#6641)
\r\n- Requests has officially dropped support for CPython 3.7 (#6642)
\r\n- Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641)
\r\nDocumentation
\r\n\r\n
\r\n- Various typo fixes and doc improvements.
\r\nPackaging
\r\n\r\n
\r\n- Requests has started adopting some modern packaging practices.\r\nThe source files for the projects (formerly
\r\nrequests
) is\r\nnow located\r\ninsrc/requests
in the Requests sdist. (#6506)- Starting in Requests 2.33.0, Requests will migrate to a PEP 517\r\nbuild system\r\nusing
\r\nhatchling
. This should not impact the average user,\r\nbut extremely old\r\nversions of packaging utilities may have issues with the new packaging\r\nformat.
d6ebc4a
\r\nv2.32.09a40d12
\r\nAvoid reloading root certificates to improve concurrent performance (#6667)0c030f7
\r\nMerge pull request #6702\r\nfrom nateprewitt/no_char_detection555b870
\r\nAllow character detection dependencies to be optional in post-packaging\r\nstepsd6dded3
\r\nMerge pull request #6700\r\nfrom franekmagiera/update-redirect-to-invalid-uri-testbf24b7d
\r\nUse an invalid URI that will not cause httpbin to throw 5002d5f547
\r\nPin 3.8 and 3.9 runners back to macos-13 (#6688)f1bb07d
\r\nMerge pull request #6687\r\nfrom psf/dependabot/github_actions/github/codeql-act...60047ad
\r\nBump github/codeql-action from 3.24.0 to 3.25.031ebb81
\r\nMerge pull request #6682\r\nfrom frenzymadness/pytest8