* Removed support for the deprecated urllib3[secure] extra.
* Removed support for the deprecated SecureTransport TLS
implementation.
* Removed support for the end-of-life Python 3.7.
* Allowed loading CA certificates from memory for proxies.
* Fixed decoding Gzip-encoded responses which specified
``x-gzip`` content-encoding.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=174
- update to 2.0.6 (bsc#1215968, CVE-2023-43804):
* Added the Cookie header to the list of headers to strip from
requests when redirecting to a different host. As before, different
headers can be set via Retry.remove_headers_on_redirect
- 2.0.5:
* Allowed pyOpenSSL third-party module without any deprecation
warning. #3126
* Fixed default blocksize of HTTPConnection classes to match
high-level classes. Previously was 8KiB, now 16KiB. #3066
OBS-URL: https://build.opensuse.org/request/show/1115892
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-urllib3?expand=0&rev=62
* Added the Cookie header to the list of headers to strip from
requests when redirecting to a different host. As before, different
headers can be set via Retry.remove_headers_on_redirect
- 2.0.5:
* Allowed pyOpenSSL third-party module without any deprecation
warning. #3126
* Fixed default blocksize of HTTPConnection classes to match
high-level classes. Previously was 8KiB, now 16KiB. #3066
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=168
* Changed HTTPConnection.request_chunked() to not erroneously emit multiple
* Added ``urllib3.util.SKIP_HEADER`` for skipping ``User-Agent``, ``Accept-Encoding``,
- Add missing dependency on python-six (bsc#1150895)
- update to 1.25 (bsc#1132663, bsc#1129071, CVE-2019-9740, CVE-2019-11236):
* Allow providing a list of headers to strip from requests when redirecting
without repeatedly flushing the decoder, to function better on
* Accept ca_cert_dir for SSL-related PoolManager configuration.
- add python-pyOpenSSL, python-certifi and python-pyasn1 requirements
- Comment out test requirements, as tests are disabled anyway, and
* Add support for directories of certificate authorities, as
* New exception: NewConnectionError, raised when we fail to
- Update 0001-Don-t-pin-dependency-to-exact-version.patch
* Shuffled around development-related files.
If you're maintaining a distro package of urllib3, you may need
* Unverified HTTPS requests will trigger a warning on the first
* New retry logic and urllib3.util.retry.Retry configuration
* All raised exceptions should now wrapped in a
urllib3.exceptions.HTTPException-extending exception.
urllib3.exceptions.MaxRetryError, including timeout-related
exceptions which were previously exempt. Underlying error is
* urllib3.exceptions.ConnectionError renamed to
* Requesting an empty host will raise
* Catch read timeouts over SSL connections as
* Fix TLS verification when using a proxy in Python 3.4.1.
* Add disable_cache option to urllib3.util.make_headers.
* Wrap socket.timeout exception with
* Fixed proxy-related bug where connections were being reused
* Added socket_options keyword parameter which allows to define
* Removed HTTPConnection.tcp_nodelay in favor of
* Don't install dummyserver into site-packages as it's only
OBS-URL: https://build.opensuse.org/request/show/1112725
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-urllib3?expand=0&rev=61
* Added ``urllib3.util.SKIP_HEADER`` for skipping ``User-Agent``, ``Accept-Encoding``,
- Add missing dependency on python-six (bsc#1150895)
- update to 1.25 (bsc#1132663, bsc#1129071, CVE-2019-9740, CVE-2019-11236):
* Allow providing a list of headers to strip from requests when redirecting
without repeatedly flushing the decoder, to function better on
* Accept ca_cert_dir for SSL-related PoolManager configuration.
- add python-pyOpenSSL, python-certifi and python-pyasn1 requirements
- Comment out test requirements, as tests are disabled anyway, and
* Add support for directories of certificate authorities, as
* New exception: NewConnectionError, raised when we fail to
- Update 0001-Don-t-pin-dependency-to-exact-version.patch
* Shuffled around development-related files.
If you're maintaining a distro package of urllib3, you may need
* Unverified HTTPS requests will trigger a warning on the first
* New retry logic and urllib3.util.retry.Retry configuration
* All raised exceptions should now wrapped in a
urllib3.exceptions.HTTPException-extending exception.
urllib3.exceptions.MaxRetryError, including timeout-related
exceptions which were previously exempt. Underlying error is
* urllib3.exceptions.ConnectionError renamed to
* Requesting an empty host will raise
* Catch read timeouts over SSL connections as
* Fix TLS verification when using a proxy in Python 3.4.1.
* Add disable_cache option to urllib3.util.make_headers.
* Wrap socket.timeout exception with
* Fixed proxy-related bug where connections were being reused
* Added socket_options keyword parameter which allows to define
* Removed HTTPConnection.tcp_nodelay in favor of
* Don't install dummyserver into site-packages as it's only
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=166
* Added support for union operators to ``HTTPHeaderDict``
* Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078
* Fixed ``urllib3.connection.HTTPConnection`` to raise the
``http.client.connect`` audit event to have the same behavior
as the standard library HTTP client
* Relied on the standard library for checking hostnames in
supported PyPy releases
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=162
- Disable test_deprecated_no_scheme so it needs network connection to
run correctly.
- update to 2.0.3:
* Allowed alternative SSL libraries such as LibreSSL, while
still issuing a warning as we cannot help users facing issues
with implementations other than OpenSSL.
* Deprecated URLs which don't have an explicit scheme
* Fixed response decoding with Zstandard when compressed data
is made of several frames.
* Fixed ``assert_hostname=False`` to correctly skip hostname
check.
OBS-URL: https://build.opensuse.org/request/show/1096959
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-urllib3?expand=0&rev=58
* Allowed alternative SSL libraries such as LibreSSL, while
still issuing a warning as we cannot help users facing issues
with implementations other than OpenSSL.
* Deprecated URLs which don't have an explicit scheme
* Fixed response decoding with Zstandard when compressed data
is made of several frames.
* Fixed ``assert_hostname=False`` to correctly skip hostname
check.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=159
- update to 2.0.2:
* Fixed ``HTTPResponse.stream()`` to continue yielding bytes if
buffered decompressed data was still available to be read
even if the underlying socket is closed. This prevents
a compressed response from being truncated.
- Update to 2.0.1:
* Fixed a socket leak when fingerprint or hostname verifications fail.
* Fixed an error when HTTPResponse.read(0) was the first read call or when
the internal response body buffer was otherwise empty.
* Removed support for Python 2.7, 3.5, and 3.6.
* Removed fallback on certificate commonName in match_hostname() function.
* Removed support for Python with an ssl module compiled with LibreSSL,
CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
* Removed support for OpenSSL versions earlier than 1.1.1.
* Removed urllib3.contrib.appengine.AppEngineManager and support for Google
App Engine Standard Environment.
* Changed ssl_version to instead set the corresponding
SSLContext.minimum_version and SSLContext.maximum_version values.
* Changed default SSLContext.minimum_version to be TLSVersion.TLSv1_2
in line with Python 3.10.
* Changed urllib3.util.create_urllib3_context to not override the system
cipher suites with a default value.
* Changed multipart/form-data header parameter formatting matches the
WHATWG HTML Standard as of 2021-06-10.
* Changed HTTPConnection.request() to always use lowercase chunk boundaries
when sending requests with Transfer-Encoding: chunked.
* Changed enforce_content_length default to True, preventing silent data
loss when reading streamed responses.
* Changed all parameters in the HTTPConnection and HTTPSConnection
OBS-URL: https://build.opensuse.org/request/show/1087259
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-urllib3?expand=0&rev=57
* Fixed a socket leak when fingerprint or hostname verifications fail.
* Fixed an error when HTTPResponse.read(0) was the first read call or when
the internal response body buffer was otherwise empty.
* Removed support for Python 2.7, 3.5, and 3.6.
* Removed fallback on certificate commonName in match_hostname() function.
* Removed support for Python with an ssl module compiled with LibreSSL,
CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
* Removed support for OpenSSL versions earlier than 1.1.1.
* Removed urllib3.contrib.appengine.AppEngineManager and support for Google
App Engine Standard Environment.
* Changed ssl_version to instead set the corresponding
SSLContext.minimum_version and SSLContext.maximum_version values.
* Changed default SSLContext.minimum_version to be TLSVersion.TLSv1_2
in line with Python 3.10.
* Changed urllib3.util.create_urllib3_context to not override the system
cipher suites with a default value.
* Changed multipart/form-data header parameter formatting matches the
WHATWG HTML Standard as of 2021-06-10.
* Changed HTTPConnection.request() to always use lowercase chunk boundaries
when sending requests with Transfer-Encoding: chunked.
* Changed enforce_content_length default to True, preventing silent data
loss when reading streamed responses.
* Changed all parameters in the HTTPConnection and HTTPSConnection
constructors to be keyword-only except host and port.
* Changed HTTPConnection.getresponse() to set the socket timeout from
HTTPConnection.timeout value before reading data from the socket.
* Changed name of Retry.BACK0FF_MAX to be Retry.DEFAULT_BACKOFF_MAX.
* Changed TLS handshakes to use SSLContext.check_hostname when possible.
* Changed the default blocksize to 16KB to match OpenSSL's default read
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=152
- update to 1.26.13
* Deprecated the ``HTTPResponse.getheaders()`` and ``HTTPResponse.getheader()`` methods.
* Fixed an issue where parsing a URL with leading zeroes in the port would be rejected
even when the port number after removing the zeroes was valid.
* Fixed a deprecation warning when using cryptography v39.0.0.
* Removed the ``<4`` in the ``Requires-Python`` packaging metadata field. (forwarded request 1039590 from glaubitz)
OBS-URL: https://build.opensuse.org/request/show/1039604
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-urllib3?expand=0&rev=53
- Remove unneeded BuildRequires of mock.
- Remove unbundling off ssl.match_hostname.
* It was only done for the primary python3 flavor
* It is bundled for a reason gh#urllib3/urllib3#2439,
gh#urllib3/urllib3#2448
* The tests (and probably urllib3 users) use wildcard patterns
not supported by the stdlib
- Fix undbundling of six for all flavors
- Replace brotlipy recommendation and test with python-Brotli
(see release notes below)
- update to 1.26.9:
* Changed ``urllib3[brotli]`` extra to favor installing Brotli libraries that are still
receiving updates like ``brotli`` and ``brotlicffi`` instead of ``brotlipy``.
This change does not impact behavior of urllib3, only which dependencies are installed.
* Fixed a socket leaking when ``HTTPSConnection.connect()`` raises an exception.
* Fixed ``server_hostname`` being forwarded from ``PoolManager`` to ``HTTPConnectionPool``
when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.
- update to 1.26.8:
* Added extra message to``urllib3.exceptions.ProxyError`` when urllib3 detects that
a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP.
* Added a mention of the size of the connection pool when discarding a
connection due to the pool being full.
* Added explicit support for Python 3.11.
* Deprecated the ``Retry.MAX_BACKOFF`` class property in favor of
``Retry.DEFAULT_MAX_BACKOFF`` to better match the rest of the default parameter names.
``Retry.MAX_BACKOFF`` is removed in v2.0.
* Changed location of the vendored ``ssl.match_hostname`` function from
OBS-URL: https://build.opensuse.org/request/show/970661
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-urllib3?expand=0&rev=49
* Changed ``urllib3[brotli]`` extra to favor installing Brotli libraries that are still
receiving updates like ``brotli`` and ``brotlicffi`` instead of ``brotlipy``.
This change does not impact behavior of urllib3, only which dependencies are installed.
* Fixed a socket leaking when ``HTTPSConnection.connect()`` raises an exception.
* Fixed ``server_hostname`` being forwarded from ``PoolManager`` to ``HTTPConnectionPool``
when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=130
