* Added extra message to``urllib3.exceptions.ProxyError`` when urllib3 detects that
a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP.
* Added a mention of the size of the connection pool when discarding a
connection due to the pool being full.
* Added explicit support for Python 3.11.
* Deprecated the ``Retry.MAX_BACKOFF`` class property in favor of
``Retry.DEFAULT_MAX_BACKOFF`` to better match the rest of the default parameter names.
``Retry.MAX_BACKOFF`` is removed in v2.0.
* Changed location of the vendored ``ssl.match_hostname`` function from
``urllib3.packages.ssl_match_hostname`` to
``urllib3.util.ssl_match_hostname`` to ensure Python 3.10+ compatibility after
being repackaged by downstream distributors.
* Fixed absolute imports, all imports are now relative.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=127
* Fixed an issue where ``wrap_socket`` and ``CERT_REQUIRED`` wouldn't
be imported properly on Python 2.7.8 and earlier (Pull #2052)
* Fixed an issue where two ``User-Agent`` headers would be sent if a
``User-Agent`` header key is passed as ``bytes`` (Pull #2047)
* Added support for HTTPS proxies contacting HTTPS servers (Pull #1923, Pull #1806)
* Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that
still wish to use TLS earlier than 1.2 without a deprecation warning
should opt-in explicitly by setting ``ssl_version=ssl.PROTOCOL_TLSv1_1`` (Pull #2002)
**Starting in urllib3 v2.0: Connections that receive a ``DeprecationWarning`` will fail**
* Deprecated ``Retry`` options ``Retry.DEFAULT_METHOD_WHITELIST``, ``Retry.DEFAULT_REDIRECT_HEADERS_BLACKLIST``
and ``Retry(method_whitelist=...)`` in favor of ``Retry.DEFAULT_ALLOWED_METHODS``,
``Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT``, and ``Retry(allowed_methods=...)``
(Pull #2000) **Starting in urllib3 v2.0: Deprecated options will be removed**
* Added default ``User-Agent`` header to every request (Pull #1750)
* Added ``urllib3.util.SKIP_HEADER`` for skipping ``User-Agent``, ``Accept-Encoding``,
and ``Host`` headers from being automatically emitted with requests (Pull #2018)
* Collapse ``transfer-encoding: chunked`` request data and framing into
the same ``socket.send()`` call (Pull #1906)
* Send ``http/1.1`` ALPN identifier with every TLS handshake by default (Pull #1894)
* Properly terminate SecureTransport connections when CA verification fails (Pull #1977)
* Don't emit an ``SNIMissingWarning`` when passing ``server_hostname=None``
to SecureTransport (Pull #1903)
* Disabled requesting TLSv1.2 session tickets as they weren't being used by urllib3 (Pull #1970)
* Suppress ``BrokenPipeError`` when writing request body after the server
has closed the socket (Pull #1524)
* Wrap ``ssl.SSLError`` that can be raised from reading a socket (e.g. "bad MAC")
into an ``urllib3.exceptions.SSLError`` (Pull #1939)
* Fix retry backoff time parsed from ``Retry-After`` header when given
in the HTTP date format. The HTTP date was parsed as the local timezone
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=105
* Added support for ``SSLKEYLOGFILE`` environment variable for
logging TLS session keys with use with programs like
Wireshark for decrypting captured web traffic (Pull #1867)
* Fixed loading of SecureTransport libraries on macOS Big Sur
due to the new dynamic linker cache (Pull #1905)
* Collapse chunked request bodies data and framing into one
call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906)
* Don't insert ``None`` into ``ConnectionPool`` if the pool
was empty when requesting a connection (Pull #1866)
* Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=101
* Added ``InvalidProxyConfigurationWarning`` which is raised when
erroneously specifying an HTTPS proxy URL. urllib3 doesn't currently
support connecting to HTTPS proxies but will soon be able to
and we would like users to migrate properly without much breakage.
* Drain connection after ``PoolManager`` redirect (Pull #1817)
* Ensure ``load_verify_locations`` raises ``SSLError`` for all backends (Pull #1812)
* Rename ``VerifiedHTTPSConnection`` to ``HTTPSConnection`` (Pull #1805)
* Allow the CA certificate data to be passed as a string (Pull #1804)
* Raise ``ValueError`` if method contains control characters (Pull #1800)
* Add ``__repr__`` to ``Timeout`` (Pull #1795)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=98
* Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which caused certificate verification to be enabled when using cert_reqs=CERT_NONE. (Issue #1682)
* Propagate Retry-After header settings to subsequent retries. (Pull #1607)
* Fix edge case where Retry-After header was still respected even when explicitly opted out of. (Pull #1607)
* Remove dependency on rfc3986 for URL parsing.
* Fix issue where URLs containing invalid characters within Url.auth would raise an exception instead of percent-encoding those characters.
* Add support for HTTPResponse.auto_close = False which makes HTTP responses work well with BufferedReaders and other io module features. (Pull #1652)
* Percent-encode invalid characters in URL for HTTPConnectionPool.request() (Pull #1673)
- Drop patch urllib3-ssl-default-context.patch
- Drop patch python-urllib3-recent-date.patch the date is recent
enough on its own
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=84
* Change is_ipaddress to not detect IPvFuture addresses. (Pull #1583)
* Change parse_url to percent-encode invalid characters within the path, query, and target components. (Pull #1586)
* Add support for Google's Brotli package. (Pull #1572, Pull #1579)
* Upgrade bundled rfc3986 to v1.3.1 (Pull #1578)
- Require all the deps from the secure list rather than Recommend.
This makes the check to be run always and ensure the urls are
"secure".
- Remove ndg-httpsclient as it is not needed since 2015
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=63
* Require and validate certificates by default when using HTTPS
* Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant.
* Added support for ``key_password`` for ``HTTPSConnectionPool`` to use
encrypted ``key_file`` without creating your own ``SSLContext`` object.
* Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext``
implementations. (Pull #1496)
* Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft.
* Fixed issue where OpenSSL would block if an encrypted client private key was
given and no password was given. Instead an ``SSLError`` is raised.
* Added support for Brotli content encoding. It is enabled automatically if
``brotlipy`` package is installed which can be requested with
``urllib3[brotli]`` extra.
* Drop ciphers using DSS key exchange from default TLS cipher suites.
Improve default ciphers when using SecureTransport.
* Implemented a more efficient ``HTTPResponse.__iter__()`` method.
- Drop urllib3-test-ssl-drop-sslv3.patch . No longer needed
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=59
- Update to 1.24.2:
- Implemented a more efficient HTTPResponse.__iter__() method.
(Issue #1483)
- Upgraded urllib3.utils.parse_url() to be RFC 3986 compliant.
(Pull #1487)
- Remove Authorization header regardless of case when
redirecting to cross-site. (Issue #1510)
- Added support for key_password for HTTPSConnectionPool to use
encrypted key_file without creating your own SSLContext
object. (Pull #1489)
- Fixed issue where OpenSSL would block if an encrypted client
private key was given and no password was given. Instead an
SSLError is raised. (Pull #1489)
- Require and validate certificates by default when using HTTPS
(Pull #1507)
- Added support for Brotli content encoding. It is enabled
automatically if brotlipy package is installed which can be
requested with urllib3[brotli] extra. (Pull #1532)
- Add TLSv1.3 support to CPython, pyOpenSSL, and
SecureTransport SSLContext implementations. (Pull #1496)
- Drop ciphers using DSS key exchange from default TLS cipher
suites. Improve default ciphers when using SecureTransport.
(Pull #1496)
- Add support for IPv6 addresses in subjectAltName section of
certificates. (Issue #1269)
- Switched the default multipart header encoder from RFC 2231
to HTML 5 working draft. (Issue #303, PR #1492)
OBS-URL: https://build.opensuse.org/request/show/695346
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=57
* Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull #1449)
* Test against Python 3.7 on AppVeyor. (Pull #1453)
* Early-out ipv6 checks when running on App Engine. (Pull #1450)
* Change ambiguous description of backoff_factor (Pull #1436)
* Add ability to handle multiple Content-Encodings (Issue #1441 and Pull #1442)
* Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue #1405).
* Add a server_hostname parameter to HTTPSConnection which allows for overriding the SNI hostname sent in the handshake. (Pull #1397)
* Drop support for EOL Python 2.6 (Pull #1429 and Pull #1430)
* Fixed bug where responses with header Content-Type: message/* erroneously raised HeaderParsingError, resulting in a warning being logged. (Pull #1439)
* Move urllib3 to src/urllib3 (Pull #1409)
- Drop patch 1414.patch merged upstream
- Refresh patches:
* python-urllib3-recent-date.patch
* urllib3-ssl-default-context.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=53
