renovate-bot opened a new pull request, #1798: URL: https://github.com/apache/polaris/pull/1798
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [urllib3](https://redirect.github.com/urllib3/urllib3) ([changelog](https://redirect.github.com/urllib3/urllib3/blob/main/CHANGES.rst)) | `>= 1.25.3, < 2.1.0` -> `>=2.4.0, <3.0.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [urllib3](https://redirect.github.com/urllib3/urllib3) ([changelog](https://redirect.github.com/urllib3/urllib3/blob/main/CHANGES.rst)) | `>=1.25.3,<2.0` -> `>=2.4,<2.5` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>urllib3/urllib3 (urllib3)</summary> ### [`v2.4.0`](https://redirect.github.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#240-2025-04-10) [Compare Source](https://redirect.github.com/urllib3/urllib3/compare/2.3.0...2.4.0) \================== ## Features - Applied PEP 639 by specifying the license fields in pyproject.toml. (`#​3522 <https://github.com/urllib3/urllib3/issues/3522>`\__) - Updated exceptions to save and restore more properties during the pickle/serialization process. (`#​3567 <https://github.com/urllib3/urllib3/issues/3567>`\__) - Added `verify_flags` option to `create_urllib3_context` with a default of `VERIFY_X509_PARTIAL_CHAIN` and `VERIFY_X509_STRICT` for Python 3.13+. (`#​3571 <https://github.com/urllib3/urllib3/issues/3571>`\__) ## Bugfixes - Fixed a bug with partial reads of streaming data in Emscripten. (`#​3555 <https://github.com/urllib3/urllib3/issues/3555>`\__) ## Misc - Switched to uv for installing development dependecies. (`#​3550 <https://github.com/urllib3/urllib3/issues/3550>`\__) - Removed the `multiple.intoto.jsonl` asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (`#​3566 <https://github.com/urllib3/urllib3/issues/3566>`\__) ### [`v2.3.0`](https://redirect.github.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#230-2024-12-22) [Compare Source](https://redirect.github.com/urllib3/urllib3/compare/2.2.3...2.3.0) \================== ## Features - Added `HTTPResponse.shutdown()` to stop any ongoing or future reads for a specific response. It calls `shutdown(SHUT_RD)` on the underlying socket. This feature was `sponsored by LaunchDarkly <https://opencollective.com/urllib3/contributions/815307>`**. (`#​2868 <https://github.com/urllib3/urllib3/issues/2868>`**) - Added support for JavaScript Promise Integration on Emscripten. This enables more efficient WebAssembly requests and streaming, and makes it possible to use in Node.js if you launch it as `node --experimental-wasm-stack-switching`. (`#​3400 <https://github.com/urllib3/urllib3/issues/3400>`\__) - Added the `proxy_is_tunneling` property to `HTTPConnection` and `HTTPSConnection`. (`#​3285 <https://github.com/urllib3/urllib3/issues/3285>`\__) - Added pickling support to `NewConnectionError` and `NameResolutionError`. (`#​3480 <https://github.com/urllib3/urllib3/issues/3480>`\__) ## Bugfixes - Fixed an issue in debug logs where the HTTP version was rendering as "HTTP/11" instead of "HTTP/1.1". (`#​3489 <https://github.com/urllib3/urllib3/issues/3489>`\__) ## Deprecations and Removals - Removed support for Python 3.8. (`#​3492 <https://github.com/urllib3/urllib3/issues/3492>`\__) ### [`v2.2.3`](https://redirect.github.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#223-2024-09-12) [Compare Source](https://redirect.github.com/urllib3/urllib3/compare/2.2.2...2.2.3) \================== ## Features - Added support for Python 3.13. (`#​3473 <https://github.com/urllib3/urllib3/issues/3473>`\__) ## Bugfixes - Fixed the default encoding of chunked request bodies to be UTF-8 instead of ISO-8859-1. All other methods of supplying a request body already use UTF-8 starting in urllib3 v2.0. (`#​3053 <https://github.com/urllib3/urllib3/issues/3053>`\__) - Fixed ResourceWarning on CONNECT with Python < 3.11.4 by backporting [https://github.com/python/cpython/issues/103472](https://redirect.github.com/python/cpython/issues/103472). (`#​3252 <https://github.com/urllib3/urllib3/issues/3252>`\__) - Adjust tolerance for floating-point comparison on Windows to avoid flakiness in CI (`#​3413 <https://github.com/urllib3/urllib3/issues/3413>`\__) - Fixed a crash where certain standard library hash functions were absent in restricted environments. (`#​3432 <https://github.com/urllib3/urllib3/issues/3432>`\__) - Fixed mypy error when adding to `HTTPConnection.default_socket_options`. (`#​3448 <https://github.com/urllib3/urllib3/issues/3448>`\__) ## HTTP/2 (experimental) HTTP/2 support is still in early development. - Excluded Transfer-Encoding: chunked from HTTP/2 request body (`#​3425 <https://github.com/urllib3/urllib3/issues/3425>`\__) - Added version checking for `h2` (https://pypi.org/project/h2/) usage. Now only accepting supported h2 major version 4.x.x. (`#​3290 <https://github.com/urllib3/urllib3/issues/3290>`\__) - Added a probing mechanism for determining whether a given target origin supports HTTP/2 via ALPN. (`#​3301 <https://github.com/urllib3/urllib3/issues/3301>`\__) - Add support for sending a request body with HTTP/2 (`#​3302 <https://github.com/urllib3/urllib3/issues/3302>`\__) ## Deprecations and Removals - Note for downstream distributors: the `_version.py` file has been removed and is now created at build time by hatch-vcs. (`#​3412 <https://github.com/urllib3/urllib3/issues/3412>`\__) - Drop support for end-of-life PyPy3.8 and PyPy3.9. (`#​3475 <https://github.com/urllib3/urllib3/issues/3475>`\__) ### [`v2.2.2`](https://redirect.github.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#222-2024-06-17) [Compare Source](https://redirect.github.com/urllib3/urllib3/compare/2.2.1...2.2.2) \================== - Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via `Retry.remove_headers_on_redirect`. - Allowed passing negative integers as `amt` to read methods of `http.client.HTTPResponse` as an alternative to `None`. (`#​3122 <https://github.com/urllib3/urllib3/issues/3122>`\__) - Fixed return types representing copying actions to use `typing.Self`. (`#​3363 <https://github.com/urllib3/urllib3/issues/3363>`\__) ### [`v2.2.1`](https://redirect.github.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#221-2024-02-16) [Compare Source](https://redirect.github.com/urllib3/urllib3/compare/2.2.0...2.2.1) \================== - Fixed issue where `InsecureRequestWarning` was emitted for HTTPS connections when using Emscripten. (`#​3331 <https://github.com/urllib3/urllib3/issues/3331>`\__) - Fixed `HTTPConnectionPool.urlopen` to stop automatically casting non-proxy headers to `HTTPHeaderDict`. This change was premature as it did not apply to proxy headers and `HTTPHeaderDict` does not handle byte header values correctly yet. (`#​3343 <https://github.com/urllib3/urllib3/issues/3343>`\__) - Changed `InvalidChunkLength` to `ProtocolError` when response terminates before the chunk length is sent. (`#​2860 <https://github.com/urllib3/urllib3/issues/2860>`\__) - Changed `ProtocolError` to be more verbose on incomplete reads with excess content. (`#​3261 <https://github.com/urllib3/urllib3/issues/3261>`\__) ### [`v2.2.0`](https://redirect.github.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#220-2024-01-30) [Compare Source](https://redirect.github.com/urllib3/urllib3/compare/2.1.0...2.2.0) \================== - Added support for `Emscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html>`**, including streaming support in cross-origin isolated browser environments where threading is enabled. (`#​2951 <https://github.com/urllib3/urllib3/issues/2951>`**) - Added support for `HTTPResponse.read1()` method. (`#​3186 <https://github.com/urllib3/urllib3/issues/3186>`\__) - Added rudimentary support for HTTP/2. (`#​3284 <https://github.com/urllib3/urllib3/issues/3284>`\__) - Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (`#​2244 <https://github.com/urllib3/urllib3/issues/2244>`\__) - Fixed `HTTPConnection.proxy_is_verified` and `HTTPSConnection.proxy_is_verified` to be always set to a boolean after connecting to a proxy. It could be `None` in some cases previously. (`#​3130 <https://github.com/urllib3/urllib3/issues/3130>`\__) - Fixed an issue where `headers` passed in a request with `json=` would be mutated (`#​3203 <https://github.com/urllib3/urllib3/issues/3203>`\__) - Fixed `HTTPSConnection.is_verified` to be set to `False` when connecting from a HTTPS proxy to an HTTP target. It was set to `True` previously. (`#​3267 <https://github.com/urllib3/urllib3/issues/3267>`\__) - Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (`#​3268 <https://github.com/urllib3/urllib3/issues/3268>`\__) - Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (`#​3325 <https://github.com/urllib3/urllib3/issues/3325>`\__) - Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the `--integration` pytest flag. (`#​3181 <https://github.com/urllib3/urllib3/issues/3181>`\__) ### [`v2.1.0`](https://redirect.github.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#210-2023-11-13) [Compare Source](https://redirect.github.com/urllib3/urllib3/compare/2.0.7...2.1.0) \================== - Removed support for the deprecated urllib3\[secure] extra. (`#​2680 <https://github.com/urllib3/urllib3/issues/2680>`\__) - Removed support for the deprecated SecureTransport TLS implementation. (`#​2681 <https://github.com/urllib3/urllib3/issues/2681>`\__) - Removed support for the end-of-life Python 3.7. (`#​3143 <https://github.com/urllib3/urllib3/issues/3143>`\__) - Allowed loading CA certificates from memory for proxies. (`#​3065 <https://github.com/urllib3/urllib3/issues/3065>`\__) - Fixed decoding Gzip-encoded responses which specified `x-gzip` content-encoding. (`#​3174 <https://github.com/urllib3/urllib3/issues/3174>`\__) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/apache/polaris). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC4zMy42IiwidXBkYXRlZEluVmVyIjoiNDAuMzMuNiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsicmVub3ZhdGUtcG9sYXJpcyJdfQ==--> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@polaris.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
