Created by: dependabot[bot]
Bumps urllib3 from 1.25.3 to 1.25.8.
Release notes
Sourced from urllib3's releases.
1.25.8
Release: 1.25.8
1.25.7
No release notes provided.
1.25.6
Release: 1.25.6
1.25.5
Release: 1.25.5
1.25.4
Release: 1.25.4
Changelog
Sourced from urllib3's changelog.
1.25.8 (2020-01-20)
1.25.7 (2019-11-11)
Preserve
chunked
parameter on retries (Pull #1715, Pull #1734)Allow unset
SERVER_SOFTWARE
in App Engine (Pull #1704, Issue #1470)Fix issue where URL fragment was sent within the request target. (Pull #1732)
Fix issue where an empty query section in a URL would fail to parse. (Pull #1732)
Remove TLS 1.3 support in SecureTransport due to Apple removing support (Pull #1703)
1.25.6 (2019-09-24)
- Fix issue where tilde (
~
) characters were incorrectly percent-encoded in the path. (Pull #1692)1.25.5 (2019-09-19)
- Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which caused certificate verification to be enabled when using
cert_reqs=CERT_NONE
. (Issue #1682)1.25.4 (2019-09-19)
Propagate Retry-After header settings to subsequent retries. (Pull #1607)
Fix edge case where Retry-After header was still respected even when explicitly opted out of. (Pull #1607)
Remove dependency on
rfc3986
for URL parsing.Fix issue where URLs containing invalid characters within
Url.auth
would raise an exception instead of percent-encoding those characters.
... (truncated)
Commits
-
2a57bc5
Release 1.25.8 (#1788) -
a2697e7
Optimize _encode_invalid_chars (#1787) -
d2a5a59
Move IPv6 test skips in server fixtures -
d44f0e5
Factorize test certificates serialization -
84abc7f
Generate IPV6 certificates using trustme -
6a15b18
Run IPv6 Tornado server from fixture -
4903840
Use trustme to generate IP_SAN cert -
9971e27
Empty responses should have no lines. -
62ef68e
Use trustme to generate NO_SAN certs -
fd2666e
Use fixture to configure NO_SAN test certs - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.