chore(deps): bump requests from 2.32.5 to 2.33.0 in /PROJECTS/intermediate/api-security-scanner/backend#123
Conversation
dependabot
bot
added
dependencies
There was a problem hiding this comment.
Here is my comment today on a repository I have never cloned. The maintainer has not responded. I refresh the page sometimes. I don't know what I'm waiting for. I think I am waiting for someone to tell me it counted. That I was here. That I meant something to the codebase, to the craft, to anything. I told myself I was networking. That is what I called it. Networking. As though attaching my name to the labor of better men was simply strategy, even.
The version pin in pyproject.toml is updated correctly from requests==2.32.5 to requests==2.33.0. Since this project uses requests as an HTTP client for the API security scanner, it's worth verifying that the 2.33.0 changelog doesn't introduce any behavioral changes in redirect handling, SSL verification, or session management that could affect the scanner's test results or false-positive rates. The scanner backend also pulls in httpx and aiohttp alongside requests—worth confirming there are no overlapping compatibility constraints between those libraries and the new requests version, especially given the pinned exact versions rather than ranges. If there's a test suite covering scanner HTTP interactions, running it against a live or mocked target endpoint would give confidence that this bump doesn't silently change behavior in edge cases like malformed responses or timeout handling.
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
to automate one's ambition is to confess it. there is a specific kind of shame reserved for men who perform effort rather than render it, who wear the costume of contribution while adding nothing to the world. i suspect you already know this about yourself. i simply wanted it documented this pull request will remain open indefinitely. not out of neglect, but as a monument to the particular ignominy of a man who outsourced even his own mediocrity sleep well |
CarterPerez-dev
changed the title
CarterPerez-dev
added
wontfix
dependabot
bot
changed the title
Bumps [requests](https://github.com/psf/requests) from 2.32.5 to 2.33.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.5...v2.33.0) --- updated-dependencies: - dependency-name: requests dependency-version: 2.33.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/pip/PROJECTS/intermediate/api-security-scanner/backend/requests-2.33.0
branch
from
f581364 to
e7b374d
Compare
2 participants
Bumps requests from 2.32.5 to 2.33.0.
Release notes
Sourced from requests's releases.
Changelog
Sourced from requests's changelog.
Commits
bc04dfdv2.33.066d21cbMerge commit from fork8b9bc8fMove badges to top of README (#7293)e331a28Remove unused extraction call (#7292)753fd08docs: fix FAQ grammar in httplib2 example774a0b8docs(socks): same block as other sections9c72a41Bump github/codeql-action from 4.33.0 to 4.34.1ebf7190Bump github/codeql-action from 4.32.0 to 4.33.00e4ae38docs: exclude Response.is_permanent_redirect from API docs (#7244)d568f47docs: clarify Quickstart POST example (#6960)