Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump requests from 2.32.0 to 2.32.2 in /requirements in the minor-python group #3331

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 22, 2024

Bumps the minor-python group in /requirements with 1 update: requests.

Updates requests from 2.32.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.
Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-python
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file Python labels May 22, 2024
@benhammondmusic benhammondmusic merged commit b177980 into main May 22, 2024
7 checks passed
@benhammondmusic benhammondmusic deleted the dependabot/pip/requirements/minor-python-775dd686c6 branch May 22, 2024 15:06
alinix1 pushed a commit to alinix1/health-equity-tracker that referenced this pull request May 29, 2024
…e#3258)

Bumps the pip group with 5 updates in the /python/tests directory:

| Package | From | To |
| --- | --- | --- |
| [certifi](https://github.com/certifi/python-certifi) | `2023.7.22` |
`2024.2.2` |
| [grpcio](https://github.com/grpc/grpc) | `1.53.2` | `1.63.0` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `3.18.3` |
`5.26.1` |
| [rsa](https://github.com/sybrenstuvel/python-rsa) | `4.7` | `4.9` |
| [urllib3](https://github.com/urllib3/urllib3) | `1.26.18` | `2.2.1` |


Updates `certifi` from 2023.7.22 to 2024.2.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/45eb6113c0cff15293611eedf237f7345dcf24bd"><code>45eb611</code></a>
2024.02.02 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/266">#266</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/83f4f04419f0f2d14fe3ee1309feebb9d776072d"><code>83f4f04</code></a>
fix leaking certificate issue (<a
href="https://redirect.github.com/certifi/python-certifi/issues/265">#265</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/bbf2208229ce26cfcd860eb6c551dded130eea04"><code>bbf2208</code></a>
Bump actions/upload-artifact from 4.2.0 to 4.3.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/264">#264</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/9e837a5fbd135b95057abb8f14b775a50aee8a01"><code>9e837a5</code></a>
Bump actions/upload-artifact from 4.1.0 to 4.2.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/262">#262</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/05d071b6125558e97cf3a8ef12d9c393e3967d17"><code>05d071b</code></a>
Bump actions/upload-artifact from 4.0.0 to 4.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/261">#261</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2a3088a1cb569a93dab8c8ba6e8d959902b682d5"><code>2a3088a</code></a>
Bump actions/download-artifact from 4.1.0 to 4.1.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/260">#260</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d4ca66e11e8200be0332590dd92a15d9a58ae894"><code>d4ca66e</code></a>
Bump actions/upload-artifact from 3.1.3 to 4.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/258">#258</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/5d1566377a5449aac90d7080928ae77027c7c85b"><code>5d15663</code></a>
Bump actions/download-artifact from 3.0.2 to 4.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/257">#257</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d66ef9de10a59e5a162230abd1c46a4c94242633"><code>d66ef9d</code></a>
Bump actions/setup-python from 4.7.1 to 5.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/256">#256</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/8f0d4125b269a45f366eb37e04d1a0a7866d0f52"><code>8f0d412</code></a>
Bump pypa/gh-action-pypi-publish from 1.8.10 to 1.8.11 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/255">#255</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/certifi/python-certifi/compare/2023.07.22...2024.02.02">compare
view</a></li>
</ul>
</details>
<br />

Updates `grpcio` from 1.53.2 to 1.63.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc/releases">grpcio's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.63.0</h2>
<p>This is release 1.63.0 (<a
href="https://github.com/grpc/grpc/blob/master/doc/g_stands_for.md">giggle</a>)
of gRPC Core.</p>
<p>For gRPC documentation, see <a href="https://grpc.io/">grpc.io</a>.
For previous releases, see <a
href="https://github.com/grpc/grpc/releases">Releases</a>.</p>
<p>This release contains refinements, improvements, and bug fixes, with
highlights listed below.</p>
<h2>Core</h2>
<ul>
<li>[Deps] Backport: Protobuf upgrade to v26.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/36353">#36353</a>)</li>
<li>[OTel C++] Add experimental optional locality label available to
client per-attempt metrics. (<a
href="https://redirect.github.com/grpc/grpc/pull/36254">#36254</a>)</li>
<li>[surface] Add an API to inject connected endpoints into servers. (<a
href="https://redirect.github.com/grpc/grpc/pull/35957">#35957</a>)</li>
<li>[CMake] Add gRPC_USE_SYSTEMD option. (<a
href="https://redirect.github.com/grpc/grpc/pull/34384">#34384</a>)</li>
<li>[OTel C++] Add API to set channel scope filter. (<a
href="https://redirect.github.com/grpc/grpc/pull/36189">#36189</a>)</li>
<li>[Deps] Upgraded protobuf to v26.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/35796">#35796</a>)</li>
<li>[channel] canonify target and set channel arg in only one place. (<a
href="https://redirect.github.com/grpc/grpc/pull/36134">#36134</a>)</li>
<li>[grpc][Gpr_To_Absl_Logging] Using absl from within gpr logging. (<a
href="https://redirect.github.com/grpc/grpc/pull/36108">#36108</a>)</li>
<li>[BoringSSL] Update third_party/boringssl-with-bazel. (<a
href="https://redirect.github.com/grpc/grpc/pull/36089">#36089</a>)</li>
<li>[EventEngine] Document RunAfter can return an invalid handle for
immediate execution. (<a
href="https://redirect.github.com/grpc/grpc/pull/36072">#36072</a>)</li>
<li>[EventEngine] Enable the EventEngine DNS Resolver on Posix. (<a
href="https://redirect.github.com/grpc/grpc/pull/35573">#35573</a>)</li>
<li>[EventEngine] Support AF_UNIX for windows. (<a
href="https://redirect.github.com/grpc/grpc/pull/34801">#34801</a>)</li>
</ul>
<h2>C++</h2>
<ul>
<li>[OTel C++] Add APIs to enable/disable metrics. (<a
href="https://redirect.github.com/grpc/grpc/pull/36183">#36183</a>)</li>
<li>[EventEngine] Refactor ServerCallbackCall to use EventEngine::Run.
(<a
href="https://redirect.github.com/grpc/grpc/pull/36126">#36126</a>)</li>
<li>[OTel C++] Add CMake build support. (<a
href="https://redirect.github.com/grpc/grpc/pull/36063">#36063</a>)</li>
<li>gRPC C++ upgraded Protobuf to v26.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/36323">#36323</a>)</li>
</ul>
<h2>C#</h2>
<ul>
<li>[csharp] Fix csharp doc comments. (<a
href="https://redirect.github.com/grpc/grpc/pull/36000">#36000</a>)</li>
<li>C#: Grpc.Tools: Handle regex timeout when parsing protoc output. (<a
href="https://redirect.github.com/grpc/grpc/pull/36185">#36185</a>)</li>
</ul>
<h2>PHP</h2>
<ul>
<li>Update min PHP testing version from PHP 7.4 to 8.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/35964">#35964</a>)</li>
</ul>
<h2>Python</h2>
<ul>
<li>[Python Version] Drop support for Python 3.7. (<a
href="https://redirect.github.com/grpc/grpc/pull/34450">#34450</a>)</li>
<li>[Python Aio] Change aio Metadata inheritance. (<a
href="https://redirect.github.com/grpc/grpc/pull/36214">#36214</a>)</li>
<li>[Documentation] fix asyncio Server and Channel stop() method
documentation. (<a
href="https://redirect.github.com/grpc/grpc/pull/35946">#35946</a>)</li>
<li>[Python O11y] Change public interface. (<a
href="https://redirect.github.com/grpc/grpc/pull/36094">#36094</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc/commit/ac1418547838ab067a02af4402046f7bc1cbc44c"><code>ac14185</code></a>
[Release] Bump version to 1.63.0 (on v1.63.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/36456">#36456</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/7df7f92da82dbb8fbe93b4ff5d599d447379ee9d"><code>7df7f92</code></a>
[Release] Bump version to 1.63.0-pre2 (on v1.63.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/36377">#36377</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/cdbc13e500056ec19b2856fe2a884b2a9e99d406"><code>cdbc13e</code></a>
[Gpr_To_Absl_Logging] Disable absl logging (<a
href="https://redirect.github.com/grpc/grpc/issues/36378">#36378</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/60c35badea03e44d81623a58fe560a0ad40dceb2"><code>60c35ba</code></a>
[Python Dist] Fix grpc_distribtests_python (v1.63.x backport) (<a
href="https://redirect.github.com/grpc/grpc/issues/36363">#36363</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/81a913e71f1b2cba049244dc1882bd31d66508d3"><code>81a913e</code></a>
[Deps] Backport: Protobuf upgrade to v26.1 (<a
href="https://redirect.github.com/grpc/grpc/issues/36353">#36353</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/bc470e47ad64ae94ba8baff01e75a7606ed1cd00"><code>bc470e4</code></a>
[release] Cherry-pick `<a
href="https://github.com/grpc/grpc/commit/e510ff89aa38d9c924">https://github.com/grpc/grpc/commit/e510ff89aa38d9c924</a>...</li>
<li><a
href="https://github.com/grpc/grpc/commit/cfea053ffaeaa3c12b10917293cb9923fdb4d579"><code>cfea053</code></a>
[Release] Bump version to 1.63.0-pre1 (on v1.63.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/36338">#36338</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/c73c24a8ef4c1a18de138ee349cadc1b4c88b69e"><code>c73c24a</code></a>
[experiments] Set <code>call_status_override_on_cancellation</code>
default to <code>false</code> f...</li>
<li><a
href="https://github.com/grpc/grpc/commit/0a7a85a323d037d848c65286965c12808c241326"><code>0a7a85a</code></a>
[Release] Bump core version to 40.0.0 for upcoming release (<a
href="https://redirect.github.com/grpc/grpc/issues/36293">#36293</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/b6989ff3e4fa2b7928867b5575efa3d2291f1d0d"><code>b6989ff</code></a>
[interop] Add 1.63.2 release of grpc-go to interop matrix (<a
href="https://redirect.github.com/grpc/grpc/issues/36305">#36305</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc/compare/v1.53.2...v1.63.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `protobuf` from 3.18.3 to 5.26.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/protocolbuffers/protobuf/releases">protobuf's
releases</a>.</em></p>
<blockquote>
<h2>Protocol Buffers v3.20.3</h2>
<h1>Java</h1>
<ul>
<li>Refactoring java full runtime to reuse sub-message builders and
prepare to
migrate parsing logic from parse constructor to builder.</li>
<li>Move proto wireformat parsing functionality from the private
&quot;parsing
constructor&quot; to the Builder class.</li>
<li>Change the Lite runtime to prefer merging from the wireformat into
mutable
messages rather than building up a new immutable object before merging.
This
way results in fewer allocations and copy operations.</li>
<li>Make message-type extensions merge from wire-format instead of
building up
instances and merging afterwards. This has much better performance.</li>
<li>Fix TextFormat parser to build up recurring (but supposedly not
repeated)
sub-messages directly from text rather than building a new sub-message
and
merging the fully formed message into the existing field.</li>
<li>This release addresses a <a
href="https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2">Security
Advisory for Java users</a></li>
</ul>
<h2>Protocol Buffers v3.20.2</h2>
<h1>C++</h1>
<ul>
<li>Reduce memory consumption of MessageSet parsing</li>
<li>This release addresses a <a
href="https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-8gq9-2x98-w8hf">Security
Advisory for C++ and Python users</a></li>
</ul>
<h2>Protocol Buffers v3.20.1</h2>
<h1>PHP</h1>
<ul>
<li>Fix building packaged PHP extension (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9727">#9727</a>)</li>
<li>Fixed composer.json to only advertise compatibility with PHP 7.0+.
(<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9819">#9819</a>)</li>
</ul>
<h1>Ruby</h1>
<ul>
<li>Disable the aarch64 build on macOS until it can be fixed. (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9816">#9816</a>)</li>
</ul>
<h1>Other</h1>
<ul>
<li>Fix versioning issues in 3.20.0</li>
</ul>
<h2>Protocol Buffers v3.20.1-rc1</h2>
<h1>PHP</h1>
<ul>
<li>Fix building packaged PHP extension (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9727">#9727</a>)</li>
</ul>
<h1>Other</h1>
<ul>
<li>Fix versioning issues in 3.20.0</li>
</ul>
<h2>Protocol Buffers v3.20.0</h2>
<p>2022-03-25 version 3.20.0
(C++/Java/Python/PHP/Objective-C/C#/Ruby/JavaScript)</p>
<h1>Ruby</h1>
<ul>
<li>Dropped Ruby 2.3 and 2.4 support for CI and releases. (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9311">#9311</a>)</li>
<li>Added Ruby 3.1 support for CI and releases (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9566">#9566</a>).</li>
<li>Message.decode/encode: Add recursion_limit option (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9218">#9218</a>/<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9486">#9486</a>)</li>
<li>Allocate with xrealloc()/xfree() so message allocation is visible to
the
Ruby GC. In certain tests this leads to much lower memory usage due to
more
frequent GC runs (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9586">#9586</a>).</li>
<li>Fix conversion of singleton classes in Ruby (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9342">#9342</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/2434ef2adf0c74149b9d547ac5fb545a1ff8b6b5"><code>2434ef2</code></a>
Updating version.json and repo version numbers to: 26.1</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/49253b118b40719b938c2b74a53d70f5450d87b0"><code>49253b1</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/16308">#16308</a>
from protocolbuffers/cp-26x-3</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/9bf69ecc833757839421b89e92ddb4dc09b2af0d"><code>9bf69ec</code></a>
Fix validateFeatures to be called after resolved features are actually
set to...</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/b752bc2b93ea16b1ec19c9a7421f77a028d7ecdf"><code>b752bc2</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/16307">#16307</a>
from protocolbuffers/cp-26x-2</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/f7d23268df8a9e1ac4a9ac3a9178bba68e66e088"><code>f7d2326</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/16309">#16309</a>
from protocolbuffers/cp-26x-4</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/2e51ff6de3e8c594d965b2ad8952b911383cf0bf"><code>2e51ff6</code></a>
Cherry-pick required label handling in JRuby field descriptor from <a
href="https://gi">https://gi</a>...</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/a2f5303916d00725cbd63ee92445b330f70d71a6"><code>a2f5303</code></a>
Update cmake stalenes</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/6a177d2cf6d6eb0f4dc87426947252c9f5e7df2b"><code>6a177d2</code></a>
Merge branch '26.x' into cp-26x-4</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/2d3d8ba410550082ee20777653a2a1d515ff8036"><code>2d3d8ba</code></a>
Expand cpp_features_proto_srcs visibility</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/e1092ee6e0b7328d5d506d65322f0b15c5b08b21"><code>e1092ee</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/16294">#16294</a>
from protocolbuffers/cp-26x</li>
<li>Additional commits viewable in <a
href="https://github.com/protocolbuffers/protobuf/compare/v3.18.3...v5.26.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `rsa` from 4.7 to 4.9
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sybrenstuvel/python-rsa/blob/main/CHANGELOG.md">rsa's
changelog</a>.</em></p>
<blockquote>
<h2>Version 4.9 - release 2022-07-20</h2>
<ul>
<li>Remove debug logging from <code>rsa/key.py</code>
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/issues/194">#194</a>).</li>
<li>Remove overlapping slots in <code>PrivateKey</code> and
<code>PublicKey</code>.
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/189">#189</a>).</li>
<li>Do not include CHANGELOG/LICENSE/README.md in wheel
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/191">#191</a>).</li>
<li>Fixed Key Generation Unittest: Public and Private keys are assigned
the wrong way around
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/188">#188</a>).</li>
</ul>
<h2>Version 4.8 - released 2021-11-24</h2>
<ul>
<li>Switch to <a href="https://python-poetry.org/">Poetry</a> for
dependency and release management.</li>
<li>Compatibility with Python 3.10.</li>
<li>Chain exceptions using <code>raise new_exception from
old_exception</code>
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/157">#157</a>)</li>
<li>Added marker file for PEP 561. This will allow type checking tools
in dependent projects
to use type annotations from Python-RSA
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/136">#136</a>).</li>
<li>Use the Chinese Remainder Theorem when decrypting with a private
key. This
makes decryption 2-4x faster
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/163">#163</a>).</li>
</ul>
<h2>Version 4.7.2 - released 2021-02-24</h2>
<ul>
<li>Fix picking/unpickling issue introduced in 4.7
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/issues/173">#173</a>)</li>
</ul>
<h2>Version 4.7.1 - released 2021-02-15</h2>
<ul>
<li>Fix threading issue introduced in 4.7
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/issues/173">#173</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/c4dc7beb04bea05ed86adb2e4b7f780f173774b8"><code>c4dc7be</code></a>
README.md: Final publishing tweaks</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/1ee1afee004cae97b9c5e0aa549042dba45bd45b"><code>1ee1afe</code></a>
Bumped version to 4.9</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/80eb1b16dd359452c8d309161c13196a61387bfc"><code>80eb1b1</code></a>
update_version.sh: include README.md in example commit command</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/7d2c6b2d2294eef2714fb1650895933d799ae07f"><code>7d2c6b2</code></a>
Mark 4.9 as released today</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/42a9b2fdc3a812cbd210594a3c020e7174fd2a1c"><code>42a9b2f</code></a>
Fix README.md updating part of update_version.sh</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/78f738d7b06d9f4b39c055c396ebd76538f8c712"><code>78f738d</code></a>
Add instructions on how to publish via Twine</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/e59132d679481e9bdf7be1e3279793642470d2b9"><code>e59132d</code></a>
Upgrade Sphynx 4.3 -&gt; 5.0.2</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/ce5a32f3fdbcb5128800719e2c3d68e6248d3e47"><code>ce5a32f</code></a>
Fix <a
href="https://redirect.github.com/sybrenstuvel/python-rsa/issues/199">#199</a>:
Sphinx warnings reference target not found</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/0e3e54859f85d352e6a71f4069f5481b03d9e4e8"><code>0e3e548</code></a>
Doc: add <code>-n</code> option to Sphinx to show warnings</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/f0e194aaa0639e341a839e117846ca5640b33b39"><code>f0e194a</code></a>
Update CHANGELOG.md</li>
<li>Additional commits viewable in <a
href="https://github.com/sybrenstuvel/python-rsa/compare/version-4.7...version-4.9">compare
view</a></li>
</ul>
</details>
<br />

Updates `urllib3` from 1.26.18 to 2.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
<h2>2.2.0</h2>
<h2>🖥️ urllib3 now works in the browser</h2>
<p>:tada: <strong>This release adds experimental support for <a
href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using
urllib3 in the browser with Pyodide</a>!</strong> 🎉</p>
<p>Thanks to Joe Marshall (<a
href="https://github.com/joemarshall"><code>@​joemarshall</code></a>)
for contributing this feature. This change was possible thanks to work
done in urllib3 v2.0 to detach our API from <code>http.client</code>.
Please report all bugs to the <a
href="https://github.com/urllib3/urllib3/issues">urllib3 issue
tracker</a>.</p>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added support for <a
href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten
and Pyodide</a>, including streaming support in cross-origin isolated
browser environments where threading is enabled. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li>
<li>Added rudimentary support for HTTP/2. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code> to be always set to a
boolean after connecting to a proxy. It could be <code>None</code> in
some cases previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting from a HTTPS proxy to an HTTP target.
It was set to <code>True</code> previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li>
</ul>
<p>Note for downstream distributors: To run integration tests, you now
need to run the tests a second time with the <code>--integration</code>
pytest flag. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p>
<h2>2.1.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h2>Removals</h2>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li>
<li>Removed support for the end-of-life Python 3.7. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[SatcherInstitute#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[SatcherInstitute#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>InvalidChunkLength</code> to
<code>ProtocolError</code> when response terminates before the chunk
length is sent.
(<code>[SatcherInstitute#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[SatcherInstitute#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
<h1>2.2.0 (2024-01-30)</h1>
<ul>
<li>Added support for <code>Emscripten and Pyodide
&lt;https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html&gt;</code><strong>,
including streaming support in cross-origin isolated browser
environments where threading is enabled.
(<code>[SatcherInstitute#2951](urllib3/urllib3#2951)
&lt;https://github.com/urllib3/urllib3/issues/2951&gt;</code></strong>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method.
(<code>[SatcherInstitute#3186](urllib3/urllib3#3186)
&lt;https://github.com/urllib3/urllib3/issues/3186&gt;</code>__)</li>
<li>Added rudimentary support for HTTP/2.
(<code>[SatcherInstitute#3284](urllib3/urllib3#3284)
&lt;https://github.com/urllib3/urllib3/issues/3284&gt;</code>__)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy.
(<code>[SatcherInstitute#2244](urllib3/urllib3#2244)
&lt;https://github.com/urllib3/urllib3/issues/2244&gt;</code>__)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code>
to be always set to a boolean after connecting to a proxy. It could be
<code>None</code> in some cases previously.
(<code>[SatcherInstitute#3130](urllib3/urllib3#3130)
&lt;https://github.com/urllib3/urllib3/issues/3130&gt;</code>__)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated
(<code>[SatcherInstitute#3203](urllib3/urllib3#3203)
&lt;https://github.com/urllib3/urllib3/issues/3203&gt;</code>__)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting
from a HTTPS proxy to an HTTP target. It was set to <code>True</code>
previously.
(<code>[SatcherInstitute#3267](urllib3/urllib3#3267)
&lt;https://github.com/urllib3/urllib3/issues/3267&gt;</code>__)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS
(<code>[SatcherInstitute#3268](urllib3/urllib3#3268)
&lt;https://github.com/urllib3/urllib3/issues/3268&gt;</code>__)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
(<code>[SatcherInstitute#3325](urllib3/urllib3#3325)
&lt;https://github.com/urllib3/urllib3/issues/3325&gt;</code>__)</li>
<li>Note for downstream distributors: To run integration tests, you now
need to run the tests a second
time with the <code>--integration</code> pytest flag.
(<code>[SatcherInstitute#3181](urllib3/urllib3#3181)
&lt;https://github.com/urllib3/urllib3/issues/3181&gt;</code>__)</li>
</ul>
<h1>2.1.0 (2023-11-13)</h1>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra.
(<code>[SatcherInstitute#2680](urllib3/urllib3#2680)
&lt;https://github.com/urllib3/urllib3/issues/2680&gt;</code>__)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation.
(<code>[SatcherInstitute#2681](urllib3/urllib3#2681)
&lt;https://github.com/urllib3/urllib3/issues/2681&gt;</code>__)</li>
<li>Removed support for the end-of-life Python 3.7.
(<code>[SatcherInstitute#3143](urllib3/urllib3#3143)
&lt;https://github.com/urllib3/urllib3/issues/3143&gt;</code>__)</li>
<li>Allowed loading CA certificates from memory for proxies.
(<code>[SatcherInstitute#3065](urllib3/urllib3#3065)
&lt;https://github.com/urllib3/urllib3/issues/3065&gt;</code>__)</li>
<li>Fixed decoding Gzip-encoded responses which specified
<code>x-gzip</code> content-encoding.
(<code>[SatcherInstitute#3174](urllib3/urllib3#3174)
&lt;https://github.com/urllib3/urllib3/issues/3174&gt;</code>__)</li>
</ul>
<h1>2.0.7 (2023-10-17)</h1>
<ul>
<li>Made body stripped from HTTP requests changing the request method to
GET after HTTP 303 &quot;See Other&quot; redirect responses.</li>
</ul>
<h1>2.0.6 (2023-10-02)</h1>
<ul>
<li>Added the <code>Cookie</code> header to the list of headers to strip
from requests when redirecting to a different host. As before, different
headers can be set via
<code>Retry.remove_headers_on_redirect</code>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.18...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/SatcherInstitute/health-equity-tracker/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file Python
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant