pkgsrc.se | The NetBSD package collection

./devel/py-requests, HTTP library, written in Python, for human beings

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.31.0, Package name: py310-requests-2.31.0, Maintainer: imil

Requests takes all of the work out of Python HTTP/1.1 - making your
integration with web services seamless. There's no need to manually add query
strings to your URLs, or to form-encode your POST data. Keep-alive and HTTP
connection pooling are 100% automatic, powered by urllib3, which is embedded
within Requests.

Required to run:
[security/py-OpenSSL] [devel/py-setuptools] [converters/py-chardet] [security/py-cryptography] [www/py-urllib3] [www/py-idna] [security/py-certifi] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

https://files.pythonhosted.org/packages/source/r/requests/ (Download)

Filesize: 108.197 KB

Version history: (Expand)

(2023-05-26) Updated to version: py310-requests-2.31.0
(2023-05-05) Updated to version: py310-requests-2.30.0
(2023-04-30) Updated to version: py310-requests-2.29.0
(2023-01-13) Updated to version: py310-requests-2.28.2
(2022-07-11) Updated to version: py310-requests-2.28.1
(2022-07-03) Updated to version: py310-requests-2.27.1

CVS history: (Expand)

2023-05-26 21:42:57 by Adam Ciarcinski | Files touched by this commit (3) | Package updated

Log message:
py-requests: updated to 2.31.0

2.31.0 (2023-05-22)
-------------------

**Security**
- Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
  forwarding of `Proxy-Authorization` headers to destination servers when
  following HTTPS redirects.

  When proxies are defined with user info (https://user:pass@proxy:8080), Requests
  will construct a `Proxy-Authorization` header that is attached to the request to
  authenticate with the proxy.

  In cases where Requests receives a redirect response, it previously reattached
  the `Proxy-Authorization` header incorrectly, resulting in the value being
  sent through the tunneled connection to the destination server. Users who rely on
  defining their proxy credentials in the URL are *strongly* encouraged to upgrade
  to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
  credentials once the change has been fully deployed.

  Users who do not use a proxy or do not supply their proxy credentials through
  the user information portion of their proxy URL are not subject to this
  vulnerability.

  Full details can be read in our [Github Security \ 
Advisory](https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q)
  and [CVE-2023-32681](https://nvd.nist.gov/vuln/detail/CVE-2023-32681).

2023-05-05 20:25:02 by Adam Ciarcinski | Files touched by this commit (2) | Package updated

Log message:
py-requests: updated to 2.30.0

2.30.0 (2023-05-03)
-------------------

**Dependencies**
- ⚠️ Added support for urllib3 2.0. ⚠️

  This may contain minor breaking changes so we advise careful testing and
  reviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html
  prior to upgrading.

  Users who wish to stay on urllib3 1.x can pin to `urllib3<2`.

2023-04-30 20:02:03 by Thomas Klausner | Files touched by this commit (2) | Package updated

Log message:
py-requests: update to 2.29.0.

2.29.0 (2023-04-26)
-------------------

**Improvements**

- Requests now defers chunked requests to the urllib3 implementation to improve
  standardization. (#6226)
- Requests relaxes header component requirements to support bytes/str \ 
subclasses. (#6356)

2023-01-13 10:01:02 by Adam Ciarcinski | Files touched by this commit (3) | Package updated

Log message:
py-requests: updated to 2.28.2

2.28.2 (2023-01-12)
-------------------

**Dependencies**

- Requests now supports charset\_normalizer 3.x.

**Bugfixes**

- Updated MissingSchema exception to suggest https scheme rather than http.

2022-11-28 20:07:30 by Nia Alarie | Files touched by this commit (3)

Log message:
Convert several packages to using versioned_depends for py-cryptography.

Somehow this has been hanging around in my tree for months.

2022-11-25 11:46:37 by Adam Ciarcinski | Files touched by this commit (2)

Log message:
py-requests: allow newer charset_normalizer

2022-11-21 00:19:20 by Adam Ciarcinski | Files touched by this commit (1)

Log message:
py-requests: add py-chardet as a dependency to fix a problem with \ 
charset-normalizer>=3 not being supported

2022-07-10 22:09:56 by Thomas Klausner | Files touched by this commit (4) | Package updated

Log message:
py-requests: update to 2.28.1.

Fixes PR 56915.

2.28.1 (2022-06-29)
-------------------

**Improvements**

- Speed optimization in `iter_content` with transition to `yield from`. (#6170)

**Dependencies**

- Added support for chardet 5.0.0 (#6179)
- Added support for charset-normalizer 2.1.0 (#6169)

2.28.0 (2022-06-09)
-------------------

**Deprecations**

- ⚠️ Requests has officially dropped support for Python 2.7. ⚠️ (#6091)
- Requests has officially dropped support for Python 3.6 (including pypy3.6). (#6091)

**Improvements**

- Wrap JSON parsing issues in Request's JSONDecodeError for payloads without
  an encoding to make `json()` API consistent. (#6097)
- Parse header components consistently, raising an InvalidHeader error in
  all invalid cases. (#6154)
- Added provisional 3.11 support with current beta build. (#6155)
- Requests got a makeover and we decided to paint it black. (#6095)

**Bugfixes**

- Fixed bug where setting `CURL_CA_BUNDLE` to an empty string would disable
  cert verification. All Requests 2.x versions before 2.28.0 are affected. (#6074)
- Fixed urllib3 exception leak, wrapping `urllib3.exceptions.SSLError` with
  `requests.exceptions.SSLError` for `content` and `iter_content`. (#6057)
- Fixed issue where invalid Windows registry entires caused proxy resolution
  to raise an exception rather than ignoring the entry. (#6149)
- Fixed issue where entire payload could be included in the error message for
  JSONDecodeError. (#6036)