Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop support for SSLv2 and SSLv3 in SecureTransport and PyOpenSSL #2233

Closed
sethmlarson opened this issue May 19, 2021 · 6 comments · Fixed by #2563
Closed

Drop support for SSLv2 and SSLv3 in SecureTransport and PyOpenSSL #2233

sethmlarson opened this issue May 19, 2021 · 6 comments · Fixed by #2563
Labels
Contributor Friendly ♥ TLS
Milestone
v2.0

Comments

@sethmlarson
Copy link
Member

sethmlarson commented May 19, 2021
edited

Python has deprecated the PROTOCOL_SSLv2 and PROTOCOL_SSLv3 constants since Python 3.6 and the protocols aren't available in modern OpenSSL. We should not support setting these on our third-party SSLContext implementations.

For completion the following is required:

  • It should not be possible to enable SSLv2 or SSLv3 in pyOpenSSL (contrib/pyopenssl) or SecureTransport (contrib/securetransport, contrib/_securetransport)
  • Add test cases attempting to set SSLv2 and SSLv3 and ensure that the configuration isn't valid. Should test setting via ssl_version, ssl_minimum_version, and ssl_maximum_version.
    • Because the values mentioned above will be removed in future Python versions we should store their old values within the test suite.
@sethmlarson sethmlarson added this to the v2.0 milestone May 19, 2021
@tiran
Copy link
Contributor

tiran commented May 19, 2021

I recommend to drop TLS 1.0 and 1.1 as well. Python 3.10 no longer claims that TLS 1.0 and 1.1 work. Most vendors and Linux distros have disabled TLS 1.0 and 1.1 as well. On some distros it is possible to detect this and re-enable TLS 1.0 and 1.1 with ctx.minimum_version = ssl.TLSVersion.TLSv1. On other distros it's more complicated / not possible.

Ubuntu's OpenSSL patches make this rather ... awkward.

@sethmlarson
Copy link
Member Author

@tiran Thanks, this is good info. What we're planning now is to make TLS 1.2+ the default as we've been issuing deprecation warnings about default TLS configs returning anything below TLS 1.2 in v1.26. If Python/OpenSSL drops support its all good, this issue is more about making it impossible to use SSLv2 and 3.

@sethmlarson sethmlarson mentioned this issue Jun 10, 2021
Merged
@KOLANICH
Copy link

TLS 1.1 and 1.2 are not broken yet.

@tiran
Copy link
Contributor

tiran commented Jun 23, 2021

TLS 1.1 has known weaknesses, e.g. it depends on SHA-1 during handshake. See RFC 8996.

@KOLANICH
Copy link

Thanks for the info.

@justlund
Copy link

I will take a look at this issue!

@sethmlarson sethmlarson mentioned this issue Feb 12, 2022
Merged
@sethmlarson sethmlarson mentioned this issue Feb 13, 2022
Closed
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this issue May 5, 2023
py-urllib3: update to 2.0.0.
18f2e1f 
2.0.0 (2023-04-26)
==================

Read the `v2.0 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html>`__ for help upgrading to the latest version of urllib3.

Removed
-------

* Removed support for Python 2.7, 3.5, and 3.6 (`#883 <https://github.com/urllib3/urllib3/issues/883>`__, `#2336 <https://github.com/urllib3/urllib3/issues/2336>`__).
* Removed fallback on certificate ``commonName`` in ``match_hostname()`` function.
  This behavior was deprecated in May 2000 in RFC 2818. Instead only ``subjectAltName``
  is used to verify the hostname by default. To enable verifying the hostname against
  ``commonName`` use ``SSLContext.hostname_checks_common_name = True`` (`#2113 <https://github.com/urllib3/urllib3/issues/2113>`__).
* Removed support for Python with an ``ssl`` module compiled with LibreSSL, CiscoSSL,
  wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 (`#2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support.
  When an incompatible OpenSSL version is detected an ``ImportError`` is raised (`#2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed the list of default ciphers for OpenSSL 1.1.1+ and SecureTransport as their own defaults are already secure (`#2082 <https://github.com/urllib3/urllib3/issues/2082>`__).
* Removed ``urllib3.contrib.appengine.AppEngineManager`` and support for Google App Engine Standard Environment (`#2044 <https://github.com/urllib3/urllib3/issues/2044>`__).
* Removed deprecated ``Retry`` options ``method_whitelist``, ``DEFAULT_REDIRECT_HEADERS_BLACKLIST`` (`#2086 <https://github.com/urllib3/urllib3/issues/2086>`__).
* Removed ``urllib3.HTTPResponse.from_httplib`` (`#2648 <https://github.com/urllib3/urllib3/issues/2648>`__).
* Removed default value of ``None`` for the ``request_context`` parameter of ``urllib3.PoolManager.connection_from_pool_key``. This change should have no effect on users as the default value of ``None`` was an invalid option and was never used (`#1897 <https://github.com/urllib3/urllib3/issues/1897>`__).
* Removed the ``urllib3.request`` module. ``urllib3.request.RequestMethods`` has been made a private API.
  This change was made to ensure that ``from urllib3 import request`` imported the top-level ``request()``
  function instead of the ``urllib3.request`` module (`#2269 <https://github.com/urllib3/urllib3/issues/2269>`__).
* Removed support for SSLv3.0 from the ``urllib3.contrib.pyopenssl`` even when support is available from the compiled OpenSSL library (`#2233 <https://github.com/urllib3/urllib3/issues/2233>`__).
* Removed the deprecated ``urllib3.contrib.ntlmpool`` module (`#2339 <https://github.com/urllib3/urllib3/issues/2339>`__).
* Removed ``DEFAULT_CIPHERS``, ``HAS_SNI``, ``USE_DEFAULT_SSLCONTEXT_CIPHERS``, from the private module ``urllib3.util.ssl_`` (`#2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed ``urllib3.exceptions.SNIMissingWarning`` (`#2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed the ``_prepare_conn`` method from ``HTTPConnectionPool``. Previously this was only used to call ``HTTPSConnection.set_cert()`` by ``HTTPSConnectionPool`` (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Removed ``tls_in_tls_required`` property from ``HTTPSConnection``. This is now determined from the ``scheme`` parameter in ``HTTPConnection.set_tunnel()`` (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).

Deprecated
----------

* Deprecated ``HTTPResponse.getheaders()`` and ``HTTPResponse.getheader()`` which will be removed in urllib3 v2.1.0. Instead use ``HTTPResponse.headers`` and ``HTTPResponse.headers.get(name, default)``. (`#1543 <https://github.com/urllib3/urllib3/issues/1543>`__, `#2814 <https://github.com/urllib3/urllib3/issues/2814>`__).
* Deprecated ``urllib3.contrib.pyopenssl`` module which will be removed in urllib3 v2.1.0 (`#2691 <https://github.com/urllib3/urllib3/issues/2691>`__).
* Deprecated ``urllib3.contrib.securetransport`` module which will be removed in urllib3 v2.1.0 (`#2692 <https://github.com/urllib3/urllib3/issues/2692>`__).
* Deprecated ``ssl_version`` option in favor of ``ssl_minimum_version``. ``ssl_version`` will be removed in urllib3 v2.1.0 (`#2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Deprecated the ``strict`` parameter as it's not longer needed in Python 3.x. It will be removed in urllib3 v2.1.0 (`#2267 <https://github.com/urllib3/urllib3/issues/2267>`__)
* Deprecated the ``NewConnectionError.pool`` attribute which will be removed in urllib3 v2.1.0 (`#2271 <https://github.com/urllib3/urllib3/issues/2271>`__).
* Deprecated ``format_header_param_html5`` and ``format_header_param`` in favor of ``format_multipart_header_param`` (`#2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Deprecated ``RequestField.header_formatter`` parameter which will be removed in urllib3 v2.1.0 (`#2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Deprecated ``HTTPSConnection.set_cert()`` method. Instead pass parameters to the ``HTTPSConnection`` constructor (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Deprecated ``HTTPConnection.request_chunked()`` method which will be removed in urllib3 v2.1.0. Instead pass ``chunked=True`` to ``HTTPConnection.request()`` (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).

Added
-----

* Added top-level ``urllib3.request`` function which uses a preconfigured module-global ``PoolManager`` instance (`#2150 <https://github.com/urllib3/urllib3/issues/2150>`__).
* Added the ``json`` parameter to ``urllib3.request()``, ``PoolManager.request()``, and ``ConnectionPool.request()`` methods to send JSON bodies in requests. Using this parameter will set the header ``Content-Type: application/json`` if ``Content-Type`` isn't already defined.
  Added support for parsing JSON response bodies with ``HTTPResponse.json()`` method (`#2243 <https://github.com/urllib3/urllib3/issues/2243>`__).
* Added type hints to the ``urllib3`` module (`#1897 <https://github.com/urllib3/urllib3/issues/1897>`__).
* Added ``ssl_minimum_version`` and ``ssl_maximum_version`` options which set
  ``SSLContext.minimum_version`` and ``SSLContext.maximum_version`` (`#2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Added support for Zstandard (RFC 8878) when ``zstandard`` 1.18.0 or later is installed.
  Added the ``zstd`` extra which installs the ``zstandard`` package (`#1992 <https://github.com/urllib3/urllib3/issues/1992>`__).
* Added ``urllib3.response.BaseHTTPResponse`` class. All future response classes will be subclasses of ``BaseHTTPResponse`` (`#2083 <https://github.com/urllib3/urllib3/issues/2083>`__).
* Added ``FullPoolError`` which is raised when ``PoolManager(block=True)`` and a connection is returned to a full pool (`#2197 <https://github.com/urllib3/urllib3/issues/2197>`__).
* Added ``HTTPHeaderDict`` to the top-level ``urllib3`` namespace (`#2216 <https://github.com/urllib3/urllib3/issues/2216>`__).
* Added support for configuring header merging behavior with HTTPHeaderDict
  When using a ``HTTPHeaderDict`` to provide headers for a request, by default duplicate
  header values will be repeated. But if ``combine=True`` is passed into a call to
  ``HTTPHeaderDict.add``, then the added header value will be merged in with an existing
  value into a comma-separated list (``X-My-Header: foo, bar``) (`#2242 <https://github.com/urllib3/urllib3/issues/2242>`__).
* Added ``NameResolutionError`` exception when a DNS error occurs (`#2305 <https://github.com/urllib3/urllib3/issues/2305>`__).
* Added ``proxy_assert_hostname`` and ``proxy_assert_fingerprint`` kwargs to ``ProxyManager`` (`#2409 <https://github.com/urllib3/urllib3/issues/2409>`__).
* Added a configurable ``backoff_max`` parameter to the ``Retry`` class.
  If a custom ``backoff_max`` is provided to the ``Retry`` class, it
  will replace the ``Retry.DEFAULT_BACKOFF_MAX`` (`#2494 <https://github.com/urllib3/urllib3/issues/2494>`__).
* Added the ``authority`` property to the Url class as per RFC 3986 3.2. This property should be used in place of ``netloc`` for users who want to include the userinfo (auth) component of the URI (`#2520 <https://github.com/urllib3/urllib3/issues/2520>`__).
* Added the ``scheme`` parameter to ``HTTPConnection.set_tunnel`` to configure the scheme of the origin being tunnelled to (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Added the ``is_closed``, ``is_connected`` and ``has_connected_to_proxy`` properties to ``HTTPConnection`` (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Added optional ``backoff_jitter`` parameter to ``Retry``. (`#2952 <https://github.com/urllib3/urllib3/issues/2952>`__)

Changed
-------

* Changed ``urllib3.response.HTTPResponse.read`` to respect the semantics of ``io.BufferedIOBase`` regardless of compression. Specifically, this method:

  * Only returns an empty bytes object to indicate EOF (that is, the response has been fully consumed).
  * Never returns more bytes than requested.
  * Can issue any number of system calls: zero, one or multiple.

  If you want each ``urllib3.response.HTTPResponse.read`` call to issue a single system call, you need to disable decompression by setting ``decode_content=False`` (`#2128 <https://github.com/urllib3/urllib3/issues/2128>`__).
* Changed ``urllib3.HTTPConnection.getresponse`` to return an instance of ``urllib3.HTTPResponse`` instead of ``http.client.HTTPResponse`` (`#2648 <https://github.com/urllib3/urllib3/issues/2648>`__).
* Changed ``ssl_version`` to instead set the corresponding ``SSLContext.minimum_version``
  and ``SSLContext.maximum_version`` values.  Regardless of ``ssl_version`` passed
  ``SSLContext`` objects are now constructed using ``ssl.PROTOCOL_TLS_CLIENT`` (`#2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Changed default ``SSLContext.minimum_version`` to be ``TLSVersion.TLSv1_2`` in line with Python 3.10 (`#2373 <https://github.com/urllib3/urllib3/issues/2373>`__).
* Changed ``ProxyError`` to wrap any connection error (timeout, TLS, DNS) that occurs when connecting to the proxy (`#2482 <https://github.com/urllib3/urllib3/pull/2482>`__).
* Changed ``urllib3.util.create_urllib3_context`` to not override the system cipher suites with
  a default value. The new default will be cipher suites configured by the operating system (`#2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Changed ``multipart/form-data`` header parameter formatting matches the WHATWG HTML Standard as of 2021-06-10. Control characters in filenames are no longer percent encoded (`#2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Changed the error raised when connecting via HTTPS when the ``ssl`` module isn't available from ``SSLError`` to ``ImportError`` (`#2589 <https://github.com/urllib3/urllib3/issues/2589>`__).
* Changed ``HTTPConnection.request()`` to always use lowercase chunk boundaries when sending requests with ``Transfer-Encoding: chunked`` (`#2515 <https://github.com/urllib3/urllib3/issues/2515>`__).
* Changed ``enforce_content_length`` default to True, preventing silent data loss when reading streamed responses (`#2514 <https://github.com/urllib3/urllib3/issues/2514>`__).
* Changed internal implementation of ``HTTPHeaderDict`` to use ``dict`` instead of ``collections.OrderedDict`` for better performance (`#2080 <https://github.com/urllib3/urllib3/issues/2080>`__).
* Changed the ``urllib3.contrib.pyopenssl`` module to wrap ``OpenSSL.SSL.Error`` with ``ssl.SSLError`` in ``PyOpenSSLContext.load_cert_chain`` (`#2628 <https://github.com/urllib3/urllib3/issues/2628>`__).
* Changed usage of the deprecated ``socket.error`` to ``OSError`` (`#2120 <https://github.com/urllib3/urllib3/issues/2120>`__).
* Changed all parameters in the ``HTTPConnection`` and ``HTTPSConnection`` constructors to be keyword-only except ``host`` and ``port`` (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed ``HTTPConnection.getresponse()`` to set the socket timeout from ``HTTPConnection.timeout`` value before reading
  data from the socket. This previously was done manually by the ``HTTPConnectionPool`` calling ``HTTPConnection.sock.settimeout(...)`` (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed the ``_proxy_host`` property to ``_tunnel_host`` in ``HTTPConnectionPool`` to more closely match how the property is used (value in ``HTTPConnection.set_tunnel()``) (`#1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed name of ``Retry.BACK0FF_MAX`` to be ``Retry.DEFAULT_BACKOFF_MAX``.
* Changed TLS handshakes to use ``SSLContext.check_hostname`` when possible (`#2452 <https://github.com/urllib3/urllib3/pull/2452>`__).
* Changed ``server_hostname`` to behave like other parameters only used by ``HTTPSConnectionPool`` (`#2537 <https://github.com/urllib3/urllib3/pull/2537>`__).
* Changed the default ``blocksize`` to 16KB to match OpenSSL's default read amounts (`#2348 <https://github.com/urllib3/urllib3/pull/2348>`__).
* Changed ``HTTPResponse.read()`` to raise an error when calling with ``decode_content=False`` after using ``decode_content=True`` to prevent data loss (`#2800 <https://github.com/urllib3/urllib3/issues/2800>`__).

Fixed
-----

* Fixed thread-safety issue where accessing a ``PoolManager`` with many distinct origins would cause connection pools to be closed while requests are in progress (`#1252 <https://github.com/urllib3/urllib3/issues/1252>`__).
* Fixed an issue where an ``HTTPConnection`` instance would erroneously reuse the socket read timeout value from reading the previous response instead of a newly configured connect timeout.
  Instead now if ``HTTPConnection.timeout`` is updated before sending the next request the new timeout value will be used (`#2645 <https://github.com/urllib3/urllib3/issues/2645>`__).
* Fixed ``socket.error.errno`` when raised from pyOpenSSL's ``OpenSSL.SSL.SysCallError`` (`#2118 <https://github.com/urllib3/urllib3/issues/2118>`__).
* Fixed the default value of ``HTTPSConnection.socket_options`` to match ``HTTPConnection`` (`#2213 <https://github.com/urllib3/urllib3/issues/2213>`__).
* Fixed a bug where ``headers`` would be modified by the ``remove_headers_on_redirect`` feature (`#2272 <https://github.com/urllib3/urllib3/issues/2272>`__).
* Fixed a reference cycle bug in ``urllib3.util.connection.create_connection()`` (`#2277 <https://github.com/urllib3/urllib3/issues/2277>`__).
* Fixed a socket leak if ``HTTPConnection.connect()`` fails (`#2571 <https://github.com/urllib3/urllib3/pull/2571>`__).
* Fixed ``urllib3.contrib.pyopenssl.WrappedSocket`` and ``urllib3.contrib.securetransport.WrappedSocket`` close methods (`#2970 <https://github.com/urllib3/urllib3/issues/2970>`__)
VadVergasov pushed a commit to VadVergasov/MailRedirector that referenced this issue May 5, 2023
@dependabot
Bump urllib3 from 1.26.15 to 2.0.2 (#197)
3e2b213 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.15 to
2.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.0.2</h2>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data was still available to be read even if the
underlying socket is closed. This prevents a compressed response from
being truncated. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3009">urllib3/urllib3#3009</a>)</li>
</ul>
<h2>2.0.1</h2>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2991">#2991</a>)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
</ul>
<h2>2.0.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2.0
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h1>Removed</h1>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/883">#883</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2336">#2336</a>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function. This behavior was deprecated in
May 2000 in RFC 2818. Instead only <code>subjectAltName</code> is used
to verify the hostname by default. To enable verifying the hostname
against <code>commonName</code> use
<code>SSLContext.hostname_checks_common_name = True</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2113">#2113</a>).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
Python is moving to require OpenSSL with PEP 644 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support. When an incompatible OpenSSL version is detected
an <code>ImportError</code> is raised (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2082">#2082</a>).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2044">#2044</a>).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2086">#2086</a>).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2648">#2648</a>).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code> function
instead of the <code>urllib3.request</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2269">#2269</a>).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2233">#2233</a>).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2339">#2339</a>).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Deprecated</h1>
<ul>
<li>Deprecated <code>HTTPResponse.getheaders()</code> and
<code>HTTPResponse.getheader()</code> which will be removed in urllib3
v2.1.0. Instead use <code>HTTPResponse.headers</code> and
<code>HTTPResponse.headers.get(name, default)</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1543">#1543</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2814">#2814</a>).</li>
<li>Deprecated <code>urllib3.contrib.pyopenssl</code> module which will
be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2691">#2691</a>).</li>
<li>Deprecated <code>urllib3.contrib.securetransport</code> module which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2692">#2692</a>).</li>
<li>Deprecated <code>ssl_version</code> option in favor of
<code>ssl_minimum_version</code>. <code>ssl_version</code> will be
removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Deprecated the <code>strict</code> parameter as it's not longer
needed in Python 3.x. It will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2267">#2267</a>)</li>
<li>Deprecated the <code>NewConnectionError.pool</code> attribute which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2271">#2271</a>).</li>
<li>Deprecated <code>format_header_param_html5</code> and
<code>format_header_param</code> in favor of
<code>format_multipart_header_param</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>RequestField.header_formatter</code> parameter
which will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>HTTPSConnection.set_cert()</code> method. Instead
pass parameters to the <code>HTTPSConnection</code> constructor (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Deprecated <code>HTTPConnection.request_chunked()</code> method
which will be removed in urllib3 v2.1.0. Instead pass
<code>chunked=True</code> to <code>HTTPConnection.request()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Added</h1>
<ul>
<li>Added top-level <code>urllib3.request</code> function which uses a
preconfigured module-global <code>PoolManager</code> instance (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2150">#2150</a>).</li>
<li>Added the <code>json</code> parameter to
<code>urllib3.request()</code>, <code>PoolManager.request()</code>, and
<code>ConnectionPool.request()</code> methods to send JSON bodies in
requests. Using this parameter will set the header <code>Content-Type:
application/json</code> if <code>Content-Type</code> isn't already
defined. Added support for parsing JSON response bodies with
<code>HTTPResponse.json()</code> method (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2243">#2243</a>).</li>
<li>Added type hints to the <code>urllib3</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Added <code>ssl_minimum_version</code> and
<code>ssl_maximum_version</code> options which set
<code>SSLContext.minimum_version</code> and
<code>SSLContext.maximum_version</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Added support for Zstandard (RFC 8878) when <code>zstandard</code>
1.18.0 or later is installed. Added the <code>zstd</code> extra which
installs the <code>zstandard</code> package (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1992">#1992</a>).</li>
<li>Added <code>urllib3.response.BaseHTTPResponse</code> class. All
future response classes will be subclasses of
<code>BaseHTTPResponse</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2083">#2083</a>).</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.0.2 (2023-05-03)</h1>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data
was still available to be read even if the underlying socket is closed.
This prevents
a compressed response from being truncated.
(<code>[#3009](urllib3/urllib3#3009)
&lt;https://github.com/urllib3/urllib3/issues/3009&gt;</code>__)</li>
</ul>
<h1>2.0.1 (2023-04-30)</h1>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<code>[#2991](urllib3/urllib3#2991)
&lt;https://github.com/urllib3/urllib3/issues/2991&gt;</code>__)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty.
(<code>[#2998](urllib3/urllib3#2998)
&lt;https://github.com/urllib3/urllib3/issues/2998&gt;</code>__)</li>
</ul>
<h1>2.0.0 (2023-04-26)</h1>
<p>Read the <code>v2.0 migration guide
&lt;https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html&gt;</code>__
for help upgrading to the latest version of urllib3.</p>
<h2>Removed</h2>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6
(<code>[#883](urllib3/urllib3#883)
&lt;https://github.com/urllib3/urllib3/issues/883&gt;</code><strong>,
<code>[#2336](urllib3/urllib3#2336)
&lt;https://github.com/urllib3/urllib3/issues/2336&gt;</code></strong>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only
<code>subjectAltName</code>
is used to verify the hostname by default. To enable verifying the
hostname against
<code>commonName</code> use <code>SSLContext.hostname_checks_common_name
= True</code>
(<code>[#2113](urllib3/urllib3#2113)
&lt;https://github.com/urllib3/urllib3/issues/2113&gt;</code>__).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require
OpenSSL with PEP 644
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support.
When an incompatible OpenSSL version is detected an
<code>ImportError</code> is raised
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure
(<code>[#2082](urllib3/urllib3#2082)
&lt;https://github.com/urllib3/urllib3/issues/2082&gt;</code>__).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment
(<code>[#2044](urllib3/urllib3#2044)
&lt;https://github.com/urllib3/urllib3/issues/2044&gt;</code>__).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code>
(<code>[#2086](urllib3/urllib3#2086)
&lt;https://github.com/urllib3/urllib3/issues/2086&gt;</code>__).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code>
(<code>[#2648](urllib3/urllib3#2648)
&lt;https://github.com/urllib3/urllib3/issues/2648&gt;</code>__).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used
(<code>[#1897](urllib3/urllib3#1897)
&lt;https://github.com/urllib3/urllib3/issues/1897&gt;</code>__).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code>
function instead of the <code>urllib3.request</code> module
(<code>[#2269](urllib3/urllib3#2269)
&lt;https://github.com/urllib3/urllib3/issues/2269&gt;</code>__).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library
(<code>[#2233](urllib3/urllib3#2233)
&lt;https://github.com/urllib3/urllib3/issues/2233&gt;</code>__).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<code>[#2339](urllib3/urllib3#2339)
&lt;https://github.com/urllib3/urllib3/issues/2339&gt;</code>__).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code>
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code>
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code>
(<code>[#1985](urllib3/urllib3#1985)
&lt;https://github.com/urllib3/urllib3/issues/1985&gt;</code>__).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code>
(<code>[#1985](urllib3/urllib3#1985)
&lt;https://github.com/urllib3/urllib3/issues/1985&gt;</code>__).</li>
<li>Removed the <code>strict</code> parameter/attribute from
<code>HTTPConnection</code>, <code>HTTPSConnection</code>,
<code>HTTPConnectionPool</code>, <code>HTTPSConnectionPool</code>, and
<code>HTTPResponse</code>
(<code>[#2064](urllib3/urllib3#2064)
&lt;https://github.com/urllib3/urllib3/issues/2064&gt;</code>__).</li>
</ul>
<h2>Deprecated</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/b234aaf7ccbcb64012d8b33d21eb8bc9f768935d"><code>b234aaf</code></a>
Release 2.0.2</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/d8dcdd7c236430af15f6ccd47fb3d00c408bb1c0"><code>d8dcdd7</code></a>
Reflect removal of <code>strict</code> in the 2.0.0 changelog</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4714836a667eb4837d005eb89d34fae60b9dc6cc"><code>4714836</code></a>
Continue reading the response stream if there is buffered decompressed
data</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/6351614959b6599fe53312223c972daba75a671f"><code>6351614</code></a>
Show urllib3.request() in README (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3006">#3006</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/08237ad0729f4ec2e0bd093cf08e518025d2001d"><code>08237ad</code></a>
Fix flaky test_ssl_failure_midway_through_conn</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b85e93d619a323b92c2954da852857e0119d71b8"><code>b85e93d</code></a>
Release 2.0.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/09b36c693ca7d9d92d77b434648832d919543dcb"><code>09b36c6</code></a>
Improve assert_fingerprint changelog and tests</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/02ae65a45654bb3ced12b9ad22278c11e214aaf8"><code>02ae65a</code></a>
Fix HTTPResponse.read(0) when underlying buffer is empty (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4fb8da2d4e7b7488b432118efe1007d00c81bb53"><code>4fb8da2</code></a>
Ensure SSLSocket is closed after failure verifying cert hostname or
fingerprint</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/7052b83d543d9554e542ff04688cf473b1fbaa53"><code>7052b83</code></a>
Delete 0002-Stop-relying-on-removed-DEFAULT_CIPHERS.patch (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2996">#2996</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.15...2.0.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.15&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
VadVergasov pushed a commit to VadVergasov/HometaskBot that referenced this issue May 5, 2023
@dependabot
Bump urllib3 from 1.26.15 to 2.0.2 (#376)
3031ce4 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.15 to
2.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.0.2</h2>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data was still available to be read even if the
underlying socket is closed. This prevents a compressed response from
being truncated. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3009">urllib3/urllib3#3009</a>)</li>
</ul>
<h2>2.0.1</h2>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2991">#2991</a>)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
</ul>
<h2>2.0.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2.0
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h1>Removed</h1>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/883">#883</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2336">#2336</a>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function. This behavior was deprecated in
May 2000 in RFC 2818. Instead only <code>subjectAltName</code> is used
to verify the hostname by default. To enable verifying the hostname
against <code>commonName</code> use
<code>SSLContext.hostname_checks_common_name = True</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2113">#2113</a>).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
Python is moving to require OpenSSL with PEP 644 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support. When an incompatible OpenSSL version is detected
an <code>ImportError</code> is raised (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2082">#2082</a>).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2044">#2044</a>).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2086">#2086</a>).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2648">#2648</a>).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code> function
instead of the <code>urllib3.request</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2269">#2269</a>).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2233">#2233</a>).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2339">#2339</a>).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Deprecated</h1>
<ul>
<li>Deprecated <code>HTTPResponse.getheaders()</code> and
<code>HTTPResponse.getheader()</code> which will be removed in urllib3
v2.1.0. Instead use <code>HTTPResponse.headers</code> and
<code>HTTPResponse.headers.get(name, default)</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1543">#1543</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2814">#2814</a>).</li>
<li>Deprecated <code>urllib3.contrib.pyopenssl</code> module which will
be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2691">#2691</a>).</li>
<li>Deprecated <code>urllib3.contrib.securetransport</code> module which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2692">#2692</a>).</li>
<li>Deprecated <code>ssl_version</code> option in favor of
<code>ssl_minimum_version</code>. <code>ssl_version</code> will be
removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Deprecated the <code>strict</code> parameter as it's not longer
needed in Python 3.x. It will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2267">#2267</a>)</li>
<li>Deprecated the <code>NewConnectionError.pool</code> attribute which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2271">#2271</a>).</li>
<li>Deprecated <code>format_header_param_html5</code> and
<code>format_header_param</code> in favor of
<code>format_multipart_header_param</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>RequestField.header_formatter</code> parameter
which will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>HTTPSConnection.set_cert()</code> method. Instead
pass parameters to the <code>HTTPSConnection</code> constructor (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Deprecated <code>HTTPConnection.request_chunked()</code> method
which will be removed in urllib3 v2.1.0. Instead pass
<code>chunked=True</code> to <code>HTTPConnection.request()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Added</h1>
<ul>
<li>Added top-level <code>urllib3.request</code> function which uses a
preconfigured module-global <code>PoolManager</code> instance (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2150">#2150</a>).</li>
<li>Added the <code>json</code> parameter to
<code>urllib3.request()</code>, <code>PoolManager.request()</code>, and
<code>ConnectionPool.request()</code> methods to send JSON bodies in
requests. Using this parameter will set the header <code>Content-Type:
application/json</code> if <code>Content-Type</code> isn't already
defined. Added support for parsing JSON response bodies with
<code>HTTPResponse.json()</code> method (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2243">#2243</a>).</li>
<li>Added type hints to the <code>urllib3</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Added <code>ssl_minimum_version</code> and
<code>ssl_maximum_version</code> options which set
<code>SSLContext.minimum_version</code> and
<code>SSLContext.maximum_version</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Added support for Zstandard (RFC 8878) when <code>zstandard</code>
1.18.0 or later is installed. Added the <code>zstd</code> extra which
installs the <code>zstandard</code> package (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1992">#1992</a>).</li>
<li>Added <code>urllib3.response.BaseHTTPResponse</code> class. All
future response classes will be subclasses of
<code>BaseHTTPResponse</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2083">#2083</a>).</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.0.2 (2023-05-03)</h1>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data
was still available to be read even if the underlying socket is closed.
This prevents
a compressed response from being truncated.
(<code>[#3009](urllib3/urllib3#3009)
&lt;https://github.com/urllib3/urllib3/issues/3009&gt;</code>__)</li>
</ul>
<h1>2.0.1 (2023-04-30)</h1>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<code>[#2991](urllib3/urllib3#2991)
&lt;https://github.com/urllib3/urllib3/issues/2991&gt;</code>__)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty.
(<code>[#2998](urllib3/urllib3#2998)
&lt;https://github.com/urllib3/urllib3/issues/2998&gt;</code>__)</li>
</ul>
<h1>2.0.0 (2023-04-26)</h1>
<p>Read the <code>v2.0 migration guide
&lt;https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html&gt;</code>__
for help upgrading to the latest version of urllib3.</p>
<h2>Removed</h2>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6
(<code>[#883](urllib3/urllib3#883)
&lt;https://github.com/urllib3/urllib3/issues/883&gt;</code><strong>,
<code>[#2336](urllib3/urllib3#2336)
&lt;https://github.com/urllib3/urllib3/issues/2336&gt;</code></strong>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only
<code>subjectAltName</code>
is used to verify the hostname by default. To enable verifying the
hostname against
<code>commonName</code> use <code>SSLContext.hostname_checks_common_name
= True</code>
(<code>[#2113](urllib3/urllib3#2113)
&lt;https://github.com/urllib3/urllib3/issues/2113&gt;</code>__).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require
OpenSSL with PEP 644
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support.
When an incompatible OpenSSL version is detected an
<code>ImportError</code> is raised
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure
(<code>[#2082](urllib3/urllib3#2082)
&lt;https://github.com/urllib3/urllib3/issues/2082&gt;</code>__).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment
(<code>[#2044](urllib3/urllib3#2044)
&lt;https://github.com/urllib3/urllib3/issues/2044&gt;</code>__).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code>
(<code>[#2086](urllib3/urllib3#2086)
&lt;https://github.com/urllib3/urllib3/issues/2086&gt;</code>__).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code>
(<code>[#2648](urllib3/urllib3#2648)
&lt;https://github.com/urllib3/urllib3/issues/2648&gt;</code>__).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used
(<code>[#1897](urllib3/urllib3#1897)
&lt;https://github.com/urllib3/urllib3/issues/1897&gt;</code>__).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code>
function instead of the <code>urllib3.request</code> module
(<code>[#2269](urllib3/urllib3#2269)
&lt;https://github.com/urllib3/urllib3/issues/2269&gt;</code>__).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library
(<code>[#2233](urllib3/urllib3#2233)
&lt;https://github.com/urllib3/urllib3/issues/2233&gt;</code>__).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<code>[#2339](urllib3/urllib3#2339)
&lt;https://github.com/urllib3/urllib3/issues/2339&gt;</code>__).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code>
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code>
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code>
(<code>[#1985](urllib3/urllib3#1985)
&lt;https://github.com/urllib3/urllib3/issues/1985&gt;</code>__).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code>
(<code>[#1985](urllib3/urllib3#1985)
&lt;https://github.com/urllib3/urllib3/issues/1985&gt;</code>__).</li>
<li>Removed the <code>strict</code> parameter/attribute from
<code>HTTPConnection</code>, <code>HTTPSConnection</code>,
<code>HTTPConnectionPool</code>, <code>HTTPSConnectionPool</code>, and
<code>HTTPResponse</code>
(<code>[#2064](urllib3/urllib3#2064)
&lt;https://github.com/urllib3/urllib3/issues/2064&gt;</code>__).</li>
</ul>
<h2>Deprecated</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/b234aaf7ccbcb64012d8b33d21eb8bc9f768935d"><code>b234aaf</code></a>
Release 2.0.2</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/d8dcdd7c236430af15f6ccd47fb3d00c408bb1c0"><code>d8dcdd7</code></a>
Reflect removal of <code>strict</code> in the 2.0.0 changelog</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4714836a667eb4837d005eb89d34fae60b9dc6cc"><code>4714836</code></a>
Continue reading the response stream if there is buffered decompressed
data</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/6351614959b6599fe53312223c972daba75a671f"><code>6351614</code></a>
Show urllib3.request() in README (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3006">#3006</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/08237ad0729f4ec2e0bd093cf08e518025d2001d"><code>08237ad</code></a>
Fix flaky test_ssl_failure_midway_through_conn</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b85e93d619a323b92c2954da852857e0119d71b8"><code>b85e93d</code></a>
Release 2.0.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/09b36c693ca7d9d92d77b434648832d919543dcb"><code>09b36c6</code></a>
Improve assert_fingerprint changelog and tests</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/02ae65a45654bb3ced12b9ad22278c11e214aaf8"><code>02ae65a</code></a>
Fix HTTPResponse.read(0) when underlying buffer is empty (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4fb8da2d4e7b7488b432118efe1007d00c81bb53"><code>4fb8da2</code></a>
Ensure SSLSocket is closed after failure verifying cert hostname or
fingerprint</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/7052b83d543d9554e542ff04688cf473b1fbaa53"><code>7052b83</code></a>
Delete 0002-Stop-relying-on-removed-DEFAULT_CIPHERS.patch (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2996">#2996</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.15...2.0.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.15&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
VadVergasov pushed a commit to VadVergasov/vkparserbot that referenced this issue May 5, 2023
@dependabot
Bump urllib3 from 1.26.15 to 2.0.2 (#320)
87d8656 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.15 to
2.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.0.2</h2>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data was still available to be read even if the
underlying socket is closed. This prevents a compressed response from
being truncated. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3009">urllib3/urllib3#3009</a>)</li>
</ul>
<h2>2.0.1</h2>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2991">#2991</a>)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
</ul>
<h2>2.0.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2.0
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h1>Removed</h1>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/883">#883</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2336">#2336</a>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function. This behavior was deprecated in
May 2000 in RFC 2818. Instead only <code>subjectAltName</code> is used
to verify the hostname by default. To enable verifying the hostname
against <code>commonName</code> use
<code>SSLContext.hostname_checks_common_name = True</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2113">#2113</a>).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
Python is moving to require OpenSSL with PEP 644 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support. When an incompatible OpenSSL version is detected
an <code>ImportError</code> is raised (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2082">#2082</a>).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2044">#2044</a>).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2086">#2086</a>).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2648">#2648</a>).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code> function
instead of the <code>urllib3.request</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2269">#2269</a>).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2233">#2233</a>).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2339">#2339</a>).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Deprecated</h1>
<ul>
<li>Deprecated <code>HTTPResponse.getheaders()</code> and
<code>HTTPResponse.getheader()</code> which will be removed in urllib3
v2.1.0. Instead use <code>HTTPResponse.headers</code> and
<code>HTTPResponse.headers.get(name, default)</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1543">#1543</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2814">#2814</a>).</li>
<li>Deprecated <code>urllib3.contrib.pyopenssl</code> module which will
be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2691">#2691</a>).</li>
<li>Deprecated <code>urllib3.contrib.securetransport</code> module which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2692">#2692</a>).</li>
<li>Deprecated <code>ssl_version</code> option in favor of
<code>ssl_minimum_version</code>. <code>ssl_version</code> will be
removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Deprecated the <code>strict</code> parameter as it's not longer
needed in Python 3.x. It will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2267">#2267</a>)</li>
<li>Deprecated the <code>NewConnectionError.pool</code> attribute which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2271">#2271</a>).</li>
<li>Deprecated <code>format_header_param_html5</code> and
<code>format_header_param</code> in favor of
<code>format_multipart_header_param</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>RequestField.header_formatter</code> parameter
which will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>HTTPSConnection.set_cert()</code> method. Instead
pass parameters to the <code>HTTPSConnection</code> constructor (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Deprecated <code>HTTPConnection.request_chunked()</code> method
which will be removed in urllib3 v2.1.0. Instead pass
<code>chunked=True</code> to <code>HTTPConnection.request()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Added</h1>
<ul>
<li>Added top-level <code>urllib3.request</code> function which uses a
preconfigured module-global <code>PoolManager</code> instance (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2150">#2150</a>).</li>
<li>Added the <code>json</code> parameter to
<code>urllib3.request()</code>, <code>PoolManager.request()</code>, and
<code>ConnectionPool.request()</code> methods to send JSON bodies in
requests. Using this parameter will set the header <code>Content-Type:
application/json</code> if <code>Content-Type</code> isn't already
defined. Added support for parsing JSON response bodies with
<code>HTTPResponse.json()</code> method (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2243">#2243</a>).</li>
<li>Added type hints to the <code>urllib3</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Added <code>ssl_minimum_version</code> and
<code>ssl_maximum_version</code> options which set
<code>SSLContext.minimum_version</code> and
<code>SSLContext.maximum_version</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Added support for Zstandard (RFC 8878) when <code>zstandard</code>
1.18.0 or later is installed. Added the <code>zstd</code> extra which
installs the <code>zstandard</code> package (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1992">#1992</a>).</li>
<li>Added <code>urllib3.response.BaseHTTPResponse</code> class. All
future response classes will be subclasses of
<code>BaseHTTPResponse</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2083">#2083</a>).</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.0.2 (2023-05-03)</h1>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data
was still available to be read even if the underlying socket is closed.
This prevents
a compressed response from being truncated.
(<code>[#3009](urllib3/urllib3#3009)
&lt;https://github.com/urllib3/urllib3/issues/3009&gt;</code>__)</li>
</ul>
<h1>2.0.1 (2023-04-30)</h1>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<code>[#2991](urllib3/urllib3#2991)
&lt;https://github.com/urllib3/urllib3/issues/2991&gt;</code>__)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty.
(<code>[#2998](urllib3/urllib3#2998)
&lt;https://github.com/urllib3/urllib3/issues/2998&gt;</code>__)</li>
</ul>
<h1>2.0.0 (2023-04-26)</h1>
<p>Read the <code>v2.0 migration guide
&lt;https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html&gt;</code>__
for help upgrading to the latest version of urllib3.</p>
<h2>Removed</h2>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6
(<code>[#883](urllib3/urllib3#883)
&lt;https://github.com/urllib3/urllib3/issues/883&gt;</code><strong>,
<code>[#2336](urllib3/urllib3#2336)
&lt;https://github.com/urllib3/urllib3/issues/2336&gt;</code></strong>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only
<code>subjectAltName</code>
is used to verify the hostname by default. To enable verifying the
hostname against
<code>commonName</code> use <code>SSLContext.hostname_checks_common_name
= True</code>
(<code>[#2113](urllib3/urllib3#2113)
&lt;https://github.com/urllib3/urllib3/issues/2113&gt;</code>__).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require
OpenSSL with PEP 644
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support.
When an incompatible OpenSSL version is detected an
<code>ImportError</code> is raised
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure
(<code>[#2082](urllib3/urllib3#2082)
&lt;https://github.com/urllib3/urllib3/issues/2082&gt;</code>__).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment
(<code>[#2044](urllib3/urllib3#2044)
&lt;https://github.com/urllib3/urllib3/issues/2044&gt;</code>__).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code>
(<code>[#2086](urllib3/urllib3#2086)
&lt;https://github.com/urllib3/urllib3/issues/2086&gt;</code>__).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code>
(<code>[#2648](urllib3/urllib3#2648)
&lt;https://github.com/urllib3/urllib3/issues/2648&gt;</code>__).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used
(<code>[#1897](urllib3/urllib3#1897)
&lt;https://github.com/urllib3/urllib3/issues/1897&gt;</code>__).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code>
function instead of the <code>urllib3.request</code> module
(<code>[#2269](urllib3/urllib3#2269)
&lt;https://github.com/urllib3/urllib3/issues/2269&gt;</code>__).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library
(<code>[#2233](urllib3/urllib3#2233)
&lt;https://github.com/urllib3/urllib3/issues/2233&gt;</code>__).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<code>[#2339](urllib3/urllib3#2339)
&lt;https://github.com/urllib3/urllib3/issues/2339&gt;</code>__).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code>
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code>
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code>
(<code>[#1985](urllib3/urllib3#1985)
&lt;https://github.com/urllib3/urllib3/issues/1985&gt;</code>__).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code>
(<code>[#1985](urllib3/urllib3#1985)
&lt;https://github.com/urllib3/urllib3/issues/1985&gt;</code>__).</li>
<li>Removed the <code>strict</code> parameter/attribute from
<code>HTTPConnection</code>, <code>HTTPSConnection</code>,
<code>HTTPConnectionPool</code>, <code>HTTPSConnectionPool</code>, and
<code>HTTPResponse</code>
(<code>[#2064](urllib3/urllib3#2064)
&lt;https://github.com/urllib3/urllib3/issues/2064&gt;</code>__).</li>
</ul>
<h2>Deprecated</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/b234aaf7ccbcb64012d8b33d21eb8bc9f768935d"><code>b234aaf</code></a>
Release 2.0.2</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/d8dcdd7c236430af15f6ccd47fb3d00c408bb1c0"><code>d8dcdd7</code></a>
Reflect removal of <code>strict</code> in the 2.0.0 changelog</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4714836a667eb4837d005eb89d34fae60b9dc6cc"><code>4714836</code></a>
Continue reading the response stream if there is buffered decompressed
data</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/6351614959b6599fe53312223c972daba75a671f"><code>6351614</code></a>
Show urllib3.request() in README (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3006">#3006</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/08237ad0729f4ec2e0bd093cf08e518025d2001d"><code>08237ad</code></a>
Fix flaky test_ssl_failure_midway_through_conn</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b85e93d619a323b92c2954da852857e0119d71b8"><code>b85e93d</code></a>
Release 2.0.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/09b36c693ca7d9d92d77b434648832d919543dcb"><code>09b36c6</code></a>
Improve assert_fingerprint changelog and tests</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/02ae65a45654bb3ced12b9ad22278c11e214aaf8"><code>02ae65a</code></a>
Fix HTTPResponse.read(0) when underlying buffer is empty (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4fb8da2d4e7b7488b432118efe1007d00c81bb53"><code>4fb8da2</code></a>
Ensure SSLSocket is closed after failure verifying cert hostname or
fingerprint</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/7052b83d543d9554e542ff04688cf473b1fbaa53"><code>7052b83</code></a>
Delete 0002-Stop-relying-on-removed-DEFAULT_CIPHERS.patch (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2996">#2996</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.15...2.0.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.15&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Teqed added a commit to Teqed/FediFetcher that referenced this issue Jul 2, 2023
@Teqed
chore(deps): bump urllib3 from 1.26.14 to 2.0.3 (#54)
015285e 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.14 to
2.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.0.3</h2>
<ul>
<li>Allowed alternative SSL libraries such as LibreSSL, while still
issuing a warning as we cannot help users facing issues with
implementations other than OpenSSL. <a
href="https://redirect.github.com/urllib3/urllib3/issues/3020">#3020</a></li>
<li>Deprecated URLs which don't have an explicit scheme <a
href="https://redirect.github.com/urllib3/urllib3/pull/2950">#2950</a></li>
<li>Fixed response decoding with Zstandard when compressed data is made
of several frames. <a
href="https://redirect.github.com/urllib3/urllib3/issues/3008">#3008</a></li>
<li>Fixed <code>assert_hostname=False</code> to correctly skip hostname
check. <a
href="https://redirect.github.com/urllib3/urllib3/issues/3051">#3051</a></li>
</ul>
<h2>2.0.2</h2>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data was still available to be read even if the
underlying socket is closed. This prevents a compressed response from
being truncated. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3009">urllib3/urllib3#3009</a>)</li>
</ul>
<h2>2.0.1</h2>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2991">#2991</a>)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2998">#2998</a>)</li>
</ul>
<h2>2.0.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2.0
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h1>Removed</h1>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/883">#883</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2336">#2336</a>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function. This behavior was deprecated in
May 2000 in RFC 2818. Instead only <code>subjectAltName</code> is used
to verify the hostname by default. To enable verifying the hostname
against <code>commonName</code> use
<code>SSLContext.hostname_checks_common_name = True</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2113">#2113</a>).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
Python is moving to require OpenSSL with PEP 644 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support. When an incompatible OpenSSL version is detected
an <code>ImportError</code> is raised (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2082">#2082</a>).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2044">#2044</a>).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2086">#2086</a>).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2648">#2648</a>).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1897">#1897</a>).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code> function
instead of the <code>urllib3.request</code> module (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2269">#2269</a>).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2233">#2233</a>).</li>
<li>Removed the deprecated <code>urllib3.contrib.ntlmpool</code> module
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/2339">#2339</a>).</li>
<li>Removed <code>DEFAULT_CIPHERS</code>, <code>HAS_SNI</code>,
<code>USE_DEFAULT_SSLCONTEXT_CIPHERS</code>, from the private module
<code>urllib3.util.ssl_</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed <code>urllib3.exceptions.SNIMissingWarning</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2168">#2168</a>).</li>
<li>Removed the <code>_prepare_conn</code> method from
<code>HTTPConnectionPool</code>. Previously this was only used to call
<code>HTTPSConnection.set_cert()</code> by
<code>HTTPSConnectionPool</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Removed <code>tls_in_tls_required</code> property from
<code>HTTPSConnection</code>. This is now determined from the
<code>scheme</code> parameter in
<code>HTTPConnection.set_tunnel()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Deprecated</h1>
<ul>
<li>Deprecated <code>HTTPResponse.getheaders()</code> and
<code>HTTPResponse.getheader()</code> which will be removed in urllib3
v2.1.0. Instead use <code>HTTPResponse.headers</code> and
<code>HTTPResponse.headers.get(name, default)</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1543">#1543</a>,
<a
href="https://redirect.github.com/urllib3/urllib3/issues/2814">#2814</a>).</li>
<li>Deprecated <code>urllib3.contrib.pyopenssl</code> module which will
be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2691">#2691</a>).</li>
<li>Deprecated <code>urllib3.contrib.securetransport</code> module which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2692">#2692</a>).</li>
<li>Deprecated <code>ssl_version</code> option in favor of
<code>ssl_minimum_version</code>. <code>ssl_version</code> will be
removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2110">#2110</a>).</li>
<li>Deprecated the <code>strict</code> parameter as it's not longer
needed in Python 3.x. It will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2267">#2267</a>)</li>
<li>Deprecated the <code>NewConnectionError.pool</code> attribute which
will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2271">#2271</a>).</li>
<li>Deprecated <code>format_header_param_html5</code> and
<code>format_header_param</code> in favor of
<code>format_multipart_header_param</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>RequestField.header_formatter</code> parameter
which will be removed in urllib3 v2.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2257">#2257</a>).</li>
<li>Deprecated <code>HTTPSConnection.set_cert()</code> method. Instead
pass parameters to the <code>HTTPSConnection</code> constructor (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
<li>Deprecated <code>HTTPConnection.request_chunked()</code> method
which will be removed in urllib3 v2.1.0. Instead pass
<code>chunked=True</code> to <code>HTTPConnection.request()</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/1985">#1985</a>).</li>
</ul>
<h1>Added</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.0.3 (2023-06-07)</h1>
<ul>
<li>Allowed alternative SSL libraries such as LibreSSL, while still
issuing a warning as we cannot help users facing issues with
implementations other than OpenSSL.
(<code>[#3020](urllib3/urllib3#3020)
&lt;https://github.com/urllib3/urllib3/issues/3020&gt;</code>__)</li>
<li>Deprecated URLs which don't have an explicit scheme
(<code>[#2950](urllib3/urllib3#2950)
&lt;https://github.com/urllib3/urllib3/pull/2950&gt;</code>_)</li>
<li>Fixed response decoding with Zstandard when compressed data is made
of several frames.
(<code>[#3008](urllib3/urllib3#3008)
&lt;https://github.com/urllib3/urllib3/issues/3008&gt;</code>__)</li>
<li>Fixed <code>assert_hostname=False</code> to correctly skip hostname
check. (<code>[#3051](urllib3/urllib3#3051)
&lt;https://github.com/urllib3/urllib3/issues/3051&gt;</code>__)</li>
</ul>
<h1>2.0.2 (2023-05-03)</h1>
<ul>
<li>Fixed <code>HTTPResponse.stream()</code> to continue yielding bytes
if buffered decompressed data
was still available to be read even if the underlying socket is closed.
This prevents
a compressed response from being truncated.
(<code>[#3009](urllib3/urllib3#3009)
&lt;https://github.com/urllib3/urllib3/issues/3009&gt;</code>__)</li>
</ul>
<h1>2.0.1 (2023-04-30)</h1>
<ul>
<li>Fixed a socket leak when fingerprint or hostname verifications fail.
(<code>[#2991](urllib3/urllib3#2991)
&lt;https://github.com/urllib3/urllib3/issues/2991&gt;</code>__)</li>
<li>Fixed an error when <code>HTTPResponse.read(0)</code> was the first
<code>read</code> call or when the internal response body buffer was
otherwise empty.
(<code>[#2998](urllib3/urllib3#2998)
&lt;https://github.com/urllib3/urllib3/issues/2998&gt;</code>__)</li>
</ul>
<h1>2.0.0 (2023-04-26)</h1>
<p>Read the <code>v2.0 migration guide
&lt;https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html&gt;</code>__
for help upgrading to the latest version of urllib3.</p>
<h2>Removed</h2>
<ul>
<li>Removed support for Python 2.7, 3.5, and 3.6
(<code>[#883](urllib3/urllib3#883)
&lt;https://github.com/urllib3/urllib3/issues/883&gt;</code><strong>,
<code>[#2336](urllib3/urllib3#2336)
&lt;https://github.com/urllib3/urllib3/issues/2336&gt;</code></strong>).</li>
<li>Removed fallback on certificate <code>commonName</code> in
<code>match_hostname()</code> function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only
<code>subjectAltName</code>
is used to verify the hostname by default. To enable verifying the
hostname against
<code>commonName</code> use <code>SSLContext.hostname_checks_common_name
= True</code>
(<code>[#2113](urllib3/urllib3#2113)
&lt;https://github.com/urllib3/urllib3/issues/2113&gt;</code>__).</li>
<li>Removed support for Python with an <code>ssl</code> module compiled
with LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require
OpenSSL with PEP 644
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed support for OpenSSL versions earlier than 1.1.1 or that
don't have SNI support.
When an incompatible OpenSSL version is detected an
<code>ImportError</code> is raised
(<code>[#2168](urllib3/urllib3#2168)
&lt;https://github.com/urllib3/urllib3/issues/2168&gt;</code>__).</li>
<li>Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure
(<code>[#2082](urllib3/urllib3#2082)
&lt;https://github.com/urllib3/urllib3/issues/2082&gt;</code>__).</li>
<li>Removed <code>urllib3.contrib.appengine.AppEngineManager</code> and
support for Google App Engine Standard Environment
(<code>[#2044](urllib3/urllib3#2044)
&lt;https://github.com/urllib3/urllib3/issues/2044&gt;</code>__).</li>
<li>Removed deprecated <code>Retry</code> options
<code>method_whitelist</code>,
<code>DEFAULT_REDIRECT_HEADERS_BLACKLIST</code>
(<code>[#2086](urllib3/urllib3#2086)
&lt;https://github.com/urllib3/urllib3/issues/2086&gt;</code>__).</li>
<li>Removed <code>urllib3.HTTPResponse.from_httplib</code>
(<code>[#2648](urllib3/urllib3#2648)
&lt;https://github.com/urllib3/urllib3/issues/2648&gt;</code>__).</li>
<li>Removed default value of <code>None</code> for the
<code>request_context</code> parameter of
<code>urllib3.PoolManager.connection_from_pool_key</code>. This change
should have no effect on users as the default value of <code>None</code>
was an invalid option and was never used
(<code>[#1897](urllib3/urllib3#1897)
&lt;https://github.com/urllib3/urllib3/issues/1897&gt;</code>__).</li>
<li>Removed the <code>urllib3.request</code> module.
<code>urllib3.request.RequestMethods</code> has been made a private API.
This change was made to ensure that <code>from urllib3 import
request</code> imported the top-level <code>request()</code>
function instead of the <code>urllib3.request</code> module
(<code>[#2269](urllib3/urllib3#2269)
&lt;https://github.com/urllib3/urllib3/issues/2269&gt;</code>__).</li>
<li>Removed support for SSLv3.0 from the
<code>urllib3.contrib.pyopenssl</code> even when support is available
from the compiled OpenSSL library
(<code>[#2233](urllib3/urllib3#2233)
&lt;https://github.com/urllib3/urllib3/issues/2233&gt;</code>__).</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/92196a0f08b2c2139117546ccfbdd3429eb72469"><code>92196a0</code></a>
Release 2.0.3</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/52d2eb1d19cc23b14043591b7d7904c6e5311fa5"><code>52d2eb1</code></a>
Fix assert_hostname=False (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3055">#3055</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/bfbd47e3da75702f14d124b64ce877a0e0cd331a"><code>bfbd47e</code></a>
Fix Python 3.12 CI</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b63cc4c4868dadf1545ad9c5c189096532148a7d"><code>b63cc4c</code></a>
Correct docstring for Retry backoff factor (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3037">#3037</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/7e3884d973c56267c32e0dacf19804afd8a00175"><code>7e3884d</code></a>
Allow non-OpenSSL TLS libaries with a warning</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e67f13c44fa4aada1954df96eb8cccbb5f2dbd2a"><code>e67f13c</code></a>
Add 1.26.16 release to CHANGES.rst on main</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/ffa2b634392a389da7033834fa485fd648d37e42"><code>ffa2b63</code></a>
Deprecate URLs without an explicit scheme</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4e9060bfa03af9d6057423b3a54f67e0cd2e7892"><code>4e9060b</code></a>
Added OpenGraph information to the documentation</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/8e94754f85c59d826ac0604d0dd2a0b41874bb36"><code>8e94754</code></a>
Remove outdated reference in LICENSE.txt</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/5dbc8e23488862aadab0706128d387af2f406b51"><code>5dbc8e2</code></a>
Bump slsa-framework/slsa-github-generator from 1.5.0 to 1.6.0</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.14...2.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.14&new-version=2.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
github-merge-queue bot pushed a commit to owntracks/android that referenced this issue Aug 29, 2023
@renovate
Update dependency urllib3 to v2 (#1463)
c3f766f 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [urllib3](https://togithub.com/urllib3/urllib3)
([changelog](https://togithub.com/urllib3/urllib3/blob/main/CHANGES.rst))
| `==1.26.16` -> `==2.0.4` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/urllib3/2.0.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/urllib3/2.0.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/urllib3/1.26.16/2.0.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/urllib3/1.26.16/2.0.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### ⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the logs
for more information.

---

### Release Notes

<details>
<summary>urllib3/urllib3 (urllib3)</summary>

###
[`v2.0.4`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#204-2023-07-19)

[Compare
Source](https://togithub.com/urllib3/urllib3/compare/2.0.3...2.0.4)

\==================

- Added support for union operators to `HTTPHeaderDict` (`#&#8203;2254
<https://github.com/urllib3/urllib3/issues/2254>`\__)
- Added `BaseHTTPResponse` to `urllib3.__all__` (`#&#8203;3078
<https://github.com/urllib3/urllib3/issues/3078>`\__)
- Fixed `urllib3.connection.HTTPConnection` to raise the
`http.client.connect` audit event to have the same behavior as the
standard library HTTP client (`#&#8203;2757
<https://github.com/urllib3/urllib3/issues/2757>`\__)
- Relied on the standard library for checking hostnames in supported
PyPy releases (`#&#8203;3087
<https://github.com/urllib3/urllib3/issues/3087>`\__)

###
[`v2.0.3`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#203-2023-06-07)

[Compare
Source](https://togithub.com/urllib3/urllib3/compare/2.0.2...2.0.3)

\==================

- Allowed alternative SSL libraries such as LibreSSL, while still
issuing a warning as we cannot help users facing issues with
implementations other than OpenSSL. (`#&#8203;3020
<https://github.com/urllib3/urllib3/issues/3020>`\__)
- Deprecated URLs which don't have an explicit scheme (`#&#8203;2950
<https://github.com/urllib3/urllib3/pull/2950>`\_)
- Fixed response decoding with Zstandard when compressed data is made of
several frames. (`#&#8203;3008
<https://github.com/urllib3/urllib3/issues/3008>`\__)
- Fixed `assert_hostname=False` to correctly skip hostname check.
(`#&#8203;3051 <https://github.com/urllib3/urllib3/issues/3051>`\__)

###
[`v2.0.2`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#202-2023-05-03)

[Compare
Source](https://togithub.com/urllib3/urllib3/compare/2.0.1...2.0.2)

\==================

- Fixed `HTTPResponse.stream()` to continue yielding bytes if buffered
decompressed data
was still available to be read even if the underlying socket is closed.
This prevents
a compressed response from being truncated. (`#&#8203;3009
<https://github.com/urllib3/urllib3/issues/3009>`\__)

###
[`v2.0.1`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#201-2023-04-30)

[Compare
Source](https://togithub.com/urllib3/urllib3/compare/2.0.0...2.0.1)

\==================

- Fixed a socket leak when fingerprint or hostname verifications fail.
(`#&#8203;2991 <https://github.com/urllib3/urllib3/issues/2991>`\__)
- Fixed an error when `HTTPResponse.read(0)` was the first `read` call
or when the internal response body buffer was otherwise empty.
(`#&#8203;2998 <https://github.com/urllib3/urllib3/issues/2998>`\__)

###
[`v2.0.0`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#200-2023-04-26)

[Compare
Source](https://togithub.com/urllib3/urllib3/compare/1.26.16...2.0.0)

\==================

Read the `v2.0 migration guide
<https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html>`\__
for help upgrading to the latest version of urllib3.

## Removed

- Removed support for Python 2.7, 3.5, and 3.6 (`#&#8203;883
<https://github.com/urllib3/urllib3/issues/883>`**, `#&#8203;2336
<https://github.com/urllib3/urllib3/issues/2336>`**).
- Removed fallback on certificate `commonName` in `match_hostname()`
function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only
`subjectAltName`
is used to verify the hostname by default. To enable verifying the
hostname against
`commonName` use `SSLContext.hostname_checks_common_name = True`
(`#&#8203;2113 <https://github.com/urllib3/urllib3/issues/2113>`\__).
- Removed support for Python with an `ssl` module compiled with
LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require
OpenSSL with PEP 644 (`#&#8203;2168
<https://github.com/urllib3/urllib3/issues/2168>`\__).
- Removed support for OpenSSL versions earlier than 1.1.1 or that don't
have SNI support.
When an incompatible OpenSSL version is detected an `ImportError` is
raised (`#&#8203;2168
<https://github.com/urllib3/urllib3/issues/2168>`\__).
- Removed the list of default ciphers for OpenSSL 1.1.1+ and
SecureTransport as their own defaults are already secure (`#&#8203;2082
<https://github.com/urllib3/urllib3/issues/2082>`\__).
- Removed `urllib3.contrib.appengine.AppEngineManager` and support for
Google App Engine Standard Environment (`#&#8203;2044
<https://github.com/urllib3/urllib3/issues/2044>`\__).
- Removed deprecated `Retry` options `method_whitelist`,
`DEFAULT_REDIRECT_HEADERS_BLACKLIST` (`#&#8203;2086
<https://github.com/urllib3/urllib3/issues/2086>`\__).
- Removed `urllib3.HTTPResponse.from_httplib` (`#&#8203;2648
<https://github.com/urllib3/urllib3/issues/2648>`\__).
- Removed default value of `None` for the `request_context` parameter of
`urllib3.PoolManager.connection_from_pool_key`. This change should have
no effect on users as the default value of `None` was an invalid option
and was never used (`#&#8203;1897
<https://github.com/urllib3/urllib3/issues/1897>`\__).
- Removed the `urllib3.request` module. `urllib3.request.RequestMethods`
has been made a private API.
This change was made to ensure that `from urllib3 import request`
imported the top-level `request()`
function instead of the `urllib3.request` module (`#&#8203;2269
<https://github.com/urllib3/urllib3/issues/2269>`\__).
- Removed support for SSLv3.0 from the `urllib3.contrib.pyopenssl` even
when support is available from the compiled OpenSSL library
(`#&#8203;2233 <https://github.com/urllib3/urllib3/issues/2233>`\__).
- Removed the deprecated `urllib3.contrib.ntlmpool` module
(`#&#8203;2339 <https://github.com/urllib3/urllib3/issues/2339>`\__).
- Removed `DEFAULT_CIPHERS`, `HAS_SNI`,
`USE_DEFAULT_SSLCONTEXT_CIPHERS`, from the private module
`urllib3.util.ssl_` (`#&#8203;2168
<https://github.com/urllib3/urllib3/issues/2168>`\__).
- Removed `urllib3.exceptions.SNIMissingWarning` (`#&#8203;2168
<https://github.com/urllib3/urllib3/issues/2168>`\__).
- Removed the `_prepare_conn` method from `HTTPConnectionPool`.
Previously this was only used to call `HTTPSConnection.set_cert()` by
`HTTPSConnectionPool` (`#&#8203;1985
<https://github.com/urllib3/urllib3/issues/1985>`\__).
- Removed `tls_in_tls_required` property from `HTTPSConnection`. This is
now determined from the `scheme` parameter in
`HTTPConnection.set_tunnel()` (`#&#8203;1985
<https://github.com/urllib3/urllib3/issues/1985>`\__).
- Removed the `strict` parameter/attribute from `HTTPConnection`,
`HTTPSConnection`, `HTTPConnectionPool`, `HTTPSConnectionPool`, and
`HTTPResponse` (`#&#8203;2064
<https://github.com/urllib3/urllib3/issues/2064>`\__).

## Deprecated

- Deprecated `HTTPResponse.getheaders()` and `HTTPResponse.getheader()`
which will be removed in urllib3 v2.1.0. Instead use
`HTTPResponse.headers` and `HTTPResponse.headers.get(name, default)`.
(`#&#8203;1543 <https://github.com/urllib3/urllib3/issues/1543>`**,
`#&#8203;2814 <https://github.com/urllib3/urllib3/issues/2814>`**).
- Deprecated `urllib3.contrib.pyopenssl` module which will be removed in
urllib3 v2.1.0 (`#&#8203;2691
<https://github.com/urllib3/urllib3/issues/2691>`\__).
- Deprecated `urllib3.contrib.securetransport` module which will be
removed in urllib3 v2.1.0 (`#&#8203;2692
<https://github.com/urllib3/urllib3/issues/2692>`\__).
- Deprecated `ssl_version` option in favor of `ssl_minimum_version`.
`ssl_version` will be removed in urllib3 v2.1.0 (`#&#8203;2110
<https://github.com/urllib3/urllib3/issues/2110>`\__).
- Deprecated the `strict` parameter of
`PoolManager.connection_from_context()` as it's not longer needed in
Python 3.x. It will be removed in urllib3 v2.1.0 (`#&#8203;2267
<https://github.com/urllib3/urllib3/issues/2267>`\__)
- Deprecated the `NewConnectionError.pool` attribute which will be
removed in urllib3 v2.1.0 (`#&#8203;2271
<https://github.com/urllib3/urllib3/issues/2271>`\__).
- Deprecated `format_header_param_html5` and `format_header_param` in
favor of `format_multipart_header_param` (`#&#8203;2257
<https://github.com/urllib3/urllib3/issues/2257>`\__).
- Deprecated `RequestField.header_formatter` parameter which will be
removed in urllib3 v2.1.0 (`#&#8203;2257
<https://github.com/urllib3/urllib3/issues/2257>`\__).
- Deprecated `HTTPSConnection.set_cert()` method. Instead pass
parameters to the `HTTPSConnection` constructor (`#&#8203;1985
<https://github.com/urllib3/urllib3/issues/1985>`\__).
- Deprecated `HTTPConnection.request_chunked()` method which will be
removed in urllib3 v2.1.0. Instead pass `chunked=True` to
`HTTPConnection.request()` (`#&#8203;1985
<https://github.com/urllib3/urllib3/issues/1985>`\__).

## Added

- Added top-level `urllib3.request` function which uses a preconfigured
module-global `PoolManager` instance (`#&#8203;2150
<https://github.com/urllib3/urllib3/issues/2150>`\__).
- Added the `json` parameter to `urllib3.request()`,
`PoolManager.request()`, and `ConnectionPool.request()` methods to send
JSON bodies in requests. Using this parameter will set the header
`Content-Type: application/json` if `Content-Type` isn't already
defined.
Added support for parsing JSON response bodies with
`HTTPResponse.json()` method (`#&#8203;2243
<https://github.com/urllib3/urllib3/issues/2243>`\__).
- Added type hints to the `urllib3` module (`#&#8203;1897
<https://github.com/urllib3/urllib3/issues/1897>`\__).
- Added `ssl_minimum_version` and `ssl_maximum_version` options which
set
`SSLContext.minimum_version` and `SSLContext.maximum_version`
(`#&#8203;2110 <https://github.com/urllib3/urllib3/issues/2110>`\__).
- Added support for Zstandard (RFC 8878) when `zstandard` 1.18.0 or
later is installed.
Added the `zstd` extra which installs the `zstandard` package
(`#&#8203;1992 <https://github.com/urllib3/urllib3/issues/1992>`\__).
- Added `urllib3.response.BaseHTTPResponse` class. All future response
classes will be subclasses of `BaseHTTPResponse` (`#&#8203;2083
<https://github.com/urllib3/urllib3/issues/2083>`\__).
- Added `FullPoolError` which is raised when `PoolManager(block=True)`
and a connection is returned to a full pool (`#&#8203;2197
<https://github.com/urllib3/urllib3/issues/2197>`\__).
- Added `HTTPHeaderDict` to the top-level `urllib3` namespace
(`#&#8203;2216 <https://github.com/urllib3/urllib3/issues/2216>`\__).
- Added support for configuring header merging behavior with
HTTPHeaderDict
When using a `HTTPHeaderDict` to provide headers for a request, by
default duplicate
header values will be repeated. But if `combine=True` is passed into a
call to
`HTTPHeaderDict.add`, then the added header value will be merged in with
an existing
value into a comma-separated list (`X-My-Header: foo, bar`)
(`#&#8203;2242 <https://github.com/urllib3/urllib3/issues/2242>`\__).
- Added `NameResolutionError` exception when a DNS error occurs
(`#&#8203;2305 <https://github.com/urllib3/urllib3/issues/2305>`\__).
- Added `proxy_assert_hostname` and `proxy_assert_fingerprint` kwargs to
`ProxyManager` (`#&#8203;2409
<https://github.com/urllib3/urllib3/issues/2409>`\__).
-   Added a configurable `backoff_max` parameter to the `Retry` class.
    If a custom `backoff_max` is provided to the `Retry` class, it
will replace the `Retry.DEFAULT_BACKOFF_MAX` (`#&#8203;2494
<https://github.com/urllib3/urllib3/issues/2494>`\__).
- Added the `authority` property to the Url class as per RFC 3986 3.2.
This property should be used in place of `netloc` for users who want to
include the userinfo (auth) component of the URI (`#&#8203;2520
<https://github.com/urllib3/urllib3/issues/2520>`\__).
- Added the `scheme` parameter to `HTTPConnection.set_tunnel` to
configure the scheme of the origin being tunnelled to (`#&#8203;1985
<https://github.com/urllib3/urllib3/issues/1985>`\__).
- Added the `is_closed`, `is_connected` and `has_connected_to_proxy`
properties to `HTTPConnection` (`#&#8203;1985
<https://github.com/urllib3/urllib3/issues/1985>`\__).
- Added optional `backoff_jitter` parameter to `Retry`. (`#&#8203;2952
<https://github.com/urllib3/urllib3/issues/2952>`\__)

## Changed

- Changed `urllib3.response.HTTPResponse.read` to respect the semantics
of `io.BufferedIOBase` regardless of compression. Specifically, this
method:

- Only returns an empty bytes object to indicate EOF (that is, the
response has been fully consumed).
    -   Never returns more bytes than requested.
    -   Can issue any number of system calls: zero, one or multiple.

If you want each `urllib3.response.HTTPResponse.read` call to issue a
single system call, you need to disable decompression by setting
`decode_content=False` (`#&#8203;2128
<https://github.com/urllib3/urllib3/issues/2128>`\__).
- Changed `urllib3.HTTPConnection.getresponse` to return an instance of
`urllib3.HTTPResponse` instead of `http.client.HTTPResponse`
(`#&#8203;2648 <https://github.com/urllib3/urllib3/issues/2648>`\__).
- Changed `ssl_version` to instead set the corresponding
`SSLContext.minimum_version`
and `SSLContext.maximum_version` values. Regardless of `ssl_version`
passed
`SSLContext` objects are now constructed using `ssl.PROTOCOL_TLS_CLIENT`
(`#&#8203;2110 <https://github.com/urllib3/urllib3/issues/2110>`\__).
- Changed default `SSLContext.minimum_version` to be
`TLSVersion.TLSv1_2` in line with Python 3.10 (`#&#8203;2373
<https://github.com/urllib3/urllib3/issues/2373>`\__).
- Changed `ProxyError` to wrap any connection error (timeout, TLS, DNS)
that occurs when connecting to the proxy (`#&#8203;2482
<https://github.com/urllib3/urllib3/pull/2482>`\__).
- Changed `urllib3.util.create_urllib3_context` to not override the
system cipher suites with
a default value. The new default will be cipher suites configured by the
operating system (`#&#8203;2168
<https://github.com/urllib3/urllib3/issues/2168>`\__).
- Changed `multipart/form-data` header parameter formatting matches the
WHATWG HTML Standard as of 2021-06-10. Control characters in filenames
are no longer percent encoded (`#&#8203;2257
<https://github.com/urllib3/urllib3/issues/2257>`\__).
- Changed the error raised when connecting via HTTPS when the `ssl`
module isn't available from `SSLError` to `ImportError` (`#&#8203;2589
<https://github.com/urllib3/urllib3/issues/2589>`\__).
- Changed `HTTPConnection.request()` to always use lowercase chunk
boundaries when sending requests with `Transfer-Encoding: chunked`
(`#&#8203;2515 <https://github.com/urllib3/urllib3/issues/2515>`\__).
- Changed `enforce_content_length` default to True, preventing silent
data loss when reading streamed responses (`#&#8203;2514
<https://github.com/urllib3/urllib3/issues/2514>`\__).
- Changed internal implementation of `HTTPHeaderDict` to use `dict`
instead of `collections.OrderedDict` for better performance
(`#&#8203;2080 <https://github.com/urllib3/urllib3/issues/2080>`\__).
- Changed the `urllib3.contrib.pyopenssl` module to wrap
`OpenSSL.SSL.Error` with `ssl.SSLError` in
`PyOpenSSLContext.load_cert_chain` (`#&#8203;2628
<https://github.com/urllib3/urllib3/issues/2628>`\__).
- Changed usage of the deprecated `socket.error` to `OSError`
(`#&#8203;2120 <https://github.com/urllib3/urllib3/issues/2120>`\__).
- Changed all parameters in the `HTTPConnection` and `HTTPSConnection`
constructors to be keyword-only except `host` and `port` (`#&#8203;1985
<https://github.com/urllib3/urllib3/issues/1985>`\__).
- Changed `HTTPConnection.getresponse()` to set the socket timeout from
`HTTPConnection.timeout` value before reading
data from the socket. This previously was done manually by the
`HTTPConnectionPool` calling `HTTPConnection.sock.settimeout(...)`
(`#&#8203;1985 <https://github.com/urllib3/urllib3/issues/1985>`\__).
- Changed the `_proxy_host` property to `_tunnel_host` in
`HTTPConnectionPool` to more closely match how the property is used
(value in `HTTPConnection.set_tunnel()`) (`#&#8203;1985
<https://github.com/urllib3/urllib3/issues/1985>`\__).
- Changed name of `Retry.BACK0FF_MAX` to be `Retry.DEFAULT_BACKOFF_MAX`.
- Changed TLS handshakes to use `SSLContext.check_hostname` when
possible (`#&#8203;2452
<https://github.com/urllib3/urllib3/pull/2452>`\__).
- Changed `server_hostname` to behave like other parameters only used by
`HTTPSConnectionPool` (`#&#8203;2537
<https://github.com/urllib3/urllib3/pull/2537>`\__).
- Changed the default `blocksize` to 16KB to match OpenSSL's default
read amounts (`#&#8203;2348
<https://github.com/urllib3/urllib3/pull/2348>`\__).
- Changed `HTTPResponse.read()` to raise an error when calling with
`decode_content=False` after using `decode_content=True` to prevent data
loss (`#&#8203;2800
<https://github.com/urllib3/urllib3/issues/2800>`\__).

## Fixed

- Fixed thread-safety issue where accessing a `PoolManager` with many
distinct origins would cause connection pools to be closed while
requests are in progress (`#&#8203;1252
<https://github.com/urllib3/urllib3/issues/1252>`\__).
- Fixed an issue where an `HTTPConnection` instance would erroneously
reuse the socket read timeout value from reading the previous response
instead of a newly configured connect timeout.
Instead now if `HTTPConnection.timeout` is updated before sending the
next request the new timeout value will be used (`#&#8203;2645
<https://github.com/urllib3/urllib3/issues/2645>`\__).
- Fixed `socket.error.errno` when raised from pyOpenSSL's
`OpenSSL.SSL.SysCallError` (`#&#8203;2118
<https://github.com/urllib3/urllib3/issues/2118>`\__).
- Fixed the default value of `HTTPSConnection.socket_options` to match
`HTTPConnection` (`#&#8203;2213
<https://github.com/urllib3/urllib3/issues/2213>`\__).
- Fixed a bug where `headers` would be modified by the
`remove_headers_on_redirect` feature (`#&#8203;2272
<https://github.com/urllib3/urllib3/issues/2272>`\__).
- Fixed a reference cycle bug in
`urllib3.util.connection.create_connection()` (`#&#8203;2277
<https://github.com/urllib3/urllib3/issues/2277>`\__).
- Fixed a socket leak if `HTTPConnection.connect()` fails (`#&#8203;2571
<https://github.com/urllib3/urllib3/pull/2571>`\__).
- Fixed `urllib3.contrib.pyopenssl.WrappedSocket` and
`urllib3.contrib.securetransport.WrappedSocket` close methods
(`#&#8203;2970 <https://github.com/urllib3/urllib3/issues/2970>`\__)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/owntracks/android).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi41Ni4wIiwidXBkYXRlZEluVmVyIjoiMzYuNjQuOCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Contributor Friendly ♥ TLS
Projects
None yet
Milestone
v2.0
Development

Successfully merging a pull request may close this issue.

Disallow pyOpenSSL from using SSLv2 and SSLv3 sethmlarson/urllib3
4 participants
@KOLANICH @tiran @sethmlarson @justlund