Initial Update

[pyup-bot]

This is my first visit to this fine repo so I have bundled all updates in a single pull request to make things easier for you to merge.

Close this pull request and delete the branch if you want me to start with single pull requests right away

Here's the executive summary:

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

requests	2.7.0	»	2.11.1	PyPI | Changelog | Homepage
oauthlib	1.0.3	»	2.0.0	PyPI | Changelog | Repo
requests-oauthlib	0.5.0	»	0.7.0	PyPI | Changelog | Repo
redis	2.10.3	»	2.10.5	PyPI | Repo

Changelogs

requests 2.7.0 -> 2.11.1

2.11.1

+++++++++++++++++++

Bugfixes

• Fixed a bug when using iter_content with decode_unicode=True for
  streamed bodies would raise AttributeError. This bug was introduced in
  2.11.
• Strip Content-Type and Transfer-Encoding headers from the header block when
  following a redirect that transforms the verb from POST/PUT to GET.

2.11.0

+++++++++++++++++++

Improvements

• Added support for the ALL_PROXY environment variable.
• Reject header values that contain leading whitespace or newline characters to
  reduce risk of header smuggling.

Bugfixes

• Fixed occasional TypeError when attempting to decode a JSON response that
  occurred in an error case. Now correctly returns a ValueError.
• Requests would incorrectly ignore a non-CIDR IP address in the NO_PROXY
  environment variables: Requests now treats it as a specific IP.
• Fixed a bug when sending JSON data that could cause us to encounter obscure
  OpenSSL errors in certain network conditions (yes, really).
• Added type checks to ensure that iter_content only accepts integers and
  None for chunk sizes.
• Fixed issue where responses whose body had not been fully consumed would have
  the underlying connection closed but not returned to the connection pool,
  which could cause Requests to hang in situations where the HTTPAdapter
  had been configured to use a blocking connection pool.

Miscellaneous

• Updated bundled urllib3 to 1.16.
• Some previous releases accidentally accepted non-strings as acceptable header values. This release does not.

2.10.0

+++++++++++++++++++

New Features

• SOCKS Proxy Support! (requires PySocks; $ pip install requests[socks])

Miscellaneous

• Updated bundled urllib3 to 1.15.1.

2.9.2

++++++++++++++++++

Improvements

• Change built-in CaseInsensitiveDict (used for headers) to use OrderedDict
  as its underlying datastore.

Bugfixes

• Don't use redirect_cache if allow_redirects=False
• When passed objects that throw exceptions from tell(), send them via
  chunked transfer encoding instead of failing.
• Raise a ProxyError for proxy related connection issues.

2.9.1

++++++++++++++++++

Bugfixes

• Resolve regression introduced in 2.9.0 that made it impossible to send binary
  strings as bodies in Python 3.
• Fixed errors when calculating cookie expiration dates in certain locales.

Miscellaneous

• Updated bundled urllib3 to 1.13.1.

2.9.0

++++++++++++++++++

Minor Improvements (Backwards compatible)

• The verify keyword argument now supports being passed a path to a
  directory of CA certificates, not just a single-file bundle.
• Warnings are now emitted when sending files opened in text mode.
• Added the 511 Network Authentication Required status code to the status code
  registry.

Bugfixes

• For file-like objects that are not seeked to the very beginning, we now
  send the content length for the number of bytes we will actually read, rather
  than the total size of the file, allowing partial file uploads.
• When uploading file-like objects, if they are empty or have no obvious
  content length we set Transfer-Encoding: chunked rather than
  Content-Length: 0.
• We correctly receive the response in buffered mode when uploading chunked
  bodies.
• We now handle being passed a query string as a bytestring on Python 3, by
  decoding it as UTF-8.
• Sessions are now closed in all cases (exceptional and not) when using the
  functional API rather than leaking and waiting for the garbage collector to
  clean them up.
• Correctly handle digest auth headers with a malformed qop directive that
  contains no token, by treating it the same as if no qop directive was
  provided at all.
• Minor performance improvements when removing specific cookies by name.

Miscellaneous

• Updated urllib3 to 1.13.

2.8.1

++++++++++++++++++

Bugfixes

• Update certificate bundle to match certifi 2015.9.6.2's weak certificate
  bundle.
• Fix a bug in 2.8.0 where requests would raise ConnectTimeout instead of
  ConnectionError
• When using the PreparedRequest flow, requests will now correctly respect the
  json parameter. Broken in 2.8.0.
• When using the PreparedRequest flow, requests will now correctly handle a
  Unicode-string method name on Python 2. Broken in 2.8.0.

2.8.0

++++++++++++++++++

Minor Improvements (Backwards Compatible)

• Requests now supports per-host proxies. This allows the proxies
  dictionary to have entries of the form
  {'<scheme>://<hostname>': '<proxy>'}. Host-specific proxies will be used
  in preference to the previously-supported scheme-specific ones, but the
  previous syntax will continue to work.
• Response.raise_for_status now prints the URL that failed as part of the
  exception message.
• requests.utils.get_netrc_auth now takes an raise_errors kwarg,
  defaulting to False. When True, errors parsing .netrc files cause
  exceptions to be thrown.
• Change to bundled projects import logic to make it easier to unbundle
  requests downstream.
• Changed the default User-Agent string to avoid leaking data on Linux: now
  contains only the requests version.

Bugfixes

• The json parameter to post() and friends will now only be used if
  neither data nor files are present, consistent with the
  documentation.
• We now ignore empty fields in the NO_PROXY environment variable.
• Fixed problem where httplib.BadStatusLine would get raised if combining
  stream=True with contextlib.closing.
• Prevented bugs where we would attempt to return the same connection back to
  the connection pool twice when sending a Chunked body.
• Miscellaneous minor internal changes.
• Digest Auth support is now thread safe.

Updates

• Updated urllib3 to 1.12.

oauthlib 1.0.3 -> 2.0.0

2.0.0

---

• (New Feature) OpenID support.
• Documentation improvements and fixes.

1.1.2

---

• (Fix) Query strings should be able to include colons.
• (Fix) Cast body to a string to ensure that we can perform a regex substitution on it.

1.1.1

---

• (Enhancement) Better sanitisation of Request objects repr.

1.1.0

---

• (Fix) '(', ')', '/' and '?' are now safe characters in url encoded strings.
• (Enhancement) Added support for specifying if refresh tokens should be created on authorization code grants.
• (Fix) OAuth2Token now handles None scopes correctly.
• (Fix) Request token is now available for OAuth 1.
• (Enhancement) OAuth2Token is declared with slots for smaller memory footprint.
• (Enhancement) RefreshTokenGrant now allows to set issue_new_refresh_tokens.
• Documentation improvements and fixes.

requests-oauthlib 0.5.0 -> 0.7.0

0.7.0

++++++++++++++++++++++++++

• Allowed OAuth2Session.request to take the client_id and
  client_secret parameters for the purposes of automatic token refresh,
  which may need them.

0.6.2

+++++++++++++++++++++

• Use client_id and client_secret for the Authorization header if
  provided.
• Allow explicit bypass of the Authorization header by setting auth=False.
• Pass through the proxies kwarg when refreshing tokens.
• Miscellaneous cleanups.

0.6.1

+++++++++++++++++++++++++

• Fixed a bug when sending authorization in headers with no username and
  password present.
• Make sure we clear the session token before obtaining a new one.
• Some improvements to the Slack compliance fix.
• Avoid timing problems around token refresh.
• Allow passing arbitrary arguments to requests when calling
  fetch_request_token and fetch_access_token.

0.6.0

+++++++++++++++++++++++++

• Add compliance fix for Slack.
• Add compliance fix for Mailchimp.
• TokenRequestDenied exceptions now carry the entire response, not just the
  status code.
• Pass through keyword arguments when refreshing tokens automatically.
• Send authorization in headers, not just body, to maximize compatibility.
• More getters/setters available for OAuth2 session client values.
• Allow sending custom headers when refreshing tokens, and set some defaults.

Once you have closed this pull request, I'll create seperate pull requests for every update as soon as I find them.

That's it for now!

Happy merging! 🤖