Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Send a clearer error message if response is truncated before a chunk #2860

Merged
merged 4 commits into from Jan 31, 2024
Merged

Send a clearer error message if response is truncated before a chunk #2860

merged 4 commits into from Jan 31, 2024

Conversation

rnewson
Copy link
Contributor

@rnewson rnewson commented Dec 23, 2022
edited

If a chunked response is truncated exactly before sending a new chunk
(that is, before the first byte of the chunk size), urllib3 throws
InvalidChunkLength(got length b'\\n', 0 bytes read). This is
confusing as no chunk length was sent (a valid chunk length line would
also be \r\n-terminated and we didn't see those either).

If the chunk length is the empty string, send a different error message.

@rnewson rnewson force-pushed the misleading-error-truncated-response branch 2 times, most recently from 55cbf2c to ae3ea9b Compare December 25, 2022 21:09
@rnewson rnewson changed the title A test to demonstrate a misleading error for chunked response Send a clearer error message if response is truncated before a chunk Dec 25, 2022
@rnewson rnewson force-pushed the misleading-error-truncated-response branch 2 times, most recently from 03ba8df to b0dd038 Compare December 25, 2022 21:11
@rnewson rnewson marked this pull request as ready for review December 25, 2022 21:14
@rnewson
Send a clearer error message if response is truncated before a chunk
65d3723 
If a chunked response is truncated exactly before sending a new chunk
(that is, before the first byte of the chunk size), urllib3 throws
`InvalidChunkLength(got length b'\\n', 0 bytes read)`. This is
confusing as no chunk length was sent (a valid chunk length line would
also be \r\n-terminated and we didn't see those either).

If the chunk length is the empty string, send a different error message.
@rnewson rnewson force-pushed the misleading-error-truncated-response branch from b0dd038 to 65d3723 Compare December 28, 2022 12:02
@rnewson rnewson mentioned this pull request Jan 5, 2023
Closed
@pquentin pquentin mentioned this pull request Jan 11, 2023
Closed
ecerulm
ecerulm reviewed Jan 30, 2024
View reviewed changes
changelog/2860.bugfix.rst Outdated Show resolved Hide resolved
ecerulm
ecerulm previously approved these changes Jan 30, 2024
View reviewed changes
Copy link
Contributor

@ecerulm ecerulm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It LGTM, @pquentin , @SethMichaelLarson any reason not to merge this?

@pquentin
Copy link
Member

No specific reason, this sounds sensible indeed.

@sethmlarson @ecerulm
Update changelog/2860.bugfix.rst
fdc7df6 
Co-authored-by: Ruben Laguna <ruben.laguna@gmail.com>
@sethmlarson sethmlarson merged commit 6ffe55b into urllib3:main Jan 31, 2024
30 of 31 checks passed
@rnewson rnewson deleted the misleading-error-truncated-response branch January 31, 2024 16:05
lettuce-bot bot added a commit to lettuce-financial/github-bot-signed-commit that referenced this pull request Feb 18, 2024
@lettuce-bot
Update dependency urllib3 to v2.2.1 (#59)
dca1cef 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [urllib3](https://togithub.com/urllib3/urllib3)
([changelog](https://togithub.com/urllib3/urllib3/blob/main/CHANGES.rst))
| `==2.2.0` -> `==2.2.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/urllib3/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/urllib3/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/urllib3/2.2.0/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/urllib3/2.2.0/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>urllib3/urllib3 (urllib3)</summary>

###
[`v2.2.1`](https://togithub.com/urllib3/urllib3/blob/HEAD/CHANGES.rst#221-2024-02-16)

[Compare
Source](https://togithub.com/urllib3/urllib3/compare/2.2.0...2.2.1)

\==================

- Fixed issue where `InsecureRequestWarning` was emitted for HTTPS
connections when using Emscripten. (`#&#8203;3331
<https://github.com/urllib3/urllib3/issues/3331>`\__)
- Fixed `HTTPConnectionPool.urlopen` to stop automatically casting
non-proxy headers to `HTTPHeaderDict`. This change was premature as it
did not apply to proxy headers and `HTTPHeaderDict` does not handle byte
header values correctly yet. (`#&#8203;3343
<https://github.com/urllib3/urllib3/issues/3343>`\__)
- Changed `ProtocolError` to `InvalidChunkLength` when response
terminates before the chunk length is sent. (`#&#8203;2860
<https://github.com/urllib3/urllib3/issues/2860>`\__)
- Changed `ProtocolError` to be more verbose on incomplete reads with
excess content. (`#&#8203;3261
<https://github.com/urllib3/urllib3/issues/3261>`\__)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/lettuce-financial/github-bot-signed-commit).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xOTEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE5MS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
mohnoor94 pushed a commit to ExpediaGroup/expediagroup-python-sdk that referenced this pull request Feb 18, 2024
@dependabot
build(deps): Bump urllib3 from 2.2.0 to 2.2.1 (#333)
036b067 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.0 to 2.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.2.0...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.2.0&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions bot added a commit to MaRDI4NFDI/open-interfaces that referenced this pull request Feb 19, 2024
@github-actions
⬆️ Bump urllib3 from 2.2.0 to 2.2.1 (#635)
593f596 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.0 to 2.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.2.0...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.2.0&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
cutoffthetop pushed a commit to robert-koch-institut/mex-model that referenced this pull request Feb 19, 2024
@dependabot
Bump urllib3 from 2.2.0 to 2.2.1 (#15)
1cd4b86 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.0 to 2.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.2.0...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.2.0&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@sparrowt
Copy link
Contributor

sparrowt commented Feb 20, 2024
edited

Thanks for this! I was also looking into this exception and thinking it kind of obscures the real problem so this is helpful.

I noticed however that in the final changelog 54d6edf seems to have inverted the explanation and made it wrong:

Changed ProtocolError to InvalidChunkLength ...

whereas changelog/2860.bugfix.rst added in this PR correctly said:

Use ProtocolError instead of InvalidChunkLength

Should I raise a new PR to fix the changelog? Presumably that PR shouldn't be in the changelog to avoid some kind of inception which would cause GitHub to set on fire 😉

@sethmlarson
Copy link
Member

@sparrowt Sounds good, please submit a PR.

sparrowt added a commit to sparrowt/urllib3 that referenced this pull request Feb 20, 2024
@sparrowt
Fix changelog entry which was inverted
392fac0 
The original changelog entry was correct but urllib3@54d6edf inverted its meaning.

This puts it back, see urllib3#2860 (comment)
@sparrowt sparrowt mentioned this pull request Feb 20, 2024
Merged
@sparrowt
Copy link
Contributor

sparrowt commented Feb 20, 2024
edited

#3348

Unrelatedly, it's worth noting that this PR means the string "Connection broken" will no longer be in the resultant exception. It was previously being added when InvalidChunkLength was caught here and then raised as a ProtocolError with that string - now it is already a ProtocolError from the beginning so will raise straight through that path retaining the new message added here.
This is not a problem necessarily, hopefully nobody is relying on that string - but noting it for future googleability just in case.

@beszabo1
Copy link

Could this change be added to the 1.26.X version as well?

pquentin pushed a commit that referenced this pull request Feb 21, 2024
@sparrowt
Fix changelog entry which was inverted (#3348)
b69a08a 
The original changelog entry was correct but 54d6edf inverted its meaning.

This puts it back, see #2860 (comment)
bader pushed a commit to intel/llvm that referenced this pull request Mar 1, 2024
@dependabot
Bump the llvm-docs-requirements group in /llvm/docs with 5 updates (#…
06817c1 
…12884)

Bumps the llvm-docs-requirements group in /llvm/docs with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [sphinx-automodapi](https://github.com/astropy/sphinx-automodapi) |
`0.16.0` | `0.17.0` |
| [furo](https://github.com/pradyunsg/furo) | `2023.9.10` | `2024.1.29`
|
| [certifi](https://github.com/certifi/python-certifi) | `2023.11.17` |
`2024.2.2` |
| [markupsafe](https://github.com/pallets/markupsafe) | `2.1.4` |
`2.1.5` |
| [urllib3](https://github.com/urllib3/urllib3) | `2.1.0` | `2.2.1` |

Updates `sphinx-automodapi` from 0.16.0 to 0.17.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astropy/sphinx-automodapi/releases">sphinx-automodapi's
releases</a>.</em></p>
<blockquote>
<h2>v0.17.0 Release Notes</h2>
<p>Also see <code>CHANGES.rst</code>.</p>
<h2>What's Changed</h2>
<ul>
<li>MNT: Drop Python 3.7 and update test matrix again by <a
href="https://github.com/pllim"><code>@​pllim</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/177">astropy/sphinx-automodapi#177</a></li>
<li>CI: fix environment name by <a
href="https://github.com/bsipocz"><code>@​bsipocz</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/178">astropy/sphinx-automodapi#178</a></li>
<li>CI: update versions by <a
href="https://github.com/bsipocz"><code>@​bsipocz</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/179">astropy/sphinx-automodapi#179</a></li>
<li>Updated &quot;Use <strong>dict</strong> and ignore
<strong>slots</strong> on classes <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/169">#169</a>
by <a
href="https://github.com/kylefawcett"><code>@​kylefawcett</code></a> in
<a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/181">astropy/sphinx-automodapi#181</a></li>
<li>Add automodsumm_included_members option, take2 by <a
href="https://github.com/bsipocz"><code>@​bsipocz</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/165">astropy/sphinx-automodapi#165</a></li>
<li>Bump codecov/codecov-action from 3 to 4 in /.github/workflows by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/183">astropy/sphinx-automodapi#183</a></li>
<li>Fix nonascii object names by <a
href="https://github.com/m-rossi"><code>@​m-rossi</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/184">astropy/sphinx-automodapi#184</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/kylefawcett"><code>@​kylefawcett</code></a>
made their first contribution in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/181">astropy/sphinx-automodapi#181</a></li>
<li><a
href="https://github.com/dependabot"><code>@​dependabot</code></a> made
their first contribution in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/183">astropy/sphinx-automodapi#183</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/astropy/sphinx-automodapi/compare/v0.16.0...v0.17.0">https://github.com/astropy/sphinx-automodapi/compare/v0.16.0...v0.17.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astropy/sphinx-automodapi/blob/main/CHANGES.rst">sphinx-automodapi's
changelog</a>.</em></p>
<blockquote>
<h2>0.17.0 (2024-02-22)</h2>
<ul>
<li>
<p>Fixes issue where <code>__slots__</code> hides class variables. <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/181">#181</a></p>
</li>
<li>
<p>Minimum supported Python version is now 3.8. <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/177">#177</a></p>
</li>
<li>
<p>Fixed issue with non-ascii characters in object names. <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/184">#184</a></p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/e5cb71b9b5a33d4fe26e2b9fe7130577bbff2207"><code>e5cb71b</code></a>
Finalize change log for 0.17.0</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/2963d43ec252ec9f973a2f5767a2e973f3e5f27a"><code>2963d43</code></a>
Merge pull request <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/184">#184</a>
from m-rossi/more-nonascii-fixes</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/5ab68d0d3f5c90bb1fd2b260e457ae7ba2091226"><code>5ab68d0</code></a>
Also update filename</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/5cb1818309dc54d3680f0474dac96faa1700bb72"><code>5cb1818</code></a>
Ensure <a href="https://github.com/bsipocz"><code>@​bsipocz</code></a>
name is handled</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/4d78a2cf5b96c3edb1afd1862e95abd325b47fed"><code>4d78a2c</code></a>
Add period at the end of sentence</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/f111d36fef67feb8780e384d454a9018666a2ed5"><code>f111d36</code></a>
Update changelog</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/511f6de231fe298d9d48e21271cf10cfe577a1d8"><code>511f6de</code></a>
Set another open dialog with encoding utf8 to try to fix errors on
Windows</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/bb6d65ee942068eba79076cccf7861110d9c6007"><code>bb6d65e</code></a>
Fix nonascii object names</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/56f69fe6ace1ad90bdf539614e3b6c2504820a3f"><code>56f69fe</code></a>
Merge pull request <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/183">#183</a>
from astropy/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/25b3e5f07becbcd8fce94d19373f765fbc59dab2"><code>25b3e5f</code></a>
Bump codecov/codecov-action from 3 to 4 in /.github/workflows</li>
<li>Additional commits viewable in <a
href="https://github.com/astropy/sphinx-automodapi/compare/v0.16.0...v0.17.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `furo` from 2023.9.10 to 2024.1.29
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pradyunsg/furo/blob/main/docs/changelog.md">furo's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<!-- raw HTML omitted -->
<h2>2024.01.29 -- Amazing Amethyst</h2>
<ul>
<li>Fix canonical url when building with <code>dirhtml</code>.</li>
<li>Relicense the demo module.</li>
</ul>
<h2>2023.09.10 -- Zesty Zaffre</h2>
<ul>
<li>Make asset hash injection idempotent, fixing Sphinx 6
compatibility.</li>
<li>Fix the check for HTML builders, fixing non-HTML Read the Docs
builds.</li>
</ul>
<h2>2023.08.19 -- Xenolithic Xanadu</h2>
<ul>
<li>Fix missing search context with Sphinx 7.2, for dirhtml builds.</li>
<li>Drop support for Python 3.7.</li>
<li>Present configuration errors in a better format -- thanks <a
href="https://github.com/AA-Turner"><code>@​AA-Turner</code></a>!</li>
<li>Bump <code>require_sphinx()</code> to Sphinx 6.0, in line with
dependency changes in Unassuming Ultramarine.</li>
</ul>
<h2>2023.08.17 -- Wonderous White</h2>
<ul>
<li>Fix compatiblity with Sphinx 7.2.0 and 7.2.1.</li>
</ul>
<h2>2023.07.26 -- Vigilant Volt</h2>
<ul>
<li>Fix compatiblity with Sphinx 7.1.</li>
<li>Improve how content overflow is handled.</li>
<li>Improve how literal blocks containing inline code are handled.</li>
</ul>
<h2>2023.05.20 -- Unassuming Ultramarine</h2>
<ul>
<li>✨ Add support for Sphinx 7.</li>
<li>Drop support for Sphinx 5.</li>
<li>Improve the screen-reader label for sidebar collapse.</li>
<li>Make it easier to create derived themes from Furo.</li>
<li>Bump all JS dependencies (NodeJS and npm packages).</li>
</ul>
<h2>2023.03.27 -- Tasty Tangerine</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pradyunsg/furo/commit/9e9225cb5fc5075d27efff89ecb9bdcf3d959a26"><code>9e9225c</code></a>
Prepare release: 2024.01.29</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/10a63fb2b19f3e52c9d41586f45a9c7e8d50f1ea"><code>10a63fb</code></a>
Update changelog</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/222684bffb6a7261cabf264e0fa002d8fa62bcef"><code>222684b</code></a>
Bump JS dependencies</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/5732e4ac22216453dfce4467f80cdc58714e15ce"><code>5732e4a</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pradyunsg/furo/issues/746">#746</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/e16ca0133061beb619f81cb9f1d1bc1024139a30"><code>e16ca01</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pradyunsg/furo/issues/735">#735</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/0af0547d9d086bbb18b1f8e3f4e4203c2d72326d"><code>0af0547</code></a>
Update the linters</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/d14286c8345cc5509bc8363d15c77a4607529f74"><code>d14286c</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pradyunsg/furo/issues/691">#691</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/f0a9a2750ce061109fbf853c2695f79d76bbd904"><code>f0a9a27</code></a>
Fix as -&gt; are typo in blocks.rst (<a
href="https://redirect.github.com/pradyunsg/furo/issues/734">#734</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/258d5540817bb441ef503374a7d9d0fcd6438dcc"><code>258d554</code></a>
Fix dirhtml canonical url (<a
href="https://redirect.github.com/pradyunsg/furo/issues/727">#727</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/079d829fa63091b51522c28de4e6140a9e4552a6"><code>079d829</code></a>
Relicense the demo module</li>
<li>Additional commits viewable in <a
href="https://github.com/pradyunsg/furo/compare/2023.09.10...2024.01.29">compare
view</a></li>
</ul>
</details>
<br />

Updates `certifi` from 2023.11.17 to 2024.2.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/45eb6113c0cff15293611eedf237f7345dcf24bd"><code>45eb611</code></a>
2024.02.02 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/266">#266</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/83f4f04419f0f2d14fe3ee1309feebb9d776072d"><code>83f4f04</code></a>
fix leaking certificate issue (<a
href="https://redirect.github.com/certifi/python-certifi/issues/265">#265</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/bbf2208229ce26cfcd860eb6c551dded130eea04"><code>bbf2208</code></a>
Bump actions/upload-artifact from 4.2.0 to 4.3.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/264">#264</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/9e837a5fbd135b95057abb8f14b775a50aee8a01"><code>9e837a5</code></a>
Bump actions/upload-artifact from 4.1.0 to 4.2.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/262">#262</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/05d071b6125558e97cf3a8ef12d9c393e3967d17"><code>05d071b</code></a>
Bump actions/upload-artifact from 4.0.0 to 4.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/261">#261</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2a3088a1cb569a93dab8c8ba6e8d959902b682d5"><code>2a3088a</code></a>
Bump actions/download-artifact from 4.1.0 to 4.1.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/260">#260</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d4ca66e11e8200be0332590dd92a15d9a58ae894"><code>d4ca66e</code></a>
Bump actions/upload-artifact from 3.1.3 to 4.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/258">#258</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/5d1566377a5449aac90d7080928ae77027c7c85b"><code>5d15663</code></a>
Bump actions/download-artifact from 3.0.2 to 4.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/257">#257</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d66ef9de10a59e5a162230abd1c46a4c94242633"><code>d66ef9d</code></a>
Bump actions/setup-python from 4.7.1 to 5.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/256">#256</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/8f0d4125b269a45f366eb37e04d1a0a7866d0f52"><code>8f0d412</code></a>
Bump pypa/gh-action-pypi-publish from 1.8.10 to 1.8.11 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/255">#255</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/certifi/python-certifi/compare/2023.11.17...2024.02.02">compare
view</a></li>
</ul>
</details>
<br />

Updates `markupsafe` from 2.1.4 to 2.1.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/markupsafe/releases">markupsafe's
releases</a>.</em></p>
<blockquote>
<h2>2.1.5</h2>
<p>This is a fix release for the 2.1.x feature release branch. It fixes
bugs but does not otherwise change behavior and should not result in
breaking changes.</p>
<p>Fixes a regression in <code>striptags</code> behavior from 2.14.
Spaces are now collapsed correctly.</p>
<ul>
<li>Changes: <a
href="https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-5">https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-5</a></li>
<li>Milestone: <a
href="https://github.com/pallets/markupsafe/milestone/12?closed=1">https://github.com/pallets/markupsafe/milestone/12?closed=1</a></li>
<li>PyPI: <a
href="https://pypi.org/project/MarkupSafe/2.1.5/">https://pypi.org/project/MarkupSafe/2.1.5/</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/markupsafe/blob/main/CHANGES.rst">markupsafe's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.1.5</h2>
<p>Released 2024-02-02</p>
<ul>
<li>Fix <code>striptags</code> not collapsing spaces.
:issue:<code>417</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/markupsafe/commit/fbba4acd0312826cec9cfe18371c7df07962cb65"><code>fbba4ac</code></a>
release version 2.1.5</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/c5fa23ba96336160204ed1376d60693b0d65e18d"><code>c5fa23b</code></a>
update publish actions</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/60a6512315d0ce05e6788808f80be526f2084b3f"><code>60a6512</code></a>
striptags collapses spaces correctly (<a
href="https://redirect.github.com/pallets/markupsafe/issues/418">#418</a>)</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/0b6bee071fbd8d3171fb1ac4fb669baace808438"><code>0b6bee0</code></a>
collapse spaces after stripping tags</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/73e6a4886564a554c4a19983d29c97f9fc95457d"><code>73e6a48</code></a>
start version 2.1.5</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/d704bf45a1f77926a669261b394afef38eda2a70"><code>d704bf4</code></a>
use pip-compile, dependabot updates (<a
href="https://redirect.github.com/pallets/markupsafe/issues/419">#419</a>)</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/1f82932e5c5a6e54181308afeb8443df21858ea0"><code>1f82932</code></a>
use pip-compile, dependabot updates</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/25a640f38297bfdc2ec2c82fe68df4c7613d083a"><code>25a640f</code></a>
release version 2.1.4 (<a
href="https://redirect.github.com/pallets/markupsafe/issues/414">#414</a>)</li>
<li>See full diff in <a
href="https://github.com/pallets/markupsafe/compare/2.1.4...2.1.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `urllib3` from 2.1.0 to 2.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
<h2>2.2.0</h2>
<h2>🖥️ urllib3 now works in the browser</h2>
<p>:tada: <strong>This release adds experimental support for <a
href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using
urllib3 in the browser with Pyodide</a>!</strong> 🎉</p>
<p>Thanks to Joe Marshall (<a
href="https://github.com/joemarshall"><code>@​joemarshall</code></a>)
for contributing this feature. This change was possible thanks to work
done in urllib3 v2.0 to detach our API from <code>http.client</code>.
Please report all bugs to the <a
href="https://github.com/urllib3/urllib3/issues">urllib3 issue
tracker</a>.</p>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added support for <a
href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten
and Pyodide</a>, including streaming support in cross-origin isolated
browser environments where threading is enabled. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li>
<li>Added rudimentary support for HTTP/2. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code> to be always set to a
boolean after connecting to a proxy. It could be <code>None</code> in
some cases previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting from a HTTPS proxy to an HTTP target.
It was set to <code>True</code> previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li>
</ul>
<p>Note for downstream distributors: To run integration tests, you now
need to run the tests a second time with the <code>--integration</code>
pytest flag. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>InvalidChunkLength</code> to
<code>ProtocolError</code> when response terminates before the chunk
length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
<h1>2.2.0 (2024-01-30)</h1>
<ul>
<li>Added support for <code>Emscripten and Pyodide
&lt;https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html&gt;</code><strong>,
including streaming support in cross-origin isolated browser
environments where threading is enabled.
(<code>[#2951](urllib3/urllib3#2951)
&lt;https://github.com/urllib3/urllib3/issues/2951&gt;</code></strong>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method.
(<code>[#3186](urllib3/urllib3#3186)
&lt;https://github.com/urllib3/urllib3/issues/3186&gt;</code>__)</li>
<li>Added rudimentary support for HTTP/2.
(<code>[#3284](urllib3/urllib3#3284)
&lt;https://github.com/urllib3/urllib3/issues/3284&gt;</code>__)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy.
(<code>[#2244](urllib3/urllib3#2244)
&lt;https://github.com/urllib3/urllib3/issues/2244&gt;</code>__)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code>
to be always set to a boolean after connecting to a proxy. It could be
<code>None</code> in some cases previously.
(<code>[#3130](urllib3/urllib3#3130)
&lt;https://github.com/urllib3/urllib3/issues/3130&gt;</code>__)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated
(<code>[#3203](urllib3/urllib3#3203)
&lt;https://github.com/urllib3/urllib3/issues/3203&gt;</code>__)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting
from a HTTPS proxy to an HTTP target. It was set to <code>True</code>
previously.
(<code>[#3267](urllib3/urllib3#3267)
&lt;https://github.com/urllib3/urllib3/issues/3267&gt;</code>__)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS
(<code>[#3268](urllib3/urllib3#3268)
&lt;https://github.com/urllib3/urllib3/issues/3268&gt;</code>__)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
(<code>[#3325](urllib3/urllib3#3325)
&lt;https://github.com/urllib3/urllib3/issues/3325&gt;</code>__)</li>
<li>Note for downstream distributors: To run integration tests, you now
need to run the tests a second
time with the <code>--integration</code> pytest flag.
(<code>[#3181](urllib3/urllib3#3181)
&lt;https://github.com/urllib3/urllib3/issues/3181&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.1.0...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit to Aiven-Open/kio that referenced this pull request Mar 1, 2024
@dependabot
chore(deps): bump urllib3 from 2.0.7 to 2.2.1 (#148)
55379c7 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.7 to 2.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
<h2>2.2.0</h2>
<h2>🖥️ urllib3 now works in the browser</h2>
<p>:tada: <strong>This release adds experimental support for <a
href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using
urllib3 in the browser with Pyodide</a>!</strong> 🎉</p>
<p>Thanks to Joe Marshall (<a
href="https://github.com/joemarshall"><code>@​joemarshall</code></a>)
for contributing this feature. This change was possible thanks to work
done in urllib3 v2.0 to detach our API from <code>http.client</code>.
Please report all bugs to the <a
href="https://github.com/urllib3/urllib3/issues">urllib3 issue
tracker</a>.</p>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added support for <a
href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten
and Pyodide</a>, including streaming support in cross-origin isolated
browser environments where threading is enabled. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li>
<li>Added rudimentary support for HTTP/2. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code> to be always set to a
boolean after connecting to a proxy. It could be <code>None</code> in
some cases previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting from a HTTPS proxy to an HTTP target.
It was set to <code>True</code> previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li>
</ul>
<p>Note for downstream distributors: To run integration tests, you now
need to run the tests a second time with the <code>--integration</code>
pytest flag. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p>
<h2>2.1.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h2>Removals</h2>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li>
<li>Removed support for the end-of-life Python 3.7. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>InvalidChunkLength</code> to
<code>ProtocolError</code> when response terminates before the chunk
length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
<h1>2.2.0 (2024-01-30)</h1>
<ul>
<li>Added support for <code>Emscripten and Pyodide
&lt;https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html&gt;</code><strong>,
including streaming support in cross-origin isolated browser
environments where threading is enabled.
(<code>[#2951](urllib3/urllib3#2951)
&lt;https://github.com/urllib3/urllib3/issues/2951&gt;</code></strong>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method.
(<code>[#3186](urllib3/urllib3#3186)
&lt;https://github.com/urllib3/urllib3/issues/3186&gt;</code>__)</li>
<li>Added rudimentary support for HTTP/2.
(<code>[#3284](urllib3/urllib3#3284)
&lt;https://github.com/urllib3/urllib3/issues/3284&gt;</code>__)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy.
(<code>[#2244](urllib3/urllib3#2244)
&lt;https://github.com/urllib3/urllib3/issues/2244&gt;</code>__)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code>
to be always set to a boolean after connecting to a proxy. It could be
<code>None</code> in some cases previously.
(<code>[#3130](urllib3/urllib3#3130)
&lt;https://github.com/urllib3/urllib3/issues/3130&gt;</code>__)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated
(<code>[#3203](urllib3/urllib3#3203)
&lt;https://github.com/urllib3/urllib3/issues/3203&gt;</code>__)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting
from a HTTPS proxy to an HTTP target. It was set to <code>True</code>
previously.
(<code>[#3267](urllib3/urllib3#3267)
&lt;https://github.com/urllib3/urllib3/issues/3267&gt;</code>__)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS
(<code>[#3268](urllib3/urllib3#3268)
&lt;https://github.com/urllib3/urllib3/issues/3268&gt;</code>__)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
(<code>[#3325](urllib3/urllib3#3325)
&lt;https://github.com/urllib3/urllib3/issues/3325&gt;</code>__)</li>
<li>Note for downstream distributors: To run integration tests, you now
need to run the tests a second
time with the <code>--integration</code> pytest flag.
(<code>[#3181](urllib3/urllib3#3181)
&lt;https://github.com/urllib3/urllib3/issues/3181&gt;</code>__)</li>
</ul>
<h1>2.1.0 (2023-11-13)</h1>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra.
(<code>[#2680](urllib3/urllib3#2680)
&lt;https://github.com/urllib3/urllib3/issues/2680&gt;</code>__)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation.
(<code>[#2681](urllib3/urllib3#2681)
&lt;https://github.com/urllib3/urllib3/issues/2681&gt;</code>__)</li>
<li>Removed support for the end-of-life Python 3.7.
(<code>[#3143](urllib3/urllib3#3143)
&lt;https://github.com/urllib3/urllib3/issues/3143&gt;</code>__)</li>
<li>Allowed loading CA certificates from memory for proxies.
(<code>[#3065](urllib3/urllib3#3065)
&lt;https://github.com/urllib3/urllib3/issues/3065&gt;</code>__)</li>
<li>Fixed decoding Gzip-encoded responses which specified
<code>x-gzip</code> content-encoding.
(<code>[#3174](urllib3/urllib3#3174)
&lt;https://github.com/urllib3/urllib3/issues/3174&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.0.7...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.7&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
steffenlarsen pushed a commit to steffenlarsen/llvm that referenced this pull request Mar 5, 2024
@dependabot @steffenlarsen
Bump the llvm-docs-requirements group in /llvm/docs with 5 updates (i…
0c7be75 
…ntel#12884)

Bumps the llvm-docs-requirements group in /llvm/docs with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [sphinx-automodapi](https://github.com/astropy/sphinx-automodapi) |
`0.16.0` | `0.17.0` |
| [furo](https://github.com/pradyunsg/furo) | `2023.9.10` | `2024.1.29`
|
| [certifi](https://github.com/certifi/python-certifi) | `2023.11.17` |
`2024.2.2` |
| [markupsafe](https://github.com/pallets/markupsafe) | `2.1.4` |
`2.1.5` |
| [urllib3](https://github.com/urllib3/urllib3) | `2.1.0` | `2.2.1` |

Updates `sphinx-automodapi` from 0.16.0 to 0.17.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astropy/sphinx-automodapi/releases">sphinx-automodapi's
releases</a>.</em></p>
<blockquote>
<h2>v0.17.0 Release Notes</h2>
<p>Also see <code>CHANGES.rst</code>.</p>
<h2>What's Changed</h2>
<ul>
<li>MNT: Drop Python 3.7 and update test matrix again by <a
href="https://github.com/pllim"><code>@​pllim</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/177">astropy/sphinx-automodapi#177</a></li>
<li>CI: fix environment name by <a
href="https://github.com/bsipocz"><code>@​bsipocz</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/178">astropy/sphinx-automodapi#178</a></li>
<li>CI: update versions by <a
href="https://github.com/bsipocz"><code>@​bsipocz</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/179">astropy/sphinx-automodapi#179</a></li>
<li>Updated &quot;Use <strong>dict</strong> and ignore
<strong>slots</strong> on classes <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/169">#169</a>
by <a
href="https://github.com/kylefawcett"><code>@​kylefawcett</code></a> in
<a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/181">astropy/sphinx-automodapi#181</a></li>
<li>Add automodsumm_included_members option, take2 by <a
href="https://github.com/bsipocz"><code>@​bsipocz</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/165">astropy/sphinx-automodapi#165</a></li>
<li>Bump codecov/codecov-action from 3 to 4 in /.github/workflows by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/183">astropy/sphinx-automodapi#183</a></li>
<li>Fix nonascii object names by <a
href="https://github.com/m-rossi"><code>@​m-rossi</code></a> in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/184">astropy/sphinx-automodapi#184</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/kylefawcett"><code>@​kylefawcett</code></a>
made their first contribution in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/181">astropy/sphinx-automodapi#181</a></li>
<li><a
href="https://github.com/dependabot"><code>@​dependabot</code></a> made
their first contribution in <a
href="https://redirect.github.com/astropy/sphinx-automodapi/pull/183">astropy/sphinx-automodapi#183</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/astropy/sphinx-automodapi/compare/v0.16.0...v0.17.0">https://github.com/astropy/sphinx-automodapi/compare/v0.16.0...v0.17.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astropy/sphinx-automodapi/blob/main/CHANGES.rst">sphinx-automodapi's
changelog</a>.</em></p>
<blockquote>
<h2>0.17.0 (2024-02-22)</h2>
<ul>
<li>
<p>Fixes issue where <code>__slots__</code> hides class variables. <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/181">#181</a></p>
</li>
<li>
<p>Minimum supported Python version is now 3.8. <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/177">#177</a></p>
</li>
<li>
<p>Fixed issue with non-ascii characters in object names. <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/184">#184</a></p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/e5cb71b9b5a33d4fe26e2b9fe7130577bbff2207"><code>e5cb71b</code></a>
Finalize change log for 0.17.0</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/2963d43ec252ec9f973a2f5767a2e973f3e5f27a"><code>2963d43</code></a>
Merge pull request <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/184">#184</a>
from m-rossi/more-nonascii-fixes</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/5ab68d0d3f5c90bb1fd2b260e457ae7ba2091226"><code>5ab68d0</code></a>
Also update filename</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/5cb1818309dc54d3680f0474dac96faa1700bb72"><code>5cb1818</code></a>
Ensure <a href="https://github.com/bsipocz"><code>@​bsipocz</code></a>
name is handled</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/4d78a2cf5b96c3edb1afd1862e95abd325b47fed"><code>4d78a2c</code></a>
Add period at the end of sentence</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/f111d36fef67feb8780e384d454a9018666a2ed5"><code>f111d36</code></a>
Update changelog</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/511f6de231fe298d9d48e21271cf10cfe577a1d8"><code>511f6de</code></a>
Set another open dialog with encoding utf8 to try to fix errors on
Windows</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/bb6d65ee942068eba79076cccf7861110d9c6007"><code>bb6d65e</code></a>
Fix nonascii object names</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/56f69fe6ace1ad90bdf539614e3b6c2504820a3f"><code>56f69fe</code></a>
Merge pull request <a
href="https://redirect.github.com/astropy/sphinx-automodapi/issues/183">#183</a>
from astropy/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="https://github.com/astropy/sphinx-automodapi/commit/25b3e5f07becbcd8fce94d19373f765fbc59dab2"><code>25b3e5f</code></a>
Bump codecov/codecov-action from 3 to 4 in /.github/workflows</li>
<li>Additional commits viewable in <a
href="https://github.com/astropy/sphinx-automodapi/compare/v0.16.0...v0.17.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `furo` from 2023.9.10 to 2024.1.29
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pradyunsg/furo/blob/main/docs/changelog.md">furo's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<!-- raw HTML omitted -->
<h2>2024.01.29 -- Amazing Amethyst</h2>
<ul>
<li>Fix canonical url when building with <code>dirhtml</code>.</li>
<li>Relicense the demo module.</li>
</ul>
<h2>2023.09.10 -- Zesty Zaffre</h2>
<ul>
<li>Make asset hash injection idempotent, fixing Sphinx 6
compatibility.</li>
<li>Fix the check for HTML builders, fixing non-HTML Read the Docs
builds.</li>
</ul>
<h2>2023.08.19 -- Xenolithic Xanadu</h2>
<ul>
<li>Fix missing search context with Sphinx 7.2, for dirhtml builds.</li>
<li>Drop support for Python 3.7.</li>
<li>Present configuration errors in a better format -- thanks <a
href="https://github.com/AA-Turner"><code>@​AA-Turner</code></a>!</li>
<li>Bump <code>require_sphinx()</code> to Sphinx 6.0, in line with
dependency changes in Unassuming Ultramarine.</li>
</ul>
<h2>2023.08.17 -- Wonderous White</h2>
<ul>
<li>Fix compatiblity with Sphinx 7.2.0 and 7.2.1.</li>
</ul>
<h2>2023.07.26 -- Vigilant Volt</h2>
<ul>
<li>Fix compatiblity with Sphinx 7.1.</li>
<li>Improve how content overflow is handled.</li>
<li>Improve how literal blocks containing inline code are handled.</li>
</ul>
<h2>2023.05.20 -- Unassuming Ultramarine</h2>
<ul>
<li>✨ Add support for Sphinx 7.</li>
<li>Drop support for Sphinx 5.</li>
<li>Improve the screen-reader label for sidebar collapse.</li>
<li>Make it easier to create derived themes from Furo.</li>
<li>Bump all JS dependencies (NodeJS and npm packages).</li>
</ul>
<h2>2023.03.27 -- Tasty Tangerine</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pradyunsg/furo/commit/9e9225cb5fc5075d27efff89ecb9bdcf3d959a26"><code>9e9225c</code></a>
Prepare release: 2024.01.29</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/10a63fb2b19f3e52c9d41586f45a9c7e8d50f1ea"><code>10a63fb</code></a>
Update changelog</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/222684bffb6a7261cabf264e0fa002d8fa62bcef"><code>222684b</code></a>
Bump JS dependencies</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/5732e4ac22216453dfce4467f80cdc58714e15ce"><code>5732e4a</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pradyunsg/furo/issues/746">#746</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/e16ca0133061beb619f81cb9f1d1bc1024139a30"><code>e16ca01</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pradyunsg/furo/issues/735">#735</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/0af0547d9d086bbb18b1f8e3f4e4203c2d72326d"><code>0af0547</code></a>
Update the linters</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/d14286c8345cc5509bc8363d15c77a4607529f74"><code>d14286c</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pradyunsg/furo/issues/691">#691</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/f0a9a2750ce061109fbf853c2695f79d76bbd904"><code>f0a9a27</code></a>
Fix as -&gt; are typo in blocks.rst (<a
href="https://redirect.github.com/pradyunsg/furo/issues/734">#734</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/258d5540817bb441ef503374a7d9d0fcd6438dcc"><code>258d554</code></a>
Fix dirhtml canonical url (<a
href="https://redirect.github.com/pradyunsg/furo/issues/727">#727</a>)</li>
<li><a
href="https://github.com/pradyunsg/furo/commit/079d829fa63091b51522c28de4e6140a9e4552a6"><code>079d829</code></a>
Relicense the demo module</li>
<li>Additional commits viewable in <a
href="https://github.com/pradyunsg/furo/compare/2023.09.10...2024.01.29">compare
view</a></li>
</ul>
</details>
<br />

Updates `certifi` from 2023.11.17 to 2024.2.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/45eb6113c0cff15293611eedf237f7345dcf24bd"><code>45eb611</code></a>
2024.02.02 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/266">#266</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/83f4f04419f0f2d14fe3ee1309feebb9d776072d"><code>83f4f04</code></a>
fix leaking certificate issue (<a
href="https://redirect.github.com/certifi/python-certifi/issues/265">#265</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/bbf2208229ce26cfcd860eb6c551dded130eea04"><code>bbf2208</code></a>
Bump actions/upload-artifact from 4.2.0 to 4.3.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/264">#264</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/9e837a5fbd135b95057abb8f14b775a50aee8a01"><code>9e837a5</code></a>
Bump actions/upload-artifact from 4.1.0 to 4.2.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/262">#262</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/05d071b6125558e97cf3a8ef12d9c393e3967d17"><code>05d071b</code></a>
Bump actions/upload-artifact from 4.0.0 to 4.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/261">#261</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2a3088a1cb569a93dab8c8ba6e8d959902b682d5"><code>2a3088a</code></a>
Bump actions/download-artifact from 4.1.0 to 4.1.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/260">#260</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d4ca66e11e8200be0332590dd92a15d9a58ae894"><code>d4ca66e</code></a>
Bump actions/upload-artifact from 3.1.3 to 4.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/258">#258</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/5d1566377a5449aac90d7080928ae77027c7c85b"><code>5d15663</code></a>
Bump actions/download-artifact from 3.0.2 to 4.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/257">#257</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d66ef9de10a59e5a162230abd1c46a4c94242633"><code>d66ef9d</code></a>
Bump actions/setup-python from 4.7.1 to 5.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/256">#256</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/8f0d4125b269a45f366eb37e04d1a0a7866d0f52"><code>8f0d412</code></a>
Bump pypa/gh-action-pypi-publish from 1.8.10 to 1.8.11 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/255">#255</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/certifi/python-certifi/compare/2023.11.17...2024.02.02">compare
view</a></li>
</ul>
</details>
<br />

Updates `markupsafe` from 2.1.4 to 2.1.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/markupsafe/releases">markupsafe's
releases</a>.</em></p>
<blockquote>
<h2>2.1.5</h2>
<p>This is a fix release for the 2.1.x feature release branch. It fixes
bugs but does not otherwise change behavior and should not result in
breaking changes.</p>
<p>Fixes a regression in <code>striptags</code> behavior from 2.14.
Spaces are now collapsed correctly.</p>
<ul>
<li>Changes: <a
href="https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-5">https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-5</a></li>
<li>Milestone: <a
href="https://github.com/pallets/markupsafe/milestone/12?closed=1">https://github.com/pallets/markupsafe/milestone/12?closed=1</a></li>
<li>PyPI: <a
href="https://pypi.org/project/MarkupSafe/2.1.5/">https://pypi.org/project/MarkupSafe/2.1.5/</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/markupsafe/blob/main/CHANGES.rst">markupsafe's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.1.5</h2>
<p>Released 2024-02-02</p>
<ul>
<li>Fix <code>striptags</code> not collapsing spaces.
:issue:<code>417</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/markupsafe/commit/fbba4acd0312826cec9cfe18371c7df07962cb65"><code>fbba4ac</code></a>
release version 2.1.5</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/c5fa23ba96336160204ed1376d60693b0d65e18d"><code>c5fa23b</code></a>
update publish actions</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/60a6512315d0ce05e6788808f80be526f2084b3f"><code>60a6512</code></a>
striptags collapses spaces correctly (<a
href="https://redirect.github.com/pallets/markupsafe/issues/418">#418</a>)</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/0b6bee071fbd8d3171fb1ac4fb669baace808438"><code>0b6bee0</code></a>
collapse spaces after stripping tags</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/73e6a4886564a554c4a19983d29c97f9fc95457d"><code>73e6a48</code></a>
start version 2.1.5</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/d704bf45a1f77926a669261b394afef38eda2a70"><code>d704bf4</code></a>
use pip-compile, dependabot updates (<a
href="https://redirect.github.com/pallets/markupsafe/issues/419">#419</a>)</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/1f82932e5c5a6e54181308afeb8443df21858ea0"><code>1f82932</code></a>
use pip-compile, dependabot updates</li>
<li><a
href="https://github.com/pallets/markupsafe/commit/25a640f38297bfdc2ec2c82fe68df4c7613d083a"><code>25a640f</code></a>
release version 2.1.4 (<a
href="https://redirect.github.com/pallets/markupsafe/issues/414">#414</a>)</li>
<li>See full diff in <a
href="https://github.com/pallets/markupsafe/compare/2.1.4...2.1.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `urllib3` from 2.1.0 to 2.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
<h2>2.2.0</h2>
<h2>🖥️ urllib3 now works in the browser</h2>
<p>:tada: <strong>This release adds experimental support for <a
href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using
urllib3 in the browser with Pyodide</a>!</strong> 🎉</p>
<p>Thanks to Joe Marshall (<a
href="https://github.com/joemarshall"><code>@​joemarshall</code></a>)
for contributing this feature. This change was possible thanks to work
done in urllib3 v2.0 to detach our API from <code>http.client</code>.
Please report all bugs to the <a
href="https://github.com/urllib3/urllib3/issues">urllib3 issue
tracker</a>.</p>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added support for <a
href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten
and Pyodide</a>, including streaming support in cross-origin isolated
browser environments where threading is enabled. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li>
<li>Added rudimentary support for HTTP/2. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code> to be always set to a
boolean after connecting to a proxy. It could be <code>None</code> in
some cases previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting from a HTTPS proxy to an HTTP target.
It was set to <code>True</code> previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li>
</ul>
<p>Note for downstream distributors: To run integration tests, you now
need to run the tests a second time with the <code>--integration</code>
pytest flag. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[intel#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[intel#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>InvalidChunkLength</code> to
<code>ProtocolError</code> when response terminates before the chunk
length is sent.
(<code>[intel#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[intel#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
<h1>2.2.0 (2024-01-30)</h1>
<ul>
<li>Added support for <code>Emscripten and Pyodide
&lt;https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html&gt;</code><strong>,
including streaming support in cross-origin isolated browser
environments where threading is enabled.
(<code>[intel#2951](urllib3/urllib3#2951)
&lt;https://github.com/urllib3/urllib3/issues/2951&gt;</code></strong>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method.
(<code>[intel#3186](urllib3/urllib3#3186)
&lt;https://github.com/urllib3/urllib3/issues/3186&gt;</code>__)</li>
<li>Added rudimentary support for HTTP/2.
(<code>[intel#3284](urllib3/urllib3#3284)
&lt;https://github.com/urllib3/urllib3/issues/3284&gt;</code>__)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy.
(<code>[intel#2244](urllib3/urllib3#2244)
&lt;https://github.com/urllib3/urllib3/issues/2244&gt;</code>__)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code>
to be always set to a boolean after connecting to a proxy. It could be
<code>None</code> in some cases previously.
(<code>[intel#3130](urllib3/urllib3#3130)
&lt;https://github.com/urllib3/urllib3/issues/3130&gt;</code>__)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated
(<code>[intel#3203](urllib3/urllib3#3203)
&lt;https://github.com/urllib3/urllib3/issues/3203&gt;</code>__)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting
from a HTTPS proxy to an HTTP target. It was set to <code>True</code>
previously.
(<code>[intel#3267](urllib3/urllib3#3267)
&lt;https://github.com/urllib3/urllib3/issues/3267&gt;</code>__)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS
(<code>[intel#3268](urllib3/urllib3#3268)
&lt;https://github.com/urllib3/urllib3/issues/3268&gt;</code>__)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
(<code>[intel#3325](urllib3/urllib3#3325)
&lt;https://github.com/urllib3/urllib3/issues/3325&gt;</code>__)</li>
<li>Note for downstream distributors: To run integration tests, you now
need to run the tests a second
time with the <code>--integration</code> pytest flag.
(<code>[intel#3181](urllib3/urllib3#3181)
&lt;https://github.com/urllib3/urllib3/issues/3181&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.1.0...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
miniscruff pushed a commit to miniscruff/scopie that referenced this pull request Mar 30, 2024
@dependabot
Bump urllib3 from 2.1.0 to 2.2.1 (#18)
dd7f187 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.1.0 to 2.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
<h2>2.2.0</h2>
<h2>🖥️ urllib3 now works in the browser</h2>
<p>:tada: <strong>This release adds experimental support for <a
href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using
urllib3 in the browser with Pyodide</a>!</strong> 🎉</p>
<p>Thanks to Joe Marshall (<a
href="https://github.com/joemarshall"><code>@​joemarshall</code></a>)
for contributing this feature. This change was possible thanks to work
done in urllib3 v2.0 to detach our API from <code>http.client</code>.
Please report all bugs to the <a
href="https://github.com/urllib3/urllib3/issues">urllib3 issue
tracker</a>.</p>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added support for <a
href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten
and Pyodide</a>, including streaming support in cross-origin isolated
browser environments where threading is enabled. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li>
<li>Added rudimentary support for HTTP/2. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code> to be always set to a
boolean after connecting to a proxy. It could be <code>None</code> in
some cases previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting from a HTTPS proxy to an HTTP target.
It was set to <code>True</code> previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li>
</ul>
<p>Note for downstream distributors: To run integration tests, you now
need to run the tests a second time with the <code>--integration</code>
pytest flag. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>InvalidChunkLength</code> to
<code>ProtocolError</code> when response terminates before the chunk
length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
<h1>2.2.0 (2024-01-30)</h1>
<ul>
<li>Added support for <code>Emscripten and Pyodide
&lt;https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html&gt;</code><strong>,
including streaming support in cross-origin isolated browser
environments where threading is enabled.
(<code>[#2951](urllib3/urllib3#2951)
&lt;https://github.com/urllib3/urllib3/issues/2951&gt;</code></strong>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method.
(<code>[#3186](urllib3/urllib3#3186)
&lt;https://github.com/urllib3/urllib3/issues/3186&gt;</code>__)</li>
<li>Added rudimentary support for HTTP/2.
(<code>[#3284](urllib3/urllib3#3284)
&lt;https://github.com/urllib3/urllib3/issues/3284&gt;</code>__)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy.
(<code>[#2244](urllib3/urllib3#2244)
&lt;https://github.com/urllib3/urllib3/issues/2244&gt;</code>__)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code>
to be always set to a boolean after connecting to a proxy. It could be
<code>None</code> in some cases previously.
(<code>[#3130](urllib3/urllib3#3130)
&lt;https://github.com/urllib3/urllib3/issues/3130&gt;</code>__)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated
(<code>[#3203](urllib3/urllib3#3203)
&lt;https://github.com/urllib3/urllib3/issues/3203&gt;</code>__)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting
from a HTTPS proxy to an HTTP target. It was set to <code>True</code>
previously.
(<code>[#3267](urllib3/urllib3#3267)
&lt;https://github.com/urllib3/urllib3/issues/3267&gt;</code>__)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS
(<code>[#3268](urllib3/urllib3#3268)
&lt;https://github.com/urllib3/urllib3/issues/3268&gt;</code>__)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
(<code>[#3325](urllib3/urllib3#3325)
&lt;https://github.com/urllib3/urllib3/issues/3325&gt;</code>__)</li>
<li>Note for downstream distributors: To run integration tests, you now
need to run the tests a second
time with the <code>--integration</code> pytest flag.
(<code>[#3181](urllib3/urllib3#3181)
&lt;https://github.com/urllib3/urllib3/issues/3181&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.1.0...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.1.0&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
yairsimantov20 pushed a commit to port-labs/ocean that referenced this pull request Apr 24, 2024
@dependabot
Bump urllib3 from 1.26.18 to 2.2.1 (#552)
746a3ec 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.18 to
2.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
<h2>2.2.0</h2>
<h2>🖥️ urllib3 now works in the browser</h2>
<p>:tada: <strong>This release adds experimental support for <a
href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using
urllib3 in the browser with Pyodide</a>!</strong> 🎉</p>
<p>Thanks to Joe Marshall (<a
href="https://github.com/joemarshall"><code>@​joemarshall</code></a>)
for contributing this feature. This change was possible thanks to work
done in urllib3 v2.0 to detach our API from <code>http.client</code>.
Please report all bugs to the <a
href="https://github.com/urllib3/urllib3/issues">urllib3 issue
tracker</a>.</p>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added support for <a
href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten
and Pyodide</a>, including streaming support in cross-origin isolated
browser environments where threading is enabled. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li>
<li>Added rudimentary support for HTTP/2. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code> to be always set to a
boolean after connecting to a proxy. It could be <code>None</code> in
some cases previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting from a HTTPS proxy to an HTTP target.
It was set to <code>True</code> previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li>
</ul>
<p>Note for downstream distributors: To run integration tests, you now
need to run the tests a second time with the <code>--integration</code>
pytest flag. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p>
<h2>2.1.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h2>Removals</h2>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li>
<li>Removed support for the end-of-life Python 3.7. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>InvalidChunkLength</code> to
<code>ProtocolError</code> when response terminates before the chunk
length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
<h1>2.2.0 (2024-01-30)</h1>
<ul>
<li>Added support for <code>Emscripten and Pyodide
&lt;https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html&gt;</code><strong>,
including streaming support in cross-origin isolated browser
environments where threading is enabled.
(<code>[#2951](urllib3/urllib3#2951)
&lt;https://github.com/urllib3/urllib3/issues/2951&gt;</code></strong>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method.
(<code>[#3186](urllib3/urllib3#3186)
&lt;https://github.com/urllib3/urllib3/issues/3186&gt;</code>__)</li>
<li>Added rudimentary support for HTTP/2.
(<code>[#3284](urllib3/urllib3#3284)
&lt;https://github.com/urllib3/urllib3/issues/3284&gt;</code>__)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy.
(<code>[#2244](urllib3/urllib3#2244)
&lt;https://github.com/urllib3/urllib3/issues/2244&gt;</code>__)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code>
to be always set to a boolean after connecting to a proxy. It could be
<code>None</code> in some cases previously.
(<code>[#3130](urllib3/urllib3#3130)
&lt;https://github.com/urllib3/urllib3/issues/3130&gt;</code>__)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated
(<code>[#3203](urllib3/urllib3#3203)
&lt;https://github.com/urllib3/urllib3/issues/3203&gt;</code>__)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting
from a HTTPS proxy to an HTTP target. It was set to <code>True</code>
previously.
(<code>[#3267](urllib3/urllib3#3267)
&lt;https://github.com/urllib3/urllib3/issues/3267&gt;</code>__)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS
(<code>[#3268](urllib3/urllib3#3268)
&lt;https://github.com/urllib3/urllib3/issues/3268&gt;</code>__)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
(<code>[#3325](urllib3/urllib3#3325)
&lt;https://github.com/urllib3/urllib3/issues/3325&gt;</code>__)</li>
<li>Note for downstream distributors: To run integration tests, you now
need to run the tests a second
time with the <code>--integration</code> pytest flag.
(<code>[#3181](urllib3/urllib3#3181)
&lt;https://github.com/urllib3/urllib3/issues/3181&gt;</code>__)</li>
</ul>
<h1>2.1.0 (2023-11-13)</h1>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra.
(<code>[#2680](urllib3/urllib3#2680)
&lt;https://github.com/urllib3/urllib3/issues/2680&gt;</code>__)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation.
(<code>[#2681](urllib3/urllib3#2681)
&lt;https://github.com/urllib3/urllib3/issues/2681&gt;</code>__)</li>
<li>Removed support for the end-of-life Python 3.7.
(<code>[#3143](urllib3/urllib3#3143)
&lt;https://github.com/urllib3/urllib3/issues/3143&gt;</code>__)</li>
<li>Allowed loading CA certificates from memory for proxies.
(<code>[#3065](urllib3/urllib3#3065)
&lt;https://github.com/urllib3/urllib3/issues/3065&gt;</code>__)</li>
<li>Fixed decoding Gzip-encoded responses which specified
<code>x-gzip</code> content-encoding.
(<code>[#3174](urllib3/urllib3#3174)
&lt;https://github.com/urllib3/urllib3/issues/3174&gt;</code>__)</li>
</ul>
<h1>2.0.7 (2023-10-17)</h1>
<ul>
<li>Made body stripped from HTTP requests changing the request method to
GET after HTTP 303 &quot;See Other&quot; redirect responses.</li>
</ul>
<h1>2.0.6 (2023-10-02)</h1>
<ul>
<li>Added the <code>Cookie</code> header to the list of headers to strip
from requests when redirecting to a different host. As before, different
headers can be set via
<code>Retry.remove_headers_on_redirect</code>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.18...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.18&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
benhammondmusic pushed a commit to SatcherInstitute/health-equity-tracker that referenced this pull request May 7, 2024
@dependabot
Bump the pip group across 1 directory with 5 updates (#3258)
54469b6 
Bumps the pip group with 5 updates in the /python/tests directory:

| Package | From | To |
| --- | --- | --- |
| [certifi](https://github.com/certifi/python-certifi) | `2023.7.22` |
`2024.2.2` |
| [grpcio](https://github.com/grpc/grpc) | `1.53.2` | `1.63.0` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `3.18.3` |
`5.26.1` |
| [rsa](https://github.com/sybrenstuvel/python-rsa) | `4.7` | `4.9` |
| [urllib3](https://github.com/urllib3/urllib3) | `1.26.18` | `2.2.1` |


Updates `certifi` from 2023.7.22 to 2024.2.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/45eb6113c0cff15293611eedf237f7345dcf24bd"><code>45eb611</code></a>
2024.02.02 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/266">#266</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/83f4f04419f0f2d14fe3ee1309feebb9d776072d"><code>83f4f04</code></a>
fix leaking certificate issue (<a
href="https://redirect.github.com/certifi/python-certifi/issues/265">#265</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/bbf2208229ce26cfcd860eb6c551dded130eea04"><code>bbf2208</code></a>
Bump actions/upload-artifact from 4.2.0 to 4.3.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/264">#264</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/9e837a5fbd135b95057abb8f14b775a50aee8a01"><code>9e837a5</code></a>
Bump actions/upload-artifact from 4.1.0 to 4.2.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/262">#262</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/05d071b6125558e97cf3a8ef12d9c393e3967d17"><code>05d071b</code></a>
Bump actions/upload-artifact from 4.0.0 to 4.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/261">#261</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2a3088a1cb569a93dab8c8ba6e8d959902b682d5"><code>2a3088a</code></a>
Bump actions/download-artifact from 4.1.0 to 4.1.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/260">#260</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d4ca66e11e8200be0332590dd92a15d9a58ae894"><code>d4ca66e</code></a>
Bump actions/upload-artifact from 3.1.3 to 4.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/258">#258</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/5d1566377a5449aac90d7080928ae77027c7c85b"><code>5d15663</code></a>
Bump actions/download-artifact from 3.0.2 to 4.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/257">#257</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d66ef9de10a59e5a162230abd1c46a4c94242633"><code>d66ef9d</code></a>
Bump actions/setup-python from 4.7.1 to 5.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/256">#256</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/8f0d4125b269a45f366eb37e04d1a0a7866d0f52"><code>8f0d412</code></a>
Bump pypa/gh-action-pypi-publish from 1.8.10 to 1.8.11 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/255">#255</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/certifi/python-certifi/compare/2023.07.22...2024.02.02">compare
view</a></li>
</ul>
</details>
<br />

Updates `grpcio` from 1.53.2 to 1.63.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc/releases">grpcio's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.63.0</h2>
<p>This is release 1.63.0 (<a
href="https://github.com/grpc/grpc/blob/master/doc/g_stands_for.md">giggle</a>)
of gRPC Core.</p>
<p>For gRPC documentation, see <a href="https://grpc.io/">grpc.io</a>.
For previous releases, see <a
href="https://github.com/grpc/grpc/releases">Releases</a>.</p>
<p>This release contains refinements, improvements, and bug fixes, with
highlights listed below.</p>
<h2>Core</h2>
<ul>
<li>[Deps] Backport: Protobuf upgrade to v26.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/36353">#36353</a>)</li>
<li>[OTel C++] Add experimental optional locality label available to
client per-attempt metrics. (<a
href="https://redirect.github.com/grpc/grpc/pull/36254">#36254</a>)</li>
<li>[surface] Add an API to inject connected endpoints into servers. (<a
href="https://redirect.github.com/grpc/grpc/pull/35957">#35957</a>)</li>
<li>[CMake] Add gRPC_USE_SYSTEMD option. (<a
href="https://redirect.github.com/grpc/grpc/pull/34384">#34384</a>)</li>
<li>[OTel C++] Add API to set channel scope filter. (<a
href="https://redirect.github.com/grpc/grpc/pull/36189">#36189</a>)</li>
<li>[Deps] Upgraded protobuf to v26.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/35796">#35796</a>)</li>
<li>[channel] canonify target and set channel arg in only one place. (<a
href="https://redirect.github.com/grpc/grpc/pull/36134">#36134</a>)</li>
<li>[grpc][Gpr_To_Absl_Logging] Using absl from within gpr logging. (<a
href="https://redirect.github.com/grpc/grpc/pull/36108">#36108</a>)</li>
<li>[BoringSSL] Update third_party/boringssl-with-bazel. (<a
href="https://redirect.github.com/grpc/grpc/pull/36089">#36089</a>)</li>
<li>[EventEngine] Document RunAfter can return an invalid handle for
immediate execution. (<a
href="https://redirect.github.com/grpc/grpc/pull/36072">#36072</a>)</li>
<li>[EventEngine] Enable the EventEngine DNS Resolver on Posix. (<a
href="https://redirect.github.com/grpc/grpc/pull/35573">#35573</a>)</li>
<li>[EventEngine] Support AF_UNIX for windows. (<a
href="https://redirect.github.com/grpc/grpc/pull/34801">#34801</a>)</li>
</ul>
<h2>C++</h2>
<ul>
<li>[OTel C++] Add APIs to enable/disable metrics. (<a
href="https://redirect.github.com/grpc/grpc/pull/36183">#36183</a>)</li>
<li>[EventEngine] Refactor ServerCallbackCall to use EventEngine::Run.
(<a
href="https://redirect.github.com/grpc/grpc/pull/36126">#36126</a>)</li>
<li>[OTel C++] Add CMake build support. (<a
href="https://redirect.github.com/grpc/grpc/pull/36063">#36063</a>)</li>
<li>gRPC C++ upgraded Protobuf to v26.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/36323">#36323</a>)</li>
</ul>
<h2>C#</h2>
<ul>
<li>[csharp] Fix csharp doc comments. (<a
href="https://redirect.github.com/grpc/grpc/pull/36000">#36000</a>)</li>
<li>C#: Grpc.Tools: Handle regex timeout when parsing protoc output. (<a
href="https://redirect.github.com/grpc/grpc/pull/36185">#36185</a>)</li>
</ul>
<h2>PHP</h2>
<ul>
<li>Update min PHP testing version from PHP 7.4 to 8.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/35964">#35964</a>)</li>
</ul>
<h2>Python</h2>
<ul>
<li>[Python Version] Drop support for Python 3.7. (<a
href="https://redirect.github.com/grpc/grpc/pull/34450">#34450</a>)</li>
<li>[Python Aio] Change aio Metadata inheritance. (<a
href="https://redirect.github.com/grpc/grpc/pull/36214">#36214</a>)</li>
<li>[Documentation] fix asyncio Server and Channel stop() method
documentation. (<a
href="https://redirect.github.com/grpc/grpc/pull/35946">#35946</a>)</li>
<li>[Python O11y] Change public interface. (<a
href="https://redirect.github.com/grpc/grpc/pull/36094">#36094</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc/commit/ac1418547838ab067a02af4402046f7bc1cbc44c"><code>ac14185</code></a>
[Release] Bump version to 1.63.0 (on v1.63.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/36456">#36456</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/7df7f92da82dbb8fbe93b4ff5d599d447379ee9d"><code>7df7f92</code></a>
[Release] Bump version to 1.63.0-pre2 (on v1.63.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/36377">#36377</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/cdbc13e500056ec19b2856fe2a884b2a9e99d406"><code>cdbc13e</code></a>
[Gpr_To_Absl_Logging] Disable absl logging (<a
href="https://redirect.github.com/grpc/grpc/issues/36378">#36378</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/60c35badea03e44d81623a58fe560a0ad40dceb2"><code>60c35ba</code></a>
[Python Dist] Fix grpc_distribtests_python (v1.63.x backport) (<a
href="https://redirect.github.com/grpc/grpc/issues/36363">#36363</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/81a913e71f1b2cba049244dc1882bd31d66508d3"><code>81a913e</code></a>
[Deps] Backport: Protobuf upgrade to v26.1 (<a
href="https://redirect.github.com/grpc/grpc/issues/36353">#36353</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/bc470e47ad64ae94ba8baff01e75a7606ed1cd00"><code>bc470e4</code></a>
[release] Cherry-pick `<a
href="https://github.com/grpc/grpc/commit/e510ff89aa38d9c924">https://github.com/grpc/grpc/commit/e510ff89aa38d9c924</a>...</li>
<li><a
href="https://github.com/grpc/grpc/commit/cfea053ffaeaa3c12b10917293cb9923fdb4d579"><code>cfea053</code></a>
[Release] Bump version to 1.63.0-pre1 (on v1.63.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/36338">#36338</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/c73c24a8ef4c1a18de138ee349cadc1b4c88b69e"><code>c73c24a</code></a>
[experiments] Set <code>call_status_override_on_cancellation</code>
default to <code>false</code> f...</li>
<li><a
href="https://github.com/grpc/grpc/commit/0a7a85a323d037d848c65286965c12808c241326"><code>0a7a85a</code></a>
[Release] Bump core version to 40.0.0 for upcoming release (<a
href="https://redirect.github.com/grpc/grpc/issues/36293">#36293</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/b6989ff3e4fa2b7928867b5575efa3d2291f1d0d"><code>b6989ff</code></a>
[interop] Add 1.63.2 release of grpc-go to interop matrix (<a
href="https://redirect.github.com/grpc/grpc/issues/36305">#36305</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc/compare/v1.53.2...v1.63.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `protobuf` from 3.18.3 to 5.26.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/protocolbuffers/protobuf/releases">protobuf's
releases</a>.</em></p>
<blockquote>
<h2>Protocol Buffers v3.20.3</h2>
<h1>Java</h1>
<ul>
<li>Refactoring java full runtime to reuse sub-message builders and
prepare to
migrate parsing logic from parse constructor to builder.</li>
<li>Move proto wireformat parsing functionality from the private
&quot;parsing
constructor&quot; to the Builder class.</li>
<li>Change the Lite runtime to prefer merging from the wireformat into
mutable
messages rather than building up a new immutable object before merging.
This
way results in fewer allocations and copy operations.</li>
<li>Make message-type extensions merge from wire-format instead of
building up
instances and merging afterwards. This has much better performance.</li>
<li>Fix TextFormat parser to build up recurring (but supposedly not
repeated)
sub-messages directly from text rather than building a new sub-message
and
merging the fully formed message into the existing field.</li>
<li>This release addresses a <a
href="https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2">Security
Advisory for Java users</a></li>
</ul>
<h2>Protocol Buffers v3.20.2</h2>
<h1>C++</h1>
<ul>
<li>Reduce memory consumption of MessageSet parsing</li>
<li>This release addresses a <a
href="https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-8gq9-2x98-w8hf">Security
Advisory for C++ and Python users</a></li>
</ul>
<h2>Protocol Buffers v3.20.1</h2>
<h1>PHP</h1>
<ul>
<li>Fix building packaged PHP extension (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9727">#9727</a>)</li>
<li>Fixed composer.json to only advertise compatibility with PHP 7.0+.
(<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9819">#9819</a>)</li>
</ul>
<h1>Ruby</h1>
<ul>
<li>Disable the aarch64 build on macOS until it can be fixed. (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9816">#9816</a>)</li>
</ul>
<h1>Other</h1>
<ul>
<li>Fix versioning issues in 3.20.0</li>
</ul>
<h2>Protocol Buffers v3.20.1-rc1</h2>
<h1>PHP</h1>
<ul>
<li>Fix building packaged PHP extension (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9727">#9727</a>)</li>
</ul>
<h1>Other</h1>
<ul>
<li>Fix versioning issues in 3.20.0</li>
</ul>
<h2>Protocol Buffers v3.20.0</h2>
<p>2022-03-25 version 3.20.0
(C++/Java/Python/PHP/Objective-C/C#/Ruby/JavaScript)</p>
<h1>Ruby</h1>
<ul>
<li>Dropped Ruby 2.3 and 2.4 support for CI and releases. (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9311">#9311</a>)</li>
<li>Added Ruby 3.1 support for CI and releases (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9566">#9566</a>).</li>
<li>Message.decode/encode: Add recursion_limit option (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9218">#9218</a>/<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9486">#9486</a>)</li>
<li>Allocate with xrealloc()/xfree() so message allocation is visible to
the
Ruby GC. In certain tests this leads to much lower memory usage due to
more
frequent GC runs (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9586">#9586</a>).</li>
<li>Fix conversion of singleton classes in Ruby (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/9342">#9342</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/2434ef2adf0c74149b9d547ac5fb545a1ff8b6b5"><code>2434ef2</code></a>
Updating version.json and repo version numbers to: 26.1</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/49253b118b40719b938c2b74a53d70f5450d87b0"><code>49253b1</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/16308">#16308</a>
from protocolbuffers/cp-26x-3</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/9bf69ecc833757839421b89e92ddb4dc09b2af0d"><code>9bf69ec</code></a>
Fix validateFeatures to be called after resolved features are actually
set to...</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/b752bc2b93ea16b1ec19c9a7421f77a028d7ecdf"><code>b752bc2</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/16307">#16307</a>
from protocolbuffers/cp-26x-2</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/f7d23268df8a9e1ac4a9ac3a9178bba68e66e088"><code>f7d2326</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/16309">#16309</a>
from protocolbuffers/cp-26x-4</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/2e51ff6de3e8c594d965b2ad8952b911383cf0bf"><code>2e51ff6</code></a>
Cherry-pick required label handling in JRuby field descriptor from <a
href="https://gi">https://gi</a>...</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/a2f5303916d00725cbd63ee92445b330f70d71a6"><code>a2f5303</code></a>
Update cmake stalenes</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/6a177d2cf6d6eb0f4dc87426947252c9f5e7df2b"><code>6a177d2</code></a>
Merge branch '26.x' into cp-26x-4</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/2d3d8ba410550082ee20777653a2a1d515ff8036"><code>2d3d8ba</code></a>
Expand cpp_features_proto_srcs visibility</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/e1092ee6e0b7328d5d506d65322f0b15c5b08b21"><code>e1092ee</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/16294">#16294</a>
from protocolbuffers/cp-26x</li>
<li>Additional commits viewable in <a
href="https://github.com/protocolbuffers/protobuf/compare/v3.18.3...v5.26.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `rsa` from 4.7 to 4.9
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sybrenstuvel/python-rsa/blob/main/CHANGELOG.md">rsa's
changelog</a>.</em></p>
<blockquote>
<h2>Version 4.9 - release 2022-07-20</h2>
<ul>
<li>Remove debug logging from <code>rsa/key.py</code>
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/issues/194">#194</a>).</li>
<li>Remove overlapping slots in <code>PrivateKey</code> and
<code>PublicKey</code>.
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/189">#189</a>).</li>
<li>Do not include CHANGELOG/LICENSE/README.md in wheel
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/191">#191</a>).</li>
<li>Fixed Key Generation Unittest: Public and Private keys are assigned
the wrong way around
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/188">#188</a>).</li>
</ul>
<h2>Version 4.8 - released 2021-11-24</h2>
<ul>
<li>Switch to <a href="https://python-poetry.org/">Poetry</a> for
dependency and release management.</li>
<li>Compatibility with Python 3.10.</li>
<li>Chain exceptions using <code>raise new_exception from
old_exception</code>
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/157">#157</a>)</li>
<li>Added marker file for PEP 561. This will allow type checking tools
in dependent projects
to use type annotations from Python-RSA
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/136">#136</a>).</li>
<li>Use the Chinese Remainder Theorem when decrypting with a private
key. This
makes decryption 2-4x faster
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/pull/163">#163</a>).</li>
</ul>
<h2>Version 4.7.2 - released 2021-02-24</h2>
<ul>
<li>Fix picking/unpickling issue introduced in 4.7
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/issues/173">#173</a>)</li>
</ul>
<h2>Version 4.7.1 - released 2021-02-15</h2>
<ul>
<li>Fix threading issue introduced in 4.7
(<a
href="https://redirect.github.com/sybrenstuvel/python-rsa/issues/173">#173</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/c4dc7beb04bea05ed86adb2e4b7f780f173774b8"><code>c4dc7be</code></a>
README.md: Final publishing tweaks</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/1ee1afee004cae97b9c5e0aa549042dba45bd45b"><code>1ee1afe</code></a>
Bumped version to 4.9</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/80eb1b16dd359452c8d309161c13196a61387bfc"><code>80eb1b1</code></a>
update_version.sh: include README.md in example commit command</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/7d2c6b2d2294eef2714fb1650895933d799ae07f"><code>7d2c6b2</code></a>
Mark 4.9 as released today</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/42a9b2fdc3a812cbd210594a3c020e7174fd2a1c"><code>42a9b2f</code></a>
Fix README.md updating part of update_version.sh</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/78f738d7b06d9f4b39c055c396ebd76538f8c712"><code>78f738d</code></a>
Add instructions on how to publish via Twine</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/e59132d679481e9bdf7be1e3279793642470d2b9"><code>e59132d</code></a>
Upgrade Sphynx 4.3 -&gt; 5.0.2</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/ce5a32f3fdbcb5128800719e2c3d68e6248d3e47"><code>ce5a32f</code></a>
Fix <a
href="https://redirect.github.com/sybrenstuvel/python-rsa/issues/199">#199</a>:
Sphinx warnings reference target not found</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/0e3e54859f85d352e6a71f4069f5481b03d9e4e8"><code>0e3e548</code></a>
Doc: add <code>-n</code> option to Sphinx to show warnings</li>
<li><a
href="https://github.com/sybrenstuvel/python-rsa/commit/f0e194aaa0639e341a839e117846ca5640b33b39"><code>f0e194a</code></a>
Update CHANGELOG.md</li>
<li>Additional commits viewable in <a
href="https://github.com/sybrenstuvel/python-rsa/compare/version-4.7...version-4.9">compare
view</a></li>
</ul>
</details>
<br />

Updates `urllib3` from 1.26.18 to 2.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
<h2>2.2.0</h2>
<h2>🖥️ urllib3 now works in the browser</h2>
<p>:tada: <strong>This release adds experimental support for <a
href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using
urllib3 in the browser with Pyodide</a>!</strong> 🎉</p>
<p>Thanks to Joe Marshall (<a
href="https://github.com/joemarshall"><code>@​joemarshall</code></a>)
for contributing this feature. This change was possible thanks to work
done in urllib3 v2.0 to detach our API from <code>http.client</code>.
Please report all bugs to the <a
href="https://github.com/urllib3/urllib3/issues">urllib3 issue
tracker</a>.</p>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added support for <a
href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten
and Pyodide</a>, including streaming support in cross-origin isolated
browser environments where threading is enabled. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li>
<li>Added rudimentary support for HTTP/2. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code> to be always set to a
boolean after connecting to a proxy. It could be <code>None</code> in
some cases previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3203">#3203</a>)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting from a HTTPS proxy to an HTTP target.
It was set to <code>True</code> previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3267">#3267</a>)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3268">#3268</a>)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3325">#3325</a>)</li>
</ul>
<p>Note for downstream distributors: To run integration tests, you now
need to run the tests a second time with the <code>--integration</code>
pytest flag. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3181">#3181</a>)</p>
<h2>2.1.0</h2>
<p>Read the <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">v2
migration guide</a> for help upgrading to the latest version of
urllib3.</p>
<h2>Removals</h2>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2680">#2680</a>)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2681">#2681</a>)</li>
<li>Removed support for the end-of-life Python 3.7. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3143">#3143</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>InvalidChunkLength</code> to
<code>ProtocolError</code> when response terminates before the chunk
length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
<h1>2.2.0 (2024-01-30)</h1>
<ul>
<li>Added support for <code>Emscripten and Pyodide
&lt;https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html&gt;</code><strong>,
including streaming support in cross-origin isolated browser
environments where threading is enabled.
(<code>[#2951](urllib3/urllib3#2951)
&lt;https://github.com/urllib3/urllib3/issues/2951&gt;</code></strong>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method.
(<code>[#3186](urllib3/urllib3#3186)
&lt;https://github.com/urllib3/urllib3/issues/3186&gt;</code>__)</li>
<li>Added rudimentary support for HTTP/2.
(<code>[#3284](urllib3/urllib3#3284)
&lt;https://github.com/urllib3/urllib3/issues/3284&gt;</code>__)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy.
(<code>[#2244](urllib3/urllib3#2244)
&lt;https://github.com/urllib3/urllib3/issues/2244&gt;</code>__)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code>
to be always set to a boolean after connecting to a proxy. It could be
<code>None</code> in some cases previously.
(<code>[#3130](urllib3/urllib3#3130)
&lt;https://github.com/urllib3/urllib3/issues/3130&gt;</code>__)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated
(<code>[#3203](urllib3/urllib3#3203)
&lt;https://github.com/urllib3/urllib3/issues/3203&gt;</code>__)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting
from a HTTPS proxy to an HTTP target. It was set to <code>True</code>
previously.
(<code>[#3267](urllib3/urllib3#3267)
&lt;https://github.com/urllib3/urllib3/issues/3267&gt;</code>__)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS
(<code>[#3268](urllib3/urllib3#3268)
&lt;https://github.com/urllib3/urllib3/issues/3268&gt;</code>__)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
(<code>[#3325](urllib3/urllib3#3325)
&lt;https://github.com/urllib3/urllib3/issues/3325&gt;</code>__)</li>
<li>Note for downstream distributors: To run integration tests, you now
need to run the tests a second
time with the <code>--integration</code> pytest flag.
(<code>[#3181](urllib3/urllib3#3181)
&lt;https://github.com/urllib3/urllib3/issues/3181&gt;</code>__)</li>
</ul>
<h1>2.1.0 (2023-11-13)</h1>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra.
(<code>[#2680](urllib3/urllib3#2680)
&lt;https://github.com/urllib3/urllib3/issues/2680&gt;</code>__)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation.
(<code>[#2681](urllib3/urllib3#2681)
&lt;https://github.com/urllib3/urllib3/issues/2681&gt;</code>__)</li>
<li>Removed support for the end-of-life Python 3.7.
(<code>[#3143](urllib3/urllib3#3143)
&lt;https://github.com/urllib3/urllib3/issues/3143&gt;</code>__)</li>
<li>Allowed loading CA certificates from memory for proxies.
(<code>[#3065](urllib3/urllib3#3065)
&lt;https://github.com/urllib3/urllib3/issues/3065&gt;</code>__)</li>
<li>Fixed decoding Gzip-encoded responses which specified
<code>x-gzip</code> content-encoding.
(<code>[#3174](urllib3/urllib3#3174)
&lt;https://github.com/urllib3/urllib3/issues/3174&gt;</code>__)</li>
</ul>
<h1>2.0.7 (2023-10-17)</h1>
<ul>
<li>Made body stripped from HTTP requests changing the request method to
GET after HTTP 303 &quot;See Other&quot; redirect responses.</li>
</ul>
<h1>2.0.6 (2023-10-02)</h1>
<ul>
<li>Added the <code>Cookie</code> header to the list of headers to strip
from requests when redirecting to a different host. As before, different
headers can be set via
<code>Retry.remove_headers_on_redirect</code>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/54d6edf2a671510a5c029d3b76ffe71a5b07147a"><code>54d6edf</code></a>
Release 2.2.1</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/49b2ddaf07ec9ef65ef12d0218117f20e739ee6e"><code>49b2dda</code></a>
Stop casting request headers to HTTPHeaderDict (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e22f651079ae65d06efbb28222c27000256ce7a5"><code>e22f651</code></a>
Fix docstring of retries parameter</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fa541793ad42f2f49846de0a9808ee0a484c53cf"><code>fa54179</code></a>
Distinguish between truncated and excess content in response (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3273">#3273</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/cfe52f96fb65fe2269981d6bba4f22c2bce00b2d"><code>cfe52f9</code></a>
Fix InsecureRequestWarning for HTTPS Emscripten requests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3333">#3333</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/25155d7d3b7d91ef8400bc3cb7600b9253b765a3"><code>25155d7</code></a>
Ensure no remote connections during testing (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3328">#3328</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/12f923325a1794bab26c82dbfef2c47d44f054f8"><code>12f9233</code></a>
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3340">#3340</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9929d3c4e03b71ba485148a8390cd9411981f40f"><code>9929d3c</code></a>
Add nox session to start local Pyodide console</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/aa8d3dd2535cc125e123e5c2bca38738d6864b2a"><code>aa8d3dd</code></a>
Fix ssl_version tests for upcoming migration to pytest 8</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/23f2287eb526d9384dddeedb6f6345e263bb9b86"><code>23f2287</code></a>
Remove TODO about informational responses (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3319">#3319</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.18...2.2.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/SatcherInstitute/health-equity-tracker/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sethmlarson sethmlarson sethmlarson approved these changes

@ecerulm ecerulm ecerulm left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@rnewson @pquentin @sparrowt @sethmlarson @beszabo1 @ecerulm