Skip to content
This repository was archived by the owner on Jun 2, 2020. It is now read-only.

Bump requests from 2.18.4 to 2.19.0 #7

Closed
dependabot-preview wants to merge 1 commit into from
Closed

Bump requests from 2.18.4 to 2.19.0 #7

dependabot-preview wants to merge 1 commit into from

Conversation

@dependabot-preview
Copy link

@dependabot-preview dependabot-preview bot commented Jun 13, 2018

Bumps requests from 2.18.4 to 2.19.0.

Changelog

Sourced from requests's changelog.

2.19.0 (2018-06-12)
++++++++++++++++++

Improvements

  • Warn user about possible slowdown when using cryptography version < 1.3.4
  • Check for invalid host in proxy URL, before forwarding request to adapter.
  • Fragments are now properly maintained across redirects. (RFC7231 7.1.2)
  • Removed use of cgi module to expedite library load time.
  • Added support for SHA-256 and SHA-512 digest auth algorithms.
  • Minor performance improvement to Request.content.
  • Migrate to using collections.abc for 3.7 compatibility.

Bugfixes

  • Parsing empty Link headers with parse_header_links() no longer return one bogus entry.
  • Fixed issue where loading the default certificate bundle from a zip archive
    would raise an IOError.
  • Fixed issue with unexpected ImportError on windows system which do not support winreg module.
  • DNS resolution in proxy bypass no longer includes the username and password in
    the request. This also fixes the issue of DNS queries failing on macOS.
  • Properly normalize adapter prefixes for url comparison.
  • Passing None as a file pointer to the files param no longer raises an exception.
  • Calling copy on a RequestsCookieJar will now preserve the cookie policy correctly.

Dependencies

  • We now support idna v2.7.
  • We now support urllib3 v1.23.
Commits
  • 991e8b7 v2.19.0
  • 7e297ed Separate collections from collections.abc
  • 10915e3 Add a public method to get the cookie policy
  • ace0c20 Add cookie policy related tests
  • 3ef4927 Copy cookie policy when copying a CookieJar
  • d1aeb7e Merge pull request #4672 from requests/remove_2.6_refs
  • de64f0f port pyopenssl fix from urllib3
  • bc46de5 remove references to 2.6 support in documentation
  • 16fd7e0 Merge pull request #4676 from jdufresne/doc-py3
  • 35a1874 Update Python 2 doc links to Python 3
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use (this|these) label[s] will set the current labels as the default for future PRs for this repo and language
  • @dependabot use (this|these) reviewer[s] will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use (this|these) assignee[s] will set the current assignees as the default for future PRs for this repo and language

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

@dependabot-support
Bump requests from 2.18.4 to 2.19.0
9014d33 
Bumps [requests](https://github.com/requests/requests) from 2.18.4 to 2.19.0.
- [Release notes](https://github.com/requests/requests/releases)
- [Changelog](https://github.com/requests/requests/blob/master/HISTORY.rst)
- [Commits](psf/requests@v2.18.4...v2.19.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
@codecov
Copy link

codecov bot commented Jun 13, 2018
edited
Loading

Codecov Report

Merging #7 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@          Coverage Diff          @@
##           master     #7   +/-   ##
=====================================
  Coverage     100%   100%           
=====================================
  Files           5      5           
  Lines          52     52           
=====================================
  Hits           52     52

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update dbd619d...9014d33. Read the comment docs.

@dependabot-preview
Copy link
Author

dependabot-preview bot commented Oct 29, 2018

Superseded by #12.

@dependabot-preview dependabot-preview bot deleted the dependabot/pip/requests-2.19.0 branch October 29, 2018 19:11
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dependabot-support