Update Requests library 2.29.0 (87d63de) → 2.31.0 (8812812).

CHANGES.md

@@ -8,6 +8,7 @@
 * Update idna library 3.4 (37c7d9b) to 3.4 (cab054c)
 * Update Msgpack 1.0.5 (0516c2c) to 1.0.6 (e1d3d5d)
 * Update package resource API 67.5.1 (f51eccd) to 68.1.2 (1ef36f2)
+* Update Requests library 2.29.0 (87d63de) to 2.31.0 (8812812)
 * Update soupsieve 2.3.2.post1 (792d566) to 2.4.1 (2e66beb)
 * Update Tornado Web Server 6.3.2 (e3aa6c5) to 6.3.3 (e4d6984)
 * Update urllib3 1.26.15 (25cca389) to 2.0.4 (af7c78fa)

lib/requests/__init__.py

@@ -66,10 +66,10 @@ def check_compatibility(urllib3_version, chardet_version, charset_normalizer_ver
     # Check urllib3 for compatibility.
     major, minor, patch = urllib3_version  # noqa: F811
     major, minor, patch = int(major), int(minor), int(patch)
-    # urllib3 >= 1.21.1, <= 1.26
+    # urllib3 >= 1.21.1
-    assert major == 1
+    assert major >= 1
-    assert minor >= 21
+    if major == 1:
-    assert minor <= 26
+        assert minor >= 21
 
     # Check charset_normalizer for compatibility.
     if chardet_version:

lib/requests/__version__.py

@@ -5,10 +5,10 @@
 __title__ = "requests"
 __description__ = "Python HTTP for Humans."
 __url__ = "https://requests.readthedocs.io"
-__version__ = "2.29.0"
+__version__ = "2.31.0"
-__build__ = 0x022900
+__build__ = 0x023100
 __author__ = "Kenneth Reitz"
 __author_email__ = "me@kennethreitz.org"
-__license__ = "Apache 2.0"
+__license__ = "Apache-2.0"
 __copyright__ = "Copyright Kenneth Reitz"
 __cake__ = "\u2728 \U0001f370 \u2728"

lib/requests/adapters.py

@@ -193,7 +193,6 @@ class HTTPAdapter(BaseAdapter):
             num_pools=connections,
             maxsize=maxsize,
             block=block,
-            strict=True,
             **pool_kwargs,
         )
 
@@ -248,7 +247,6 @@ class HTTPAdapter(BaseAdapter):
         :param cert: The SSL certificate to verify.
         """
         if url.lower().startswith("https") and verify:
-
             cert_loc = None
 
             # Allow self-specified cert location.

lib/requests/api.py

@@ -25,7 +25,7 @@ def request(method, url, **kwargs):
     :param cookies: (optional) Dict or CookieJar object to send with the :class:`Request`.
     :param files: (optional) Dictionary of ``'name': file-like-objects`` (or ``{'name': file-tuple}``) for multipart encoding upload.
         ``file-tuple`` can be a 2-tuple ``('filename', fileobj)``, 3-tuple ``('filename', fileobj, 'content_type')``
-        or a 4-tuple ``('filename', fileobj, 'content_type', custom_headers)``, where ``'content-type'`` is a string
+        or a 4-tuple ``('filename', fileobj, 'content_type', custom_headers)``, where ``'content_type'`` is a string
         defining the content type of the given file and ``custom_headers`` a dict-like object containing additional headers
         to add for the file.
     :param auth: (optional) Auth tuple to enable Basic/Digest/Custom HTTP Auth.

lib/requests/auth.py

@@ -258,7 +258,6 @@ class HTTPDigestAuth(AuthBase):
         s_auth = r.headers.get("www-authenticate", "")
 
         if "digest" in s_auth.lower() and self._thread_local.num_401_calls < 2:
-
             self._thread_local.num_401_calls += 1
             pat = re.compile(r"digest ", flags=re.IGNORECASE)
             self._thread_local.chal = parse_dict_header(pat.sub("", s_auth, count=1))

lib/requests/cookies.py

@@ -2,7 +2,7 @@
 requests.cookies
 ~~~~~~~~~~~~~~~~
 
-Compatibility code to be able to use `cookielib.CookieJar` with requests.
+Compatibility code to be able to use `http.cookiejar.CookieJar` with requests.
 
 requests.utils imports from here, so be careful with imports.
 """
@@ -23,7 +23,7 @@ except ImportError:
 class MockRequest:
     """Wraps a `requests.Request` to mimic a `urllib2.Request`.
 
-    The code in `cookielib.CookieJar` expects this interface in order to correctly
+    The code in `http.cookiejar.CookieJar` expects this interface in order to correctly
     manage cookie policies, i.e., determine whether a cookie can be set, given the
     domains of the request and the cookie.
 
@@ -76,7 +76,7 @@ class MockRequest:
         return self._r.headers.get(name, self._new_headers.get(name, default))
 
     def add_header(self, key, val):
-        """cookielib has no legitimate use for this method; add it back if you find one."""
+        """cookiejar has no legitimate use for this method; add it back if you find one."""
         raise NotImplementedError(
             "Cookie headers should be added with add_unredirected_header()"
         )
@@ -104,11 +104,11 @@ class MockResponse:
     """Wraps a `httplib.HTTPMessage` to mimic a `urllib.addinfourl`.
 
     ...what? Basically, expose the parsed HTTP headers from the server response
-    the way `cookielib` expects to see them.
+    the way `http.cookiejar` expects to see them.
     """
 
     def __init__(self, headers):
-        """Make a MockResponse for `cookielib` to read.
+        """Make a MockResponse for `cookiejar` to read.
 
         :param headers: a httplib.HTTPMessage or analogous carrying the headers
         """
@@ -124,7 +124,7 @@ class MockResponse:
 def extract_cookies_to_jar(jar, request, response):
     """Extract the cookies from the response into a CookieJar.
 
-    :param jar: cookielib.CookieJar (not necessarily a RequestsCookieJar)
+    :param jar: http.cookiejar.CookieJar (not necessarily a RequestsCookieJar)
     :param request: our own requests.Request object
     :param response: urllib3.HTTPResponse object
     """
@@ -174,7 +174,7 @@ class CookieConflictError(RuntimeError):
 
 
 class RequestsCookieJar(cookielib.CookieJar, MutableMapping):
-    """Compatibility class; is a cookielib.CookieJar, but exposes a dict
+    """Compatibility class; is a http.cookiejar.CookieJar, but exposes a dict
     interface.
 
     This is the CookieJar we create by default for requests and sessions that
@@ -341,7 +341,7 @@ class RequestsCookieJar(cookielib.CookieJar, MutableMapping):
         self.set(name, value)
 
     def __delitem__(self, name):
-        """Deletes a cookie given a name. Wraps ``cookielib.CookieJar``'s
+        """Deletes a cookie given a name. Wraps ``http.cookiejar.CookieJar``'s
         ``remove_cookie_by_name()``.
         """
         remove_cookie_by_name(self, name)

lib/requests/models.py

@@ -170,7 +170,7 @@ class RequestEncodingMixin:
                         )
                     )
 
-        for (k, v) in files:
+        for k, v in files:
             # support for explicit filename
             ft = None
             fh = None
@@ -268,7 +268,6 @@ class Request(RequestHooksMixin):
         hooks=None,
         json=None,
     ):
-
         # Default empty dicts for dict params.
         data = [] if data is None else data
         files = [] if files is None else files
@@ -277,7 +276,7 @@ class Request(RequestHooksMixin):
         hooks = {} if hooks is None else hooks
 
         self.hooks = default_hooks()
-        for (k, v) in list(hooks.items()):
+        for k, v in list(hooks.items()):
             self.register_hook(event=k, hook=v)
 
         self.method = method
@@ -865,7 +864,6 @@ class Response:
         for chunk in self.iter_content(
             chunk_size=chunk_size, decode_unicode=decode_unicode
         ):
-
             if pending is not None:
                 chunk = pending + chunk
 

lib/requests/sessions.py

@@ -262,7 +262,6 @@ class SessionRedirectMixin:
             if yield_requests:
                 yield req
             else:
-
                 resp = self.send(
                     req,
                     stream=stream,
@@ -324,7 +323,9 @@ class SessionRedirectMixin:
         except KeyError:
             username, password = None, None
 
-        if username and password:
+        # urllib3 handles proxy authorization for us in the standard adapter.
+        # Avoid appending this to TLS tunneled requests where it may be leaked.
+        if not scheme.startswith("https") and username and password:
             headers["Proxy-Authorization"] = _basic_auth_str(username, password)
 
         return new_proxies
@@ -387,7 +388,6 @@ class Session(SessionRedirectMixin):
     ]
 
     def __init__(self):
-
         #: A case-insensitive dictionary of headers to be sent on each
         #: :class:`Request <Request>` sent from this
         #: :class:`Session <Session>`.
@@ -543,6 +543,8 @@ class Session(SessionRedirectMixin):
         :type allow_redirects: bool
         :param proxies: (optional) Dictionary mapping protocol or protocol and
             hostname to the URL of the proxy.
+        :param hooks: (optional) Dictionary mapping hook name to one event or
+            list of events, event must be callable.
         :param stream: (optional) whether to immediately download the response
             content. Defaults to ``False``.
         :param verify: (optional) Either a boolean, in which case it controls whether we verify
@@ -709,7 +711,6 @@ class Session(SessionRedirectMixin):
 
         # Persist cookies
         if r.history:
-
             # If the hooks create history then we want those cookies too
             for resp in r.history:
                 extract_cookies_to_jar(self.cookies, resp.request, resp.raw)
@@ -757,7 +758,7 @@ class Session(SessionRedirectMixin):
             # Set environment's proxies.
             no_proxy = proxies.get("no_proxy") if proxies is not None else None
             env_proxies = get_environ_proxies(url, no_proxy=no_proxy)
-            for (k, v) in env_proxies.items():
+            for k, v in env_proxies.items():
                 proxies.setdefault(k, v)
 
             # Look for requests environment configuration
@@ -783,8 +784,7 @@ class Session(SessionRedirectMixin):
 
         :rtype: requests.adapters.BaseAdapter
         """
-        for (prefix, adapter) in self.adapters.items():
+        for prefix, adapter in self.adapters.items():
-
             if url.lower().startswith(prefix.lower()):
                 return adapter
 

lib/requests/utils.py

@@ -466,11 +466,7 @@ def dict_from_cookiejar(cj):
     :rtype: dict
     """
 
-    cookie_dict = {}
+    cookie_dict = {cookie.name: cookie.value for cookie in cj}
-
-    for cookie in cj:
-        cookie_dict[cookie.name] = cookie.value
-
     return cookie_dict
 
 
@@ -767,6 +763,7 @@ def should_bypass_proxies(url, no_proxy):
 
     :rtype: bool
     """
+
     # Prioritize lowercase environment variables over uppercase
     # to keep a consistent behaviour with other http projects (curl, wget).
     def get_proxy(key):