Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-requests for openSUSE:Factory
checked in at 2026-03-28 20:13:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-requests (Old)
and /work/SRC/openSUSE:Factory/.python-requests.new.8177 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-requests"
Sat Mar 28 20:13:44 2026 rev:91 rq:1343119 version:2.33.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-requests/python-requests.changes
2026-03-17 19:03:56.735299261 +0100
+++
/work/SRC/openSUSE:Factory/.python-requests.new.8177/python-requests.changes
2026-03-28 20:15:16.494186897 +0100
@@ -1,0 +2,23 @@
+Fri Mar 27 07:05:22 UTC 2026 - Daniel Garcia <[email protected]>
+
+- Update to 2.33.0 (bsc#1260589, CVE-2026-25645):
+ - Announcements - Requests is adding inline types. If you have a
+ typed code base that uses Requests, please take a look at #7271.
+ Give it a try, and report any gaps or feedback you may have in the
+ issue.
+ - Security - CVE-2026-25645 requests.utils.extract_zipped_paths now
+ extracts
+ * contents to a non-deterministic location to prevent malicious file
+ replacement. This does not affect default usage of Requests, only
+ applications calling the utility function directly.
+ - Improvements - Migrated to a PEP 517 build system using
+ setuptools. (#7012)
+ - Bugfixes - Fixed an issue where an empty netrc entry could cause
+ * malformed authentication to be applied to Requests on Python
+ 3.11+. (#7205)
+ - Deprecations - Dropped support for Python 3.9 following its end of
+ support. (#7196)
+ - Documentation - Various typo fixes and doc improvements.
+- Drop uneeded patch fix-chardet-RequestsDependencyWarning.patch
+
+-------------------------------------------------------------------
Old:
----
fix-chardet-RequestsDependencyWarning.patch
requests-2.32.5.tar.gz
New:
----
requests-2.33.0.tar.gz
----------(Old B)----------
Old: - Documentation - Various typo fixes and doc improvements.
- Drop uneeded patch fix-chardet-RequestsDependencyWarning.patch
----------(Old E)----------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-requests.spec ++++++
--- /var/tmp/diff_new_pack.SZFTif/_old 2026-03-28 20:15:17.094211661 +0100
+++ /var/tmp/diff_new_pack.SZFTif/_new 2026-03-28 20:15:17.098211826 +0100
@@ -26,14 +26,12 @@
%endif
%{?sle15_python_module_pythons}
Name: python-requests%{psuffix}
-Version: 2.32.5
+Version: 2.33.0
Release: 0
Summary: Python HTTP Library
License: Apache-2.0
URL: https://docs.python-requests.org/
Source:
https://files.pythonhosted.org/packages/source/r/requests/requests-%{version}.tar.gz
-# PATCH-FIX-OPENSUSE fix-chardet-RequestsDependencyWarning.patch
[email protected] -- based on PR 7239
-Patch0: fix-chardet-RequestsDependencyWarning.patch
BuildRequires: %{python_module base >= 3.9}
BuildRequires: %{python_module pip}
BuildRequires: %{python_module setuptools}
++++++ requests-2.32.5.tar.gz -> requests-2.33.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/HISTORY.md
new/requests-2.33.0/HISTORY.md
--- old/requests-2.32.5/HISTORY.md 2025-08-18 23:42:33.000000000 +0200
+++ new/requests-2.33.0/HISTORY.md 2026-03-25 16:09:51.000000000 +0100
@@ -6,6 +6,35 @@
- \[Short description of non-trivial change.\]
+2.33.0 (2026-03-25)
+--------------------
+
+**Announcements**
+- 📣 Requests is adding inline types. If you have a typed code base that
+uses Requests, please take a look at #7271. Give it a try, and report
+any gaps or feedback you may have in the issue. 📣
+
+**Security**
+- CVE-2026-25645 ``requests.utils.extract_zipped_paths`` now extracts
+ contents to a non-deterministic location to prevent malicious file
+ replacement. This does not affect default usage of Requests, only
+ applications calling the utility function directly.
+
+**Improvements**
+- Migrated to a PEP 517 build system using setuptools. (#7012)
+
+**Bugfixes**
+- Fixed an issue where an empty netrc entry could cause
+ malformed authentication to be applied to Requests on
+ Python 3.11+. (#7205)
+
+**Deprecations**
+- Dropped support for Python 3.9 following its end of support. (#7196)
+
+**Documentation**
+- Various typo fixes and doc improvements.
+
+
2.32.5 (2025-08-18)
-------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/PKG-INFO new/requests-2.33.0/PKG-INFO
--- old/requests-2.32.5/PKG-INFO 2025-08-18 23:43:30.277673000 +0200
+++ new/requests-2.33.0/PKG-INFO 2026-03-25 16:09:55.191899000 +0100
@@ -1,10 +1,9 @@
Metadata-Version: 2.4
Name: requests
-Version: 2.32.5
+Version: 2.33.0
Summary: Python HTTP for Humans.
-Home-page: https://requests.readthedocs.io
-Author: Kenneth Reitz
-Author-email: [email protected]
+Author-email: Kenneth Reitz <[email protected]>
+Maintainer-email: Ian Stapleton Cordasco <[email protected]>, Nate
Prewitt <[email protected]>
License: Apache-2.0
Project-URL: Documentation, https://requests.readthedocs.io
Project-URL: Source, https://github.com/psf/requests
@@ -16,7 +15,6 @@
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
@@ -27,34 +25,35 @@
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Software Development :: Libraries
-Requires-Python: >=3.9
+Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
+License-File: NOTICE
Requires-Dist: charset_normalizer<4,>=2
Requires-Dist: idna<4,>=2.5
-Requires-Dist: urllib3<3,>=1.21.1
-Requires-Dist: certifi>=2017.4.17
+Requires-Dist: urllib3<3,>=1.26
+Requires-Dist: certifi>=2023.5.7
Provides-Extra: security
Provides-Extra: socks
Requires-Dist: PySocks!=1.5.7,>=1.5.6; extra == "socks"
Provides-Extra: use-chardet-on-py3
-Requires-Dist: chardet<6,>=3.0.2; extra == "use-chardet-on-py3"
-Dynamic: author
-Dynamic: author-email
-Dynamic: classifier
-Dynamic: description
-Dynamic: description-content-type
-Dynamic: home-page
-Dynamic: license
+Requires-Dist: chardet<8,>=3.0.2; extra == "use-chardet-on-py3"
+Provides-Extra: test
+Requires-Dist: pytest-httpbin==2.1.0; extra == "test"
+Requires-Dist: pytest-cov; extra == "test"
+Requires-Dist: pytest-mock; extra == "test"
+Requires-Dist: pytest-xdist; extra == "test"
+Requires-Dist: PySocks!=1.5.7,>=1.5.6; extra == "test"
+Requires-Dist: pytest>=3; extra == "test"
Dynamic: license-file
-Dynamic: project-url
-Dynamic: provides-extra
-Dynamic: requires-dist
-Dynamic: requires-python
-Dynamic: summary
# Requests
+[](https://pypi.org/project/requests/)
+[](https://pypi.org/project/requests)
+[](https://pepy.tech/project/requests)
+[](https://github.com/psf/requests/graphs/contributors)
+
**Requests** is a simple, yet elegant, HTTP library.
```python
@@ -76,10 +75,6 @@
Requests is one of the most downloaded Python packages today, pulling in
around `30M downloads / week`— according to GitHub, Requests is currently
[depended
upon](https://github.com/psf/requests/network/dependents?package_id=UGFja2FnZS01NzA4OTExNg%3D%3D)
by `1,000,000+` repositories. You may certainly put your trust in this code.
-[](https://pepy.tech/project/requests)
-[](https://pypi.org/project/requests)
-[](https://github.com/psf/requests/graphs/contributors)
-
## Installing Requests and Supported Versions
Requests is available on PyPI:
@@ -88,7 +83,7 @@
$ python -m pip install requests
```
-Requests officially supports Python 3.9+.
+Requests officially supports Python 3.10+.
## Supported Features & Best–Practices
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/README.md
new/requests-2.33.0/README.md
--- old/requests-2.32.5/README.md 2025-08-17 18:56:23.000000000 +0200
+++ new/requests-2.33.0/README.md 2026-03-25 16:09:51.000000000 +0100
@@ -1,5 +1,10 @@
# Requests
+[](https://pypi.org/project/requests/)
+[](https://pypi.org/project/requests)
+[](https://pepy.tech/project/requests)
+[](https://github.com/psf/requests/graphs/contributors)
+
**Requests** is a simple, yet elegant, HTTP library.
```python
@@ -21,10 +26,6 @@
Requests is one of the most downloaded Python packages today, pulling in
around `30M downloads / week`— according to GitHub, Requests is currently
[depended
upon](https://github.com/psf/requests/network/dependents?package_id=UGFja2FnZS01NzA4OTExNg%3D%3D)
by `1,000,000+` repositories. You may certainly put your trust in this code.
-[](https://pepy.tech/project/requests)
-[](https://pypi.org/project/requests)
-[](https://github.com/psf/requests/graphs/contributors)
-
## Installing Requests and Supported Versions
Requests is available on PyPI:
@@ -33,7 +34,7 @@
$ python -m pip install requests
```
-Requests officially supports Python 3.9+.
+Requests officially supports Python 3.10+.
## Supported Features & Best–Practices
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/pyproject.toml
new/requests-2.33.0/pyproject.toml
--- old/requests-2.32.5/pyproject.toml 2025-08-17 22:09:20.000000000 +0200
+++ new/requests-2.33.0/pyproject.toml 2026-03-25 16:09:51.000000000 +0100
@@ -1,7 +1,99 @@
-[tool.isort]
-profile = "black"
-src_paths = ["src/requests", "test"]
-honor_noqa = true
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "requests"
+description = "Python HTTP for Humans."
+readme = "README.md"
+license = {text = "Apache-2.0"}
+authors = [
+ { name = "Kenneth Reitz", email = "[email protected]" },
+]
+maintainers = [
+ {name = "Ian Stapleton Cordasco", email="[email protected]"},
+ {name = "Nate Prewitt", email="[email protected]"}
+]
+requires-python = ">=3.10"
+dependencies = [
+ "charset_normalizer>=2,<4",
+ "idna>=2.5,<4",
+ "urllib3>=1.26,<3",
+ "certifi>=2023.5.7"
+]
+dynamic = ["version"]
+
+classifiers = [
+ "Development Status :: 5 - Production/Stable",
+ "Environment :: Web Environment",
+ "Intended Audience :: Developers",
+ "License :: OSI Approved :: Apache Software License",
+ "Natural Language :: English",
+ "Operating System :: OS Independent",
+ "Programming Language :: Python",
+ "Programming Language :: Python :: 3",
+ "Programming Language :: Python :: 3.10",
+ "Programming Language :: Python :: 3.11",
+ "Programming Language :: Python :: 3.12",
+ "Programming Language :: Python :: 3.13",
+ "Programming Language :: Python :: 3.14",
+ "Programming Language :: Python :: 3 :: Only",
+ "Programming Language :: Python :: Implementation :: CPython",
+ "Programming Language :: Python :: Implementation :: PyPy",
+ "Topic :: Internet :: WWW/HTTP",
+ "Topic :: Software Development :: Libraries"
+]
+
+[project.urls]
+Documentation = "https://requests.readthedocs.io";
+Source = "https://github.com/psf/requests";
+
+[project.optional-dependencies]
+security = []
+socks = ["PySocks>=1.5.6, !=1.5.7"]
+use_chardet_on_py3 = ["chardet>=3.0.2,<8"]
+test = [
+ "pytest-httpbin==2.1.0",
+ "pytest-cov",
+ "pytest-mock",
+ "pytest-xdist",
+ "PySocks>=1.5.6, !=1.5.7",
+ "pytest>=3"
+]
+
+[tool.setuptools]
+license-files = ["LICENSE", "NOTICE"]
+
+[tool.setuptools.dynamic]
+version = {attr = "requests.__version__.__version__"}
+
+[tool.setuptools.packages.find]
+where = ["src"]
+
+[tool.ruff]
+target-version = "py310"
+src = ["src/requests", "tests"]
+exclude = ["docs/", "ext/"]
+
+[tool.ruff.lint]
+select = [
+ "E", # pycodestyle errors
+ "W", # pycodestyle warnings
+ "F", # pyflakes
+ "I", # isort
+ "UP", # pyupgrade
+ "T10", # flake8-debugger (replaces debug-statements hook)
+]
+ignore = ["E203", "E501", "UP038", "UP031"]
+per-file-ignores = {"src/requests/__init__.py" = ["E402", "F401"],
"src/requests/compat.py" = ["E402", "F401"], "tests/compat.py" = ["F401"]}
+
+[tool.ruff.lint.isort]
+known-first-party = ["requests"]
+
+[tool.ruff.format]
+# Use black-compatible formatting
+quote-style = "double"
+indent-style = "space"
[tool.pytest.ini_options]
addopts = "--doctest-modules"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/setup.cfg
new/requests-2.33.0/setup.cfg
--- old/requests-2.32.5/setup.cfg 2025-08-18 23:43:30.278064000 +0200
+++ new/requests-2.33.0/setup.cfg 2026-03-25 16:09:55.192899000 +0100
@@ -1,21 +1,3 @@
-[metadata]
-license_file = LICENSE
-provides-extra =
- socks
- use_chardet_on_py3
-requires-dist =
- certifi>=2017.4.17
- charset_normalizer>=2,<4
- idna>=2.5,<4
- urllib3>=1.21.1,<3
-
-[flake8]
-ignore = E203, E501, W503
-per-file-ignores =
- src/requests/__init__.py:E402, F401
- src/requests/compat.py:E402, F401
- tests/compat.py:F401
-
[egg_info]
tag_build =
tag_date = 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/setup.py new/requests-2.33.0/setup.py
--- old/requests-2.32.5/setup.py 2025-08-17 22:09:20.000000000 +0200
+++ new/requests-2.33.0/setup.py 2026-03-25 16:09:51.000000000 +0100
@@ -1,107 +1,9 @@
-#!/usr/bin/env python
-import os
import sys
-from codecs import open
-from setuptools import setup
-
-CURRENT_PYTHON = sys.version_info[:2]
-REQUIRED_PYTHON = (3, 9)
-
-if CURRENT_PYTHON < REQUIRED_PYTHON:
- sys.stderr.write(
- """
-==========================
-Unsupported Python version
-==========================
-This version of Requests requires at least Python {}.{}, but
-you're trying to install it on Python {}.{}. To resolve this,
-consider upgrading to a supported Python version.
-
-If you can't upgrade your Python version, you'll need to
-pin to an older version of Requests (<2.32.0).
-""".format(
- *(REQUIRED_PYTHON + CURRENT_PYTHON)
- )
- )
+if sys.version_info < (3, 10): # noqa: UP036
+ sys.stderr.write("Requests requires Python 3.10 or later.\n")
sys.exit(1)
+from setuptools import setup
-# 'setup.py publish' shortcut.
-if sys.argv[-1] == "publish":
- os.system("python setup.py sdist bdist_wheel")
- os.system("twine upload dist/*")
- sys.exit()
-
-requires = [
- "charset_normalizer>=2,<4",
- "idna>=2.5,<4",
- "urllib3>=1.21.1,<3",
- "certifi>=2017.4.17",
-]
-test_requirements = [
- "pytest-httpbin==2.1.0",
- "pytest-cov",
- "pytest-mock",
- "pytest-xdist",
- "PySocks>=1.5.6, !=1.5.7",
- "pytest>=3",
-]
-
-about = {}
-here = os.path.abspath(os.path.dirname(__file__))
-with open(os.path.join(here, "src", "requests", "__version__.py"), "r",
"utf-8") as f:
- exec(f.read(), about)
-
-with open("README.md", "r", "utf-8") as f:
- readme = f.read()
-
-setup(
- name=about["__title__"],
- version=about["__version__"],
- description=about["__description__"],
- long_description=readme,
- long_description_content_type="text/markdown",
- author=about["__author__"],
- author_email=about["__author_email__"],
- url=about["__url__"],
- packages=["requests"],
- package_data={"": ["LICENSE", "NOTICE"]},
- package_dir={"": "src"},
- include_package_data=True,
- python_requires=">=3.9",
- install_requires=requires,
- license=about["__license__"],
- zip_safe=False,
- classifiers=[
- "Development Status :: 5 - Production/Stable",
- "Environment :: Web Environment",
- "Intended Audience :: Developers",
- "License :: OSI Approved :: Apache Software License",
- "Natural Language :: English",
- "Operating System :: OS Independent",
- "Programming Language :: Python",
- "Programming Language :: Python :: 3",
- "Programming Language :: Python :: 3.9",
- "Programming Language :: Python :: 3.10",
- "Programming Language :: Python :: 3.11",
- "Programming Language :: Python :: 3.12",
- "Programming Language :: Python :: 3.13",
- "Programming Language :: Python :: 3.14",
- "Programming Language :: Python :: 3 :: Only",
- "Programming Language :: Python :: Implementation :: CPython",
- "Programming Language :: Python :: Implementation :: PyPy",
- "Topic :: Internet :: WWW/HTTP",
- "Topic :: Software Development :: Libraries",
- ],
- tests_require=test_requirements,
- extras_require={
- "security": [],
- "socks": ["PySocks>=1.5.6, !=1.5.7"],
- "use_chardet_on_py3": ["chardet>=3.0.2,<6"],
- },
- project_urls={
- "Documentation": "https://requests.readthedocs.io";,
- "Source": "https://github.com/psf/requests";,
- },
-)
+setup()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/__init__.py
new/requests-2.33.0/src/requests/__init__.py
--- old/requests-2.32.5/src/requests/__init__.py 2024-05-20
15:47:22.000000000 +0200
+++ new/requests-2.33.0/src/requests/__init__.py 2026-03-25
16:09:51.000000000 +0100
@@ -75,8 +75,8 @@
if chardet_version:
major, minor, patch = chardet_version.split(".")[:3]
major, minor, patch = int(major), int(minor), int(patch)
- # chardet_version >= 3.0.2, < 6.0.0
- assert (3, 0, 2) <= (major, minor, patch) < (6, 0, 0)
+ # chardet_version >= 3.0.2, < 8.0.0
+ assert (3, 0, 2) <= (major, minor, patch) < (8, 0, 0)
elif charset_normalizer_version:
major, minor, patch = charset_normalizer_version.split(".")[:3]
major, minor, patch = int(major), int(minor), int(patch)
@@ -98,8 +98,8 @@
return
if cryptography_version < [1, 3, 4]:
- warning = "Old version of cryptography ({}) may cause
slowdown.".format(
- cryptography_version
+ warning = (
+ f"Old version of cryptography ({cryptography_version}) may cause
slowdown."
)
warnings.warn(warning, RequestsDependencyWarning)
@@ -111,10 +111,9 @@
)
except (AssertionError, ValueError):
warnings.warn(
- "urllib3 ({}) or chardet ({})/charset_normalizer ({}) doesn't match a
supported "
- "version!".format(
- urllib3.__version__, chardet_version, charset_normalizer_version
- ),
+ f"urllib3 ({urllib3.__version__}) or chardet "
+ f"({chardet_version})/charset_normalizer
({charset_normalizer_version}) "
+ "doesn't match a supported version!",
RequestsDependencyWarning,
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/__version__.py
new/requests-2.33.0/src/requests/__version__.py
--- old/requests-2.32.5/src/requests/__version__.py 2025-08-18
23:42:33.000000000 +0200
+++ new/requests-2.33.0/src/requests/__version__.py 2026-03-25
16:09:51.000000000 +0100
@@ -5,8 +5,8 @@
__title__ = "requests"
__description__ = "Python HTTP for Humans."
__url__ = "https://requests.readthedocs.io";
-__version__ = "2.32.5"
-__build__ = 0x023205
+__version__ = "2.33.0"
+__build__ = 0x023300
__author__ = "Kenneth Reitz"
__author_email__ = "[email protected]"
__license__ = "Apache-2.0"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/_internal_utils.py
new/requests-2.33.0/src/requests/_internal_utils.py
--- old/requests-2.32.5/src/requests/_internal_utils.py 2024-05-20
15:47:22.000000000 +0200
+++ new/requests-2.33.0/src/requests/_internal_utils.py 2026-03-25
16:09:51.000000000 +0100
@@ -5,6 +5,7 @@
Provides utility functions that are consumed internally by Requests
which depend on extremely few external helpers (such as compat)
"""
+
import re
from .compat import builtin_str
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/adapters.py
new/requests-2.33.0/src/requests/adapters.py
--- old/requests-2.32.5/src/requests/adapters.py 2025-07-25
00:14:11.000000000 +0200
+++ new/requests-2.33.0/src/requests/adapters.py 2026-03-25
16:09:51.000000000 +0100
@@ -11,17 +11,19 @@
import typing
import warnings
-from urllib3.exceptions import ClosedPoolError, ConnectTimeoutError
-from urllib3.exceptions import HTTPError as _HTTPError
-from urllib3.exceptions import InvalidHeader as _InvalidHeader
from urllib3.exceptions import (
+ ClosedPoolError,
+ ConnectTimeoutError,
LocationValueError,
MaxRetryError,
NewConnectionError,
ProtocolError,
+ ReadTimeoutError,
+ ResponseError,
)
+from urllib3.exceptions import HTTPError as _HTTPError
+from urllib3.exceptions import InvalidHeader as _InvalidHeader
from urllib3.exceptions import ProxyError as _ProxyError
-from urllib3.exceptions import ReadTimeoutError, ResponseError
from urllib3.exceptions import SSLError as _SSLError
from urllib3.poolmanager import PoolManager, proxy_from_url
from urllib3.util import Timeout as TimeoutSauce
@@ -47,7 +49,6 @@
from .structures import CaseInsensitiveDict
from .utils import (
DEFAULT_CA_BUNDLE_PATH,
- extract_zipped_paths,
get_auth_from_url,
get_encoding_from_headers,
prepend_scheme_if_needed,
@@ -76,9 +77,9 @@
def _urllib3_request_context(
request: "PreparedRequest",
verify: "bool | str | None",
- client_cert: "typing.Tuple[str, str] | str | None",
+ client_cert: "tuple[str, str] | str | None",
poolmanager: "PoolManager",
-) -> "(typing.Dict[str, typing.Any], typing.Dict[str, typing.Any])":
+) -> "(dict[str, typing.Any], dict[str, typing.Any])":
host_params = {}
pool_kwargs = {}
parsed_request_url = urlparse(request.url)
@@ -297,7 +298,7 @@
cert_loc = verify
if not cert_loc:
- cert_loc = extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH)
+ cert_loc = DEFAULT_CA_BUNDLE_PATH
if not cert_loc or not os.path.exists(cert_loc):
raise OSError(
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/auth.py
new/requests-2.33.0/src/requests/auth.py
--- old/requests-2.32.5/src/requests/auth.py 2024-05-20 15:47:22.000000000
+0200
+++ new/requests-2.33.0/src/requests/auth.py 2026-03-25 16:09:51.000000000
+0100
@@ -35,9 +35,9 @@
if not isinstance(username, basestring):
warnings.warn(
"Non-string usernames will no longer be supported in Requests "
- "3.0.0. Please convert the object you've passed in ({!r}) to "
+ f"3.0.0. Please convert the object you've passed in ({username!r})
to "
"a string or bytes object in the near future to avoid "
- "problems.".format(username),
+ "problems.",
category=DeprecationWarning,
)
username = str(username)
@@ -45,9 +45,9 @@
if not isinstance(password, basestring):
warnings.warn(
"Non-string passwords will no longer be supported in Requests "
- "3.0.0. Please convert the object you've passed in ({!r}) to "
+ f"3.0.0. Please convert the object you've passed in
({type(password)!r}) to "
"a string or bytes object in the near future to avoid "
- "problems.".format(type(password)),
+ "problems.",
category=DeprecationWarning,
)
password = str(password)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/certs.py
new/requests-2.33.0/src/requests/certs.py
--- old/requests-2.32.5/src/requests/certs.py 2024-05-20 15:47:22.000000000
+0200
+++ new/requests-2.33.0/src/requests/certs.py 2026-03-25 16:09:51.000000000
+0100
@@ -11,6 +11,7 @@
environment, you can change the definition of where() to return a separately
packaged CA bundle.
"""
+
from certifi import where
if __name__ == "__main__":
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/exceptions.py
new/requests-2.33.0/src/requests/exceptions.py
--- old/requests-2.32.5/src/requests/exceptions.py 2024-05-20
15:47:22.000000000 +0200
+++ new/requests-2.33.0/src/requests/exceptions.py 2026-03-25
16:09:51.000000000 +0100
@@ -4,6 +4,7 @@
This module contains the set of Requests' exceptions.
"""
+
from urllib3.exceptions import HTTPError as BaseHTTPError
from .compat import JSONDecodeError as CompatJSONDecodeError
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/help.py
new/requests-2.33.0/src/requests/help.py
--- old/requests-2.32.5/src/requests/help.py 2024-05-20 15:47:22.000000000
+0200
+++ new/requests-2.33.0/src/requests/help.py 2026-03-25 16:09:51.000000000
+0100
@@ -47,11 +47,8 @@
if implementation == "CPython":
implementation_version = platform.python_version()
elif implementation == "PyPy":
- implementation_version = "{}.{}.{}".format(
- sys.pypy_version_info.major,
- sys.pypy_version_info.minor,
- sys.pypy_version_info.micro,
- )
+ pypy = sys.pypy_version_info
+ implementation_version = f"{pypy.major}.{pypy.minor}.{pypy.micro}"
if sys.pypy_version_info.releaselevel != "final":
implementation_version = "".join(
[implementation_version, sys.pypy_version_info.releaselevel]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/hooks.py
new/requests-2.33.0/src/requests/hooks.py
--- old/requests-2.32.5/src/requests/hooks.py 2024-05-20 15:47:22.000000000
+0200
+++ new/requests-2.33.0/src/requests/hooks.py 2026-03-25 16:09:51.000000000
+0100
@@ -9,6 +9,7 @@
``response``:
The response generated from a Request.
"""
+
HOOKS = ["response"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/models.py
new/requests-2.33.0/src/requests/models.py
--- old/requests-2.32.5/src/requests/models.py 2025-03-31 19:37:24.000000000
+0200
+++ new/requests-2.33.0/src/requests/models.py 2026-03-25 16:09:51.000000000
+0100
@@ -34,9 +34,11 @@
builtin_str,
chardet,
cookielib,
+ urlencode,
+ urlsplit,
+ urlunparse,
)
from .compat import json as complexjson
-from .compat import urlencode, urlsplit, urlunparse
from .cookies import _copy_cookie_jar, cookiejar_from_dict, get_cookie_header
from .exceptions import (
ChunkedEncodingError,
@@ -45,11 +47,11 @@
HTTPError,
InvalidJSONError,
InvalidURL,
+ MissingSchema,
+ StreamConsumedError,
)
from .exceptions import JSONDecodeError as RequestsJSONDecodeError
-from .exceptions import MissingSchema
from .exceptions import SSLError as RequestsSSLError
-from .exceptions import StreamConsumedError
from .hooks import default_hooks
from .status_codes import codes
from .structures import CaseInsensitiveDict
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/sessions.py
new/requests-2.33.0/src/requests/sessions.py
--- old/requests-2.32.5/src/requests/sessions.py 2025-07-25
00:14:11.000000000 +0200
+++ new/requests-2.33.0/src/requests/sessions.py 2026-03-25
16:09:51.000000000 +0100
@@ -5,6 +5,7 @@
This module provides a Session object to manage and persist settings across
requests (cookies, auth, proxies).
"""
+
import os
import sys
import time
@@ -421,6 +422,8 @@
#: expired certificates, which will make your application vulnerable to
#: man-in-the-middle (MitM) attacks.
#: Only set this to `False` for testing.
+ #: If verify is set to a string, it must be the path to a CA bundle
file
+ #: that will be used to verify the TLS certificate.
self.verify = True
#: SSL client certificate default, if String, path to ssl client
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests/utils.py
new/requests-2.33.0/src/requests/utils.py
--- old/requests-2.32.5/src/requests/utils.py 2025-07-25 00:14:11.000000000
+0200
+++ new/requests-2.33.0/src/requests/utils.py 2026-03-25 16:09:51.000000000
+0100
@@ -39,9 +39,6 @@
getproxies_environment,
integer_types,
is_urllib3_1,
-)
-from .compat import parse_http_list as _parse_list_header
-from .compat import (
proxy_bypass,
proxy_bypass_environment,
quote,
@@ -50,6 +47,7 @@
urlparse,
urlunparse,
)
+from .compat import parse_http_list as _parse_list_header
from .cookies import cookiejar_from_dict
from .exceptions import (
FileModeWarning,
@@ -61,6 +59,7 @@
NETRC_FILES = (".netrc", "_netrc")
+# Certificate is extracted by certifi when needed.
DEFAULT_CA_BUNDLE_PATH = certs.where()
DEFAULT_PORTS = {"http": 80, "https": 443}
@@ -233,7 +232,7 @@
try:
_netrc = netrc(netrc_path).authenticators(host)
- if _netrc:
+ if _netrc and any(_netrc):
# Return with login / password
login_i = 0 if _netrc[0] else 1
return (_netrc[login_i], _netrc[2])
@@ -283,12 +282,13 @@
return path
# we have a valid zip archive and a valid member of that archive
- tmp = tempfile.gettempdir()
- extracted_path = os.path.join(tmp, member.split("/")[-1])
- if not os.path.exists(extracted_path):
- # use read + write to avoid the creating nested folders, we only want
the file, avoids mkdir racing condition
- with atomic_open(extracted_path) as file_handler:
- file_handler.write(zip_file.read(member))
+ suffix = os.path.splitext(member.split("/")[-1])[-1]
+ fd, extracted_path = tempfile.mkstemp(suffix=suffix)
+ try:
+ os.write(fd, zip_file.read(member))
+ finally:
+ os.close(fd)
+
return extracted_path
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests.egg-info/PKG-INFO
new/requests-2.33.0/src/requests.egg-info/PKG-INFO
--- old/requests-2.32.5/src/requests.egg-info/PKG-INFO 2025-08-18
23:43:30.000000000 +0200
+++ new/requests-2.33.0/src/requests.egg-info/PKG-INFO 2026-03-25
16:09:55.000000000 +0100
@@ -1,10 +1,9 @@
Metadata-Version: 2.4
Name: requests
-Version: 2.32.5
+Version: 2.33.0
Summary: Python HTTP for Humans.
-Home-page: https://requests.readthedocs.io
-Author: Kenneth Reitz
-Author-email: [email protected]
+Author-email: Kenneth Reitz <[email protected]>
+Maintainer-email: Ian Stapleton Cordasco <[email protected]>, Nate
Prewitt <[email protected]>
License: Apache-2.0
Project-URL: Documentation, https://requests.readthedocs.io
Project-URL: Source, https://github.com/psf/requests
@@ -16,7 +15,6 @@
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
@@ -27,34 +25,35 @@
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Software Development :: Libraries
-Requires-Python: >=3.9
+Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
+License-File: NOTICE
Requires-Dist: charset_normalizer<4,>=2
Requires-Dist: idna<4,>=2.5
-Requires-Dist: urllib3<3,>=1.21.1
-Requires-Dist: certifi>=2017.4.17
+Requires-Dist: urllib3<3,>=1.26
+Requires-Dist: certifi>=2023.5.7
Provides-Extra: security
Provides-Extra: socks
Requires-Dist: PySocks!=1.5.7,>=1.5.6; extra == "socks"
Provides-Extra: use-chardet-on-py3
-Requires-Dist: chardet<6,>=3.0.2; extra == "use-chardet-on-py3"
-Dynamic: author
-Dynamic: author-email
-Dynamic: classifier
-Dynamic: description
-Dynamic: description-content-type
-Dynamic: home-page
-Dynamic: license
+Requires-Dist: chardet<8,>=3.0.2; extra == "use-chardet-on-py3"
+Provides-Extra: test
+Requires-Dist: pytest-httpbin==2.1.0; extra == "test"
+Requires-Dist: pytest-cov; extra == "test"
+Requires-Dist: pytest-mock; extra == "test"
+Requires-Dist: pytest-xdist; extra == "test"
+Requires-Dist: PySocks!=1.5.7,>=1.5.6; extra == "test"
+Requires-Dist: pytest>=3; extra == "test"
Dynamic: license-file
-Dynamic: project-url
-Dynamic: provides-extra
-Dynamic: requires-dist
-Dynamic: requires-python
-Dynamic: summary
# Requests
+[](https://pypi.org/project/requests/)
+[](https://pypi.org/project/requests)
+[](https://pepy.tech/project/requests)
+[](https://github.com/psf/requests/graphs/contributors)
+
**Requests** is a simple, yet elegant, HTTP library.
```python
@@ -76,10 +75,6 @@
Requests is one of the most downloaded Python packages today, pulling in
around `30M downloads / week`— according to GitHub, Requests is currently
[depended
upon](https://github.com/psf/requests/network/dependents?package_id=UGFja2FnZS01NzA4OTExNg%3D%3D)
by `1,000,000+` repositories. You may certainly put your trust in this code.
-[](https://pepy.tech/project/requests)
-[](https://pypi.org/project/requests)
-[](https://github.com/psf/requests/graphs/contributors)
-
## Installing Requests and Supported Versions
Requests is available on PyPI:
@@ -88,7 +83,7 @@
$ python -m pip install requests
```
-Requests officially supports Python 3.9+.
+Requests officially supports Python 3.10+.
## Supported Features & Best–Practices
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests.egg-info/SOURCES.txt
new/requests-2.33.0/src/requests.egg-info/SOURCES.txt
--- old/requests-2.32.5/src/requests.egg-info/SOURCES.txt 2025-08-18
23:43:30.000000000 +0200
+++ new/requests-2.33.0/src/requests.egg-info/SOURCES.txt 2026-03-25
16:09:55.000000000 +0100
@@ -5,7 +5,6 @@
README.md
pyproject.toml
requirements-dev.txt
-setup.cfg
setup.py
src/requests/__init__.py
src/requests/__version__.py
@@ -28,7 +27,6 @@
src/requests.egg-info/PKG-INFO
src/requests.egg-info/SOURCES.txt
src/requests.egg-info/dependency_links.txt
-src/requests.egg-info/not-zip-safe
src/requests.egg-info/requires.txt
src/requests.egg-info/top_level.txt
tests/__init__.py
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests.egg-info/not-zip-safe
new/requests-2.33.0/src/requests.egg-info/not-zip-safe
--- old/requests-2.32.5/src/requests.egg-info/not-zip-safe 2025-08-18
23:43:30.000000000 +0200
+++ new/requests-2.33.0/src/requests.egg-info/not-zip-safe 1970-01-01
01:00:00.000000000 +0100
@@ -1 +0,0 @@
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/src/requests.egg-info/requires.txt
new/requests-2.33.0/src/requests.egg-info/requires.txt
--- old/requests-2.32.5/src/requests.egg-info/requires.txt 2025-08-18
23:43:30.000000000 +0200
+++ new/requests-2.33.0/src/requests.egg-info/requires.txt 2026-03-25
16:09:55.000000000 +0100
@@ -1,12 +1,20 @@
charset_normalizer<4,>=2
idna<4,>=2.5
-urllib3<3,>=1.21.1
-certifi>=2017.4.17
+urllib3<3,>=1.26
+certifi>=2023.5.7
[security]
[socks]
PySocks!=1.5.7,>=1.5.6
+[test]
+pytest-httpbin==2.1.0
+pytest-cov
+pytest-mock
+pytest-xdist
+PySocks!=1.5.7,>=1.5.6
+pytest>=3
+
[use_chardet_on_py3]
-chardet<6,>=3.0.2
+chardet<8,>=3.0.2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/tests/test_lowlevel.py
new/requests-2.33.0/tests/test_lowlevel.py
--- old/requests-2.32.5/tests/test_lowlevel.py 2024-05-14 23:19:57.000000000
+0200
+++ new/requests-2.33.0/tests/test_lowlevel.py 2026-03-25 16:09:51.000000000
+0100
@@ -1,10 +1,10 @@
import threading
import pytest
-from tests.testserver.server import Server, consume_socket_content
import requests
from requests.compat import JSONDecodeError
+from tests.testserver.server import Server, consume_socket_content
from .utils import override_environ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/tests/test_requests.py
new/requests-2.33.0/tests/test_requests.py
--- old/requests-2.32.5/tests/test_requests.py 2025-07-25 00:14:11.000000000
+0200
+++ new/requests-2.33.0/tests/test_requests.py 2026-03-25 16:09:51.000000000
+0100
@@ -44,9 +44,11 @@
ReadTimeout,
RequestException,
RetryError,
+ Timeout,
+ TooManyRedirects,
+ UnrewindableBodyError,
)
from requests.exceptions import SSLError as RequestsSSLError
-from requests.exceptions import Timeout, TooManyRedirects,
UnrewindableBodyError
from requests.hooks import default_hooks
from requests.models import PreparedRequest, urlencode
from requests.sessions import SessionRedirectMixin
@@ -960,20 +962,18 @@
INVALID_PATH = "/garbage"
with pytest.raises(IOError) as e:
requests.get(httpbin_secure(), verify=INVALID_PATH)
- assert str(
- e.value
- ) == "Could not find a suitable TLS CA certificate bundle, invalid
path: {}".format(
- INVALID_PATH
+ assert (
+ str(e.value)
+ == f"Could not find a suitable TLS CA certificate bundle, invalid
path: {INVALID_PATH}"
)
def test_invalid_ssl_certificate_files(self, httpbin_secure):
INVALID_PATH = "/garbage"
with pytest.raises(IOError) as e:
requests.get(httpbin_secure(), cert=INVALID_PATH)
- assert str(
- e.value
- ) == "Could not find the TLS certificate file, invalid path:
{}".format(
- INVALID_PATH
+ assert (
+ str(e.value)
+ == f"Could not find the TLS certificate file, invalid path:
{INVALID_PATH}"
)
with pytest.raises(IOError) as e:
@@ -2460,7 +2460,6 @@
class TestMorselToCookieMaxAge:
-
"""Tests for morsel_to_cookie when morsel contains max-age."""
def test_max_age_valid_int(self):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/tests/test_testserver.py
new/requests-2.33.0/tests/test_testserver.py
--- old/requests-2.32.5/tests/test_testserver.py 2024-03-01
21:55:12.000000000 +0100
+++ new/requests-2.33.0/tests/test_testserver.py 2026-03-25
16:09:51.000000000 +0100
@@ -3,9 +3,9 @@
import time
import pytest
-from tests.testserver.server import Server
import requests
+from tests.testserver.server import Server
class TestTestServer:
@@ -42,7 +42,7 @@
def test_text_response(self):
"""the text_response_server sends the given text"""
server = Server.text_response_server(
- "HTTP/1.1 200 OK\r\n" "Content-Length: 6\r\n" "\r\nroflol"
+ "HTTP/1.1 200 OK\r\nContent-Length: 6\r\n\r\nroflol"
)
with server as (host, port):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/requests-2.32.5/tests/test_utils.py
new/requests-2.33.0/tests/test_utils.py
--- old/requests-2.32.5/tests/test_utils.py 2025-07-25 00:14:11.000000000
+0200
+++ new/requests-2.33.0/tests/test_utils.py 2026-03-25 16:09:51.000000000
+0100
@@ -170,6 +170,16 @@
auth = get_netrc_auth("http://example.com:@evil.com/'";)
assert auth is None
+ def test_empty_default_credentials_ignored(self, tmp_path, monkeypatch):
+ """Empty default credentials should not be returned."""
+ netrc_path = tmp_path / ".netrc"
+ monkeypatch.setenv("NETRC", str(netrc_path))
+ with open(netrc_path, "w") as f:
+ f.write("machine example.com login user password pass\ndefault\n")
+
+ auth = get_netrc_auth("http://httpbin.org/";)
+ assert auth is None
+
class TestToKeyValList:
@pytest.mark.parametrize(
