{"id":2600,"name":"pycryptodomex","ecosystem":"pip","repository_url":"https://github.com/Legrandin/pycryptodome","issues_count":97,"created_at":"2025-06-06T15:02:07.510Z","updated_at":"2025-06-06T15:02:07.510Z","purl":"pkg:pypi/pycryptodomex","metadata":{"id":2868587,"name":"pycryptodomex","ecosystem":"pypi","description":"Cryptographic library for Python","homepage":"https://www.pycryptodome.org","licenses":"BSD, Public Domain","normalized_licenses":["BSD-3-Clause","Unlicense"],"repository_url":"https://github.com/Legrandin/pycryptodome","keywords_array":[],"namespace":null,"versions_count":51,"first_release_published_at":"2016-02-21T07:22:38.000Z","latest_release_published_at":"2025-05-17T17:22:07.000Z","latest_release_number":"3.23.0","last_synced_at":"2025-06-06T04:01:48.166Z","created_at":"2022-04-10T12:11:21.967Z","updated_at":"2025-06-06T04:01:48.166Z","registry_url":"https://pypi.org/project/pycryptodomex/","install_command":"pip install pycryptodomex --index-url https://pypi.org/simple","documentation_url":"https://pycryptodomex.readthedocs.io/","metadata":{"funding":null,"documentation":null,"classifiers":["Development Status :: 5 - Production/Stable","Intended Audience :: Developers","License :: OSI Approved :: BSD License","License :: Public Domain","Operating System :: MacOS :: MacOS X","Operating System :: Microsoft :: Windows","Operating System :: Unix","Programming Language :: Python :: 2","Programming Language :: Python :: 2.7","Programming Language :: Python :: 3","Programming Language :: Python :: 3.10","Programming Language :: Python :: 3.11","Programming Language :: Python :: 3.12","Programming Language :: Python :: 3.13","Programming Language :: Python :: 3.7","Programming Language :: Python :: 3.8","Programming Language :: Python :: 3.9","Topic :: Security :: Cryptography"],"normalized_name":"pycryptodomex"},"repo_metadata":{"id":16623902,"uuid":"19378935","full_name":"Legrandin/pycryptodome","owner":"Legrandin","description":"A self-contained cryptographic library for Python","archived":false,"fork":false,"pushed_at":"2024-09-05T18:24:19.000Z","size":39047,"stargazers_count":2784,"open_issues_count":76,"forks_count":497,"subscribers_count":66,"default_branch":"master","last_synced_at":"2024-09-06T11:11:33.585Z","etag":null,"topics":["cryptography","python","security"],"latest_commit_sha":null,"homepage":"https://www.pycryptodome.org","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Legrandin.png","metadata":{"files":{"readme":"README.rst","changelog":"Changelog.rst","contributing":null,"funding":null,"license":"LICENSE.rst","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS.rst","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-05-02T15:11:38.000Z","updated_at":"2024-09-06T09:30:14.000Z","dependencies_parsed_at":"2023-09-24T13:30:24.625Z","dependency_job_id":"702350b0-138a-42be-aca2-4698fed49ea3","html_url":"https://github.com/Legrandin/pycryptodome","commit_stats":{"total_commits":2684,"total_committers":150,"mean_commits":"17.893333333333334","dds":"0.39344262295081966","last_synced_commit":"739558f4d6174c2870431fe081964613567ea1fc"},"previous_names":[],"tags_count":115,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Legrandin","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":218045854,"owners_count":16269760,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"Legrandin","name":"Helder Eijs","uuid":"554612","kind":"user","description":null,"email":"","website":null,"location":"Europe","twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/554612?v=4","repositories_count":5,"last_synced_at":"2023-03-11T15:50:43.670Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/Legrandin","funding_links":[],"total_stars":null,"followers":null,"following":null,"created_at":"2022-11-03T00:05:31.252Z","updated_at":"2023-03-11T15:50:43.788Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Legrandin","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Legrandin/repositories"},"tags":[{"name":"v3.20.0x","sha":"e7121fcf6b3f3b1b733b2a676bed23d4e0e6188d","kind":"commit","published_at":"2024-01-09T19:38:18.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.20.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.20.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.20.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.20.0x/manifests"},{"name":"v3.20.0","sha":"b6ab9462d647f12c64d7950b4b81c2b9df3e6bc7","kind":"commit","published_at":"2024-01-09T19:37:52.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.20.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.20.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.20.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.20.0/manifests"},{"name":"v3.19.1x","sha":"ed0c1ec63eb22dbe33b637bed381370a50e892bb","kind":"commit","published_at":"2023-12-27T22:47:15.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.19.1x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.19.1x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.19.1x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.19.1x/manifests"},{"name":"v3.19.1","sha":"ef270ab436bddb437f8de122085bcf26dc9ad904","kind":"commit","published_at":"2023-12-27T22:45:07.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.19.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.19.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.19.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.19.1/manifests"},{"name":"v3.19.0x","sha":"7e7c3ffef38f84c06753d5af9ddb1a04a079ffec","kind":"commit","published_at":"2023-09-15T15:54:15.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.19.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.19.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.19.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.19.0x/manifests"},{"name":"v3.19.0","sha":"d298477f700f6dcac1de709abea5598833a4f8d1","kind":"commit","published_at":"2023-09-15T15:15:39.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.19.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.19.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.19.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.19.0/manifests"},{"name":"test_wheel_1","sha":"a49a0180bae57c06e89a6c5f70856dc1e5baa6f3","kind":"commit","published_at":"2023-09-13T11:48:41.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/test_wheel_1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/test_wheel_1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/test_wheel_1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/test_wheel_1/manifests"},{"name":"v3.18.0x","sha":"83602bcdf3a5eae86c9a819fba5b89794592fcd2","kind":"commit","published_at":"2023-05-17T20:56:43.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.18.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.18.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.18.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.18.0x/manifests"},{"name":"v3.18.0","sha":"a75c4643703625a2a6a8fd9e3ebf7605c6752cbf","kind":"commit","published_at":"2023-05-17T20:48:57.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.18.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.18.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.18.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.18.0/manifests"},{"name":"v3.17.0x","sha":"a394a17c50529ec4b699d4134cdbd5625f28c9a1","kind":"commit","published_at":"2023-01-27T23:32:49.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.17.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.17.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.17.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.17.0x/manifests"},{"name":"v3.17.0","sha":"737a9e7b72d2aa73cf1d020c8a8cf0d1aaa0d9f7","kind":"commit","published_at":"2023-01-27T23:30:55.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.17.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.17.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.17.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.17.0/manifests"},{"name":"v3.16.0x","sha":"0de7b4d80438aeba63e8010fa7da0f1d6d98effb","kind":"commit","published_at":"2022-11-26T16:23:54.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.16.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.16.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.16.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.16.0x/manifests"},{"name":"v3.16.0","sha":"f54108b5a6e12d2ee7bd8eadd94a12e85e8f9227","kind":"commit","published_at":"2022-11-26T16:22:56.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.16.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.16.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.16.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.16.0/manifests"},{"name":"v3.15.0x","sha":"be1e79c3cfec11e8fd63d45df412e6bd5e1579f5","kind":"commit","published_at":"2022-06-22T20:53:00.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.15.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.15.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.15.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.15.0x/manifests"},{"name":"v3.15.0","sha":"c37fd1968b445a3f4b48519e126721a5435429ed","kind":"commit","published_at":"2022-06-22T18:21:37.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.15.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.15.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.15.0/manifests"},{"name":"v3.14.1x","sha":"7a3135f448b67a4670066346131bc0469a8ea673","kind":"commit","published_at":"2022-02-04T16:19:34.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.14.1x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.14.1x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.14.1x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.14.1x/manifests"},{"name":"v3.14.1","sha":"5c5db240da248e1d33982b625e1f2c4d327a2dfc","kind":"commit","published_at":"2022-02-04T16:18:46.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.14.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.14.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.14.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.14.1/manifests"},{"name":"v3.14.0x","sha":"4bf836f82dcf792da66107e1d52179bdc0647d49","kind":"commit","published_at":"2022-01-30T12:16:55.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.14.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.14.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.14.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.14.0x/manifests"},{"name":"v3.14.0","sha":"5b7bc90a6da221e599d91f58b112f2c32c48dbce","kind":"commit","published_at":"2022-01-30T11:27:56.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.14.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.14.0/manifests"},{"name":"v3.13.0x","sha":"e90197bf885a9c5855cc907943c537e42e99ad5a","kind":"commit","published_at":"2022-01-23T08:09:15.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.13.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.13.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.13.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.13.0x/manifests"},{"name":"v3.13.0","sha":"960f14d12339e721af1e2b20a557000d7189116b","kind":"commit","published_at":"2022-01-23T08:08:10.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.13.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.13.0/manifests"},{"name":"v3.12.0x","sha":"f6313843c02e4f67449e6b0be03ef5c569c3671f","kind":"commit","published_at":"2021-12-03T21:48:08.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.12.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.12.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.12.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.12.0x/manifests"},{"name":"v3.12.0","sha":"d8edf1a6a70d3a65dcda18ee24d96161525f2825","kind":"commit","published_at":"2021-12-03T21:46:27.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.12.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.12.0/manifests"},{"name":"v3.11.0x","sha":"6e8916e2ed83d0846a697fd7fda3d5cb82fb6cbf","kind":"commit","published_at":"2021-10-07T21:25:07.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.11.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.11.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.11.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.11.0x/manifests"},{"name":"v3.11.0","sha":"b92494b64aaa7af54a8c3e14aed7a3f3a67e58b3","kind":"commit","published_at":"2021-10-07T21:24:20.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.11.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.11.0/manifests"},{"name":"v3.10.4x","sha":"8b0bb9860b31554f2a8f1ad2c4da2e55ef87bccc","kind":"commit","published_at":"2021-09-24T22:02:34.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.10.4x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.10.4x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.4x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.4x/manifests"},{"name":"rtd_py3_1","sha":"f8d40a60fdf1bc4336864b90fc85df8e312dcc33","kind":"commit","published_at":"2021-09-24T21:57:03.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/rtd_py3_1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/rtd_py3_1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/rtd_py3_1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/rtd_py3_1/manifests"},{"name":"v3.10.4","sha":"f8d40a60fdf1bc4336864b90fc85df8e312dcc33","kind":"commit","published_at":"2021-09-24T21:57:03.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.10.4","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.10.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.4/manifests"},{"name":"v3.10.2x","sha":"5739a941a78ac3b6a8a14d85fe98b0abbe8e429a","kind":"commit","published_at":"2021-09-22T21:59:41.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.10.2x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.10.2x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.2x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.2x/manifests"},{"name":"v3.10.3x","sha":"5739a941a78ac3b6a8a14d85fe98b0abbe8e429a","kind":"commit","published_at":"2021-09-22T21:59:41.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.10.3x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.10.3x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.3x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.3x/manifests"},{"name":"v3.9.9_build_py34_win32","sha":"07f96f5433e34bc8896caca56b54fbf8a7878aad","kind":"commit","published_at":"2021-02-20T21:07:25.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.9_build_py34_win32","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.9_build_py34_win32","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.9_build_py34_win32","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.9_build_py34_win32/manifests"},{"name":"v3.10.1x","sha":"2f975cff5a5c22801819772263885f7321a7164a","kind":"commit","published_at":"2021-02-09T13:11:49.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.10.1x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.10.1x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.1x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.1x/manifests"},{"name":"v3.10.1","sha":"339259c3e3bb9c801f24c1ae5a90507ef5078465","kind":"commit","published_at":"2021-02-08T21:14:54.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.10.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.1/manifests"},{"name":"v3.10.0","sha":"4eede1354386bd09f7f12946253b3762b5ba1adf","kind":"commit","published_at":"2021-02-06T22:18:44.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.10.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.10.0/manifests"},{"name":"v3.9.9x","sha":"6d5869e86ff9a0f2f805bc78e71e8bc71983cb43","kind":"commit","published_at":"2020-11-01T23:06:16.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.9x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.9x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.9x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.9x/manifests"},{"name":"v3.9.9","sha":"ca247079513cdf1c8c4299af15b7fa8a7ccb1595","kind":"commit","published_at":"2020-11-01T22:16:35.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.9","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.9/manifests"},{"name":"build_aarch64","sha":"d5602082a3cbbb676fbe6a3f4dd502f3ac32193a","kind":"commit","published_at":"2020-09-18T21:54:31.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/build_aarch64","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/build_aarch64","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/build_aarch64","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/build_aarch64/manifests"},{"name":"v3.9.8x","sha":"dfa3dd744fc84e0ae4a1d04d32e1707e69c09a34","kind":"commit","published_at":"2020-06-22T21:18:31.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.8x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.8x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.8x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.8x/manifests"},{"name":"v3.9.8","sha":"4fbf0c3229e3b0257a552074ac8992930454af8c","kind":"commit","published_at":"2020-06-22T21:14:42.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.8","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.8/manifests"},{"name":"v3.9.7x","sha":"a0db6bc0d6a4e75c4e5c292fd5fdfdbd46e04e58","kind":"commit","published_at":"2020-02-20T21:46:18.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.7x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.7x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.7x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.7x/manifests"},{"name":"v3.9.7","sha":"5e1b39aea220c32dbbb3067b7138207db85f049c","kind":"commit","published_at":"2020-02-20T21:45:27.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.7","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.7/manifests"},{"name":"v3.9.6x","sha":"70141728738e66d1fdcf983aae9b642a9d496f3c","kind":"commit","published_at":"2020-02-02T13:47:07.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.6x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.6x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.6x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.6x/manifests"},{"name":"v3.9.6","sha":"282db2277986c52090d8dcf526846755ce420b09","kind":"commit","published_at":"2020-02-02T12:12:57.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.6","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.6/manifests"},{"name":"v3.9.5x","sha":"d8762a6bca67019ce7423ed89f7690aee13e313f","kind":"commit","published_at":"2020-01-31T21:42:10.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.5x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.5x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.5x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.5x/manifests"},{"name":"v3.9.5","sha":"bf4a96147eb6beb11a34636e12bc075f1c479616","kind":"commit","published_at":"2020-01-31T21:41:27.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.5","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.5/manifests"},{"name":"v3.9.4x","sha":"451f767b7f3b36db96afb9e35417cedbd4e590ab","kind":"commit","published_at":"2019-11-18T15:35:58.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.4x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.4x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.4x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.4x/manifests"},{"name":"v3.9.4","sha":"31254248476876161bd6fb3da1388ef95902e4a5","kind":"commit","published_at":"2019-11-18T15:33:48.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.4","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.4/manifests"},{"name":"v3.9.3x","sha":"e21b07276df7e3339d4dc1134b54bb1c502d2c07","kind":"commit","published_at":"2019-11-11T21:00:31.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.3x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.3x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.3x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.3x/manifests"},{"name":"v3.9.3","sha":"f6485b7611b36f06d3f775861d5050099dee6372","kind":"commit","published_at":"2019-11-11T20:59:33.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.3","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.3/manifests"},{"name":"v3.9.2x","sha":"d7d4783dde0a04481ef70710d6eff4f5cd98e621","kind":"commit","published_at":"2019-11-10T13:27:59.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.2x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.2x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.2x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.2x/manifests"},{"name":"v3.9.2","sha":"d442d9c70f3bab083d37548b5fd6ff360367dc56","kind":"commit","published_at":"2019-11-10T13:27:02.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.2","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.2/manifests"},{"name":"v3.9.1x","sha":"9c1d7eaf53223a83bb708a777ec9d1190ab37a07","kind":"commit","published_at":"2019-11-01T23:01:12.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.1x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.1x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.1x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.1x/manifests"},{"name":"v3.9.1","sha":"2d1ef731501f2e5d1df62e93352b9e29b5d7291e","kind":"commit","published_at":"2019-11-01T23:00:33.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.1/manifests"},{"name":"v3.9.0x","sha":"32bf89ef2bdd55535afb85b85eb092c079ec61dd","kind":"commit","published_at":"2019-08-28T06:32:24.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.0x/manifests"},{"name":"v3.9.0","sha":"c8bd2affb53d72aa41b6793608a7c4c35807d34d","kind":"commit","published_at":"2019-08-27T21:49:10.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.9.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.9.0/manifests"},{"name":"v3.8.2x","sha":"f5168556e9c873c5bb98f38d7aa66e0dd454e3bf","kind":"commit","published_at":"2019-05-30T06:39:30.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.8.2x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.8.2x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.2x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.2x/manifests"},{"name":"v3.8.2","sha":"431350e7806af05d06c7d4e3f906ba20269b7af5","kind":"commit","published_at":"2019-05-30T06:37:20.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.8.2","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.8.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.2/manifests"},{"name":"v3.8.1x","sha":"b45abaa56a6ce4dad5fad4a3ee98dfce8ed6bbfd","kind":"commit","published_at":"2019-04-03T20:58:01.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.8.1x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.8.1x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.1x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.1x/manifests"},{"name":"v3.8.1","sha":"9389dad20c81928e51151ddb984d5721a7cb09d2","kind":"commit","published_at":"2019-04-03T20:55:40.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.8.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.1/manifests"},{"name":"v3.8.0x","sha":"67bc21878515c53edea46a35ef51d87d66a4e31a","kind":"commit","published_at":"2019-03-22T21:59:25.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.8.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.8.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.0x/manifests"},{"name":"v3.8.0","sha":"61e6aa7626bbcc5e679c06ef29d31f3b013742da","kind":"commit","published_at":"2019-03-22T21:57:32.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.8.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.8.0/manifests"},{"name":"v3.7.3x","sha":"2fbd9d39303eaf13100599d747eef525b9cb0352","kind":"commit","published_at":"2019-01-20T09:28:25.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.7.3x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.7.3x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.3x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.3x/manifests"},{"name":"v3.7.3","sha":"aaaac35e81c3057d23a6d5160b986002e4647822","kind":"commit","published_at":"2019-01-19T21:52:55.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.7.3","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.3/manifests"},{"name":"v3.7.2x","sha":"385d7a48329f758fda1575b66ae8cb0dbafcf327","kind":"commit","published_at":"2018-11-26T20:20:40.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.7.2x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.7.2x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.2x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.2x/manifests"},{"name":"v3.7.2","sha":"94b71fcd6cf657ce3106e8b7e99a1f77a3dbd7de","kind":"commit","published_at":"2018-11-26T20:19:04.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.7.2","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.2/manifests"},{"name":"v3.7.1x","sha":"721fc7a2ba7b8b3de9c6974a9e7b58b15bb9bfb1","kind":"commit","published_at":"2018-11-24T20:52:38.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.7.1x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.7.1x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.1x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.1x/manifests"},{"name":"v3.7.1","sha":"845281fb9e88457dae1e596b9c632d97e199512b","kind":"commit","published_at":"2018-11-24T20:47:45.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.7.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.1/manifests"},{"name":"v3.7.0x","sha":"76f435e2420d03a48145ad634ca6dc8a2e502a27","kind":"commit","published_at":"2018-10-28T08:02:06.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.7.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.7.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.0x/manifests"},{"name":"v3.7.0","sha":"cc2fad20b42d751198f97dc171eb64ceb6db3b53","kind":"commit","published_at":"2018-10-27T21:08:03.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.7.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.7.0/manifests"},{"name":"v3.6.7","sha":"f9c9cc651473f880f5be5d90bdfd8a6a510148eb","kind":"commit","published_at":"2018-10-27T13:00:40.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.7","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.7/manifests"},{"name":"v3.6.6x","sha":"9788edcd38f2104ae6def75caab90346eb3d4c69","kind":"commit","published_at":"2018-08-17T19:45:02.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.6x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.6x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.6x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.6x/manifests"},{"name":"v3.6.6","sha":"3506836f34b9008ba714e7beab097fecb42832da","kind":"commit","published_at":"2018-08-17T15:51:47.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.6","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.6/manifests"},{"name":"v3.6.5x","sha":"e49d8f4891f285d9d4e350e3ee75f1f7ff1d79cc","kind":"commit","published_at":"2018-08-12T13:29:56.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.5x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.5x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.5x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.5x/manifests"},{"name":"v3.6.5","sha":"e16bc2263991df6fa304dfd616bbb96185386cb3","kind":"commit","published_at":"2018-08-12T13:27:59.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.5","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.5/manifests"},{"name":"v3.6.4x","sha":"9b04b5b7d1fab4be19d79ef093c2ac7d4fdf561c","kind":"commit","published_at":"2018-07-10T21:17:58.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.4x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.4x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.4x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.4x/manifests"},{"name":"v3.6.4","sha":"7d567153913a0c3a22d714d8481147e93711e682","kind":"commit","published_at":"2018-07-10T19:32:46.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.4","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.4/manifests"},{"name":"v3.6.3x","sha":"9c2f2f4c2323acec10e87ab425fad18cd26c8547","kind":"commit","published_at":"2018-06-21T16:17:57.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.3x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.3x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.3x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.3x/manifests"},{"name":"v3.6.3","sha":"24e99330a70ce3ee7933e0b1fe1ef0b8633032cd","kind":"commit","published_at":"2018-06-21T15:49:41.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.3","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.3/manifests"},{"name":"v3.6.2x","sha":"17f0f90260f35ea45dd3d192befac1f53bfe5635","kind":"commit","published_at":"2018-06-19T18:51:54.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.2x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.2x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.2x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.2x/manifests"},{"name":"v3.6.2","sha":"0999d52ddf55f0b6470908daa377d27e7a685d6d","kind":"commit","published_at":"2018-06-18T21:01:44.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.2","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.2/manifests"},{"name":"v3.6.1x","sha":"a65f0b45c5bfe8b181afb3caf4fdc5ec99d6a6db","kind":"commit","published_at":"2018-04-16T20:55:56.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.1x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.1x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.1x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.1x/manifests"},{"name":"v3.6.1","sha":"2111be75341f2c72f254ddb470ee74f9deed48a9","kind":"commit","published_at":"2018-04-15T19:47:34.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.1/manifests"},{"name":"v3.6.0x","sha":"a8703ba66c8167bcb5f21063628ed117b750536c","kind":"commit","published_at":"2018-04-08T11:34:26.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.0x/manifests"},{"name":"v3.6.0","sha":"10ea6801b52ee0d155c54a9df42969e8f4b945c1","kind":"commit","published_at":"2018-04-07T19:15:12.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.6.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.6.0/manifests"},{"name":"v3.5.1x","sha":"0c33929c81584c9467c0315652285f4880a210ba","kind":"commit","published_at":"2018-03-08T20:08:04.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.5.1x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.5.1x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.5.1x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.5.1x/manifests"},{"name":"v3.5.1","sha":"59de62330c8686906131ff2986f9cb22d994b271","kind":"commit","published_at":"2018-03-08T11:52:47.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.5.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.5.1/manifests"},{"name":"v3.5.0x","sha":"868faa2fe917b0ce34bd8869ee9c5c514bcc65ac","kind":"commit","published_at":"2018-03-07T20:09:55.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.5.0x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.5.0x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.5.0x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.5.0x/manifests"},{"name":"v3.5.0","sha":"ca51f8d4d1acb71bb292112ee032bb0d5e94465e","kind":"commit","published_at":"2018-03-07T19:19:02.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.5.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.5.0/manifests"},{"name":"v3.4.12x","sha":"434602959bbda722cb31d656d0c87b8a87d46994","kind":"commit","published_at":"2018-02-04T20:03:07.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.12x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.12x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.12x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.12x/manifests"},{"name":"v3.4.12","sha":"8448f5a8de475b49b09f4b2ab353dccbfd86e664","kind":"commit","published_at":"2018-02-04T20:02:03.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.12","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.12/manifests"},{"name":"v3.4.11x","sha":"5f5614e0ccd7a03910ac3282d0ae6c62b9649f56","kind":"commit","published_at":"2018-02-04T11:04:55.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.11x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.11x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.11x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.11x/manifests"},{"name":"v3.4.11","sha":"2e8eab2c1402c24e5042e9139138438ae643fae4","kind":"commit","published_at":"2018-02-04T11:04:19.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.11","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.11/manifests"},{"name":"v3.4.10x","sha":"241b2c510e63bb2a25ed352883944e22a36682a8","kind":"commit","published_at":"2018-02-02T21:33:00.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.10x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.10x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.10x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.10x/manifests"},{"name":"v3.4.10","sha":"99c27a3b9e8a884bbde0e88c63234b669d4398d8","kind":"commit","published_at":"2018-02-02T21:31:18.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.10","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.10/manifests"},{"name":"v3.4.9x","sha":"055d59e71b70a738d9f21e70582abdfb1bbbf245","kind":"commit","published_at":"2018-01-31T23:00:03.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.9x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.9x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.9x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.9x/manifests"},{"name":"v3.4.9","sha":"6ab4c2bf42938e5640ad3a450daad0ee8aaf03e5","kind":"commit","published_at":"2018-01-31T22:58:28.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.9","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.9/manifests"},{"name":"v3.4.8x","sha":"907a13f12cbacedc1de7a40bfd89eb75ef4145e3","kind":"commit","published_at":"2018-01-28T00:18:35.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.8x","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.8x","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.8x","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.8x/manifests"},{"name":"v3.4.8","sha":"148095d29beca31cb3a306213c4cd3e3b39c01cd","kind":"commit","published_at":"2018-01-27T22:58:27.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.8","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.8/manifests"},{"name":"untagged-e37407a8972e16fb998a","sha":"534248c6209d84a71b79029cd8c634b7cd8753ad","kind":"commit","published_at":"2018-01-22T21:28:52.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/untagged-e37407a8972e16fb998a","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/untagged-e37407a8972e16fb998a","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/untagged-e37407a8972e16fb998a","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/untagged-e37407a8972e16fb998a/manifests"},{"name":"v3.4.6","sha":"2e0f288809bd68a46f881865b0a60f9c54c4751f","kind":"commit","published_at":"2017-05-17T05:59:21.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.6","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.6/manifests"},{"name":"v3.4.5","sha":"603b9e6c71c8b6143fe723cede582c7a1f0b8eee","kind":"commit","published_at":"2017-02-06T21:25:20.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.5","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.5/manifests"},{"name":"v3.4.4","sha":"1215ad858553847d1ac97f7ad4bca3aee62fab2a","kind":"commit","published_at":"2017-02-01T20:31:44.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.4","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.4/manifests"},{"name":"v3.4.3","sha":"dff9b903095858a8813002dc45ff12d03561c911","kind":"commit","published_at":"2016-10-17T20:31:07.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.3","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.3/manifests"},{"name":"v3.4.2","sha":"018d2a2bf107dd08fba0b0106599ea6f3946e652","kind":"commit","published_at":"2016-03-07T17:48:21.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.2","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.2/manifests"},{"name":"v3.4.1","sha":"4409aa4ab1bdc5ede4d7c701845385640b4620de","kind":"commit","published_at":"2016-02-21T08:08:59.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4.1/manifests"},{"name":"v3.4","sha":"6e80fea9d5bddf36a321721d228220e0efc01315","kind":"commit","published_at":"2016-02-07T12:01:09.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.4","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.4/manifests"},{"name":"v3.3.1","sha":"1d4a813b7b0a3d0fe6d5eefb747d9bcc02adc231","kind":"commit","published_at":"2015-11-02T12:43:12.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.3.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.3.1/manifests"},{"name":"v3.3","sha":"ce31e3122b0e469a5dd88ba712b2edd4f8d2173d","kind":"commit","published_at":"2015-10-28T21:09:16.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.3","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.3/manifests"},{"name":"v3.2.1","sha":"134c3414a9e0c0646f6a93d311409ac025384ac0","kind":"commit","published_at":"2015-09-21T06:27:46.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.2.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.2.1/manifests"},{"name":"v3.2","sha":"8505ba9dc3ef6605b5fb9df06a5875b6e66ad551","kind":"commit","published_at":"2015-09-05T20:00:28.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.2","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.2/manifests"},{"name":"v3.1","sha":"6652a7cd43b5d4d093437a7af6f397cdb75b544f","kind":"commit","published_at":"2015-03-15T20:32:10.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.1/manifests"},{"name":"v3.0","sha":"b4da31e55d1ed2695f8e19b44fd36c316494fe4a","kind":"commit","published_at":"2014-06-24T19:41:33.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.0","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.0/manifests"},{"name":"v3.0rc3","sha":"8675e6f03fc6e12e723467567f3d6d9cd3b0b884","kind":"commit","published_at":"2014-06-23T20:23:38.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.0rc3","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.0rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.0rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.0rc3/manifests"},{"name":"v3.0rc2","sha":"f1aa557a0dff2fc09ccb7d04a758c5fb1ebe0668","kind":"commit","published_at":"2014-06-21T20:26:41.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.0rc2","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.0rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.0rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.0rc2/manifests"},{"name":"v3.0rc1","sha":"28cb30fcfc715e9cb765166165f2f25fec4ae310","kind":"commit","published_at":"2014-06-16T20:00:03.000Z","download_url":"https://codeload.github.com/Legrandin/pycryptodome/tar.gz/v3.0rc1","html_url":"https://github.com/Legrandin/pycryptodome/releases/tag/v3.0rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.0rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Legrandin%2Fpycryptodome/tags/v3.0rc1/manifests"}]},"repo_metadata_updated_at":"2024-09-07T20:12:58.680Z","dependent_packages_count":404,"downloads":40828165,"downloads_period":"last-month","dependent_repos_count":6085,"rankings":{"downloads":0.035766231908247695,"dependent_repos_count":0.12087152219248835,"dependent_packages_count":0.05887672021819236,"stargazers_count":1.9851175791946913,"forks_count":3.195666966858459,"docker_downloads_count":0.01815824081495652,"average":0.9024095435311725},"purl":"pkg:pypi/pycryptodomex","advisories":[{"uuid":"GSA_kwCzR0hTQS1qMjI1LWN2dzctcXJ4N84AA4M5","url":"https://github.com/advisories/GHSA-j225-cvw7-qrx7","title":"PyCryptodome and pycryptodomex side-channel leakage for OAEP decryption","description":"PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2024-01-05T06:30:19.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":5.3,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2023-52323","https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst","https://pypi.org/project/pycryptodomex/#history","https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd","https://github.com/pypa/advisory-database/tree/main/vulns/pycryptodomex/PYSEC-2024-3.yaml","https://github.com/advisories/GHSA-j225-cvw7-qrx7"],"source_kind":"github","identifiers":["GHSA-j225-cvw7-qrx7","CVE-2023-52323"],"repository_url":"https://github.com/Legrandin/pycryptodome","blast_radius":22.588347894073898,"packages":[{"versions":[{"first_patched_version":"3.19.1","vulnerable_version_range":"\u003c 3.19.1"}],"ecosystem":"pypi","package_name":"pycryptodome"},{"versions":[{"first_patched_version":"3.19.1","vulnerable_version_range":"\u003c 3.19.1"}],"ecosystem":"pypi","package_name":"pycryptodomex"}],"created_at":"2024-01-05T18:05:29.977Z","updated_at":"2025-02-07T01:09:45.576Z","epss_percentage":0.00134,"epss_percentile":0.49652}],"docker_usage_url":"https://docker.ecosyste.ms/usage/pypi/pycryptodomex","docker_dependents_count":1300,"docker_downloads_count":2099191117,"usage_url":"https://repos.ecosyste.ms/usage/pypi/pycryptodomex","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/pypi/pycryptodomex/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/pycryptodomex/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/pycryptodomex/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/pycryptodomex/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/pycryptodomex/related_packages","maintainers":[{"uuid":"Legrandin","login":"Legrandin","name":null,"email":null,"url":null,"packages_count":3,"html_url":"https://pypi.org/user/Legrandin/","role":null,"created_at":"2022-12-07T07:25:12.910Z","updated_at":"2022-12-07T07:25:12.910Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/Legrandin/packages"}],"registry":{"name":"pypi.org","url":"https://pypi.org","ecosystem":"pypi","default":true,"packages_count":690329,"maintainers_count":292761,"namespaces_count":0,"keywords_count":228590,"github":"pypi","metadata":{"funded_packages_count":48950},"icon_url":"https://github.com/pypi.png","created_at":"2022-04-04T15:19:23.364Z","updated_at":"2025-06-06T05:32:09.692Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/namespaces"}},"unique_repositories_count":67,"unique_repositories_count_past_30_days":3,"recent_issues":[{"uuid":"4528230982","node_id":"PR_kwDOSn3wsM7fnM-p","number":5,"state":"open","title":"Bump the minor-update group with 145 updates","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T23:33:44.000Z","updated_at":"2026-05-26T23:33:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"minor-update","update_count":145,"packages":[{"name":"regex","old_version":"2026.2.28","new_version":"2026.5.9","repository_url":"https://github.com/mrabarnett/mrab-regex"},{"name":"requests","old_version":"2.32.3","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"transformers","old_version":"5.5.3","new_version":"5.9.0","repository_url":"https://github.com/huggingface/transformers"},{"name":"tokenizers","old_version":"0.22.2","new_version":"0.23.1","repository_url":"https://github.com/huggingface/tokenizers"},{"name":"fastapi","old_version":"0.128.0","new_version":"0.136.3","repository_url":"https://github.com/fastapi/fastapi"},{"name":"pydantic","old_version":"2.12.0","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"prometheus-client","old_version":"0.22.0","new_version":"0.25.0","repository_url":"https://github.com/prometheus/client_python"},{"name":"tiktoken","old_version":"0.12.0","new_version":"0.13.0","repository_url":"https://github.com/openai/tiktoken"},{"name":"lark","old_version":"1.2.2","new_version":"1.3.1","repository_url":"https://github.com/lark-parser/lark"},{"name":"filelock","old_version":"3.16.1","new_version":"3.29.0","repository_url":"https://github.com/tox-dev/py-filelock"},{"name":"opentelemetry-sdk","old_version":"1.35.0","new_version":"1.42.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-api","old_version":"1.35.0","new_version":"1.42.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"tblib","old_version":"3.1.0","new_version":"3.2.2","repository_url":"https://github.com/ionelmc/python-tblib"},{"name":"absl-py","old_version":"2.1.0","new_version":"2.4.0","repository_url":"https://github.com/abseil/abseil-py"},{"name":"alembic","old_version":"1.16.4","new_version":"1.18.4","repository_url":"https://github.com/sqlalchemy/alembic"},{"name":"anyio","old_version":"4.6.2.post1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"argcomplete","old_version":"3.5.1","new_version":"3.6.3","repository_url":"https://github.com/kislyuk/argcomplete"},{"name":"arrow","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/arrow-py/arrow"},{"name":"audioread","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/beetbox/audioread"},{"name":"azure-core","old_version":"1.38.2","new_version":"1.41.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"azure-storage-blob","old_version":"12.28.0","new_version":"12.29.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"blobfile","old_version":"3.0.0","new_version":"3.2.0","repository_url":"https://github.com/blobfile/blobfile"},{"name":"bm25s","old_version":"0.2.13","new_version":"0.3.9","repository_url":"https://github.com/xhluca/bm25s"},{"name":"boto3","old_version":"1.35.57","new_version":"1.43.15","repository_url":"https://github.com/boto/boto3"},{"name":"botocore","old_version":"1.35.57","new_version":"1.43.15","repository_url":"https://github.com/boto/botocore"},{"name":"click","old_version":"8.1.7","new_version":"8.4.1","repository_url":"https://github.com/pallets/click"},{"name":"coverage","old_version":"7.10.6","new_version":"7.14.1","repository_url":"https://github.com/coveragepy/coveragepy"},{"name":"cramjam","old_version":"2.9.0","new_version":"2.11.0","repository_url":"https://github.com/milesgranger/pyrus-cramjam"},{"name":"cuda-bindings","old_version":"13.0.3","new_version":"13.2.0","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-pathfinder","old_version":"1.3.3","new_version":"1.5.4","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-toolkit","old_version":"13.0.2","new_version":"13.2.1"},{"name":"datamodel-code-generator","old_version":"0.26.3","new_version":"0.58.0","repository_url":"https://github.com/koxudaxi/datamodel-code-generator"},{"name":"dataproperty","old_version":"1.0.1","new_version":"1.1.1","repository_url":"https://github.com/thombashi/DataProperty"},{"name":"decorator","old_version":"5.1.1","new_version":"5.3.1","repository_url":"https://github.com/micheles/decorator"},{"name":"dill","old_version":"0.3.8","new_version":"0.4.1","repository_url":"https://github.com/uqfoundation/dill"},{"name":"distlib","old_version":"0.3.9","new_version":"0.4.0","repository_url":"https://github.com/pypa/distlib"},{"name":"dnspython","old_version":"2.7.0","new_version":"2.8.0","repository_url":"https://github.com/rthalley/dnspython"},{"name":"einx","old_version":"0.3.0","new_version":"0.4.3","repository_url":"https://github.com/fferflo/einx"},{"name":"email-validator","old_version":"2.2.0","new_version":"2.3.0","repository_url":"https://github.com/JoshData/python-email-validator"},{"name":"fastsafetensors","old_version":"0.2.2","new_version":"0.3.2","repository_url":"https://github.com/foundation-model-stack/fastsafetensors"},{"name":"fonttools","old_version":"4.55.0","new_version":"4.63.0","repository_url":"https://github.com/fonttools/fonttools"},{"name":"frozenlist","old_version":"1.5.0","new_version":"1.8.0","repository_url":"https://github.com/aio-libs/frozenlist"},{"name":"google-api-core","old_version":"2.24.2","new_version":"2.30.3","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-auth","old_version":"2.40.2","new_version":"2.53.0","repository_url":"https://github.com/googleapis/google-auth-library-python"},{"name":"google-cloud-core","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-cloud-storage","old_version":"3.4.0","new_version":"3.10.1","repository_url":"https://github.com/googleapis/python-storage"},{"name":"google-crc32c","old_version":"1.7.1","new_version":"1.8.0","repository_url":"https://github.com/googleapis/python-crc32c"},{"name":"google-resumable-media","old_version":"2.7.2","new_version":"2.9.0","repository_url":"https://github.com/googleapis/google-resumable-media-python"},{"name":"googleapis-common-protos","old_version":"1.70.0","new_version":"1.75.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"greenlet","old_version":"3.2.3","new_version":"3.5.1","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"grpcio","old_version":"1.78.0","new_version":"1.80.0","repository_url":"https://github.com/grpc/grpc"},{"name":"grpcio-reflection","old_version":"1.78.0","new_version":"1.80.0"},{"name":"h11","old_version":"0.14.0","new_version":"0.16.0","repository_url":"https://github.com/python-hyper/h11"},{"name":"harfile","old_version":"0.3.0","new_version":"0.4.0","repository_url":"https://github.com/schemathesis/harfile"},{"name":"hf-xet","old_version":"1.4.3","new_version":"1.5.0","repository_url":"https://github.com/huggingface/xet-core"},{"name":"hiredis","old_version":"3.0.0","new_version":"3.3.1","repository_url":"https://github.com/redis/hiredis-py"},{"name":"httpx","old_version":"0.27.2","new_version":"0.28.1","repository_url":"https://github.com/encode/httpx"},{"name":"huggingface-hub","old_version":"1.10.2","new_version":"1.16.4","repository_url":"https://github.com/huggingface/huggingface_hub"},{"name":"humanize","old_version":"4.11.0","new_version":"4.15.0","repository_url":"https://github.com/python-humanize/humanize"},{"name":"hypothesis","old_version":"6.131.0","new_version":"6.153.0","repository_url":"https://github.com/HypothesisWorks/hypothesis"},{"name":"hypothesis-graphql","old_version":"0.11.1","new_version":"0.12.0","repository_url":"https://github.com/Stranger6667/hypothesis-graphql"},{"name":"idna","old_version":"3.10","new_version":"3.16","repository_url":"https://github.com/kjd/idna"},{"name":"iniconfig","old_version":"2.0.0","new_version":"2.3.0","repository_url":"https://github.com/pytest-dev/iniconfig"},{"name":"jmespath","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/jmespath/jmespath.py"},{"name":"joblib","old_version":"1.4.2","new_version":"1.5.3","repository_url":"https://github.com/joblib/joblib"},{"name":"jsonpointer","old_version":"3.0.0","new_version":"3.1.1","repository_url":"https://github.com/stefankoegl/python-json-pointer"},{"name":"jsonschema","old_version":"4.23.0","new_version":"4.26.0","repository_url":"https://github.com/python-jsonschema/jsonschema"},{"name":"kiwisolver","old_version":"1.4.7","new_version":"1.5.0","repository_url":"https://github.com/nucleic/kiwi"},{"name":"lazy-loader","old_version":"0.4","new_version":"0.5","repository_url":"https://github.com/scientific-python/lazy-loader"},{"name":"librosa","old_version":"0.10.2.post1","new_version":"0.11.0","repository_url":"https://github.com/librosa/librosa"},{"name":"matplotlib","old_version":"3.9.2","new_version":"3.10.9","repository_url":"https://github.com/matplotlib/matplotlib"},{"name":"mpmath","old_version":"1.3.0","new_version":"1.4.1","repository_url":"https://github.com/mpmath/mpmath"},{"name":"msal","old_version":"1.34.0","new_version":"1.36.0","repository_url":"https://github.com/AzureAD/microsoft-authentication-library-for-python"},{"name":"mteb","old_version":"2.8.3","new_version":"2.12.30","repository_url":"https://github.com/embeddings-benchmark/mteb"},{"name":"multidict","old_version":"6.1.0","new_version":"6.7.1","repository_url":"https://github.com/aio-libs/multidict"},{"name":"mypy-extensions","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/python/mypy_extensions"},{"name":"networkx","old_version":"3.2.1","new_version":"3.4.2","repository_url":"https://github.com/networkx/networkx"},{"name":"nvidia-cublas","old_version":"13.1.0.3","new_version":"13.5.1.27"},{"name":"nvidia-cuda-cupti","old_version":"13.0.85","new_version":"13.3.35"},{"name":"nvidia-cuda-nvrtc","old_version":"13.0.88","new_version":"13.3.33"},{"name":"nvidia-cuda-runtime","old_version":"13.0.96","new_version":"13.3.29"},{"name":"nvidia-cudnn-cu13","old_version":"9.19.0.56","new_version":"9.22.0.52"},{"name":"nvidia-cufft","old_version":"12.0.0.61","new_version":"12.3.0.29"},{"name":"nvidia-cufile","old_version":"1.15.1.6","new_version":"1.18.0.66"},{"name":"nvidia-cusolver","old_version":"12.0.4.66","new_version":"12.2.2.18"},{"name":"nvidia-cusparse","old_version":"12.6.3.3","new_version":"12.8.1.7"},{"name":"nvidia-cusparselt-cu13","old_version":"0.8.0","new_version":"0.9.1"},{"name":"nvidia-nccl-cu13","old_version":"2.28.9","new_version":"2.30.4"},{"name":"nvidia-nvjitlink","old_version":"13.0.88","new_version":"13.3.33"},{"name":"nvidia-nvshmem-cu13","old_version":"3.4.5","new_version":"3.6.5"},{"name":"nvidia-nvtx","old_version":"13.0.85","new_version":"13.3.29"},{"name":"opentelemetry-exporter-prometheus","old_version":"0.56b0","new_version":"0.63b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-proto","old_version":"1.35.0","new_version":"1.42.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-semantic-conventions","old_version":"0.56b0","new_version":"0.63b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"pathvalidate","old_version":"3.2.1","new_version":"3.3.1","repository_url":"https://github.com/thombashi/pathvalidate"},{"name":"peft","old_version":"0.18.1","new_version":"0.19.1","repository_url":"https://github.com/huggingface/peft"},{"name":"perceptron","old_version":"0.1.4","new_version":"0.3.5","repository_url":"https://github.com/perceptron-ai-inc/perceptron"},{"name":"platformdirs","old_version":"4.3.6","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"pluggy","old_version":"1.5.0","new_version":"1.6.0","repository_url":"https://github.com/pytest-dev/pluggy"},{"name":"polars","old_version":"1.29.0","new_version":"1.41.0","repository_url":"https://github.com/pola-rs/polars"},{"name":"pooch","old_version":"1.8.2","new_version":"1.9.0","repository_url":"https://github.com/fatiando/pooch"},{"name":"propcache","old_version":"0.2.0","new_version":"0.5.2","repository_url":"https://github.com/aio-libs/propcache"},{"name":"proto-plus","old_version":"1.26.1","new_version":"1.28.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"pycryptodomex","old_version":"3.22.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"pydantic-core","old_version":"2.41.1","new_version":"2.47.0","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-extra-types","old_version":"2.10.5","new_version":"2.11.1","repository_url":"https://github.com/pydantic/pydantic-extra-types"},{"name":"pygments","old_version":"2.18.0","new_version":"2.20.0","repository_url":"https://github.com/pygments/pygments"},{"name":"pyjwt","old_version":"2.11.0","new_version":"2.13.0","repository_url":"https://github.com/jpadilla/pyjwt"},{"name":"pyparsing","old_version":"3.2.0","new_version":"3.3.2","repository_url":"https://github.com/pyparsing/pyparsing"},{"name":"pystemmer","old_version":"3.0.0","new_version":"3.1.0","repository_url":"https://github.com/snowballstem/pystemmer"},{"name":"pytest-mock","old_version":"3.14.0","new_version":"3.15.1","repository_url":"https://github.com/pytest-dev/pytest-mock"},{"name":"pytest-subtests","old_version":"0.14.1","new_version":"0.15.0","repository_url":"https://github.com/pytest-dev/pytest-subtests"},{"name":"pytest-timeout","old_version":"2.3.1","new_version":"2.4.0","repository_url":"https://github.com/pytest-dev/pytest-timeout"},{"name":"python-rapidjson","old_version":"1.20","new_version":"1.23","repository_url":"https://github.com/python-rapidjson/python-rapidjson"},{"name":"rapidfuzz","old_version":"3.12.1","new_version":"3.14.5","repository_url":"https://github.com/rapidfuzz/RapidFuzz"},{"name":"referencing","old_version":"0.35.1","new_version":"0.37.0","repository_url":"https://github.com/python-jsonschema/referencing"},{"name":"responses","old_version":"0.25.3","new_version":"0.26.1","repository_url":"https://github.com/getsentry/responses"},{"name":"rpds-py","old_version":"0.20.1","new_version":"0.30.0","repository_url":"https://github.com/crate-py/rpds"},{"name":"s3transfer","old_version":"0.10.3","new_version":"0.17.1","repository_url":"https://github.com/boto/s3transfer"},{"name":"sacrebleu","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/mjpost/sacrebleu"},{"name":"scikit-learn","old_version":"1.5.2","new_version":"1.7.2","repository_url":"https://github.com/scikit-learn/scikit-learn"},{"name":"scipy","old_version":"1.13.1","new_version":"1.15.3","repository_url":"https://github.com/scipy/scipy"},{"name":"sentence-transformers","old_version":"5.2.0","new_version":"5.5.1","repository_url":"https://github.com/huggingface/sentence-transformers"},{"name":"six","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/benjaminp/six"},{"name":"smart-open","old_version":"7.1.0","new_version":"7.6.1","repository_url":"https://github.com/piskvorky/smart_open"},{"name":"soundfile","old_version":"0.12.1","new_version":"0.13.1","repository_url":"https://github.com/bastibe/python-soundfile"},{"name":"structlog","old_version":"25.4.0","new_version":"25.5.0","repository_url":"https://github.com/hynek/structlog"},{"name":"sympy","old_version":"1.13.3","new_version":"1.14.0","repository_url":"https://github.com/sympy/sympy"},{"name":"tabulate","old_version":"0.9.0","new_version":"0.10.0","repository_url":"https://github.com/astanin/python-tabulate"},{"name":"tensorizer","old_version":"2.10.1","new_version":"2.12.1","repository_url":"https://github.com/coreweave/tensorizer"},{"name":"termcolor","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/termcolor/termcolor"},{"name":"threadpoolctl","old_version":"3.5.0","new_version":"3.6.0","repository_url":"https://github.com/joblib/threadpoolctl"},{"name":"tomli","old_version":"2.2.1","new_version":"2.4.1","repository_url":"https://github.com/hukkin/tomli"},{"name":"triton","old_version":"3.6.0","new_version":"3.7.0","repository_url":"https://github.com/triton-lang/triton"},{"name":"tritonclient","old_version":"2.64.0","new_version":"2.68.0","repository_url":"https://github.com/triton-inference-server/client"},{"name":"typer","old_version":"0.15.2","new_version":"0.26.1","repository_url":"https://github.com/fastapi/typer"},{"name":"urllib3","old_version":"2.2.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.35.0","new_version":"0.48.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"vector-quantize-pytorch","old_version":"1.21.2","new_version":"1.29.1","repository_url":"https://github.com/lucidrains/vector-quantizer-pytorch"},{"name":"wcwidth","old_version":"0.2.13","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"xxhash","old_version":"3.5.0","new_version":"3.7.0","repository_url":"https://github.com/ifduyue/python-xxhash"},{"name":"yarl","old_version":"1.17.1","new_version":"1.24.2","repository_url":"https://github.com/aio-libs/yarl"},{"name":"tpu-inference","old_version":"0.19.0","new_version":"0.20.0","repository_url":"https://github.com/vllm-project/tpu-inference"},{"name":"conch-triton-kernels","old_version":"1.2.1","new_version":"1.3","repository_url":"https://github.com/stackav-oss/conch"},{"name":"helion","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/pytorch/helion"}],"path":null,"ecosystem":"pip"},"body":"Bumps the minor-update group with 145 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [regex](https://github.com/mrabarnett/mrab-regex) | `2026.2.28` | `2026.5.9` |\n| [requests](https://github.com/psf/requests) | `2.32.3` | `2.34.2` |\n| [transformers](https://github.com/huggingface/transformers) | `5.5.3` | `5.9.0` |\n| [tokenizers](https://github.com/huggingface/tokenizers) | `0.22.2` | `0.23.1` |\n| [fastapi](https://github.com/fastapi/fastapi) | `0.128.0` | `0.136.3` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.0` | `2.13.4` |\n| [prometheus-client](https://github.com/prometheus/client_python) | `0.22.0` | `0.25.0` |\n| [tiktoken](https://github.com/openai/tiktoken) | `0.12.0` | `0.13.0` |\n| [lark](https://github.com/lark-parser/lark) | `1.2.2` | `1.3.1` |\n| [filelock](https://github.com/tox-dev/py-filelock) | `3.16.1` | `3.29.0` |\n| [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.42.1` |\n| [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.42.1` |\n| [tblib](https://github.com/ionelmc/python-tblib) | `3.1.0` | `3.2.2` |\n| [absl-py](https://github.com/abseil/abseil-py) | `2.1.0` | `2.4.0` |\n| [alembic](https://github.com/sqlalchemy/alembic) | `1.16.4` | `1.18.4` |\n| [anyio](https://github.com/agronholm/anyio) | `4.6.2.post1` | `4.13.0` |\n| [argcomplete](https://github.com/kislyuk/argcomplete) | `3.5.1` | `3.6.3` |\n| [arrow](https://github.com/arrow-py/arrow) | `1.3.0` | `1.4.0` |\n| [audioread](https://github.com/beetbox/audioread) | `3.0.1` | `3.1.0` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.38.2` | `1.41.0` |\n| [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) | `12.28.0` | `12.29.0` |\n| [blobfile](https://github.com/blobfile/blobfile) | `3.0.0` | `3.2.0` |\n| [bm25s](https://github.com/xhluca/bm25s) | `0.2.13` | `0.3.9` |\n| [boto3](https://github.com/boto/boto3) | `1.35.57` | `1.43.15` |\n| [botocore](https://github.com/boto/botocore) | `1.35.57` | `1.43.15` |\n| [click](https://github.com/pallets/click) | `8.1.7` | `8.4.1` |\n| [coverage](https://github.com/coveragepy/coveragepy) | `7.10.6` | `7.14.1` |\n| [cramjam](https://github.com/milesgranger/pyrus-cramjam) | `2.9.0` | `2.11.0` |\n| [cuda-bindings](https://github.com/NVIDIA/cuda-python) | `13.0.3` | `13.2.0` |\n| [cuda-pathfinder](https://github.com/NVIDIA/cuda-python) | `1.3.3` | `1.5.4` |\n| [cuda-toolkit](https://developer.nvidia.com/cuda-toolkit) | `13.0.2` | `13.2.1` |\n| [datamodel-code-generator](https://github.com/koxudaxi/datamodel-code-generator) | `0.26.3` | `0.58.0` |\n| [dataproperty](https://github.com/thombashi/DataProperty) | `1.0.1` | `1.1.1` |\n| [decorator](https://github.com/micheles/decorator) | `5.1.1` | `5.3.1` |\n| [dill](https://github.com/uqfoundation/dill) | `0.3.8` | `0.4.1` |\n| [distlib](https://github.com/pypa/distlib) | `0.3.9` | `0.4.0` |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.7.0` | `2.8.0` |\n| [einx](https://github.com/fferflo/einx) | `0.3.0` | `0.4.3` |\n| [email-validator](https://github.com/JoshData/python-email-validator) | `2.2.0` | `2.3.0` |\n| [fastsafetensors](https://github.com/foundation-model-stack/fastsafetensors) | `0.2.2` | `0.3.2` |\n| [fonttools](https://github.com/fonttools/fonttools) | `4.55.0` | `4.63.0` |\n| [frozenlist](https://github.com/aio-libs/frozenlist) | `1.5.0` | `1.8.0` |\n| [google-api-core](https://github.com/googleapis/google-cloud-python) | `2.24.2` | `2.30.3` |\n| [google-auth](https://github.com/googleapis/google-auth-library-python) | `2.40.2` | `2.53.0` |\n| [google-cloud-core](https://github.com/googleapis/google-cloud-python) | `2.4.3` | `2.6.0` |\n| [google-cloud-storage](https://github.com/googleapis/python-storage) | `3.4.0` | `3.10.1` |\n| [google-crc32c](https://github.com/googleapis/python-crc32c) | `1.7.1` | `1.8.0` |\n| [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) | `2.7.2` | `2.9.0` |\n| [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.70.0` | `1.75.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.2.3` | `3.5.1` |\n| [grpcio](https://github.com/grpc/grpc) | `1.78.0` | `1.80.0` |\n| [grpcio-reflection](https://grpc.io) | `1.78.0` | `1.80.0` |\n| [h11](https://github.com/python-hyper/h11) | `0.14.0` | `0.16.0` |\n| [harfile](https://github.com/schemathesis/harfile) | `0.3.0` | `0.4.0` |\n| [hf-xet](https://github.com/huggingface/xet-core) | `1.4.3` | `1.5.0` |\n| [hiredis](https://github.com/redis/hiredis-py) | `3.0.0` | `3.3.1` |\n| [httpx](https://github.com/encode/httpx) | `0.27.2` | `0.28.1` |\n| [huggingface-hub](https://github.com/huggingface/huggingface_hub) | `1.10.2` | `1.16.4` |\n| [humanize](https://github.com/python-humanize/humanize) | `4.11.0` | `4.15.0` |\n| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.131.0` | `6.153.0` |\n| [hypothesis-graphql](https://github.com/Stranger6667/hypothesis-graphql) | `0.11.1` | `0.12.0` |\n| [idna](https://github.com/kjd/idna) | `3.10` | `3.16` |\n| [iniconfig](https://github.com/pytest-dev/iniconfig) | `2.0.0` | `2.3.0` |\n| [jmespath](https://github.com/jmespath/jmespath.py) | `1.0.1` | `1.1.0` |\n| [joblib](https://github.com/joblib/joblib) | `1.4.2` | `1.5.3` |\n| [jsonpointer](https://github.com/stefankoegl/python-json-pointer) | `3.0.0` | `3.1.1` |\n| [jsonschema](https://github.com/python-jsonschema/jsonschema) | `4.23.0` | `4.26.0` |\n| [kiwisolver](https://github.com/nucleic/kiwi) | `1.4.7` | `1.5.0` |\n| [lazy-loader](https://github.com/scientific-python/lazy-loader) | `0.4` | `0.5` |\n| [librosa](https://github.com/librosa/librosa) | `0.10.2.post1` | `0.11.0` |\n| [matplotlib](https://github.com/matplotlib/matplotlib) | `3.9.2` | `3.10.9` |\n| [mpmath](https://github.com/mpmath/mpmath) | `1.3.0` | `1.4.1` |\n| [msal](https://github.com/AzureAD/microsoft-authentication-library-for-python) | `1.34.0` | `1.36.0` |\n| [mteb](https://github.com/embeddings-benchmark/mteb) | `2.8.3` | `2.12.30` |\n| [multidict](https://github.com/aio-libs/multidict) | `6.1.0` | `6.7.1` |\n| [mypy-extensions](https://github.com/python/mypy_extensions) | `1.0.0` | `1.1.0` |\n| [networkx](https://github.com/networkx/networkx) | `3.2.1` | `3.4.2` |\n| [nvidia-cublas](https://developer.nvidia.com/cuda-zone) | `13.1.0.3` | `13.5.1.27` |\n| [nvidia-cuda-cupti](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.3.35` |\n| [nvidia-cuda-nvrtc](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.3.33` |\n| [nvidia-cuda-runtime](https://developer.nvidia.com/cuda-zone) | `13.0.96` | `13.3.29` |\n| [nvidia-cudnn-cu13](https://developer.nvidia.com/cuda-zone) | `9.19.0.56` | `9.22.0.52` |\n| [nvidia-cufft](https://developer.nvidia.com/cuda-zone) | `12.0.0.61` | `12.3.0.29` |\n| [nvidia-cufile](https://developer.nvidia.com/cuda-zone) | `1.15.1.6` | `1.18.0.66` |\n| [nvidia-cusolver](https://developer.nvidia.com/cuda-zone) | `12.0.4.66` | `12.2.2.18` |\n| [nvidia-cusparse](https://developer.nvidia.com/cuda-zone) | `12.6.3.3` | `12.8.1.7` |\n| [nvidia-cusparselt-cu13](https://developer.nvidia.com/cusparselt) | `0.8.0` | `0.9.1` |\n| [nvidia-nccl-cu13](https://developer.nvidia.com/cuda-zone) | `2.28.9` | `2.30.4` |\n| [nvidia-nvjitlink](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.3.33` |\n| [nvidia-nvshmem-cu13](https://developer.nvidia.com/cuda-zone) | `3.4.5` | `3.6.5` |\n| [nvidia-nvtx](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.3.29` |\n| [opentelemetry-exporter-prometheus](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.63b1` |\n| [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.42.1` |\n| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.63b1` |\n| [pathvalidate](https://github.com/thombashi/pathvalidate) | `3.2.1` | `3.3.1` |\n| [peft](https://github.com/huggingface/peft) | `0.18.1` | `0.19.1` |\n| [perceptron](https://github.com/perceptron-ai-inc/perceptron) | `0.1.4` | `0.3.5` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.3.6` | `4.9.6` |\n| [pluggy](https://github.com/pytest-dev/pluggy) | `1.5.0` | `1.6.0` |\n| [polars](https://github.com/pola-rs/polars) | `1.29.0` | `1.41.0` |\n| [pooch](https://github.com/fatiando/pooch) | `1.8.2` | `1.9.0` |\n| [propcache](https://github.com/aio-libs/propcache) | `0.2.0` | `0.5.2` |\n| [proto-plus](https://github.com/googleapis/google-cloud-python) | `1.26.1` | `1.28.0` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.22.0` | `3.23.0` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.1` | `2.47.0` |\n| [pydantic-extra-types](https://github.com/pydantic/pydantic-extra-types) | `2.10.5` | `2.11.1` |\n| [pygments](https://github.com/pygments/pygments) | `2.18.0` | `2.20.0` |\n| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.11.0` | `2.13.0` |\n| [pyparsing](https://github.com/pyparsing/pyparsing) | `3.2.0` | `3.3.2` |\n| [pystemmer](https://github.com/snowballstem/pystemmer) | `3.0.0` | `3.1.0` |\n| [pytest-mock](https://github.com/pytest-dev/pytest-mock) | `3.14.0` | `3.15.1` |\n| [pytest-subtests](https://github.com/pytest-dev/pytest-subtests) | `0.14.1` | `0.15.0` |\n| [pytest-timeout](https://github.com/pytest-dev/pytest-timeout) | `2.3.1` | `2.4.0` |\n| [python-rapidjson](https://github.com/python-rapidjson/python-rapidjson) | `1.20` | `1.23` |\n| [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) | `3.12.1` | `3.14.5` |\n| [referencing](https://github.com/python-jsonschema/referencing) | `0.35.1` | `0.37.0` |\n| [responses](https://github.com/getsentry/responses) | `0.25.3` | `0.26.1` |\n| [rpds-py](https://github.com/crate-py/rpds) | `0.20.1` | `0.30.0` |\n| [s3transfer](https://github.com/boto/s3transfer) | `0.10.3` | `0.17.1` |\n| [sacrebleu](https://github.com/mjpost/sacrebleu) | `2.4.3` | `2.6.0` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.5.2` | `1.7.2` |\n| [scipy](https://github.com/scipy/scipy) | `1.13.1` | `1.15.3` |\n| [sentence-transformers](https://github.com/huggingface/sentence-transformers) | `5.2.0` | `5.5.1` |\n| [six](https://github.com/benjaminp/six) | `1.16.0` | `1.17.0` |\n| [smart-open](https://github.com/piskvorky/smart_open) | `7.1.0` | `7.6.1` |\n| [soundfile](https://github.com/bastibe/python-soundfile) | `0.12.1` | `0.13.1` |\n| [structlog](https://github.com/hynek/structlog) | `25.4.0` | `25.5.0` |\n| [sympy](https://github.com/sympy/sympy) | `1.13.3` | `1.14.0` |\n| [tabulate](https://github.com/astanin/python-tabulate) | `0.9.0` | `0.10.0` |\n| [tensorizer](https://github.com/coreweave/tensorizer) | `2.10.1` | `2.12.1` |\n| [termcolor](https://github.com/termcolor/termcolor) | `3.1.0` | `3.3.0` |\n| [threadpoolctl](https://github.com/joblib/threadpoolctl) | `3.5.0` | `3.6.0` |\n| [tomli](https://github.com/hukkin/tomli) | `2.2.1` | `2.4.1` |\n| [triton](https://github.com/triton-lang/triton) | `3.6.0` | `3.7.0` |\n| [tritonclient](https://github.com/triton-inference-server/client) | `2.64.0` | `2.68.0` |\n| [typer](https://github.com/fastapi/typer) | `0.15.2` | `0.26.1` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.2.3` | `2.7.0` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.35.0` | `0.48.0` |\n| [vector-quantize-pytorch](https://github.com/lucidrains/vector-quantizer-pytorch) | `1.21.2` | `1.29.1` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.2.13` | `0.7.0` |\n| [xxhash](https://github.com/ifduyue/python-xxhash) | `3.5.0` | `3.7.0` |\n| [yarl](https://github.com/aio-libs/yarl) | `1.17.1` | `1.24.2` |\n| [tpu-inference](https://github.com/vllm-project/tpu-inference) | `0.19.0` | `0.20.0` |\n| [conch-triton-kernels](https://github.com/stackav-oss/conch) | `1.2.1` | `1.3` |\n| [helion](https://github.com/pytorch/helion) | `1.0.0` | `1.1.0` |\n\nUpdates `regex` from 2026.2.28 to 2026.5.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt\"\u003eregex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eVersion: 2026.5.9\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eReverse matching with full unicode casefolding could lead to out-of-range string indexes.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.4.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eA fix for older Python versions before free-threading was  supported.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.4.3\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eMore fixes for free-threading.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.32\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed segfault.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.31\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed bug again.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.30\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed bug.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.28\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed version.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.27\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eVarious fixes, including ones to improve free-threading support.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.2.28\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eReplaced atomic operations with mutex on pattern object for free-threaded Python.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.2.26\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ePR [#598](https://github.com/mrabarnett/mrab-regex/issues/598): Fix race condition in storage caching with atomic operations.\n\u003cp\u003eReplaced use of PyUnicode_GET_LENGTH with PyUnicode_GetLength.\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eVersion: 2026.2.19\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eAdded \\z as alias of \\Z, like in re module.\n\u003cp\u003eAdded prefixmatch as alias of match, like in re module.\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eVersion: 2026.1.15\u003c/p\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/e57d185bb711729091907b23edac5dcba0426243\"\u003e\u003ccode\u003ee57d185\u003c/code\u003e\u003c/a\u003e Reverse matching with full unicode casefolding lead to out-of-range string in...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/bc57b04b00de68590345ac2eb621b9a8dd222d7d\"\u003e\u003ccode\u003ebc57b04\u003c/code\u003e\u003c/a\u003e A fix for older Python versions before free-threading was  supported.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/773e213b5d7a78806e795d2513a37345dc793e97\"\u003e\u003ccode\u003e773e213\u003c/code\u003e\u003c/a\u003e More fixes for free-threading.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/5d51c75da03116e08bb6fb537fae6d8c804cc92c\"\u003e\u003ccode\u003e5d51c75\u003c/code\u003e\u003c/a\u003e Fixed segfault.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2aff2db5542ec5b58705be6ddb7b69a99d3e38a8\"\u003e\u003ccode\u003e2aff2db\u003c/code\u003e\u003c/a\u003e Fixed bug again.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/16af8aed2b3211e90588d2ac96f7c588ed477b2c\"\u003e\u003ccode\u003e16af8ae\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2356563bbfd51b3986320a866c35a50b89833949\"\u003e\u003ccode\u003e2356563\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/f579e8ff60e2993a11cf4fd96748e4b7866c9fed\"\u003e\u003ccode\u003ef579e8f\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/55315a0497722898bed8286a596a64db698f498e\"\u003e\u003ccode\u003e55315a0\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/923d78e39b8ff92db67606be3bfbc2e595b6475a\"\u003e\u003ccode\u003e923d78e\u003c/code\u003e\u003c/a\u003e Various fixes, including ones to improve free-threading support.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mrabarnett/mrab-regex/compare/2026.2.28...2026.5.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.1\u003c/h2\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/k223kim\"\u003e\u003ccode\u003e@​k223kim\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7433\"\u003epsf/requests#7433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.0\u003c/h2\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. \u003cstrong\u003eWe believe types are comprehensive but if you find issues, please\nreport them to the \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003epinned tracking issue\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. We believe types are comprehensive but if you find issues, please\nreport them to the pinned tracking issue.\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\nproxy_bypass implementation has been updated with CPython's fix from\nbpo-39057. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer incorrectly strips duplicate leading slashes in\nURI paths. This should address user issues with specific presigned\nURLs. Note the full fix requires urllib3 2.7.0+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7315\"\u003e#7315\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/b7b549b54571d03950b16afd2d01bc6ff0348224\"\u003e\u003ccode\u003eb7b549b\u003c/code\u003e\u003c/a\u003e v2.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e511bc72777a94c45d004e010c597925092e1efe\"\u003e\u003ccode\u003ee511bc7\u003c/code\u003e\u003c/a\u003e Fix mutability issues with headers input types (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5691f596134c2feb121e595c77a0178921fcce61\"\u003e\u003ccode\u003e5691f59\u003c/code\u003e\u003c/a\u003e Update JsonType containers to read-based collections (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/2144213c307691710c9d665700860fc4993c3035\"\u003e\u003ccode\u003e2144213\u003c/code\u003e\u003c/a\u003e Constrain Response.reason to str (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6404f345e562d962abe6700a1c357ec1e7e18232\"\u003e\u003ccode\u003e6404f34\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eprepare_body\u003c/code\u003e stream detection for \u003ccode\u003e__getattr__\u003c/code\u003e-based file wrappers (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7\"\u003e#7\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0b401c76b6e80a4eecf3c690085b2553f6e261ca\"\u003e\u003ccode\u003e0b401c7\u003c/code\u003e\u003c/a\u003e v2.34.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/86b378d3f60f828daa13ca50aa82e287ff7b66b4\"\u003e\u003ccode\u003e86b378d\u003c/code\u003e\u003c/a\u003e Align Session.get parameters with requests.get (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7429\"\u003e#7429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a4f9a5999bdb9bf2d6e7c8aa973b28cacb17134f\"\u003e\u003ccode\u003ea4f9a59\u003c/code\u003e\u003c/a\u003e Port bpo-39057 to Requests (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `transformers` from 5.5.3 to 5.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/transformers/releases\"\u003etransformers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease v5.9.0\u003c/h1\u003e\n\u003ch2\u003eNew Model additions\u003c/h2\u003e\n\u003ch3\u003eCohere2Moe\u003c/h3\u003e\n\u003cp\u003eCommand A+ is a Mixture-of-Experts (MoE) language model from Cohere that features a hybrid attention pattern combining sliding window and full attention layers. The model incorporates both shared and routed experts and supports a very large context window for processing extensive text sequences.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/cohere2_moe\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd new cohere2_moe model (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46115\"\u003e#46115\u003c/a\u003e) by \u003ca href=\"https://github.com/Cyrilvallez\"\u003e\u003ccode\u003e@​Cyrilvallez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/46115\"\u003e#46115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eParakeet tdt (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44171\"\u003e#44171\u003c/a\u003e)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eParakeet tdt (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44171\"\u003e#44171\u003c/a\u003e) by \u003ca href=\"https://github.com/lmaksym\"\u003e\u003ccode\u003e@​lmaksym\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eHRM-Text\u003c/h3\u003e\n\u003cp\u003eHRM-Text is an improved autoregressive language-modeling variant of the Hierarchical Reasoning Model (HRM) that uses a hierarchical recurrent forward pass with two transformer stacks - one for slow, abstract planning (H) and one for fast, detailed computation (L) - reused inside a nested recurrence. It features PrefixLM attention where instruction tokens attend bidirectionally while response tokens attend causally, per-head sigmoid output gates, and parameterless RMSNorm. The model is designed as a base language model without instruction tuning or chat templates.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/hrm_text\"\u003eDocumentation\u003c/a\u003e | \u003ca href=\"https://huggingface.co/papers/2506.21734\"\u003ePaper\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd hrm text (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46025\"\u003e#46025\u003c/a\u003e) by \u003ca href=\"https://github.com/abcd1927\"\u003e\u003ccode\u003e@​abcd1927\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/46025\"\u003e#46025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking changes\u003c/h2\u003e\n\u003cp\u003eThe \u003ccode\u003etext_embeds\u003c/code\u003e input for SAM3, EdgeTAM, and SAM3-Lite-Text models now expects full text embeddings instead of just pooler outputs, aligning with other models in the library — users must update their inputs accordingly.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e🚨Fix memory leaks caused by lru decorators in vision models (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45922\"\u003e#45922\u003c/a\u003e) by \u003ca href=\"https://github.com/yonigozlan\"\u003e\u003ccode\u003e@​yonigozlan\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAudio\u003c/h2\u003e\n\u003cp\u003eAudio support was expanded with the addition of AudioFlamingoNext model checkpoints and improved compilability of audio/vision encoders via standalone pure functions. Additional improvements include better error messaging when loading audio from video files and new documentation for audio/video processors.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003euser friendly error when loading audio from video (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45221\"\u003e#45221\u003c/a\u003e) by \u003ca href=\"https://github.com/eustlb\"\u003e\u003ccode\u003e@​eustlb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45221\"\u003e#45221\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[docs] adding audio/video processors (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45795\"\u003e#45795\u003c/a\u003e) by \u003ca href=\"https://github.com/stevhliu\"\u003e\u003ccode\u003e@​stevhliu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45795\"\u003e#45795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport Audio Flamingo Next checkpoints (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44830\"\u003e#44830\u003c/a\u003e) by \u003ca href=\"https://github.com/lashahub\"\u003e\u003ccode\u003e@​lashahub\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44830\"\u003e#44830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtract dynamic vision/audio tensors into standalone pure functions (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45396\"\u003e#45396\u003c/a\u003e) by \u003ca href=\"https://github.com/IlyasMoutawwakil\"\u003e\u003ccode\u003e@​IlyasMoutawwakil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45396\"\u003e#45396\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGeneration\u003c/h2\u003e\n\u003cp\u003eFixed generation issues including \u003ccode\u003einputs_embeds\u003c/code\u003e and \u003ccode\u003eper_layer_inputs\u003c/code\u003e handling for Gemma4, an \u003ccode\u003eAttributeError\u003c/code\u003e in RAG's \u003ccode\u003egenerate()\u003c/code\u003e caused by missing config fields, and flaky VLM generation tests by blocking special image tokens during sampling.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Gemma4 generation from inputs_embeds and per_layer_inputs (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46049\"\u003e#46049\u003c/a\u003e) by \u003ca href=\"https://github.com/Cyrilvallez\"\u003e\u003ccode\u003e@​Cyrilvallez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46049\"\u003e#46049\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix AttributeError in RAG generate() for missing config fields (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46035\"\u003e#46035\u003c/a\u003e) by \u003ca href=\"https://github.com/Sriniketh24\"\u003e\u003ccode\u003e@​Sriniketh24\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46035\"\u003e#46035\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/0a2757da521a7a49b8143d9e0c938f08747d682e\"\u003e\u003ccode\u003e0a2757d\u003c/code\u003e\u003c/a\u003e release v5.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/e370a7f3f49c3c759cf8c7c01a935ce0e00c3f44\"\u003e\u003ccode\u003ee370a7f\u003c/code\u003e\u003c/a\u003e fix cohere2 tp_plan for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/f59ffd1ef95634f9b0317ec5d8d43d71e3604a10\"\u003e\u003ccode\u003ef59ffd1\u003c/code\u003e\u003c/a\u003e Add new cohere2_moe model (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46115\"\u003e#46115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/4f41f261efcfd71ce08db2890b7c632cc9ffc0bc\"\u003e\u003ccode\u003e4f41f26\u003c/code\u003e\u003c/a\u003e [loading] Free up tensors faster inside ConversionOps (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46110\"\u003e#46110\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/d5dd7eed2f7d5b2ccba569e150647ef275e56365\"\u003e\u003ccode\u003ed5dd7ee\u003c/code\u003e\u003c/a\u003e Fix post processing RF-DETR (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46041\"\u003e#46041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/0b25f8c49c37530ce9f8742d7a8c19ed8d254d7d\"\u003e\u003ccode\u003e0b25f8c\u003c/code\u003e\u003c/a\u003e [serve] Support for reasoning  (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45690\"\u003e#45690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/0df9b7fcaab447c75543598e6d959065c2296a24\"\u003e\u003ccode\u003e0df9b7f\u003c/code\u003e\u003c/a\u003e Fix Gemma4 generation from inputs_embeds and per_layer_inputs (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46049\"\u003e#46049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/38a8b55f22d593c103e8bcc616413e70a5ef03ca\"\u003e\u003ccode\u003e38a8b55\u003c/code\u003e\u003c/a\u003e Parakeet tdt (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44171\"\u003e#44171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/3428030a179620b01cb598928b6cc7d5e5e60990\"\u003e\u003ccode\u003e3428030\u003c/code\u003e\u003c/a\u003e Remove mask visualization tool from \u003ccode\u003emasking_utils.py\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46066\"\u003e#46066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/dda06506142a0efe4081a0ab574fbd3c7c72dc37\"\u003e\u003ccode\u003edda0650\u003c/code\u003e\u003c/a\u003e user friendly error when loading audio from video (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45221\"\u003e#45221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/transformers/compare/v5.5.3...v5.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tokenizers` from 0.22.2 to 0.23.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/tokenizers/releases\"\u003etokenizers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v0.23.1\u003c/h2\u003e\n\u003ch2\u003eTL;DR\u003c/h2\u003e\n\u003cp\u003e\u003ccode\u003etokenizers 0.23.1\u003c/code\u003e is the first proper stable release in the \u003ccode\u003e0.23\u003c/code\u003e line — \u003ccode\u003e0.23.0\u003c/code\u003e only ever shipped as \u003ccode\u003erc0\u003c/code\u003e because the release pipeline itself was broken (Node side hadn't shipped multi-platform binaries since 2023, Python side was on \u003ccode\u003epyo3 0.27\u003c/code\u003e without free-threaded support). \u003ccode\u003e0.23.1\u003c/code\u003e is the version where everything actually goes out the door together: full Node multi-platform wheels for the first time in years, Python 3.14 (regular \u003cstrong\u003eand\u003c/strong\u003e free-threaded \u003ccode\u003e3.14t\u003c/code\u003e), full type hints for every Python class, and a stack of measurable perf wins on the BPE / added-vocab hot paths.\u003c/p\u003e\n\u003cp\u003eThere is no functional \u003ccode\u003e0.23.0\u003c/code\u003e published — we tag \u003ccode\u003e0.23.1\u003c/code\u003e directly so users don't accidentally pull a never-shipped version.\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003e🚨 Breaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDrop Python 3.9\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1952\"\u003e#1952\u003c/a\u003e) — \u003ccode\u003erequires-python = \u0026quot;\u0026gt;=3.10\u0026quot;\u003c/code\u003e; 3.9 users stay on \u003ccode\u003e0.22.x\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eadd_tokens\u003c/code\u003e normalizes \u003ccode\u003econtent\u003c/code\u003e at insertion\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e) — re-saved \u003ccode\u003etokenizer.json\u003c/code\u003e may differ in the \u003ccode\u003eadded_tokens\u003c/code\u003e block. Existing files load unchanged.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType stubs are precise\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1928\"\u003e#1928\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1997\"\u003e#1997\u003c/a\u003e) — methods that returned \u003ccode\u003eAny\u003c/code\u003e now return real types; \u003ccode\u003emypy --strict\u003c/code\u003e may surface previously-hidden errors. Stub layout also moved from \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;/__init__.pyi\u003c/code\u003e to \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;.pyi\u003c/code\u003e. This breaks the surface of some of the processors like \u003ccode\u003eRobertaProcessign\u003c/code\u003e's \u003ccode\u003e__init__\u003c/code\u003e .\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e3.14t-only\u003c/strong\u003e: setters/getters return \u003ccode\u003ePyResult\u0026lt;T\u0026gt;\u003c/code\u003e because of \u003ccode\u003eArc\u0026lt;RwLock\u0026lt;Tokenizer\u0026gt;\u0026gt;\u003c/code\u003e; a poisoned lock surfaces as \u003ccode\u003ePyException\u003c/code\u003e instead of a panic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e⚡ Performance — measured locally on this Mac, not lifted from PRs\u003c/h2\u003e\n\u003cp\u003eRun with \u003ccode\u003ecargo bench --bench \u0026lt;name\u0026gt; -- --save-baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.22.2\u003c/code\u003e, then \u003ccode\u003e--baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.23.1\u003c/code\u003e. Numbers are point-in-time wall clock on a single laptop; relative deltas are what matters, absolute numbers will differ on CI hardware.\u003c/p\u003e\n\u003ch3\u003eAdded-vocabulary deserialize — the headline win (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1999\"\u003e#1999\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003e\u003ccode\u003ebench: improve added_vocab_deserialize to reflect real-world workloads\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2000\"\u003e#2000\u003c/a\u003e) is now representative of how transformers actually loads tokenizer.json files. The combined effect of \u003ccode\u003edaachorse\u003c/code\u003e for the matching automaton plus the normalize-on-insert refactor is enormous on this workload:\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~410 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e248 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.1 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e273 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~395 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e235 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.4 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e290 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e400k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~15 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e980 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−94%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eReal-world impact: loading a Llama-3-style tokenizer with a large set of added tokens dropped from \u0026quot;noticeable pause\u0026quot; to \u0026quot;instant\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eBPE encode\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch, no cache\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e530 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e446 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−16%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch\u003c/code\u003e (cached)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e690 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e685 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode\u003c/code\u003e (single)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.95 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.94 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (small)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e32.6 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e31.5 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−3%\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (big)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.01 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e988 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−2%\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eThe BPE per-thread cache PR (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e) shows much larger wins on highly-parallel workloads (+47–62% at 88+ threads on a server box, per the PR's own measurements on Vera). Single-thread batch numbers above are flat or slightly improved because cache-hit overhead was already low without contention.\u003c/p\u003e\n\u003ch3\u003eLlama-3 encode\u003c/h3\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/7f1623b90b5adfb9bc327d4c3468d2f70bbce262\"\u003e\u003ccode\u003e7f1623b\u003c/code\u003e\u003c/a\u003e Bump version to 0.23.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bbe43ad73d8fc8932b9d0e657ddee3cd70c649a4\"\u003e\u003ccode\u003ebbe43ad\u003c/code\u003e\u003c/a\u003e ci: release workflow fixes (node + python) (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2043\"\u003e#2043\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/ab0c5d8fc13eb1c5001d9c06806635e2b5a42e9f\"\u003e\u003ccode\u003eab0c5d8\u003c/code\u003e\u003c/a\u003e Fix node release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2034\"\u003e#2034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/decd8e07dad15f296c0adc2bc3a560f62d3de2eb\"\u003e\u003ccode\u003edecd8e0\u003c/code\u003e\u003c/a\u003e bindings/python: free-threaded Python (3.14t) support (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/3992692d483bf3177219b52cb101b1bb055c18e6\"\u003e\u003ccode\u003e3992692\u003c/code\u003e\u003c/a\u003e update for release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bcdd25b97fcd78549903082ecf3ddd87d42c456b\"\u003e\u003ccode\u003ebcdd25b\u003c/code\u003e\u003c/a\u003e BPE cache: per-thread read-through cache to avoid RwLock atomics on hits (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/618eb383f43e207139eb5cdb9bca17796b5e9bd7\"\u003e\u003ccode\u003e618eb38\u003c/code\u003e\u003c/a\u003e Bump follow-redirects in /tokenizers/examples/unstable_wasm/www (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2024\"\u003e#2024\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/b6b1688bef2e87efc91af18edf7ac38b4d2dfbe6\"\u003e\u003ccode\u003eb6b1688\u003c/code\u003e\u003c/a\u003e chore: bump doc-builder SHA for PR upload workflow (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2025\"\u003e#2025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/19015d6b44aa3896626de5092e4171aed1b56d5b\"\u003e\u003ccode\u003e19015d6\u003c/code\u003e\u003c/a\u003e fix: use uvx --with cairosvg instead of uv pip install --system (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2021\"\u003e#2021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/efbcc68e321c364c8f9541f1c93a158df54d7da4\"\u003e\u003ccode\u003eefbcc68\u003c/code\u003e\u003c/a\u003e Ci benchmarks (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2019\"\u003e#2019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/tokenizers/compare/v0.22.2...v0.23.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastapi` from 0.128.0 to 0.136.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastapi/fastapi/releases\"\u003efastapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.136.3\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Do not accept underscore headers when using \u003ccode\u003econvert_underscores=True\u003c/code\u003e (the default). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15589\"\u003e#15589\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.136.2\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Validate Server Sent Event fields to avoid applications from sending broken data. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15588\"\u003e#15588\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e📝 Document \u003ccode\u003e--entrypoint\u003c/code\u003e CLI option. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15464\"\u003e#15464\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update and simplify docs about help and management. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15583\"\u003e#15583\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Add docs references to central contributing docs. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15580\"\u003e#15580\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update security policy. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15577\"\u003e#15577\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🍱 Update sponsors: TalorData image. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15562\"\u003e#15562\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update docs, simplify usage of admonitions, only default ones. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15553\"\u003e#15553\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Fix image URLs in \u003ccode\u003eindex.md\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15534\"\u003e#15534\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e✏️ Fix Azkaban spelling typo in \u003ccode\u003evirtual-environments.md‎\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15463\"\u003e#15463\u003c/a\u003e by \u003ca href=\"https://github.com/isaacbernat\"\u003e\u003ccode\u003e@​isaacbernat\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e💄 Improve layout and styling. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15462\"\u003e#15462\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e💄 Refactor opinions section with interactive tabs and new logos. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15458\"\u003e#15458\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Add FastAPI Conf '26 announcement to docs. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15457\"\u003e#15457\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🌐 Improve translation consistency in \u003ccode\u003e‎docs/pt/docs/advanced/generate-clients.md‎\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15456\"\u003e#15456\u003c/a\u003e by \u003ca href=\"https://github.com/Will-thom\"\u003e\u003ccode\u003e@​Will-thom\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ja (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15530\"\u003e#15530\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for uk (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15529\"\u003e#15529\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for pt (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15528\"\u003e#15528\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for de (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15527\"\u003e#15527\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for tr (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15526\"\u003e#15526\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ko (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15525\"\u003e#15525\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for zh-hant (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15524\"\u003e#15524\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for fr (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15522\"\u003e#15522\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for es (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15523\"\u003e#15523\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for zh (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15520\"\u003e#15520\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ru (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15521\"\u003e#15521\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Fix typos in Spanish LLM-prompt. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15472\"\u003e#15472\u003c/a\u003e by \u003ca href=\"https://github.com/crr004\"\u003e\u003ccode\u003e@​crr004\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e✅ Update tests, don't double dispose the engine. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15587\"\u003e#15587\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⚡️ Speed up test suite via caching and fixture scopes to make it ~24% faster. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/13583\"\u003e#13583\u003c/a\u003e by \u003ca href=\"https://github.com/dikos1337\"\u003e\u003ccode\u003e@​dikos1337\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔥 Remove config files now in central GitHub repo. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15585\"\u003e#15585\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump urllib3 from 2.6.3 to 2.7.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15502\"\u003e#15502\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump idna from 3.11 to 3.15. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15565\"\u003e#15565\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump cloudflare/wrangler-action from 3.15.0 to 4.0.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15571\"\u003e#15571\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Migrate docs from MkDocs to Zensical. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15563\"\u003e#15563\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔒️ Only allow team members to modify dependencies. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15548\"\u003e#15548\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/82064857539e6286522c347b4b11331b48dd2378\"\u003e\u003ccode\u003e8206485\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c910e0139f983d0e04e2d1d235cd71803afeae34\"\u003e\u003ccode\u003ec910e01\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/063b5bf582d31fb155cc6bc6f88cf512329d0fd5\"\u003e\u003ccode\u003e063b5bf\u003c/code\u003e\u003c/a\u003e ♻️ Do not accept underscore headers when using \u003ccode\u003econvert_underscores=True\u003c/code\u003e (th...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/22b02e26f9e8c7e32bd8266e2b0ebe8bb3a0db2b\"\u003e\u003ccode\u003e22b02e2\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/3b252a2a22ba27a8ab83d6bde7d9cddbc5bf738e\"\u003e\u003ccode\u003e3b252a2\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c7fb7851b3389f24c51701d705458989be53ccbb\"\u003e\u003ccode\u003ec7fb785\u003c/code\u003e\u003c/a\u003e ♻️ Validate Server Sent Event fields to avoid applications from sending broke...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/cb83b83dcf78eab4ea17d504db5abcda705fbdc4\"\u003e\u003ccode\u003ecb83b83\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/00f805cec94c0bf48c1f9a563535a3ab2e6f90ab\"\u003e\u003ccode\u003e00f805c\u003c/code\u003e\u003c/a\u003e ✅ Update tests, don't double dispose the engine (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15587\"\u003e#15587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/3675137523dc167981aa3a3c44599b4f3079ccd8\"\u003e\u003ccode\u003e3675137\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/7b57e42986bb4d40c9eb6580537d13fb8e76097e\"\u003e\u003ccode\u003e7b57e42\u003c/code\u003e\u003c/a\u003e 📝 Document \u003ccode\u003e--entrypoint\u003c/code\u003e CLI option (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15464\"\u003e#15464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastapi/fastapi/compare/0.128.0...0.136.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.12.0 to 2.13.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.4 2026-05-06\u003c/h2\u003e\n\u003ch2\u003ev2.13.4 (2026-05-06)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump libc from 0.2.155 to 0.2.185 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13109\"\u003e#13109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS by \u003ca href=\"https://github.com/washingtoneg\"\u003e\u003ccode\u003e@​washingtoneg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13147\"\u003e#13147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13129\"\u003e#13129\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.3 2026-04-20\u003c/h2\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.2 2026-04-17\u003c/h2\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.1 2026-04-15\u003c/h2\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.0 2026-04-13\u003c/h2\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.4 (2026-05-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump libc from 0.2.155 to 0.2.185 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13109\"\u003e#13109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS by \u003ca href=\"https://github.com/washingtoneg\"\u003e\u003ccode\u003e@​washingtoneg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13147\"\u003e#13147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13129\"\u003e#13129\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.3\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.2\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.1\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.0 (2026-04-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.0\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThe highlights of the v2.13 release are available in the \u003ca href=\"https://pydantic.dev/articles/pydantic-v2-13-release\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/cf67d4b3193c3fe43ede18612ed62785eee11382\"\u003e\u003ccode\u003ecf67d4b\u003c/code\u003e\u003c/a\u003e Fix linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/f0d8a214a5803036db46a56b1f62f1e56b81d662\"\u003e\u003ccode\u003ef0d8a21\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e3fe1d41a00f441204241c66078003ae0391f9a\"\u003e\u003ccode\u003e5e3fe1d\u003c/code\u003e\u003c/a\u003e Check for pydantic tag pattern in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/7f9edcc2a191d2eaa9751220eb910914e716a686\"\u003e\u003ccode\u003e7f9edcc\u003c/code\u003e\u003c/a\u003e Document tagging conventions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/b46a0c9b8a4dd967fda8ec1a92f6437076bf262c\"\u003e\u003ccode\u003eb46a0c9\u003c/code\u003e\u003c/a\u003e Adapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/50629c851e61d887d5420452c311ec6203f1f400\"\u003e\u003ccode\u003e50629c8\u003c/code\u003e\u003c/a\u003e Update to PyPy 7.3.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8522ebb71e5e9a6f7188af5f009f01785b8cf725\"\u003e\u003ccode\u003e8522ebb\u003c/code\u003e\u003c/a\u003e Preserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/a37f3aff090ca342dc5f48304889963530b993f8\"\u003e\u003ccode\u003ea37f3af\u003c/code\u003e\u003c/a\u003e Adapt \u003ccode\u003eMISSING\u003c/code\u003e sentinel test to work with unreleased \u003ccode\u003etyping_extensions\u003c/code\u003e ver...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/909259a9df660518033aa686b689f045a6eaf9d2\"\u003e\u003ccode\u003e909259a\u003c/code\u003e\u003c/a\u003e Remove Logfire example in documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/2c4174c366606fc2dc46cb806833a080aefa77df\"\u003e\u003ccode\u003e2c4174c\u003c/code\u003e\u003c/a\u003e Bump libc from 0.2.155 to 0.2.185\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.12.0...v2.13.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prometheus-client` from 0.22.0 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_python/releases\"\u003eprometheus-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix spaces in grouping key values for push_to_gateway by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1156\"\u003eprometheus/client_python#1156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport MultiProcessCollector in RestrictedRegistry by \u003ca href=\"https://github.com/mathias-kende\"\u003e\u003ccode\u003e@​mathias-kende\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1150\"\u003eprometheus/client_python#1150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Django] Pass correct registry to MultiProcessCollector by \u003ca href=\"https://github.com/jelly\"\u003e\u003ccode\u003e@​jelly\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1152\"\u003eprometheus/client_python#1152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd an AIOHTTP exporter by \u003ca href=\"https://github.com/Lexicality\"\u003e\u003ccode\u003e@​Lexicality\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1139\"\u003eprometheus/client_python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd remove_matching() method for metric label deletion by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1121\"\u003eprometheus/client_python#1121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(multiprocess): avoid double-building child metric names (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1035\"\u003e#1035\u003c/a\u003e) by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1146\"\u003eprometheus/client_python#1146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't interleave histogram metrics in multi-process collector by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1148\"\u003eprometheus/client_python#1148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax registry type annotations for exposition by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1149\"\u003eprometheus/client_python#1149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded compression support in pushgateway by \u003ca href=\"https://github.com/ritesh-avesha\"\u003e\u003ccode\u003e@​ritesh-avesha\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1144\"\u003eprometheus/client_python#1144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Django exporter (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1088\"\u003e#1088\u003c/a\u003e) by \u003ca href=\"https://github.com/Chadys\"\u003e\u003ccode\u003e@​Chadys\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1143\"\u003eprometheus/client_python#1143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use tuples instead of packaging Version by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUTF-8 Content Negotiation by \u003ca href=\"https://github.com/ywwg\"\u003e\u003ccode\u003e@​ywwg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1102\"\u003eprometheus/client_python#1102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRe include test data by \u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove parser performance by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1117\"\u003eprometheus/client_python#1117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support to \u003ccode\u003ewrite_to_textfile\u003c/code\u003e for custom tmpdir by \u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOM text exposition for NH by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1087\"\u003eprometheus/client_python#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug which caused metric publishing to not accept query string parameters in ASGI app by \u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1125\"\u003eprometheus/client_python#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEmit native histograms only when OM 2.0.0 is requested by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1128\"\u003eprometheus/client_python#1128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove space after comma in openmetrics exposition by \u003ca href=\"https://github.com/theSuess\"\u003e\u003ccode\u003e@​theSuess\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1132\"\u003eprometheus/client_python#1132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix issue parsing double spaces after # HELP/# TYPE by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code...\n\n_Description has been truncated_","html_url":"https://github.com/kingcharlezz/deepseek-v4-flash-deterministic-vllm/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kingcharlezz%2Fdeepseek-v4-flash-deterministic-vllm/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"4452313204","node_id":"PR_kwDOI7xefs7b1Vf9","number":42717,"state":"open","title":"Bump the minor-update group across 1 directory with 143 updates","user":"dependabot[bot]","labels":["rocm","ci/build","nvidia","dependencies"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T08:01:08.000Z","updated_at":"2026-05-20T05:01:30.742Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"minor-update","update_count":143,"packages":[{"name":"regex","old_version":"2026.2.28","new_version":"2026.5.9","repository_url":"https://github.com/mrabarnett/mrab-regex"},{"name":"requests","old_version":"2.32.3","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"transformers","old_version":"5.5.3","new_version":"5.8.1","repository_url":"https://github.com/huggingface/transformers"},{"name":"tokenizers","old_version":"0.22.2","new_version":"0.23.1","repository_url":"https://github.com/huggingface/tokenizers"},{"name":"fastapi","old_version":"0.128.0","new_version":"0.136.1","repository_url":"https://github.com/fastapi/fastapi"},{"name":"pydantic","old_version":"2.12.0","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"prometheus-client","old_version":"0.22.0","new_version":"0.25.0","repository_url":"https://github.com/prometheus/client_python"},{"name":"tiktoken","old_version":"0.12.0","new_version":"0.13.0","repository_url":"https://github.com/openai/tiktoken"},{"name":"lark","old_version":"1.2.2","new_version":"1.3.1","repository_url":"https://github.com/lark-parser/lark"},{"name":"filelock","old_version":"3.16.1","new_version":"3.29.0","repository_url":"https://github.com/tox-dev/py-filelock"},{"name":"opentelemetry-sdk","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-api","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"tblib","old_version":"3.1.0","new_version":"3.2.2","repository_url":"https://github.com/ionelmc/python-tblib"},{"name":"absl-py","old_version":"2.1.0","new_version":"2.4.0","repository_url":"https://github.com/abseil/abseil-py"},{"name":"alembic","old_version":"1.16.4","new_version":"1.18.4","repository_url":"https://github.com/sqlalchemy/alembic"},{"name":"anyio","old_version":"4.6.2.post1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"argcomplete","old_version":"3.5.1","new_version":"3.6.3","repository_url":"https://github.com/kislyuk/argcomplete"},{"name":"arrow","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/arrow-py/arrow"},{"name":"audioread","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/beetbox/audioread"},{"name":"azure-core","old_version":"1.38.2","new_version":"1.41.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"azure-storage-blob","old_version":"12.28.0","new_version":"12.29.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"blobfile","old_version":"3.0.0","new_version":"3.2.0","repository_url":"https://github.com/blobfile/blobfile"},{"name":"bm25s","old_version":"0.2.13","new_version":"0.3.9","repository_url":"https://github.com/xhluca/bm25s"},{"name":"boto3","old_version":"1.35.57","new_version":"1.43.10","repository_url":"https://github.com/boto/boto3"},{"name":"botocore","old_version":"1.35.57","new_version":"1.43.10","repository_url":"https://github.com/boto/botocore"},{"name":"click","old_version":"8.1.7","new_version":"8.4.0","repository_url":"https://github.com/pallets/click"},{"name":"coverage","old_version":"7.10.6","new_version":"7.14.0","repository_url":"https://github.com/coveragepy/coveragepy"},{"name":"cramjam","old_version":"2.9.0","new_version":"2.11.0","repository_url":"https://github.com/milesgranger/pyrus-cramjam"},{"name":"cuda-bindings","old_version":"13.0.3","new_version":"13.2.0","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-pathfinder","old_version":"1.3.3","new_version":"1.5.4","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-toolkit","old_version":"13.0.2","new_version":"13.2.1"},{"name":"datamodel-code-generator","old_version":"0.26.3","new_version":"0.57.0","repository_url":"https://github.com/koxudaxi/datamodel-code-generator"},{"name":"dataproperty","old_version":"1.0.1","new_version":"1.1.1","repository_url":"https://github.com/thombashi/DataProperty"},{"name":"decorator","old_version":"5.1.1","new_version":"5.3.1","repository_url":"https://github.com/micheles/decorator"},{"name":"dill","old_version":"0.3.8","new_version":"0.4.1","repository_url":"https://github.com/uqfoundation/dill"},{"name":"distlib","old_version":"0.3.9","new_version":"0.4.0","repository_url":"https://github.com/pypa/distlib"},{"name":"dnspython","old_version":"2.7.0","new_version":"2.8.0","repository_url":"https://github.com/rthalley/dnspython"},{"name":"einx","old_version":"0.3.0","new_version":"0.4.3","repository_url":"https://github.com/fferflo/einx"},{"name":"email-validator","old_version":"2.2.0","new_version":"2.3.0","repository_url":"https://github.com/JoshData/python-email-validator"},{"name":"fastsafetensors","old_version":"0.2.2","new_version":"0.3.1","repository_url":"https://github.com/foundation-model-stack/fastsafetensors"},{"name":"fonttools","old_version":"4.55.0","new_version":"4.63.0","repository_url":"https://github.com/fonttools/fonttools"},{"name":"frozenlist","old_version":"1.5.0","new_version":"1.8.0","repository_url":"https://github.com/aio-libs/frozenlist"},{"name":"google-api-core","old_version":"2.24.2","new_version":"2.30.3","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-auth","old_version":"2.40.2","new_version":"2.53.0","repository_url":"https://github.com/googleapis/google-auth-library-python"},{"name":"google-cloud-core","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-cloud-storage","old_version":"3.4.0","new_version":"3.10.1","repository_url":"https://github.com/googleapis/python-storage"},{"name":"google-crc32c","old_version":"1.7.1","new_version":"1.8.0","repository_url":"https://github.com/googleapis/python-crc32c"},{"name":"google-resumable-media","old_version":"2.7.2","new_version":"2.9.0","repository_url":"https://github.com/googleapis/google-resumable-media-python"},{"name":"googleapis-common-protos","old_version":"1.70.0","new_version":"1.75.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"greenlet","old_version":"3.2.3","new_version":"3.5.0","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"grpcio","old_version":"1.78.0","new_version":"1.80.0","repository_url":"https://github.com/grpc/grpc"},{"name":"grpcio-reflection","old_version":"1.78.0","new_version":"1.80.0"},{"name":"h11","old_version":"0.14.0","new_version":"0.16.0","repository_url":"https://github.com/python-hyper/h11"},{"name":"harfile","old_version":"0.3.0","new_version":"0.4.0","repository_url":"https://github.com/schemathesis/harfile"},{"name":"hf-xet","old_version":"1.4.3","new_version":"1.5.0","repository_url":"https://github.com/huggingface/xet-core"},{"name":"hiredis","old_version":"3.0.0","new_version":"3.3.1","repository_url":"https://github.com/redis/hiredis-py"},{"name":"httpx","old_version":"0.27.2","new_version":"0.28.1","repository_url":"https://github.com/encode/httpx"},{"name":"huggingface-hub","old_version":"1.10.2","new_version":"1.15.0","repository_url":"https://github.com/huggingface/huggingface_hub"},{"name":"humanize","old_version":"4.11.0","new_version":"4.15.0","repository_url":"https://github.com/python-humanize/humanize"},{"name":"hypothesis","old_version":"6.131.0","new_version":"6.152.8","repository_url":"https://github.com/HypothesisWorks/hypothesis"},{"name":"hypothesis-graphql","old_version":"0.11.1","new_version":"0.12.0","repository_url":"https://github.com/Stranger6667/hypothesis-graphql"},{"name":"idna","old_version":"3.10","new_version":"3.15","repository_url":"https://github.com/kjd/idna"},{"name":"iniconfig","old_version":"2.0.0","new_version":"2.3.0","repository_url":"https://github.com/pytest-dev/iniconfig"},{"name":"jmespath","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/jmespath/jmespath.py"},{"name":"joblib","old_version":"1.4.2","new_version":"1.5.3","repository_url":"https://github.com/joblib/joblib"},{"name":"jsonpointer","old_version":"3.0.0","new_version":"3.1.1","repository_url":"https://github.com/stefankoegl/python-json-pointer"},{"name":"jsonschema","old_version":"4.23.0","new_version":"4.26.0","repository_url":"https://github.com/python-jsonschema/jsonschema"},{"name":"kiwisolver","old_version":"1.4.7","new_version":"1.5.0","repository_url":"https://github.com/nucleic/kiwi"},{"name":"lazy-loader","old_version":"0.4","new_version":"0.5","repository_url":"https://github.com/scientific-python/lazy-loader"},{"name":"librosa","old_version":"0.10.2.post1","new_version":"0.11.0","repository_url":"https://github.com/librosa/librosa"},{"name":"matplotlib","old_version":"3.9.2","new_version":"3.10.9","repository_url":"https://github.com/matplotlib/matplotlib"},{"name":"mpmath","old_version":"1.3.0","new_version":"1.4.1","repository_url":"https://github.com/mpmath/mpmath"},{"name":"msal","old_version":"1.34.0","new_version":"1.36.0","repository_url":"https://github.com/AzureAD/microsoft-authentication-library-for-python"},{"name":"mteb","old_version":"2.8.3","new_version":"2.12.30","repository_url":"https://github.com/embeddings-benchmark/mteb"},{"name":"multidict","old_version":"6.1.0","new_version":"6.7.1","repository_url":"https://github.com/aio-libs/multidict"},{"name":"mypy-extensions","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/python/mypy_extensions"},{"name":"networkx","old_version":"3.2.1","new_version":"3.4.2","repository_url":"https://github.com/networkx/networkx"},{"name":"nvidia-cublas","old_version":"13.1.0.3","new_version":"13.4.1.1"},{"name":"nvidia-cuda-cupti","old_version":"13.0.85","new_version":"13.2.75"},{"name":"nvidia-cuda-nvrtc","old_version":"13.0.88","new_version":"13.2.78"},{"name":"nvidia-cuda-runtime","old_version":"13.0.96","new_version":"13.2.75"},{"name":"nvidia-cudnn-cu13","old_version":"9.19.0.56","new_version":"9.22.0.52"},{"name":"nvidia-cufft","old_version":"12.0.0.61","new_version":"12.2.0.46"},{"name":"nvidia-cufile","old_version":"1.15.1.6","new_version":"1.17.1.22"},{"name":"nvidia-cusolver","old_version":"12.0.4.66","new_version":"12.2.0.1"},{"name":"nvidia-cusparse","old_version":"12.6.3.3","new_version":"12.7.10.1"},{"name":"nvidia-cusparselt-cu13","old_version":"0.8.0","new_version":"0.9.1"},{"name":"nvidia-nccl-cu13","old_version":"2.28.9","new_version":"2.30.4"},{"name":"nvidia-nvjitlink","old_version":"13.0.88","new_version":"13.2.78"},{"name":"nvidia-nvshmem-cu13","old_version":"3.4.5","new_version":"3.6.5"},{"name":"nvidia-nvtx","old_version":"13.0.85","new_version":"13.2.75"},{"name":"opentelemetry-exporter-prometheus","old_version":"0.56b0","new_version":"0.62b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-proto","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-semantic-conventions","old_version":"0.56b0","new_version":"0.62b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"pathvalidate","old_version":"3.2.1","new_version":"3.3.1","repository_url":"https://github.com/thombashi/pathvalidate"},{"name":"peft","old_version":"0.18.1","new_version":"0.19.1","repository_url":"https://github.com/huggingface/peft"},{"name":"perceptron","old_version":"0.1.4","new_version":"0.3.5","repository_url":"https://github.com/perceptron-ai-inc/perceptron"},{"name":"platformdirs","old_version":"4.3.6","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"pluggy","old_version":"1.5.0","new_version":"1.6.0","repository_url":"https://github.com/pytest-dev/pluggy"},{"name":"polars","old_version":"1.29.0","new_version":"1.40.1","repository_url":"https://github.com/pola-rs/polars"},{"name":"pooch","old_version":"1.8.2","new_version":"1.9.0","repository_url":"https://github.com/fatiando/pooch"},{"name":"propcache","old_version":"0.2.0","new_version":"0.5.2","repository_url":"https://github.com/aio-libs/propcache"},{"name":"proto-plus","old_version":"1.26.1","new_version":"1.28.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"pycryptodomex","old_version":"3.22.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"pydantic-core","old_version":"2.41.1","new_version":"2.46.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-extra-types","old_version":"2.10.5","new_version":"2.11.1","repository_url":"https://github.com/pydantic/pydantic-extra-types"},{"name":"pygments","old_version":"2.18.0","new_version":"2.20.0","repository_url":"https://github.com/pygments/pygments"},{"name":"pyjwt","old_version":"2.11.0","new_version":"2.12.1","repository_url":"https://github.com/jpadilla/pyjwt"},{"name":"pyparsing","old_version":"3.2.0","new_version":"3.3.2","repository_url":"https://github.com/pyparsing/pyparsing"},{"name":"pytest-mock","old_version":"3.14.0","new_version":"3.15.1","repository_url":"https://github.com/pytest-dev/pytest-mock"},{"name":"pytest-subtests","old_version":"0.14.1","new_version":"0.15.0","repository_url":"https://github.com/pytest-dev/pytest-subtests"},{"name":"pytest-timeout","old_version":"2.3.1","new_version":"2.4.0","repository_url":"https://github.com/pytest-dev/pytest-timeout"},{"name":"python-rapidjson","old_version":"1.20","new_version":"1.23","repository_url":"https://github.com/python-rapidjson/python-rapidjson"},{"name":"rapidfuzz","old_version":"3.12.1","new_version":"3.14.5","repository_url":"https://github.com/rapidfuzz/RapidFuzz"},{"name":"referencing","old_version":"0.35.1","new_version":"0.37.0","repository_url":"https://github.com/python-jsonschema/referencing"},{"name":"responses","old_version":"0.25.3","new_version":"0.26.0","repository_url":"https://github.com/getsentry/responses"},{"name":"rpds-py","old_version":"0.20.1","new_version":"0.30.0","repository_url":"https://github.com/crate-py/rpds"},{"name":"s3transfer","old_version":"0.10.3","new_version":"0.17.0","repository_url":"https://github.com/boto/s3transfer"},{"name":"sacrebleu","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/mjpost/sacrebleu"},{"name":"safetensors","old_version":"0.4.5","new_version":"0.7.0","repository_url":"https://github.com/huggingface/safetensors"},{"name":"scikit-learn","old_version":"1.5.2","new_version":"1.7.2","repository_url":"https://github.com/scikit-learn/scikit-learn"},{"name":"scipy","old_version":"1.13.1","new_version":"1.15.3","repository_url":"https://github.com/scipy/scipy"},{"name":"sentence-transformers","old_version":"5.2.0","new_version":"5.5.0","repository_url":"https://github.com/huggingface/sentence-transformers"},{"name":"six","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/benjaminp/six"},{"name":"smart-open","old_version":"7.1.0","new_version":"7.6.1","repository_url":"https://github.com/piskvorky/smart_open"},{"name":"soundfile","old_version":"0.12.1","new_version":"0.13.1","repository_url":"https://github.com/bastibe/python-soundfile"},{"name":"structlog","old_version":"25.4.0","new_version":"25.5.0","repository_url":"https://github.com/hynek/structlog"},{"name":"sympy","old_version":"1.13.3","new_version":"1.14.0","repository_url":"https://github.com/sympy/sympy"},{"name":"tabulate","old_version":"0.9.0","new_version":"0.10.0","repository_url":"https://github.com/astanin/python-tabulate"},{"name":"tensorizer","old_version":"2.10.1","new_version":"2.12.1","repository_url":"https://github.com/coreweave/tensorizer"},{"name":"termcolor","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/termcolor/termcolor"},{"name":"threadpoolctl","old_version":"3.5.0","new_version":"3.6.0","repository_url":"https://github.com/joblib/threadpoolctl"},{"name":"tomli","old_version":"2.2.1","new_version":"2.4.1","repository_url":"https://github.com/hukkin/tomli"},{"name":"triton","old_version":"3.6.0","new_version":"3.7.0","repository_url":"https://github.com/triton-lang/triton"},{"name":"tritonclient","old_version":"2.64.0","new_version":"2.68.0","repository_url":"https://github.com/triton-inference-server/client"},{"name":"typer","old_version":"0.15.2","new_version":"0.25.1","repository_url":"https://github.com/fastapi/typer"},{"name":"urllib3","old_version":"2.2.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.35.0","new_version":"0.47.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"vector-quantize-pytorch","old_version":"1.21.2","new_version":"1.29.1","repository_url":"https://github.com/lucidrains/vector-quantizer-pytorch"},{"name":"wcwidth","old_version":"0.2.13","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"xxhash","old_version":"3.5.0","new_version":"3.7.0","repository_url":"https://github.com/ifduyue/python-xxhash"},{"name":"yarl","old_version":"1.17.1","new_version":"1.23.0","repository_url":"https://github.com/aio-libs/yarl"},{"name":"conch-triton-kernels","old_version":"1.2.1","new_version":"1.3","repository_url":"https://github.com/stackav-oss/conch"}],"path":null,"ecosystem":"pip"},"body":"Bumps the minor-update group with 143 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [regex](https://github.com/mrabarnett/mrab-regex) | `2026.2.28` | `2026.5.9` |\n| [requests](https://github.com/psf/requests) | `2.32.3` | `2.34.2` |\n| [transformers](https://github.com/huggingface/transformers) | `5.5.3` | `5.8.1` |\n| [tokenizers](https://github.com/huggingface/tokenizers) | `0.22.2` | `0.23.1` |\n| [fastapi](https://github.com/fastapi/fastapi) | `0.128.0` | `0.136.1` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.0` | `2.13.4` |\n| [prometheus-client](https://github.com/prometheus/client_python) | `0.22.0` | `0.25.0` |\n| [tiktoken](https://github.com/openai/tiktoken) | `0.12.0` | `0.13.0` |\n| [lark](https://github.com/lark-parser/lark) | `1.2.2` | `1.3.1` |\n| [filelock](https://github.com/tox-dev/py-filelock) | `3.16.1` | `3.29.0` |\n| [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [tblib](https://github.com/ionelmc/python-tblib) | `3.1.0` | `3.2.2` |\n| [absl-py](https://github.com/abseil/abseil-py) | `2.1.0` | `2.4.0` |\n| [alembic](https://github.com/sqlalchemy/alembic) | `1.16.4` | `1.18.4` |\n| [anyio](https://github.com/agronholm/anyio) | `4.6.2.post1` | `4.13.0` |\n| [argcomplete](https://github.com/kislyuk/argcomplete) | `3.5.1` | `3.6.3` |\n| [arrow](https://github.com/arrow-py/arrow) | `1.3.0` | `1.4.0` |\n| [audioread](https://github.com/beetbox/audioread) | `3.0.1` | `3.1.0` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.38.2` | `1.41.0` |\n| [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) | `12.28.0` | `12.29.0` |\n| [blobfile](https://github.com/blobfile/blobfile) | `3.0.0` | `3.2.0` |\n| [bm25s](https://github.com/xhluca/bm25s) | `0.2.13` | `0.3.9` |\n| [boto3](https://github.com/boto/boto3) | `1.35.57` | `1.43.10` |\n| [botocore](https://github.com/boto/botocore) | `1.35.57` | `1.43.10` |\n| [click](https://github.com/pallets/click) | `8.1.7` | `8.4.0` |\n| [coverage](https://github.com/coveragepy/coveragepy) | `7.10.6` | `7.14.0` |\n| [cramjam](https://github.com/milesgranger/pyrus-cramjam) | `2.9.0` | `2.11.0` |\n| [cuda-bindings](https://github.com/NVIDIA/cuda-python) | `13.0.3` | `13.2.0` |\n| [cuda-pathfinder](https://github.com/NVIDIA/cuda-python) | `1.3.3` | `1.5.4` |\n| [cuda-toolkit](https://developer.nvidia.com/cuda-toolkit) | `13.0.2` | `13.2.1` |\n| [datamodel-code-generator](https://github.com/koxudaxi/datamodel-code-generator) | `0.26.3` | `0.57.0` |\n| [dataproperty](https://github.com/thombashi/DataProperty) | `1.0.1` | `1.1.1` |\n| [decorator](https://github.com/micheles/decorator) | `5.1.1` | `5.3.1` |\n| [dill](https://github.com/uqfoundation/dill) | `0.3.8` | `0.4.1` |\n| [distlib](https://github.com/pypa/distlib) | `0.3.9` | `0.4.0` |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.7.0` | `2.8.0` |\n| [einx](https://github.com/fferflo/einx) | `0.3.0` | `0.4.3` |\n| [email-validator](https://github.com/JoshData/python-email-validator) | `2.2.0` | `2.3.0` |\n| [fastsafetensors](https://github.com/foundation-model-stack/fastsafetensors) | `0.2.2` | `0.3.1` |\n| [fonttools](https://github.com/fonttools/fonttools) | `4.55.0` | `4.63.0` |\n| [frozenlist](https://github.com/aio-libs/frozenlist) | `1.5.0` | `1.8.0` |\n| [google-api-core](https://github.com/googleapis/google-cloud-python) | `2.24.2` | `2.30.3` |\n| [google-auth](https://github.com/googleapis/google-auth-library-python) | `2.40.2` | `2.53.0` |\n| [google-cloud-core](https://github.com/googleapis/google-cloud-python) | `2.4.3` | `2.6.0` |\n| [google-cloud-storage](https://github.com/googleapis/python-storage) | `3.4.0` | `3.10.1` |\n| [google-crc32c](https://github.com/googleapis/python-crc32c) | `1.7.1` | `1.8.0` |\n| [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) | `2.7.2` | `2.9.0` |\n| [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.70.0` | `1.75.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.2.3` | `3.5.0` |\n| [grpcio](https://github.com/grpc/grpc) | `1.78.0` | `1.80.0` |\n| [grpcio-reflection](https://grpc.io) | `1.78.0` | `1.80.0` |\n| [h11](https://github.com/python-hyper/h11) | `0.14.0` | `0.16.0` |\n| [harfile](https://github.com/schemathesis/harfile) | `0.3.0` | `0.4.0` |\n| [hf-xet](https://github.com/huggingface/xet-core) | `1.4.3` | `1.5.0` |\n| [hiredis](https://github.com/redis/hiredis-py) | `3.0.0` | `3.3.1` |\n| [httpx](https://github.com/encode/httpx) | `0.27.2` | `0.28.1` |\n| [huggingface-hub](https://github.com/huggingface/huggingface_hub) | `1.10.2` | `1.15.0` |\n| [humanize](https://github.com/python-humanize/humanize) | `4.11.0` | `4.15.0` |\n| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.131.0` | `6.152.8` |\n| [hypothesis-graphql](https://github.com/Stranger6667/hypothesis-graphql) | `0.11.1` | `0.12.0` |\n| [idna](https://github.com/kjd/idna) | `3.10` | `3.15` |\n| [iniconfig](https://github.com/pytest-dev/iniconfig) | `2.0.0` | `2.3.0` |\n| [jmespath](https://github.com/jmespath/jmespath.py) | `1.0.1` | `1.1.0` |\n| [joblib](https://github.com/joblib/joblib) | `1.4.2` | `1.5.3` |\n| [jsonpointer](https://github.com/stefankoegl/python-json-pointer) | `3.0.0` | `3.1.1` |\n| [jsonschema](https://github.com/python-jsonschema/jsonschema) | `4.23.0` | `4.26.0` |\n| [kiwisolver](https://github.com/nucleic/kiwi) | `1.4.7` | `1.5.0` |\n| [lazy-loader](https://github.com/scientific-python/lazy-loader) | `0.4` | `0.5` |\n| [librosa](https://github.com/librosa/librosa) | `0.10.2.post1` | `0.11.0` |\n| [matplotlib](https://github.com/matplotlib/matplotlib) | `3.9.2` | `3.10.9` |\n| [mpmath](https://github.com/mpmath/mpmath) | `1.3.0` | `1.4.1` |\n| [msal](https://github.com/AzureAD/microsoft-authentication-library-for-python) | `1.34.0` | `1.36.0` |\n| [mteb](https://github.com/embeddings-benchmark/mteb) | `2.8.3` | `2.12.30` |\n| [multidict](https://github.com/aio-libs/multidict) | `6.1.0` | `6.7.1` |\n| [mypy-extensions](https://github.com/python/mypy_extensions) | `1.0.0` | `1.1.0` |\n| [networkx](https://github.com/networkx/networkx) | `3.2.1` | `3.4.2` |\n| [nvidia-cublas](https://developer.nvidia.com/cuda-zone) | `13.1.0.3` | `13.4.1.1` |\n| [nvidia-cuda-cupti](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.2.75` |\n| [nvidia-cuda-nvrtc](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.2.78` |\n| [nvidia-cuda-runtime](https://developer.nvidia.com/cuda-zone) | `13.0.96` | `13.2.75` |\n| [nvidia-cudnn-cu13](https://developer.nvidia.com/cuda-zone) | `9.19.0.56` | `9.22.0.52` |\n| [nvidia-cufft](https://developer.nvidia.com/cuda-zone) | `12.0.0.61` | `12.2.0.46` |\n| [nvidia-cufile](https://developer.nvidia.com/cuda-zone) | `1.15.1.6` | `1.17.1.22` |\n| [nvidia-cusolver](https://developer.nvidia.com/cuda-zone) | `12.0.4.66` | `12.2.0.1` |\n| [nvidia-cusparse](https://developer.nvidia.com/cuda-zone) | `12.6.3.3` | `12.7.10.1` |\n| [nvidia-cusparselt-cu13](https://developer.nvidia.com/cusparselt) | `0.8.0` | `0.9.1` |\n| [nvidia-nccl-cu13](https://developer.nvidia.com/cuda-zone) | `2.28.9` | `2.30.4` |\n| [nvidia-nvjitlink](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.2.78` |\n| [nvidia-nvshmem-cu13](https://developer.nvidia.com/cuda-zone) | `3.4.5` | `3.6.5` |\n| [nvidia-nvtx](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.2.75` |\n| [opentelemetry-exporter-prometheus](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.62b1` |\n| [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.62b1` |\n| [pathvalidate](https://github.com/thombashi/pathvalidate) | `3.2.1` | `3.3.1` |\n| [peft](https://github.com/huggingface/peft) | `0.18.1` | `0.19.1` |\n| [perceptron](https://github.com/perceptron-ai-inc/perceptron) | `0.1.4` | `0.3.5` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.3.6` | `4.9.6` |\n| [pluggy](https://github.com/pytest-dev/pluggy) | `1.5.0` | `1.6.0` |\n| [polars](https://github.com/pola-rs/polars) | `1.29.0` | `1.40.1` |\n| [pooch](https://github.com/fatiando/pooch) | `1.8.2` | `1.9.0` |\n| [propcache](https://github.com/aio-libs/propcache) | `0.2.0` | `0.5.2` |\n| [proto-plus](https://github.com/googleapis/google-cloud-python) | `1.26.1` | `1.28.0` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.22.0` | `3.23.0` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.1` | `2.46.4` |\n| [pydantic-extra-types](https://github.com/pydantic/pydantic-extra-types) | `2.10.5` | `2.11.1` |\n| [pygments](https://github.com/pygments/pygments) | `2.18.0` | `2.20.0` |\n| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.11.0` | `2.12.1` |\n| [pyparsing](https://github.com/pyparsing/pyparsing) | `3.2.0` | `3.3.2` |\n| [pytest-mock](https://github.com/pytest-dev/pytest-mock) | `3.14.0` | `3.15.1` |\n| [pytest-subtests](https://github.com/pytest-dev/pytest-subtests) | `0.14.1` | `0.15.0` |\n| [pytest-timeout](https://github.com/pytest-dev/pytest-timeout) | `2.3.1` | `2.4.0` |\n| [python-rapidjson](https://github.com/python-rapidjson/python-rapidjson) | `1.20` | `1.23` |\n| [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) | `3.12.1` | `3.14.5` |\n| [referencing](https://github.com/python-jsonschema/referencing) | `0.35.1` | `0.37.0` |\n| [responses](https://github.com/getsentry/responses) | `0.25.3` | `0.26.0` |\n| [rpds-py](https://github.com/crate-py/rpds) | `0.20.1` | `0.30.0` |\n| [s3transfer](https://github.com/boto/s3transfer) | `0.10.3` | `0.17.0` |\n| [sacrebleu](https://github.com/mjpost/sacrebleu) | `2.4.3` | `2.6.0` |\n| [safetensors](https://github.com/huggingface/safetensors) | `0.4.5` | `0.7.0` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.5.2` | `1.7.2` |\n| [scipy](https://github.com/scipy/scipy) | `1.13.1` | `1.15.3` |\n| [sentence-transformers](https://github.com/huggingface/sentence-transformers) | `5.2.0` | `5.5.0` |\n| [six](https://github.com/benjaminp/six) | `1.16.0` | `1.17.0` |\n| [smart-open](https://github.com/piskvorky/smart_open) | `7.1.0` | `7.6.1` |\n| [soundfile](https://github.com/bastibe/python-soundfile) | `0.12.1` | `0.13.1` |\n| [structlog](https://github.com/hynek/structlog) | `25.4.0` | `25.5.0` |\n| [sympy](https://github.com/sympy/sympy) | `1.13.3` | `1.14.0` |\n| [tabulate](https://github.com/astanin/python-tabulate) | `0.9.0` | `0.10.0` |\n| [tensorizer](https://github.com/coreweave/tensorizer) | `2.10.1` | `2.12.1` |\n| [termcolor](https://github.com/termcolor/termcolor) | `3.1.0` | `3.3.0` |\n| [threadpoolctl](https://github.com/joblib/threadpoolctl) | `3.5.0` | `3.6.0` |\n| [tomli](https://github.com/hukkin/tomli) | `2.2.1` | `2.4.1` |\n| [triton](https://github.com/triton-lang/triton) | `3.6.0` | `3.7.0` |\n| [tritonclient](https://github.com/triton-inference-server/client) | `2.64.0` | `2.68.0` |\n| [typer](https://github.com/fastapi/typer) | `0.15.2` | `0.25.1` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.2.3` | `2.7.0` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.35.0` | `0.47.0` |\n| [vector-quantize-pytorch](https://github.com/lucidrains/vector-quantizer-pytorch) | `1.21.2` | `1.29.1` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.2.13` | `0.7.0` |\n| [xxhash](https://github.com/ifduyue/python-xxhash) | `3.5.0` | `3.7.0` |\n| [yarl](https://github.com/aio-libs/yarl) | `1.17.1` | `1.23.0` |\n| [conch-triton-kernels](https://github.com/stackav-oss/conch) | `1.2.1` | `1.3` |\n\n\nUpdates `regex` from 2026.2.28 to 2026.5.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt\"\u003eregex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eVersion: 2026.5.9\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eReverse matching with full unicode casefolding could lead to out-of-range string indexes.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.4.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eA fix for older Python versions before free-threading was  supported.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.4.3\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eMore fixes for free-threading.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.32\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed segfault.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.31\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed bug again.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.30\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed bug.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.28\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed version.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.27\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eVarious fixes, including ones to improve free-threading support.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.2.28\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eReplaced atomic operations with mutex on pattern object for free-threaded Python.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.2.26\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ePR [#598](https://github.com/mrabarnett/mrab-regex/issues/598): Fix race condition in storage caching with atomic operations.\n\u003cp\u003eReplaced use of PyUnicode_GET_LENGTH with PyUnicode_GetLength.\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eVersion: 2026.2.19\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eAdded \\z as alias of \\Z, like in re module.\n\u003cp\u003eAdded prefixmatch as alias of match, like in re module.\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eVersion: 2026.1.15\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/e57d185bb711729091907b23edac5dcba0426243\"\u003e\u003ccode\u003ee57d185\u003c/code\u003e\u003c/a\u003e Reverse matching with full unicode casefolding lead to out-of-range string in...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/bc57b04b00de68590345ac2eb621b9a8dd222d7d\"\u003e\u003ccode\u003ebc57b04\u003c/code\u003e\u003c/a\u003e A fix for older Python versions before free-threading was  supported.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/773e213b5d7a78806e795d2513a37345dc793e97\"\u003e\u003ccode\u003e773e213\u003c/code\u003e\u003c/a\u003e More fixes for free-threading.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/5d51c75da03116e08bb6fb537fae6d8c804cc92c\"\u003e\u003ccode\u003e5d51c75\u003c/code\u003e\u003c/a\u003e Fixed segfault.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2aff2db5542ec5b58705be6ddb7b69a99d3e38a8\"\u003e\u003ccode\u003e2aff2db\u003c/code\u003e\u003c/a\u003e Fixed bug again.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/16af8aed2b3211e90588d2ac96f7c588ed477b2c\"\u003e\u003ccode\u003e16af8ae\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2356563bbfd51b3986320a866c35a50b89833949\"\u003e\u003ccode\u003e2356563\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/f579e8ff60e2993a11cf4fd96748e4b7866c9fed\"\u003e\u003ccode\u003ef579e8f\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/55315a0497722898bed8286a596a64db698f498e\"\u003e\u003ccode\u003e55315a0\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/923d78e39b8ff92db67606be3bfbc2e595b6475a\"\u003e\u003ccode\u003e923d78e\u003c/code\u003e\u003c/a\u003e Various fixes, including ones to improve free-threading support.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mrabarnett/mrab-regex/compare/2026.2.28...2026.5.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.1\u003c/h2\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/k223kim\"\u003e\u003ccode\u003e@​k223kim\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7433\"\u003epsf/requests#7433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.0\u003c/h2\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. \u003cstrong\u003eWe believe types are comprehensive but if you find issues, please\nreport them to the \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003epinned tracking issue\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. We believe types are comprehensive but if you find issues, please\nreport them to the pinned tracking issue.\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\nproxy_bypass implementation has been updated with CPython's fix from\nbpo-39057. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer incorrectly strips duplicate leading slashes in\nURI paths. This should address user issues with specific presigned\nURLs. Note the full fix requires urllib3 2.7.0+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7315\"\u003e#7315\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/b7b549b54571d03950b16afd2d01bc6ff0348224\"\u003e\u003ccode\u003eb7b549b\u003c/code\u003e\u003c/a\u003e v2.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e511bc72777a94c45d004e010c597925092e1efe\"\u003e\u003ccode\u003ee511bc7\u003c/code\u003e\u003c/a\u003e Fix mutability issues with headers input types (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5691f596134c2feb121e595c77a0178921fcce61\"\u003e\u003ccode\u003e5691f59\u003c/code\u003e\u003c/a\u003e Update JsonType containers to read-based collections (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/2144213c307691710c9d665700860fc4993c3035\"\u003e\u003ccode\u003e2144213\u003c/code\u003e\u003c/a\u003e Constrain Response.reason to str (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6404f345e562d962abe6700a1c357ec1e7e18232\"\u003e\u003ccode\u003e6404f34\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eprepare_body\u003c/code\u003e stream detection for \u003ccode\u003e__getattr__\u003c/code\u003e-based file wrappers (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7\"\u003e#7\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0b401c76b6e80a4eecf3c690085b2553f6e261ca\"\u003e\u003ccode\u003e0b401c7\u003c/code\u003e\u003c/a\u003e v2.34.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/86b378d3f60f828daa13ca50aa82e287ff7b66b4\"\u003e\u003ccode\u003e86b378d\u003c/code\u003e\u003c/a\u003e Align Session.get parameters with requests.get (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7429\"\u003e#7429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a4f9a5999bdb9bf2d6e7c8aa973b28cacb17134f\"\u003e\u003ccode\u003ea4f9a59\u003c/code\u003e\u003c/a\u003e Port bpo-39057 to Requests (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `transformers` from 5.5.3 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/transformers/releases\"\u003etransformers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ePatch release v5.8.1\u003c/h1\u003e\n\u003cp\u003eThis release is mainly to fix the Deepseek V4 integration!!!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Add fatal_error to ContinuousBatchingManager so the serving... by \u003ca href=\"https://github.com/qgallouedec\"\u003e\u003ccode\u003e@​qgallouedec\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/remi-or\"\u003e\u003ccode\u003e@​remi-or\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix WeightConverter regex incorrectly matching shared_experts as experts by \u003ca href=\"https://github.com/silencelamb\"\u003e\u003ccode\u003e@​silencelamb\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix deepseek v4 by \u003ca href=\"https://github.com/ArthurZucker\"\u003e\u003ccode\u003e@​ArthurZucker\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45892\"\u003e#45892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDeepseek v4 csa mask collapse by \u003ca href=\"https://github.com/ArthurZucker\"\u003e\u003ccode\u003e@​ArthurZucker\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/Sawyer117\"\u003e\u003ccode\u003e@​Sawyer117\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45928\"\u003e#45928\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 5.8.0\u003c/h2\u003e\n\u003ch1\u003eRelease v5.8.0\u003c/h1\u003e\n\u003ch2\u003eNew Model additions\u003c/h2\u003e\n\u003ch3\u003eDeepSeek-V4\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eDeepSeek-V4 is the next-generation MoE (Mixture of Experts) language model from DeepSeek that introduces several architectural innovations over DeepSeek-V3. The architecture replaces Multi-head Latent Attention (MLA) with a hybrid local + long-range attention design, swaps residual connections for Manifold-Constrained Hyper-Connections (mHC), and bootstraps the first few MoE layers with a static token-id → expert-id hash table. This implementation covers DeepSeek-V4-Flash, DeepSeek-V4-Pro, and their -Base pretrained variants, which share the same architecture but differ in width, depth, expert count and weights.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/deepseek_v4\"\u003eDocumentation\u003c/a\u003e | \u003ca href=\"https://huggingface.co/deepseek-ai/DeepSeek-V4-Flash/blob/main/DeepSeek_V4.pdf\"\u003ePaper\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd DeepSeek V4 (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45643\"\u003e#45643\u003c/a\u003e) by \u003ca href=\"https://github.com/ArthurZucker\"\u003e\u003ccode\u003e@​ArthurZucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45643\"\u003e#45643\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eGemma 4 Assistant\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eGemma 4 Assistant is a small, text-only model that enables speculative decoding for Gemma 4 models using the Multi-Token Prediction (MTP) method and associated candidate generator. The model shares the same Gemma4TextModel backbone as other Gemma 4 models but uses KV sharing throughout the entire model, allowing it to reuse the KV cache populated by the target model and skip the pre-fill phase entirely. This architecture includes cross-attention to make the most of the target model's context, allowing the assistant to accurately predict more drafted tokens per drafting round.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/gemma4_assistant\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFirst model (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45788\"\u003e#45788\u003c/a\u003e) by \u003ca href=\"https://github.com/SindhuRaghuram97\"\u003e\u003ccode\u003e@​SindhuRaghuram97\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45788\"\u003e#45788\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eGraniteSpeechPlus\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eGranite Speech Plus is a variant of Granite Speech that enhances the projector by consuming the concatenation of the encoder's final hidden states with an arbitrary subset of its intermediate hidden states along the feature dimension. It is a multimodal speech-to-text model that can transcribe audio, provide speaker annotation and word level timestamps by responding to text prompts. The model inherits the same architecture components as Granite Speech including the speech encoder, query transformer projector, language model, and optional LoRA adapter.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/granite_speech_plus\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for a new Granite-Speech-Plus model (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45695\"\u003e#45695\u003c/a\u003e) by \u003ca href=\"https://github.com/zvik\"\u003e\u003ccode\u003e@​zvik\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45695\"\u003e#45695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eGranite4Vision\u003c/h3\u003e\n\u003cp\u003eGranite Vision 4.1 is a vision-language model from IBM Research designed for enterprise-grade document data extraction. It specializes in chart extraction (Chart2CSV, Chart2Summary, Chart2Code), table extraction (JSON, HTML, OTSL), and semantic key-value pair extraction. The model builds on LLaVA-NeXT with architectural innovations including SigLIP2 Vision Encoder, Window Q-Former Projectors, and DeepStack Feature Injection with 8 vision-to-LLM injection points.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/granite4_vision\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Granite 4.1 Vision (granite4_vision) (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45597\"\u003e#45597\u003c/a\u003e) by \u003ca href=\"https://github.com/artem-spector\"\u003e\u003ccode\u003e@​artem-spector\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45597\"\u003e#45597\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/cc832f9055ba11c8c55f918ab4bda9472b910d48\"\u003e\u003ccode\u003ecc832f9\u003c/code\u003e\u003c/a\u003e up\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/f966d7b36278c7ca15967af062c4556f8bf4eea4\"\u003e\u003ccode\u003ef966d7b\u003c/code\u003e\u003c/a\u003e Deepseek v4 csa mask collapse (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45928\"\u003e#45928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/283f3f08614c0ee09e0bdc60d57dbc4d8d37af39\"\u003e\u003ccode\u003e283f3f0\u003c/code\u003e\u003c/a\u003e Fix deepseek v4 (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45892\"\u003e#45892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/4e0be9c4c5f2edb62f2e28c28c4149d3b84a3ae0\"\u003e\u003ccode\u003e4e0be9c\u003c/code\u003e\u003c/a\u003e Fix WeightConverter regex incorrectly matching shared_experts as experts in D...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/ec852625706cbe9a1264949659dad82b43fafa57\"\u003e\u003ccode\u003eec85262\u003c/code\u003e\u003c/a\u003e [fix] Add \u003ccode\u003efatal_error\u003c/code\u003e to \u003ccode\u003eContinuousBatchingManager\u003c/code\u003e so the serving layer c...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/049d2bf1220747b6d39e2a978b9f5fe0defa1dca\"\u003e\u003ccode\u003e049d2bf\u003c/code\u003e\u003c/a\u003e v5.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/2871cafffb3b221b5f1df7e59033a15a7830309f\"\u003e\u003ccode\u003e2871caf\u003c/code\u003e\u003c/a\u003e Add Granite 4.1 Vision (granite4_vision) (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45597\"\u003e#45597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/aaec1092d413d0ea7249101ea43f74b5d6d60936\"\u003e\u003ccode\u003eaaec109\u003c/code\u003e\u003c/a\u003e fix: correct spelling in continuous_api docstring (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45749\"\u003e#45749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/7050d0e0bf5a97c7c0149c319681601373621eae\"\u003e\u003ccode\u003e7050d0e\u003c/code\u003e\u003c/a\u003e Fix link to modular transformers documentation (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45746\"\u003e#45746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/df2f2b539902c78db6a0f71fb2c175880e390576\"\u003e\u003ccode\u003edf2f2b5\u003c/code\u003e\u003c/a\u003e Gemma4: fix failed test cases (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45568\"\u003e#45568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/transformers/compare/v5.5.3...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tokenizers` from 0.22.2 to 0.23.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/tokenizers/releases\"\u003etokenizers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v0.23.1\u003c/h2\u003e\n\u003ch2\u003eTL;DR\u003c/h2\u003e\n\u003cp\u003e\u003ccode\u003etokenizers 0.23.1\u003c/code\u003e is the first proper stable release in the \u003ccode\u003e0.23\u003c/code\u003e line — \u003ccode\u003e0.23.0\u003c/code\u003e only ever shipped as \u003ccode\u003erc0\u003c/code\u003e because the release pipeline itself was broken (Node side hadn't shipped multi-platform binaries since 2023, Python side was on \u003ccode\u003epyo3 0.27\u003c/code\u003e without free-threaded support). \u003ccode\u003e0.23.1\u003c/code\u003e is the version where everything actually goes out the door together: full Node multi-platform wheels for the first time in years, Python 3.14 (regular \u003cstrong\u003eand\u003c/strong\u003e free-threaded \u003ccode\u003e3.14t\u003c/code\u003e), full type hints for every Python class, and a stack of measurable perf wins on the BPE / added-vocab hot paths.\u003c/p\u003e\n\u003cp\u003eThere is no functional \u003ccode\u003e0.23.0\u003c/code\u003e published — we tag \u003ccode\u003e0.23.1\u003c/code\u003e directly so users don't accidentally pull a never-shipped version.\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003e🚨 Breaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDrop Python 3.9\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1952\"\u003e#1952\u003c/a\u003e) — \u003ccode\u003erequires-python = \u0026quot;\u0026gt;=3.10\u0026quot;\u003c/code\u003e; 3.9 users stay on \u003ccode\u003e0.22.x\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eadd_tokens\u003c/code\u003e normalizes \u003ccode\u003econtent\u003c/code\u003e at insertion\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e) — re-saved \u003ccode\u003etokenizer.json\u003c/code\u003e may differ in the \u003ccode\u003eadded_tokens\u003c/code\u003e block. Existing files load unchanged.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType stubs are precise\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1928\"\u003e#1928\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1997\"\u003e#1997\u003c/a\u003e) — methods that returned \u003ccode\u003eAny\u003c/code\u003e now return real types; \u003ccode\u003emypy --strict\u003c/code\u003e may surface previously-hidden errors. Stub layout also moved from \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;/__init__.pyi\u003c/code\u003e to \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;.pyi\u003c/code\u003e. This breaks the surface of some of the processors like \u003ccode\u003eRobertaProcessign\u003c/code\u003e's \u003ccode\u003e__init__\u003c/code\u003e .\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e3.14t-only\u003c/strong\u003e: setters/getters return \u003ccode\u003ePyResult\u0026lt;T\u0026gt;\u003c/code\u003e because of \u003ccode\u003eArc\u0026lt;RwLock\u0026lt;Tokenizer\u0026gt;\u0026gt;\u003c/code\u003e; a poisoned lock surfaces as \u003ccode\u003ePyException\u003c/code\u003e instead of a panic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e⚡ Performance — measured locally on this Mac, not lifted from PRs\u003c/h2\u003e\n\u003cp\u003eRun with \u003ccode\u003ecargo bench --bench \u0026lt;name\u0026gt; -- --save-baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.22.2\u003c/code\u003e, then \u003ccode\u003e--baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.23.1\u003c/code\u003e. Numbers are point-in-time wall clock on a single laptop; relative deltas are what matters, absolute numbers will differ on CI hardware.\u003c/p\u003e\n\u003ch3\u003eAdded-vocabulary deserialize — the headline win (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1999\"\u003e#1999\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003e\u003ccode\u003ebench: improve added_vocab_deserialize to reflect real-world workloads\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2000\"\u003e#2000\u003c/a\u003e) is now representative of how transformers actually loads tokenizer.json files. The combined effect of \u003ccode\u003edaachorse\u003c/code\u003e for the matching automaton plus the normalize-on-insert refactor is enormous on this workload:\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~410 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e248 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.1 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e273 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~395 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e235 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.4 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e290 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e400k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~15 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e980 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−94%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eReal-world impact: loading a Llama-3-style tokenizer with a large set of added tokens dropped from \u0026quot;noticeable pause\u0026quot; to \u0026quot;instant\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eBPE encode\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch, no cache\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e530 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e446 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−16%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch\u003c/code\u003e (cached)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e690 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e685 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode\u003c/code\u003e (single)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.95 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.94 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (small)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e32.6 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e31.5 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−3%\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (big)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.01 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e988 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−2%\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eThe BPE per-thread cache PR (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e) shows much larger wins on highly-parallel workloads (+47–62% at 88+ threads on a server box, per the PR's own measurements on Vera). Single-thread batch numbers above are flat or slightly improved because cache-hit overhead was already low without contention.\u003c/p\u003e\n\u003ch3\u003eLlama-3 encode\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/7f1623b90b5adfb9bc327d4c3468d2f70bbce262\"\u003e\u003ccode\u003e7f1623b\u003c/code\u003e\u003c/a\u003e Bump version to 0.23.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bbe43ad73d8fc8932b9d0e657ddee3cd70c649a4\"\u003e\u003ccode\u003ebbe43ad\u003c/code\u003e\u003c/a\u003e ci: release workflow fixes (node + python) (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2043\"\u003e#2043\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/ab0c5d8fc13eb1c5001d9c06806635e2b5a42e9f\"\u003e\u003ccode\u003eab0c5d8\u003c/code\u003e\u003c/a\u003e Fix node release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2034\"\u003e#2034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/decd8e07dad15f296c0adc2bc3a560f62d3de2eb\"\u003e\u003ccode\u003edecd8e0\u003c/code\u003e\u003c/a\u003e bindings/python: free-threaded Python (3.14t) support (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/3992692d483bf3177219b52cb101b1bb055c18e6\"\u003e\u003ccode\u003e3992692\u003c/code\u003e\u003c/a\u003e update for release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bcdd25b97fcd78549903082ecf3ddd87d42c456b\"\u003e\u003ccode\u003ebcdd25b\u003c/code\u003e\u003c/a\u003e BPE cache: per-thread read-through cache to avoid RwLock atomics on hits (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/618eb383f43e207139eb5cdb9bca17796b5e9bd7\"\u003e\u003ccode\u003e618eb38\u003c/code\u003e\u003c/a\u003e Bump follow-redirects in /tokenizers/examples/unstable_wasm/www (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2024\"\u003e#2024\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/b6b1688bef2e87efc91af18edf7ac38b4d2dfbe6\"\u003e\u003ccode\u003eb6b1688\u003c/code\u003e\u003c/a\u003e chore: bump doc-builder SHA for PR upload workflow (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2025\"\u003e#2025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/19015d6b44aa3896626de5092e4171aed1b56d5b\"\u003e\u003ccode\u003e19015d6\u003c/code\u003e\u003c/a\u003e fix: use uvx --with cairosvg instead of uv pip install --system (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2021\"\u003e#2021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/efbcc68e321c364c8f9541f1c93a158df54d7da4\"\u003e\u003ccode\u003eefbcc68\u003c/code\u003e\u003c/a\u003e Ci benchmarks (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2019\"\u003e#2019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/tokenizers/compare/v0.22.2...v0.23.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastapi` from 0.128.0 to 0.136.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastapi/fastapi/releases\"\u003efastapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.136.1\u003c/h2\u003e\n\u003ch3\u003eUpgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆️ Update Pydantic v2 code to address deprecations. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15101\"\u003e#15101\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🔨 Tweak translation script. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15174\"\u003e#15174\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump mkdocs-material from 9.7.1 to 9.7.6. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15408\"\u003e#15408\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump inline-snapshot from 0.31.1 to 0.32.6. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15409\"\u003e#15409\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest-codspeed from 4.3.0 to 4.4.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15407\"\u003e#15407\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest-cov from 7.0.0 to 7.1.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15406\"\u003e#15406\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump cloudflare/wrangler-action from 3.14.1 to 3.15.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15405\"\u003e#15405\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump mypy from 1.19.1 to 1.20.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15410\"\u003e#15410\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump python-dotenv from 1.2.1 to 1.2.2. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15400\"\u003e#15400\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump starlette from 0.52.1 to 1.0.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15397\"\u003e#15397\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pygithub from 2.8.1 to 2.9.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15396\"\u003e#15396\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pyjwt from 2.12.0 to 2.12.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15393\"\u003e#15393\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump zizmor from 1.23.1 to 1.24.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15394\"\u003e#15394\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump strawberry-graphql from 0.312.3 to 0.314.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15395\"\u003e#15395\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump python-multipart from 0.0.22 to 0.0.26. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15360\"\u003e#15360\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump authlib from 1.6.9 to 1.6.11. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15373\"\u003e#15373\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump aiohttp from 3.13.3 to 3.13.4. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15282\"\u003e#15282\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pygments from 2.19.2 to 2.20.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15263\"\u003e#15263\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pymdown-extensions from 10.20.1 to 10.21.2. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15391\"\u003e#15391\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pillow from 12.1.1 to 12.2.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15333\"\u003e#15333\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest from 9.0.2 to 9.0.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15334\"\u003e#15334\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump actions/upload-artifact from 7.0.0 to 7.0.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15374\"\u003e#15374\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump actions/cache from 5.0.4 to 5.0.5. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15385\"\u003e#15385\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Update sponsors: remove Zuplo. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15369\"\u003e#15369\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Update sponsors: remove Speakeasy. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15368\"\u003e#15368\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔒️ Add zizmor and fix audit findings. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15316\"\u003e#15316\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.136.0\u003c/h2\u003e\n\u003ch3\u003eUpgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆️ Support free-threaded Python 3.14t. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15149\"\u003e#15149\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.135.4\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🔥 Remove April Fool's \u003ccode\u003e@app.vibe()\u003c/code\u003e 🤪. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15363\"\u003e#15363\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆ Bump cryptography from 46.0.5 to 46.0.7. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15314\"\u003e#15314\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump strawberry-graphql from 0.307.1 to 0.312.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15309\"\u003e#15309\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔨 Add pre-commit hook to ensure latest release header has date. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15293\"\u003e#15293\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.135.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/e54e5a8980ffa6d7ff68ee7b25a1c46036375521\"\u003e\u003ccode\u003ee54e5a8\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/9a8a5fd99902c3b80d4cc94b85e120e2b808825f\"\u003e\u003ccode\u003e9a8a5fd\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/7815a32f2ed177b8b786a48b3e0712c05b5c644f\"\u003e\u003ccode\u003e7815a32\u003c/code\u003e\u003c/a\u003e ⬆️ Update Pydantic v2 code to address deprecations (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15101\"\u003e#15101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/ef1c927b0558d414e199a666833942a6fabb3a51\"\u003e\u003ccode\u003eef1c927\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/38039e12a86e67f2001b9b7d96c219691d6cb4af\"\u003e\u003ccode\u003e38039e1\u003c/code\u003e\u003c/a\u003e 🔨 Tweak translation script (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15174\"\u003e#15174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/4fa826ce0a3b16884a04f51e5aac95d01790b599\"\u003e\u003ccode\u003e4fa826c\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c39415673e621665fdb7bbdde69beba7eb1dfd12\"\u003e\u003ccode\u003ec394156\u003c/code\u003e\u003c/a\u003e ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6 (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15408\"\u003e#15408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/ae230ad2f9d90a4e3f6222ff1a5d6e8da41ec0ad\"\u003e\u003ccode\u003eae230ad\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/d9eb39d1a1bf2f6e6e5d3a55088f61c712cb864e\"\u003e\u003ccode\u003ed9eb39d\u003c/code\u003e\u003c/a\u003e ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6 (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15409\"\u003e#15409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/4f8b5d14d324ae8e15cfae8d85adb4186d4c2175\"\u003e\u003ccode\u003e4f8b5d1\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastapi/fastapi/compare/0.128.0...0.136.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.12.0 to 2.13.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.4 2026-05-06\u003c/h2\u003e\n\u003ch2\u003ev2.13.4 (2026-05-06)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump libc from 0.2.155 to 0.2.185 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13109\"\u003e#13109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS by \u003ca href=\"https://github.com/washingtoneg\"\u003e\u003ccode\u003e@​washingtoneg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13147\"\u003e#13147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13129\"\u003e#13129\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.3 2026-04-20\u003c/h2\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.2 2026-04-17\u003c/h2\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.1 2026-04-15\u003c/h2\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.0 2026-04-13\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/v2.13.4/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.4 (2026-05-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump libc from 0.2.155 to 0.2.185 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13109\"\u003e#13109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS by \u003ca href=\"https://github.com/washingtoneg\"\u003e\u003ccode\u003e@​washingtoneg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13147\"\u003e#13147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13129\"\u003e#13129\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.3\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.2\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.1\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.0 (2026-04-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.0\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThe highlights of the v2.13 release are available in the \u003ca href=\"https://pydantic.dev/articles/pydantic-v2-13-release\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/cf67d4b3193c3fe43ede18612ed62785eee11382\"\u003e\u003ccode\u003ecf67d4b\u003c/code\u003e\u003c/a\u003e Fix linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/f0d8a214a5803036db46a56b1f62f1e56b81d662\"\u003e\u003ccode\u003ef0d8a21\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e3fe1d41a00f441204241c66078003ae0391f9a\"\u003e\u003ccode\u003e5e3fe1d\u003c/code\u003e\u003c/a\u003e Check for pydantic tag pattern in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/7f9edcc2a191d2eaa9751220eb910914e716a686\"\u003e\u003ccode\u003e7f9edcc\u003c/code\u003e\u003c/a\u003e Document tagging conventions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/b46a0c9b8a4dd967fda8ec1a92f6437076bf262c\"\u003e\u003ccode\u003eb46a0c9\u003c/code\u003e\u003c/a\u003e Adapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/50629c851e61d887d5420452c311ec6203f1f400\"\u003e\u003ccode\u003e50629c8\u003c/code\u003e\u003c/a\u003e Update to PyPy 7.3.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8522ebb71e5e9a6f7188af5f009f01785b8cf725\"\u003e\u003ccode\u003e8522ebb\u003c/code\u003e\u003c/a\u003e Preserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/a37f3aff090ca342dc5f48304889963530b993f8\"\u003e\u003ccode\u003ea37f3af\u003c/code\u003e\u003c/a\u003e Adapt \u003ccode\u003eMISSING\u003c/code\u003e sentinel test to work with unreleased \u003ccode\u003etyping_extensions\u003c/code\u003e ver...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/909259a9df660518033aa686b689f045a6eaf9d2\"\u003e\u003ccode\u003e909259a\u003c/code\u003e\u003c/a\u003e Remove Logfire example in documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/2c4174c366606fc2dc46cb806833a080aefa77df\"\u003e\u003ccode\u003e2c4174c\u003c/code\u003e\u003c/a\u003e Bump libc from 0.2.155 to 0.2.185\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.12.0...v2.13.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prometheus-client` from 0.22.0 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_python/releases\"\u003eprometheus-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix spaces in grouping key values for push_to_gateway by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1156\"\u003eprometheus/client_python#1156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport MultiProcessCollector in RestrictedRegistry by \u003ca href=\"https://github.com/mathias-kende\"\u003e\u003ccode\u003e@​mathias-kende\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1150\"\u003eprometheus/client_python#1150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Django] Pass correct registry to MultiProcessCollector by \u003ca href=\"https://github.com/jelly\"\u003e\u003ccode\u003e@​jelly\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1152\"\u003eprometheus/client_python#1152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd an AIOHTTP exporter by \u003ca href=\"https://github.com/Lexicality\"\u003e\u003ccode\u003e@​Lexicality\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1139\"\u003eprometheus/client_python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd remove_matching() method for metric label deletion by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1121\"\u003eprometheus/client_python#1121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(multiprocess): avoid double-building child metric names (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1035\"\u003e#1035\u003c/a\u003e) by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1146\"\u003eprometheus/client_python#1146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't interleave histogram metrics in multi-process collector by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1148\"\u003eprometheus/client_python#1148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax registry type annotations for exposition by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1149\"\u003eprometheus/client_python#1149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded compression support in pushgateway by \u003ca href=\"https://github.com/ritesh-avesha\"\u003e\u003ccode\u003e@​ritesh-avesha\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1144\"\u003eprometheus/client_python#1144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Django exporter (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1088\"\u003e#1088\u003c/a\u003e) by \u003ca href=\"https://github.com/Chadys\"\u003e\u003ccode\u003e@​Chadys\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1143\"\u003eprometheus/client_python#1143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use tuples instead of packaging Version by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUTF-8 Content Negotiation by \u003ca href=\"https://github.com/ywwg\"\u003e\u003ccode\u003e@​ywwg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1102\"\u003eprometheus/client_python#1102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRe include test data by \u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove parser performance by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1117\"\u003eprometheus/client_python#1117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support to \u003ccode\u003ewrite_to_textfile\u003c/code\u003e for custom tmpdir by \u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOM text exposition for NH by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1087\"\u003eprometheus/client_python#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug which caused metric publishing to not accept query string parameters in ASGI app by \u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1125\"\u003eprometheus/client_python#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEmit native histograms only when OM 2.0.0 is requested by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1128\"\u003eprometheus/client_python#1128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove space after comma in openmetrics exposition by \u003ca href=\"https://github.com/theSuess\"\u003e\u003ccode\u003e@​theSuess\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1132\"\u003eprometheus/client_python#1132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix issue parsing double spaces after # HELP/# TYPE by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1134\"\u003eprometheus/client_python#1134\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003c...\n\n_Description has been truncated_","html_url":"https://github.com/vllm-project/vllm/pull/42717","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vllm-project%2Fvllm/issues/42717","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/42717/packages"},{"uuid":"4374224451","node_id":"PR_kwDOI7xefs7X4umm","number":41606,"state":"closed","title":"Bump the minor-update group across 1 directory with 140 updates","user":"dependabot[bot]","labels":["rocm","ci/build","nvidia","dependencies"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":"2026-05-05T23:42:41.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-04T05:33:52.000Z","updated_at":"2026-05-05T23:42:43.000Z","time_to_close":151729,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"minor-update","update_count":140,"packages":[{"name":"regex","old_version":"2026.2.28","new_version":"2026.4.4","repository_url":"https://github.com/mrabarnett/mrab-regex"},{"name":"requests","old_version":"2.32.3","new_version":"2.33.1","repository_url":"https://github.com/psf/requests"},{"name":"transformers","old_version":"5.5.3","new_version":"5.7.0","repository_url":"https://github.com/huggingface/transformers"},{"name":"tokenizers","old_version":"0.22.2","new_version":"0.23.1","repository_url":"https://github.com/huggingface/tokenizers"},{"name":"fastapi","old_version":"0.128.0","new_version":"0.136.1","repository_url":"https://github.com/fastapi/fastapi"},{"name":"pydantic","old_version":"2.12.0","new_version":"2.13.3","repository_url":"https://github.com/pydantic/pydantic"},{"name":"prometheus-client","old_version":"0.22.0","new_version":"0.25.0","repository_url":"https://github.com/prometheus/client_python"},{"name":"lark","old_version":"1.2.2","new_version":"1.3.1","repository_url":"https://github.com/lark-parser/lark"},{"name":"filelock","old_version":"3.16.1","new_version":"3.29.0","repository_url":"https://github.com/tox-dev/py-filelock"},{"name":"opentelemetry-sdk","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-api","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"fastsafetensors","old_version":"0.2.2","new_version":"0.3","repository_url":"https://github.com/foundation-model-stack/fastsafetensors"},{"name":"absl-py","old_version":"2.1.0","new_version":"2.4.0","repository_url":"https://github.com/abseil/abseil-py"},{"name":"alembic","old_version":"1.16.4","new_version":"1.18.4","repository_url":"https://github.com/sqlalchemy/alembic"},{"name":"anyio","old_version":"4.6.2.post1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"argcomplete","old_version":"3.5.1","new_version":"3.6.3","repository_url":"https://github.com/kislyuk/argcomplete"},{"name":"arrow","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/arrow-py/arrow"},{"name":"audioread","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/beetbox/audioread"},{"name":"azure-core","old_version":"1.38.2","new_version":"1.40.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"blobfile","old_version":"3.0.0","new_version":"3.2.0","repository_url":"https://github.com/blobfile/blobfile"},{"name":"bm25s","old_version":"0.2.13","new_version":"0.3.8","repository_url":"https://github.com/xhluca/bm25s"},{"name":"boto3","old_version":"1.35.57","new_version":"1.43.3","repository_url":"https://github.com/boto/boto3"},{"name":"botocore","old_version":"1.35.57","new_version":"1.43.3","repository_url":"https://github.com/boto/botocore"},{"name":"click","old_version":"8.1.7","new_version":"8.3.3","repository_url":"https://github.com/pallets/click"},{"name":"coverage","old_version":"7.10.6","new_version":"7.13.5","repository_url":"https://github.com/coveragepy/coveragepy"},{"name":"cramjam","old_version":"2.9.0","new_version":"2.11.0","repository_url":"https://github.com/milesgranger/pyrus-cramjam"},{"name":"cuda-bindings","old_version":"13.0.3","new_version":"13.2.0","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-pathfinder","old_version":"1.3.3","new_version":"1.5.4","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-toolkit","old_version":"13.0.2","new_version":"13.2.1"},{"name":"datamodel-code-generator","old_version":"0.26.3","new_version":"0.56.1","repository_url":"https://github.com/koxudaxi/datamodel-code-generator"},{"name":"dataproperty","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/thombashi/DataProperty"},{"name":"decorator","old_version":"5.1.1","new_version":"5.2.1","repository_url":"https://github.com/micheles/decorator"},{"name":"dill","old_version":"0.3.8","new_version":"0.4.1","repository_url":"https://github.com/uqfoundation/dill"},{"name":"distlib","old_version":"0.3.9","new_version":"0.4.0","repository_url":"https://github.com/pypa/distlib"},{"name":"dnspython","old_version":"2.7.0","new_version":"2.8.0","repository_url":"https://github.com/rthalley/dnspython"},{"name":"einx","old_version":"0.3.0","new_version":"0.4.3","repository_url":"https://github.com/fferflo/einx"},{"name":"email-validator","old_version":"2.2.0","new_version":"2.3.0","repository_url":"https://github.com/JoshData/python-email-validator"},{"name":"fonttools","old_version":"4.55.0","new_version":"4.62.1","repository_url":"https://github.com/fonttools/fonttools"},{"name":"frozenlist","old_version":"1.5.0","new_version":"1.8.0","repository_url":"https://github.com/aio-libs/frozenlist"},{"name":"google-api-core","old_version":"2.24.2","new_version":"2.30.3","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-auth","old_version":"2.40.2","new_version":"2.50.0","repository_url":"https://github.com/googleapis/google-auth-library-python"},{"name":"google-cloud-core","old_version":"2.4.3","new_version":"2.5.1","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-cloud-storage","old_version":"3.4.0","new_version":"3.10.1","repository_url":"https://github.com/googleapis/python-storage"},{"name":"google-crc32c","old_version":"1.7.1","new_version":"1.8.0","repository_url":"https://github.com/googleapis/python-crc32c"},{"name":"google-resumable-media","old_version":"2.7.2","new_version":"2.8.2","repository_url":"https://github.com/googleapis/google-resumable-media-python"},{"name":"googleapis-common-protos","old_version":"1.70.0","new_version":"1.74.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"greenlet","old_version":"3.2.3","new_version":"3.5.0","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"grpcio","old_version":"1.78.0","new_version":"1.80.0","repository_url":"https://github.com/grpc/grpc"},{"name":"grpcio-reflection","old_version":"1.78.0","new_version":"1.80.0"},{"name":"h11","old_version":"0.14.0","new_version":"0.16.0","repository_url":"https://github.com/python-hyper/h11"},{"name":"harfile","old_version":"0.3.0","new_version":"0.4.0","repository_url":"https://github.com/schemathesis/harfile"},{"name":"hiredis","old_version":"3.0.0","new_version":"3.3.1","repository_url":"https://github.com/redis/hiredis-py"},{"name":"httpx","old_version":"0.27.2","new_version":"0.28.1","repository_url":"https://github.com/encode/httpx"},{"name":"huggingface-hub","old_version":"1.10.2","new_version":"1.13.0","repository_url":"https://github.com/huggingface/huggingface_hub"},{"name":"humanize","old_version":"4.11.0","new_version":"4.15.0","repository_url":"https://github.com/python-humanize/humanize"},{"name":"hypothesis","old_version":"6.131.0","new_version":"6.152.4","repository_url":"https://github.com/HypothesisWorks/hypothesis"},{"name":"hypothesis-graphql","old_version":"0.11.1","new_version":"0.12.0","repository_url":"https://github.com/Stranger6667/hypothesis-graphql"},{"name":"idna","old_version":"3.10","new_version":"3.13","repository_url":"https://github.com/kjd/idna"},{"name":"iniconfig","old_version":"2.0.0","new_version":"2.3.0","repository_url":"https://github.com/pytest-dev/iniconfig"},{"name":"jmespath","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/jmespath/jmespath.py"},{"name":"joblib","old_version":"1.4.2","new_version":"1.5.3","repository_url":"https://github.com/joblib/joblib"},{"name":"jsonpointer","old_version":"3.0.0","new_version":"3.1.1","repository_url":"https://github.com/stefankoegl/python-json-pointer"},{"name":"jsonschema","old_version":"4.23.0","new_version":"4.26.0","repository_url":"https://github.com/python-jsonschema/jsonschema"},{"name":"kiwisolver","old_version":"1.4.7","new_version":"1.5.0","repository_url":"https://github.com/nucleic/kiwi"},{"name":"lazy-loader","old_version":"0.4","new_version":"0.5","repository_url":"https://github.com/scientific-python/lazy-loader"},{"name":"librosa","old_version":"0.10.2.post1","new_version":"0.11.0","repository_url":"https://github.com/librosa/librosa"},{"name":"matplotlib","old_version":"3.9.2","new_version":"3.10.9","repository_url":"https://github.com/matplotlib/matplotlib"},{"name":"mpmath","old_version":"1.3.0","new_version":"1.4.1","repository_url":"https://github.com/mpmath/mpmath"},{"name":"msal","old_version":"1.34.0","new_version":"1.36.0","repository_url":"https://github.com/AzureAD/microsoft-authentication-library-for-python"},{"name":"mteb","old_version":"2.8.3","new_version":"2.12.30","repository_url":"https://github.com/embeddings-benchmark/mteb"},{"name":"multidict","old_version":"6.1.0","new_version":"6.7.1","repository_url":"https://github.com/aio-libs/multidict"},{"name":"mypy-extensions","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/python/mypy_extensions"},{"name":"networkx","old_version":"3.2.1","new_version":"3.4.2","repository_url":"https://github.com/networkx/networkx"},{"name":"nvidia-cublas","old_version":"13.1.0.3","new_version":"13.4.1.1"},{"name":"nvidia-cuda-cupti","old_version":"13.0.85","new_version":"13.2.75"},{"name":"nvidia-cuda-nvrtc","old_version":"13.0.88","new_version":"13.2.78"},{"name":"nvidia-cuda-runtime","old_version":"13.0.96","new_version":"13.2.75"},{"name":"nvidia-cudnn-cu13","old_version":"9.19.0.56","new_version":"9.21.1.3"},{"name":"nvidia-cufft","old_version":"12.0.0.61","new_version":"12.2.0.46"},{"name":"nvidia-cufile","old_version":"1.15.1.6","new_version":"1.17.1.22"},{"name":"nvidia-cusolver","old_version":"12.0.4.66","new_version":"12.2.0.1"},{"name":"nvidia-cusparse","old_version":"12.6.3.3","new_version":"12.7.10.1"},{"name":"nvidia-cusparselt-cu13","old_version":"0.8.0","new_version":"0.9.1"},{"name":"nvidia-nccl-cu13","old_version":"2.28.9","new_version":"2.30.4"},{"name":"nvidia-nvjitlink","old_version":"13.0.88","new_version":"13.2.78"},{"name":"nvidia-nvshmem-cu13","old_version":"3.4.5","new_version":"3.6.5"},{"name":"nvidia-nvtx","old_version":"13.0.85","new_version":"13.2.75"},{"name":"opentelemetry-exporter-prometheus","old_version":"0.56b0","new_version":"0.62b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-proto","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-semantic-conventions","old_version":"0.56b0","new_version":"0.62b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"pathvalidate","old_version":"3.2.1","new_version":"3.3.1","repository_url":"https://github.com/thombashi/pathvalidate"},{"name":"peft","old_version":"0.18.1","new_version":"0.19.1","repository_url":"https://github.com/huggingface/peft"},{"name":"perceptron","old_version":"0.1.4","new_version":"0.2.1","repository_url":"https://github.com/perceptron-ai-inc/perceptron"},{"name":"platformdirs","old_version":"4.3.6","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"pluggy","old_version":"1.5.0","new_version":"1.6.0","repository_url":"https://github.com/pytest-dev/pluggy"},{"name":"polars","old_version":"1.29.0","new_version":"1.40.1","repository_url":"https://github.com/pola-rs/polars"},{"name":"pooch","old_version":"1.8.2","new_version":"1.9.0","repository_url":"https://github.com/fatiando/pooch"},{"name":"propcache","old_version":"0.2.0","new_version":"0.4.1","repository_url":"https://github.com/aio-libs/propcache"},{"name":"proto-plus","old_version":"1.26.1","new_version":"1.27.2","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"pycryptodomex","old_version":"3.22.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"pydantic-core","old_version":"2.41.1","new_version":"2.46.3","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-extra-types","old_version":"2.10.5","new_version":"2.11.1","repository_url":"https://github.com/pydantic/pydantic-extra-types"},{"name":"pygments","old_version":"2.18.0","new_version":"2.20.0","repository_url":"https://github.com/pygments/pygments"},{"name":"pyjwt","old_version":"2.11.0","new_version":"2.12.1","repository_url":"https://github.com/jpadilla/pyjwt"},{"name":"pyparsing","old_version":"3.2.0","new_version":"3.3.2","repository_url":"https://github.com/pyparsing/pyparsing"},{"name":"pytest-mock","old_version":"3.14.0","new_version":"3.15.1","repository_url":"https://github.com/pytest-dev/pytest-mock"},{"name":"pytest-subtests","old_version":"0.14.1","new_version":"0.15.0","repository_url":"https://github.com/pytest-dev/pytest-subtests"},{"name":"pytest-timeout","old_version":"2.3.1","new_version":"2.4.0","repository_url":"https://github.com/pytest-dev/pytest-timeout"},{"name":"python-rapidjson","old_version":"1.20","new_version":"1.23","repository_url":"https://github.com/python-rapidjson/python-rapidjson"},{"name":"rapidfuzz","old_version":"3.12.1","new_version":"3.14.5","repository_url":"https://github.com/rapidfuzz/RapidFuzz"},{"name":"referencing","old_version":"0.35.1","new_version":"0.37.0","repository_url":"https://github.com/python-jsonschema/referencing"},{"name":"responses","old_version":"0.25.3","new_version":"0.26.0","repository_url":"https://github.com/getsentry/responses"},{"name":"rpds-py","old_version":"0.20.1","new_version":"0.30.0","repository_url":"https://github.com/crate-py/rpds"},{"name":"s3transfer","old_version":"0.10.3","new_version":"0.17.0","repository_url":"https://github.com/boto/s3transfer"},{"name":"sacrebleu","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/mjpost/sacrebleu"},{"name":"safetensors","old_version":"0.4.5","new_version":"0.7.0","repository_url":"https://github.com/huggingface/safetensors"},{"name":"scikit-learn","old_version":"1.5.2","new_version":"1.7.2","repository_url":"https://github.com/scikit-learn/scikit-learn"},{"name":"scipy","old_version":"1.13.1","new_version":"1.15.3","repository_url":"https://github.com/scipy/scipy"},{"name":"sentence-transformers","old_version":"5.2.0","new_version":"5.4.1","repository_url":"https://github.com/huggingface/sentence-transformers"},{"name":"six","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/benjaminp/six"},{"name":"smart-open","old_version":"7.1.0","new_version":"7.6.0","repository_url":"https://github.com/piskvorky/smart_open"},{"name":"soundfile","old_version":"0.12.1","new_version":"0.13.1","repository_url":"https://github.com/bastibe/python-soundfile"},{"name":"structlog","old_version":"25.4.0","new_version":"25.5.0","repository_url":"https://github.com/hynek/structlog"},{"name":"sympy","old_version":"1.13.3","new_version":"1.14.0","repository_url":"https://github.com/sympy/sympy"},{"name":"tabulate","old_version":"0.9.0","new_version":"0.10.0","repository_url":"https://github.com/astanin/python-tabulate"},{"name":"tblib","old_version":"3.1.0","new_version":"3.2.2","repository_url":"https://github.com/ionelmc/python-tblib"},{"name":"tensorizer","old_version":"2.10.1","new_version":"2.12.1","repository_url":"https://github.com/coreweave/tensorizer"},{"name":"termcolor","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/termcolor/termcolor"},{"name":"threadpoolctl","old_version":"3.5.0","new_version":"3.6.0","repository_url":"https://github.com/joblib/threadpoolctl"},{"name":"tomli","old_version":"2.2.1","new_version":"2.4.1","repository_url":"https://github.com/hukkin/tomli"},{"name":"tritonclient","old_version":"2.64.0","new_version":"2.68.0","repository_url":"https://github.com/triton-inference-server/client"},{"name":"typer","old_version":"0.15.2","new_version":"0.25.1","repository_url":"https://github.com/fastapi/typer"},{"name":"urllib3","old_version":"2.2.3","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.35.0","new_version":"0.46.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"vector-quantize-pytorch","old_version":"1.21.2","new_version":"1.28.2","repository_url":"https://github.com/lucidrains/vector-quantizer-pytorch"},{"name":"wcwidth","old_version":"0.2.13","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"xxhash","old_version":"3.5.0","new_version":"3.7.0","repository_url":"https://github.com/ifduyue/python-xxhash"},{"name":"yarl","old_version":"1.17.1","new_version":"1.23.0","repository_url":"https://github.com/aio-libs/yarl"},{"name":"zstandard","old_version":"0.23.0","new_version":"0.25.0","repository_url":"https://github.com/indygreg/python-zstandard"},{"name":"conch-triton-kernels","old_version":"1.2.1","new_version":"1.3","repository_url":"https://github.com/stackav-oss/conch"}],"path":null,"ecosystem":"pip"},"body":"Bumps the minor-update group with 140 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [regex](https://github.com/mrabarnett/mrab-regex) | `2026.2.28` | `2026.4.4` |\n| [requests](https://github.com/psf/requests) | `2.32.3` | `2.33.1` |\n| [transformers](https://github.com/huggingface/transformers) | `5.5.3` | `5.7.0` |\n| [tokenizers](https://github.com/huggingface/tokenizers) | `0.22.2` | `0.23.1` |\n| [fastapi](https://github.com/fastapi/fastapi) | `0.128.0` | `0.136.1` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.0` | `2.13.3` |\n| [prometheus-client](https://github.com/prometheus/client_python) | `0.22.0` | `0.25.0` |\n| [lark](https://github.com/lark-parser/lark) | `1.2.2` | `1.3.1` |\n| [filelock](https://github.com/tox-dev/py-filelock) | `3.16.1` | `3.29.0` |\n| [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [fastsafetensors](https://github.com/foundation-model-stack/fastsafetensors) | `0.2.2` | `0.3` |\n| [absl-py](https://github.com/abseil/abseil-py) | `2.1.0` | `2.4.0` |\n| [alembic](https://github.com/sqlalchemy/alembic) | `1.16.4` | `1.18.4` |\n| [anyio](https://github.com/agronholm/anyio) | `4.6.2.post1` | `4.13.0` |\n| [argcomplete](https://github.com/kislyuk/argcomplete) | `3.5.1` | `3.6.3` |\n| [arrow](https://github.com/arrow-py/arrow) | `1.3.0` | `1.4.0` |\n| [audioread](https://github.com/beetbox/audioread) | `3.0.1` | `3.1.0` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.38.2` | `1.40.0` |\n| [blobfile](https://github.com/blobfile/blobfile) | `3.0.0` | `3.2.0` |\n| [bm25s](https://github.com/xhluca/bm25s) | `0.2.13` | `0.3.8` |\n| [boto3](https://github.com/boto/boto3) | `1.35.57` | `1.43.3` |\n| [botocore](https://github.com/boto/botocore) | `1.35.57` | `1.43.3` |\n| [click](https://github.com/pallets/click) | `8.1.7` | `8.3.3` |\n| [coverage](https://github.com/coveragepy/coveragepy) | `7.10.6` | `7.13.5` |\n| [cramjam](https://github.com/milesgranger/pyrus-cramjam) | `2.9.0` | `2.11.0` |\n| [cuda-bindings](https://github.com/NVIDIA/cuda-python) | `13.0.3` | `13.2.0` |\n| [cuda-pathfinder](https://github.com/NVIDIA/cuda-python) | `1.3.3` | `1.5.4` |\n| [cuda-toolkit](https://developer.nvidia.com/cuda-toolkit) | `13.0.2` | `13.2.1` |\n| [datamodel-code-generator](https://github.com/koxudaxi/datamodel-code-generator) | `0.26.3` | `0.56.1` |\n| [dataproperty](https://github.com/thombashi/DataProperty) | `1.0.1` | `1.1.0` |\n| [decorator](https://github.com/micheles/decorator) | `5.1.1` | `5.2.1` |\n| [dill](https://github.com/uqfoundation/dill) | `0.3.8` | `0.4.1` |\n| [distlib](https://github.com/pypa/distlib) | `0.3.9` | `0.4.0` |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.7.0` | `2.8.0` |\n| [einx](https://github.com/fferflo/einx) | `0.3.0` | `0.4.3` |\n| [email-validator](https://github.com/JoshData/python-email-validator) | `2.2.0` | `2.3.0` |\n| [fonttools](https://github.com/fonttools/fonttools) | `4.55.0` | `4.62.1` |\n| [frozenlist](https://github.com/aio-libs/frozenlist) | `1.5.0` | `1.8.0` |\n| [google-api-core](https://github.com/googleapis/google-cloud-python) | `2.24.2` | `2.30.3` |\n| [google-auth](https://github.com/googleapis/google-auth-library-python) | `2.40.2` | `2.50.0` |\n| [google-cloud-core](https://github.com/googleapis/google-cloud-python) | `2.4.3` | `2.5.1` |\n| [google-cloud-storage](https://github.com/googleapis/python-storage) | `3.4.0` | `3.10.1` |\n| [google-crc32c](https://github.com/googleapis/python-crc32c) | `1.7.1` | `1.8.0` |\n| [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) | `2.7.2` | `2.8.2` |\n| [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.70.0` | `1.74.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.2.3` | `3.5.0` |\n| [grpcio](https://github.com/grpc/grpc) | `1.78.0` | `1.80.0` |\n| [grpcio-reflection](https://grpc.io) | `1.78.0` | `1.80.0` |\n| [h11](https://github.com/python-hyper/h11) | `0.14.0` | `0.16.0` |\n| [harfile](https://github.com/schemathesis/harfile) | `0.3.0` | `0.4.0` |\n| [hiredis](https://github.com/redis/hiredis-py) | `3.0.0` | `3.3.1` |\n| [httpx](https://github.com/encode/httpx) | `0.27.2` | `0.28.1` |\n| [huggingface-hub](https://github.com/huggingface/huggingface_hub) | `1.10.2` | `1.13.0` |\n| [humanize](https://github.com/python-humanize/humanize) | `4.11.0` | `4.15.0` |\n| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.131.0` | `6.152.4` |\n| [hypothesis-graphql](https://github.com/Stranger6667/hypothesis-graphql) | `0.11.1` | `0.12.0` |\n| [idna](https://github.com/kjd/idna) | `3.10` | `3.13` |\n| [iniconfig](https://github.com/pytest-dev/iniconfig) | `2.0.0` | `2.3.0` |\n| [jmespath](https://github.com/jmespath/jmespath.py) | `1.0.1` | `1.1.0` |\n| [joblib](https://github.com/joblib/joblib) | `1.4.2` | `1.5.3` |\n| [jsonpointer](https://github.com/stefankoegl/python-json-pointer) | `3.0.0` | `3.1.1` |\n| [jsonschema](https://github.com/python-jsonschema/jsonschema) | `4.23.0` | `4.26.0` |\n| [kiwisolver](https://github.com/nucleic/kiwi) | `1.4.7` | `1.5.0` |\n| [lazy-loader](https://github.com/scientific-python/lazy-loader) | `0.4` | `0.5` |\n| [librosa](https://github.com/librosa/librosa) | `0.10.2.post1` | `0.11.0` |\n| [matplotlib](https://github.com/matplotlib/matplotlib) | `3.9.2` | `3.10.9` |\n| [mpmath](https://github.com/mpmath/mpmath) | `1.3.0` | `1.4.1` |\n| [msal](https://github.com/AzureAD/microsoft-authentication-library-for-python) | `1.34.0` | `1.36.0` |\n| [mteb](https://github.com/embeddings-benchmark/mteb) | `2.8.3` | `2.12.30` |\n| [multidict](https://github.com/aio-libs/multidict) | `6.1.0` | `6.7.1` |\n| [mypy-extensions](https://github.com/python/mypy_extensions) | `1.0.0` | `1.1.0` |\n| [networkx](https://github.com/networkx/networkx) | `3.2.1` | `3.4.2` |\n| [nvidia-cublas](https://developer.nvidia.com/cuda-zone) | `13.1.0.3` | `13.4.1.1` |\n| [nvidia-cuda-cupti](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.2.75` |\n| [nvidia-cuda-nvrtc](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.2.78` |\n| [nvidia-cuda-runtime](https://developer.nvidia.com/cuda-zone) | `13.0.96` | `13.2.75` |\n| [nvidia-cudnn-cu13](https://developer.nvidia.com/cuda-zone) | `9.19.0.56` | `9.21.1.3` |\n| [nvidia-cufft](https://developer.nvidia.com/cuda-zone) | `12.0.0.61` | `12.2.0.46` |\n| [nvidia-cufile](https://developer.nvidia.com/cuda-zone) | `1.15.1.6` | `1.17.1.22` |\n| [nvidia-cusolver](https://developer.nvidia.com/cuda-zone) | `12.0.4.66` | `12.2.0.1` |\n| [nvidia-cusparse](https://developer.nvidia.com/cuda-zone) | `12.6.3.3` | `12.7.10.1` |\n| [nvidia-cusparselt-cu13](https://developer.nvidia.com/cusparselt) | `0.8.0` | `0.9.1` |\n| [nvidia-nccl-cu13](https://developer.nvidia.com/cuda-zone) | `2.28.9` | `2.30.4` |\n| [nvidia-nvjitlink](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.2.78` |\n| [nvidia-nvshmem-cu13](https://developer.nvidia.com/cuda-zone) | `3.4.5` | `3.6.5` |\n| [nvidia-nvtx](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.2.75` |\n| [opentelemetry-exporter-prometheus](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.62b1` |\n| [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.62b1` |\n| [pathvalidate](https://github.com/thombashi/pathvalidate) | `3.2.1` | `3.3.1` |\n| [peft](https://github.com/huggingface/peft) | `0.18.1` | `0.19.1` |\n| [perceptron](https://github.com/perceptron-ai-inc/perceptron) | `0.1.4` | `0.2.1` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.3.6` | `4.9.6` |\n| [pluggy](https://github.com/pytest-dev/pluggy) | `1.5.0` | `1.6.0` |\n| [polars](https://github.com/pola-rs/polars) | `1.29.0` | `1.40.1` |\n| [pooch](https://github.com/fatiando/pooch) | `1.8.2` | `1.9.0` |\n| [propcache](https://github.com/aio-libs/propcache) | `0.2.0` | `0.4.1` |\n| [proto-plus](https://github.com/googleapis/google-cloud-python) | `1.26.1` | `1.27.2` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.22.0` | `3.23.0` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.1` | `2.46.3` |\n| [pydantic-extra-types](https://github.com/pydantic/pydantic-extra-types) | `2.10.5` | `2.11.1` |\n| [pygments](https://github.com/pygments/pygments) | `2.18.0` | `2.20.0` |\n| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.11.0` | `2.12.1` |\n| [pyparsing](https://github.com/pyparsing/pyparsing) | `3.2.0` | `3.3.2` |\n| [pytest-mock](https://github.com/pytest-dev/pytest-mock) | `3.14.0` | `3.15.1` |\n| [pytest-subtests](https://github.com/pytest-dev/pytest-subtests) | `0.14.1` | `0.15.0` |\n| [pytest-timeout](https://github.com/pytest-dev/pytest-timeout) | `2.3.1` | `2.4.0` |\n| [python-rapidjson](https://github.com/python-rapidjson/python-rapidjson) | `1.20` | `1.23` |\n| [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) | `3.12.1` | `3.14.5` |\n| [referencing](https://github.com/python-jsonschema/referencing) | `0.35.1` | `0.37.0` |\n| [responses](https://github.com/getsentry/responses) | `0.25.3` | `0.26.0` |\n| [rpds-py](https://github.com/crate-py/rpds) | `0.20.1` | `0.30.0` |\n| [s3transfer](https://github.com/boto/s3transfer) | `0.10.3` | `0.17.0` |\n| [sacrebleu](https://github.com/mjpost/sacrebleu) | `2.4.3` | `2.6.0` |\n| [safetensors](https://github.com/huggingface/safetensors) | `0.4.5` | `0.7.0` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.5.2` | `1.7.2` |\n| [scipy](https://github.com/scipy/scipy) | `1.13.1` | `1.15.3` |\n| [sentence-transformers](https://github.com/huggingface/sentence-transformers) | `5.2.0` | `5.4.1` |\n| [six](https://github.com/benjaminp/six) | `1.16.0` | `1.17.0` |\n| [smart-open](https://github.com/piskvorky/smart_open) | `7.1.0` | `7.6.0` |\n| [soundfile](https://github.com/bastibe/python-soundfile) | `0.12.1` | `0.13.1` |\n| [structlog](https://github.com/hynek/structlog) | `25.4.0` | `25.5.0` |\n| [sympy](https://github.com/sympy/sympy) | `1.13.3` | `1.14.0` |\n| [tabulate](https://github.com/astanin/python-tabulate) | `0.9.0` | `0.10.0` |\n| [tblib](https://github.com/ionelmc/python-tblib) | `3.1.0` | `3.2.2` |\n| [tensorizer](https://github.com/coreweave/tensorizer) | `2.10.1` | `2.12.1` |\n| [termcolor](https://github.com/termcolor/termcolor) | `3.1.0` | `3.3.0` |\n| [threadpoolctl](https://github.com/joblib/threadpoolctl) | `3.5.0` | `3.6.0` |\n| [tomli](https://github.com/hukkin/tomli) | `2.2.1` | `2.4.1` |\n| [tritonclient](https://github.com/triton-inference-server/client) | `2.64.0` | `2.68.0` |\n| [typer](https://github.com/fastapi/typer) | `0.15.2` | `0.25.1` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.2.3` | `2.6.3` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.35.0` | `0.46.0` |\n| [vector-quantize-pytorch](https://github.com/lucidrains/vector-quantizer-pytorch) | `1.21.2` | `1.28.2` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.2.13` | `0.7.0` |\n| [xxhash](https://github.com/ifduyue/python-xxhash) | `3.5.0` | `3.7.0` |\n| [yarl](https://github.com/aio-libs/yarl) | `1.17.1` | `1.23.0` |\n| [zstandard](https://github.com/indygreg/python-zstandard) | `0.23.0` | `0.25.0` |\n| [conch-triton-kernels](https://github.com/stackav-oss/conch) | `1.2.1` | `1.3` |\n\n\nUpdates `regex` from 2026.2.28 to 2026.4.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/bc57b04b00de68590345ac2eb621b9a8dd222d7d\"\u003e\u003ccode\u003ebc57b04\u003c/code\u003e\u003c/a\u003e A fix for older Python versions before free-threading was  supported.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/773e213b5d7a78806e795d2513a37345dc793e97\"\u003e\u003ccode\u003e773e213\u003c/code\u003e\u003c/a\u003e More fixes for free-threading.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/5d51c75da03116e08bb6fb537fae6d8c804cc92c\"\u003e\u003ccode\u003e5d51c75\u003c/code\u003e\u003c/a\u003e Fixed segfault.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2aff2db5542ec5b58705be6ddb7b69a99d3e38a8\"\u003e\u003ccode\u003e2aff2db\u003c/code\u003e\u003c/a\u003e Fixed bug again.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/16af8aed2b3211e90588d2ac96f7c588ed477b2c\"\u003e\u003ccode\u003e16af8ae\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2356563bbfd51b3986320a866c35a50b89833949\"\u003e\u003ccode\u003e2356563\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/f579e8ff60e2993a11cf4fd96748e4b7866c9fed\"\u003e\u003ccode\u003ef579e8f\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/55315a0497722898bed8286a596a64db698f498e\"\u003e\u003ccode\u003e55315a0\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/923d78e39b8ff92db67606be3bfbc2e595b6475a\"\u003e\u003ccode\u003e923d78e\u003c/code\u003e\u003c/a\u003e Various fixes, including ones to improve free-threading support.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mrabarnett/mrab-regex/compare/2026.2.28...2026.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.33.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.1\u003c/h2\u003e\n\u003ch2\u003e2.33.1 (2026-03-30)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary\nfiles in the tmp directory. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7305\"\u003e#7305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed Content-Type header parsing for malformed values. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved error consistency for malformed header values. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7308\"\u003e#7308\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ferdnyc\"\u003e\u003ccode\u003e@​ferdnyc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7277\"\u003epsf/requests#7277\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.1 (2026-03-30)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary\nfiles in the tmp directory. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7305\"\u003e#7305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed Content-Type header parsing for malformed values. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved error consistency for malformed header values. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7308\"\u003e#7308\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/111d2b77790bf49943c0dfa09b365371c24aec7e\"\u003e\u003ccode\u003e111d2b7\u003c/code\u003e\u003c/a\u003e v2.33.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/f0198e6dfc431a2293dc16e1b1e8fcddc910a7f3\"\u003e\u003ccode\u003ef0198e6\u003c/code\u003e\u003c/a\u003e Fix malformed value parsing for Content-Type (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc7dd0fc4d56e808bcdd85ac2d797b3107c89259\"\u003e\u003ccode\u003ebc7dd0f\u003c/code\u003e\u003c/a\u003e Fix cosmetic header validity parsing regex (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7308\"\u003e#7308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/4443b1a847b190010c2972a658924b98b5db6360\"\u003e\u003ccode\u003e4443b1a\u003c/code\u003e\u003c/a\u003e Fix unintended test extra (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7306\"\u003e#7306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/389eea58dfb2f2ee096421a812e3af29c0298951\"\u003e\u003ccode\u003e389eea5\u003c/code\u003e\u003c/a\u003e Cleanup extracted file after extract_zipped_path test (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7305\"\u003e#7305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7407309c8a8a73aa2f4337184025d440bbedab7a\"\u003e\u003ccode\u003e7407309\u003c/code\u003e\u003c/a\u003e Packaging: DRY out extras definition (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7277\"\u003e#7277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.33.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `transformers` from 5.5.3 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/transformers/releases\"\u003etransformers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease v5.7.0\u003c/h1\u003e\n\u003ch2\u003eNew Model additions\u003c/h2\u003e\n\u003ch3\u003eLaguna\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eLaguna is Poolside's mixture-of-experts language model family that extends standard SwiGLU MoE transformers with two key innovations. It features per-layer head counts allowing different decoder layers to have different query-head counts while sharing the same KV cache shape, and implements a sigmoid MoE router with auxiliary-loss-free load balancing that uses element-wise sigmoid of gate logits plus learned per-expert bias for router scoring.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/laguna\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLaguna XS.2 implementation (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45673\"\u003e#45673\u003c/a\u003e) by \u003ca href=\"https://github.com/joerowell\"\u003e\u003ccode\u003e@​joerowell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45673\"\u003e#45673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDEIMv2\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eDEIMv2 (DETR with Improved Matching v2) is a real-time object detection model that extends DEIM with DINOv3 features and spans eight model sizes from X to Atto for diverse deployment scenarios. It uses a Spatial Tuning Adapter (STA) for larger variants to convert DINOv3's single-scale output into multi-scale features, while ultra-lightweight models employ pruned HGNetv2 backbones. The unified design achieves superior performance-cost trade-offs, with DEIMv2-X reaching 57.8 AP with only 50.3M parameters and DEIMv2-S being the first sub-10M model to exceed 50 AP on COCO.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/deimv2\"\u003eDocumentation\u003c/a\u003e | \u003ca href=\"https://huggingface.co/papers/2509.20787\"\u003ePaper\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emodel: Add DEIMv2 to Transformers (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44339\"\u003e#44339\u003c/a\u003e) by \u003ca href=\"https://github.com/harshaljanjani\"\u003e\u003ccode\u003e@​harshaljanjani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/44339\"\u003e#44339\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAttention\u003c/h2\u003e\n\u003cp\u003eSeveral attention-related bugs were fixed across multiple models, including a cross-attention cache type error in T5Gemma2 for long inputs, incorrect cached forward behavior in Qwen3.5's gated-delta-net linear attention, and a crash in GraniteMoeHybrid when no Mamba layers are present. Attention function dispatch was also updated to align with the latest model implementations.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix cross-attention cache layer type for T5Gemma2 long inputs (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45540\"\u003e#45540\u003c/a\u003e) by \u003ca href=\"https://github.com/Beichen-Ma\"\u003e\u003ccode\u003e@​Beichen-Ma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45540\"\u003e#45540\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Qwen3.5] Fix GDN linear attention multi-token cached forward (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45513\"\u003e#45513\u003c/a\u003e) by \u003ca href=\"https://github.com/kashif\"\u003e\u003ccode\u003e@​kashif\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45513\"\u003e#45513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix GraniteMoeHybrid _update_mamba_mask crash on attention-only models (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45514\"\u003e#45514\u003c/a\u003e) by \u003ca href=\"https://github.com/tianhaocui\"\u003e\u003ccode\u003e@​tianhaocui\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45514\"\u003e#45514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign latest model attention function dispatch (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45598\"\u003e#45598\u003c/a\u003e) by \u003ca href=\"https://github.com/Cyrilvallez\"\u003e\u003ccode\u003e@​Cyrilvallez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45598\"\u003e#45598\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTokenizers\u003c/h2\u003e\n\u003cp\u003eThere was a bug in AutoTokenizer that caused the wrong tokenizer class to be initialized. This caused regressions in models like DeepSeek R1.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003echange got reverted (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45680\"\u003e#45680\u003c/a\u003e) by \u003ca href=\"https://github.com/itazap\"\u003e\u003ccode\u003e@​itazap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45680\"\u003e#45680\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGeneration\u003c/h2\u003e\n\u003cp\u003eContinuous batching generation received several fixes and improvements, including correcting KV deduplication and memory estimation for long sequences (16K+), and removing misleading warnings about \u003ccode\u003enum_return_sequences\u003c/code\u003e and other unsupported features that were incorrectly firing even when functionality worked correctly. Documentation for per-request sampling parameters was also added.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003egenerate: drop stale num_return_sequences warning on continuous batching path (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45582\"\u003e#45582\u003c/a\u003e) by \u003ca href=\"https://github.com/joaquinhuigomez\"\u003e\u003ccode\u003e@​joaquinhuigomez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45582\"\u003e#45582\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/6ffbb07f93d9e44457450d1150136309b0dc966b\"\u003e\u003ccode\u003e6ffbb07\u003c/code\u003e\u003c/a\u003e v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/18e7fd752e6fa7dd4ff8b828ff8f3aec5b0882ae\"\u003e\u003ccode\u003e18e7fd7\u003c/code\u003e\u003c/a\u003e change got reverted (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45680\"\u003e#45680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/2dff8f76f48abd7dd31b8dc156046509887d3cf1\"\u003e\u003ccode\u003e2dff8f7\u003c/code\u003e\u003c/a\u003e v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/93bed93e7518444cce442a89c78008fa0a21c963\"\u003e\u003ccode\u003e93bed93\u003c/code\u003e\u003c/a\u003e fixing more typos (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45689\"\u003e#45689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/a29e9675a864e2c7854a4d0f574589a8db1dac2e\"\u003e\u003ccode\u003ea29e967\u003c/code\u003e\u003c/a\u003e [docs] cb memory management (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45587\"\u003e#45587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/2d01799735d455f745b9c53d5a9d2eebdd7be569\"\u003e\u003ccode\u003e2d01799\u003c/code\u003e\u003c/a\u003e [docs] cpu offloading (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45660\"\u003e#45660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/4aba7167e328965caadcdfc6834b982037889f86\"\u003e\u003ccode\u003e4aba716\u003c/code\u003e\u003c/a\u003e docs(README_zh-hans): clarify conditions for not using Transformers (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45688\"\u003e#45688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/f4fc6d013864f5389b6518787438cf55359613d1\"\u003e\u003ccode\u003ef4fc6d0\u003c/code\u003e\u003c/a\u003e fix padding side issue for fast_vlm tests (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45592\"\u003e#45592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/5d7ff4393ab99aa7cadf4cccd1f814dbb799f2bb\"\u003e\u003ccode\u003e5d7ff43\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003ex_clip\u003c/code\u003e: 8 failed test cases (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45394\"\u003e#45394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/aadc005711da266af1f75c33185172af9d9f19bf\"\u003e\u003ccode\u003eaadc005\u003c/code\u003e\u003c/a\u003e zero_shot_object_detection ValueError fix for python 3.13 (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45669\"\u003e#45669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/transformers/compare/v5.5.3...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tokenizers` from 0.22.2 to 0.23.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/tokenizers/releases\"\u003etokenizers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v0.23.1\u003c/h2\u003e\n\u003ch2\u003eTL;DR\u003c/h2\u003e\n\u003cp\u003e\u003ccode\u003etokenizers 0.23.1\u003c/code\u003e is the first proper stable release in the \u003ccode\u003e0.23\u003c/code\u003e line — \u003ccode\u003e0.23.0\u003c/code\u003e only ever shipped as \u003ccode\u003erc0\u003c/code\u003e because the release pipeline itself was broken (Node side hadn't shipped multi-platform binaries since 2023, Python side was on \u003ccode\u003epyo3 0.27\u003c/code\u003e without free-threaded support). \u003ccode\u003e0.23.1\u003c/code\u003e is the version where everything actually goes out the door together: full Node multi-platform wheels for the first time in years, Python 3.14 (regular \u003cstrong\u003eand\u003c/strong\u003e free-threaded \u003ccode\u003e3.14t\u003c/code\u003e), full type hints for every Python class, and a stack of measurable perf wins on the BPE / added-vocab hot paths.\u003c/p\u003e\n\u003cp\u003eThere is no functional \u003ccode\u003e0.23.0\u003c/code\u003e published — we tag \u003ccode\u003e0.23.1\u003c/code\u003e directly so users don't accidentally pull a never-shipped version.\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003e🚨 Breaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDrop Python 3.9\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1952\"\u003e#1952\u003c/a\u003e) — \u003ccode\u003erequires-python = \u0026quot;\u0026gt;=3.10\u0026quot;\u003c/code\u003e; 3.9 users stay on \u003ccode\u003e0.22.x\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eadd_tokens\u003c/code\u003e normalizes \u003ccode\u003econtent\u003c/code\u003e at insertion\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e) — re-saved \u003ccode\u003etokenizer.json\u003c/code\u003e may differ in the \u003ccode\u003eadded_tokens\u003c/code\u003e block. Existing files load unchanged.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType stubs are precise\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1928\"\u003e#1928\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1997\"\u003e#1997\u003c/a\u003e) — methods that returned \u003ccode\u003eAny\u003c/code\u003e now return real types; \u003ccode\u003emypy --strict\u003c/code\u003e may surface previously-hidden errors. Stub layout also moved from \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;/__init__.pyi\u003c/code\u003e to \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;.pyi\u003c/code\u003e. This breaks the surface of some of the processors like \u003ccode\u003eRobertaProcessign\u003c/code\u003e's \u003ccode\u003e__init__\u003c/code\u003e .\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e3.14t-only\u003c/strong\u003e: setters/getters return \u003ccode\u003ePyResult\u0026lt;T\u0026gt;\u003c/code\u003e because of \u003ccode\u003eArc\u0026lt;RwLock\u0026lt;Tokenizer\u0026gt;\u0026gt;\u003c/code\u003e; a poisoned lock surfaces as \u003ccode\u003ePyException\u003c/code\u003e instead of a panic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e⚡ Performance — measured locally on this Mac, not lifted from PRs\u003c/h2\u003e\n\u003cp\u003eRun with \u003ccode\u003ecargo bench --bench \u0026lt;name\u0026gt; -- --save-baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.22.2\u003c/code\u003e, then \u003ccode\u003e--baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.23.1\u003c/code\u003e. Numbers are point-in-time wall clock on a single laptop; relative deltas are what matters, absolute numbers will differ on CI hardware.\u003c/p\u003e\n\u003ch3\u003eAdded-vocabulary deserialize — the headline win (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1999\"\u003e#1999\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003e\u003ccode\u003ebench: improve added_vocab_deserialize to reflect real-world workloads\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2000\"\u003e#2000\u003c/a\u003e) is now representative of how transformers actually loads tokenizer.json files. The combined effect of \u003ccode\u003edaachorse\u003c/code\u003e for the matching automaton plus the normalize-on-insert refactor is enormous on this workload:\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~410 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e248 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.1 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e273 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~395 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e235 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.4 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e290 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e400k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~15 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e980 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−94%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eReal-world impact: loading a Llama-3-style tokenizer with a large set of added tokens dropped from \u0026quot;noticeable pause\u0026quot; to \u0026quot;instant\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eBPE encode\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch, no cache\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e530 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e446 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−16%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch\u003c/code\u003e (cached)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e690 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e685 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode\u003c/code\u003e (single)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.95 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.94 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (small)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e32.6 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e31.5 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−3%\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (big)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.01 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e988 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−2%\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eThe BPE per-thread cache PR (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e) shows much larger wins on highly-parallel workloads (+47–62% at 88+ threads on a server box, per the PR's own measurements on Vera). Single-thread batch numbers above are flat or slightly improved because cache-hit overhead was already low without contention.\u003c/p\u003e\n\u003ch3\u003eLlama-3 encode\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/7f1623b90b5adfb9bc327d4c3468d2f70bbce262\"\u003e\u003ccode\u003e7f1623b\u003c/code\u003e\u003c/a\u003e Bump version to 0.23.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bbe43ad73d8fc8932b9d0e657ddee3cd70c649a4\"\u003e\u003ccode\u003ebbe43ad\u003c/code\u003e\u003c/a\u003e ci: release workflow fixes (node + python) (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2043\"\u003e#2043\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/ab0c5d8fc13eb1c5001d9c06806635e2b5a42e9f\"\u003e\u003ccode\u003eab0c5d8\u003c/code\u003e\u003c/a\u003e Fix node release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2034\"\u003e#2034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/decd8e07dad15f296c0adc2bc3a560f62d3de2eb\"\u003e\u003ccode\u003edecd8e0\u003c/code\u003e\u003c/a\u003e bindings/python: free-threaded Python (3.14t) support (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/3992692d483bf3177219b52cb101b1bb055c18e6\"\u003e\u003ccode\u003e3992692\u003c/code\u003e\u003c/a\u003e update for release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bcdd25b97fcd78549903082ecf3ddd87d42c456b\"\u003e\u003ccode\u003ebcdd25b\u003c/code\u003e\u003c/a\u003e BPE cache: per-thread read-through cache to avoid RwLock atomics on hits (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/618eb383f43e207139eb5cdb9bca17796b5e9bd7\"\u003e\u003ccode\u003e618eb38\u003c/code\u003e\u003c/a\u003e Bump follow-redirects in /tokenizers/examples/unstable_wasm/www (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2024\"\u003e#2024\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/b6b1688bef2e87efc91af18edf7ac38b4d2dfbe6\"\u003e\u003ccode\u003eb6b1688\u003c/code\u003e\u003c/a\u003e chore: bump doc-builder SHA for PR upload workflow (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2025\"\u003e#2025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/19015d6b44aa3896626de5092e4171aed1b56d5b\"\u003e\u003ccode\u003e19015d6\u003c/code\u003e\u003c/a\u003e fix: use uvx --with cairosvg instead of uv pip install --system (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2021\"\u003e#2021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/efbcc68e321c364c8f9541f1c93a158df54d7da4\"\u003e\u003ccode\u003eefbcc68\u003c/code\u003e\u003c/a\u003e Ci benchmarks (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2019\"\u003e#2019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/tokenizers/compare/v0.22.2...v0.23.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastapi` from 0.128.0 to 0.136.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastapi/fastapi/releases\"\u003efastapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.136.1\u003c/h2\u003e\n\u003ch3\u003eUpgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆️ Update Pydantic v2 code to address deprecations. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15101\"\u003e#15101\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🔨 Tweak translation script. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15174\"\u003e#15174\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump mkdocs-material from 9.7.1 to 9.7.6. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15408\"\u003e#15408\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump inline-snapshot from 0.31.1 to 0.32.6. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15409\"\u003e#15409\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest-codspeed from 4.3.0 to 4.4.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15407\"\u003e#15407\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest-cov from 7.0.0 to 7.1.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15406\"\u003e#15406\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump cloudflare/wrangler-action from 3.14.1 to 3.15.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15405\"\u003e#15405\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump mypy from 1.19.1 to 1.20.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15410\"\u003e#15410\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump python-dotenv from 1.2.1 to 1.2.2. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15400\"\u003e#15400\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump starlette from 0.52.1 to 1.0.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15397\"\u003e#15397\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pygithub from 2.8.1 to 2.9.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15396\"\u003e#15396\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pyjwt from 2.12.0 to 2.12.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15393\"\u003e#15393\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump zizmor from 1.23.1 to 1.24.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15394\"\u003e#15394\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump strawberry-graphql from 0.312.3 to 0.314.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15395\"\u003e#15395\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump python-multipart from 0.0.22 to 0.0.26. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15360\"\u003e#15360\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump authlib from 1.6.9 to 1.6.11. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15373\"\u003e#15373\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump aiohttp from 3.13.3 to 3.13.4. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15282\"\u003e#15282\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pygments from 2.19.2 to 2.20.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15263\"\u003e#15263\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pymdown-extensions from 10.20.1 to 10.21.2. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15391\"\u003e#15391\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pillow from 12.1.1 to 12.2.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15333\"\u003e#15333\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest from 9.0.2 to 9.0.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15334\"\u003e#15334\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump actions/upload-artifact from 7.0.0 to 7.0.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15374\"\u003e#15374\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump actions/cache from 5.0.4 to 5.0.5. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15385\"\u003e#15385\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Update sponsors: remove Zuplo. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15369\"\u003e#15369\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Update sponsors: remove Speakeasy. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15368\"\u003e#15368\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔒️ Add zizmor and fix audit findings. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15316\"\u003e#15316\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.136.0\u003c/h2\u003e\n\u003ch3\u003eUpgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆️ Support free-threaded Python 3.14t. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15149\"\u003e#15149\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.135.4\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🔥 Remove April Fool's \u003ccode\u003e@app.vibe()\u003c/code\u003e 🤪. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15363\"\u003e#15363\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆ Bump cryptography from 46.0.5 to 46.0.7. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15314\"\u003e#15314\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump strawberry-graphql from 0.307.1 to 0.312.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15309\"\u003e#15309\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔨 Add pre-commit hook to ensure latest release header has date. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15293\"\u003e#15293\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.135.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/e54e5a8980ffa6d7ff68ee7b25a1c46036375521\"\u003e\u003ccode\u003ee54e5a8\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/9a8a5fd99902c3b80d4cc94b85e120e2b808825f\"\u003e\u003ccode\u003e9a8a5fd\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/7815a32f2ed177b8b786a48b3e0712c05b5c644f\"\u003e\u003ccode\u003e7815a32\u003c/code\u003e\u003c/a\u003e ⬆️ Update Pydantic v2 code to address deprecations (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15101\"\u003e#15101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/ef1c927b0558d414e199a666833942a6fabb3a51\"\u003e\u003ccode\u003eef1c927\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/38039e12a86e67f2001b9b7d96c219691d6cb4af\"\u003e\u003ccode\u003e38039e1\u003c/code\u003e\u003c/a\u003e 🔨 Tweak translation script (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15174\"\u003e#15174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/4fa826ce0a3b16884a04f51e5aac95d01790b599\"\u003e\u003ccode\u003e4fa826c\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c39415673e621665fdb7bbdde69beba7eb1dfd12\"\u003e\u003ccode\u003ec394156\u003c/code\u003e\u003c/a\u003e ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6 (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15408\"\u003e#15408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/ae230ad2f9d90a4e3f6222ff1a5d6e8da41ec0ad\"\u003e\u003ccode\u003eae230ad\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/d9eb39d1a1bf2f6e6e5d3a55088f61c712cb864e\"\u003e\u003ccode\u003ed9eb39d\u003c/code\u003e\u003c/a\u003e ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6 (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15409\"\u003e#15409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/4f8b5d14d324ae8e15cfae8d85adb4186d4c2175\"\u003e\u003ccode\u003e4f8b5d1\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastapi/fastapi/compare/0.128.0...0.136.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.12.0 to 2.13.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.3 2026-04-20\u003c/h2\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.2 2026-04-17\u003c/h2\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.1 2026-04-15\u003c/h2\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.0 2026-04-13\u003c/h2\u003e\n\u003ch2\u003ev2.13.0 (2026-04-13)\u003c/h2\u003e\n\u003cp\u003eThe highlights of the v2.13 release are available in the \u003ca href=\"https://pydantic.dev/articles/pydantic-v2-13-release\"\u003eblog post\u003c/a\u003e.\nSeveral minor changes (considered non-breaking changes according to our \u003ca href=\"https://pydantic.dev/docs/validation/2.13/get-started/version-policy/#pydantic-v2\"\u003eversioning policy\u003c/a\u003e) are also included in this release. Make sure to look into them before upgrading.\u003c/p\u003e\n\u003cp\u003eThis release contains the updated \u003ccode\u003epydantic.v1\u003c/code\u003e namespace, matching version 1.10.26 which includes support for Python 3.14.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003eSee the beta releases for all changes sinces 2.12.\u003c/p\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd zizmor for GitHub Actions workflow linting by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13039\"\u003e#13039\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate jiter to v0.14.0 to fix a segmentation fault on musl Linux by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13064\"\u003e#13064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.3\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.2\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.1\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.0 (2026-04-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.0\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThe highlights of the v2.13 release are available in the \u003ca href=\"https://pydantic.dev/articles/pydantic-v2-13-release\"\u003eblog post\u003c/a\u003e.\nSeveral minor changes (considered non-breaking changes according to our \u003ca href=\"https://pydantic.dev/docs/validation/2.13/get-started/version-policy/#pydantic-v2\"\u003eversioning policy\u003c/a\u003e)\nare also included in this release. Make sure to look into them before upgrading.\u003c/p\u003e\n\u003cp\u003eThis release contains the updated \u003ccode\u003epydantic.v1\u003c/code\u003e namespace, matching version 1.10.26 which includes support for Python 3.14.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003eSee the beta releases for all changes sinces 2.12.\u003c/p\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow default factories of private attributes to take validated model data by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13013\"\u003e#13013\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/9e9a11132c980c4ec84ff6d2df06d4c1a55ca8f3\"\u003e\u003ccode\u003e9e9a111\u003c/code\u003e\u003c/a\u003e Fix backported test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1ec8c6aa0cae1c78409c6f31af738a24e16c7124\"\u003e\u003ccode\u003e1ec8c6a\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/fb4f2044436e9fa4ff9745479ce263016a99c4d6\"\u003e\u003ccode\u003efb4f204\u003c/code\u003e\u003c/a\u003e Handle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/ca3ddd1149bd3b14273922a29da174804496a055\"\u003e\u003ccode\u003eca3ddd1\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/000e823a3ab7545b0c6064fde34effdcd02044ab\"\u003e\u003ccode\u003e000e823\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/d45d8be3ffb6dfc6d0c64da6980140c91ff841fb\"\u003e\u003ccode\u003ed45d8be\u003c/code\u003e\u003c/a\u003e Prepare release 2.13.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/54aca609ce58e73dfe1c681d93432fbe3a4621da\"\u003e\u003ccode\u003e54aca60\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/46bf4fa648af3a1fbf4603a37f210e9d9c618357\"\u003e\u003ccode\u003e46bf4fa\u003c/code\u003e\u003c/a\u003e Fix Pydantic release workflow (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/13067\"\u003e#13067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b359edab09c623464d23c6fd2503ae5ff276d43\"\u003e\u003ccode\u003e1b359ed\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.0 (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/13065\"\u003e#13065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/b1bf19445d8ac144a7a0e82674d2d87eebab6c18\"\u003e\u003ccode\u003eb1bf194\u003c/code\u003e\u003c/a\u003e Fix model equality when using runtime \u003ccode\u003eextra\u003c/code\u003e configuration (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/13062\"\u003e#13062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.12.0...v2.13.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prometheus-client` from 0.22.0 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_python/releases\"\u003eprometheus-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix spaces in grouping key values for push_to_gateway by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1156\"\u003eprometheus/client_python#1156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport MultiProcessCollector in RestrictedRegistry by \u003ca href=\"https://github.com/mathias-kende\"\u003e\u003ccode\u003e@​mathias-kende\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1150\"\u003eprometheus/client_python#1150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Django] Pass correct registry to MultiProcessCollector by \u003ca href=\"https://github.com/jelly\"\u003e\u003ccode\u003e@​jelly\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1152\"\u003eprometheus/client_python#1152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd an AIOHTTP exporter by \u003ca href=\"https://github.com/Lexicality\"\u003e\u003ccode\u003e@​Lexicality\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1139\"\u003eprometheus/client_python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd remove_matching() method for metric label deletion by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1121\"\u003eprometheus/client_python#1121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(multiprocess): avoid double-building child metric names (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1035\"\u003e#1035\u003c/a\u003e) by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1146\"\u003eprometheus/client_python#1146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't interleave histogram metrics in multi-process collector by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1148\"\u003eprometheus/client_python#1148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax registry type annotations for exposition by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1149\"\u003eprometheus/client_python#1149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded compression support in pushgateway by \u003ca href=\"https://github.com/ritesh-avesha\"\u003e\u003ccode\u003e@​ritesh-avesha\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1144\"\u003eprometheus/client_python#1144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Django exporter (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1088\"\u003e#1088\u003c/a\u003e) by \u003ca href=\"https://github.com/Chadys\"\u003e\u003ccode\u003e@​Chadys\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1143\"\u003eprometheus/client_python#1143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use tuples instead of packaging Version by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUTF-8 Content Negotiation by \u003ca href=\"https://github.com/ywwg\"\u003e\u003ccode\u003e@​ywwg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1102\"\u003eprometheus/client_python#1102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRe include test data by \u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove parser performance by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1117\"\u003eprometheus/client_python#1117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support to \u003ccode\u003ewrite_to_textfile\u003c/code\u003e for custom tmpdir by \u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOM text exposition for NH by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1087\"\u003eprometheus/client_python#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug which caused metric publishing to not accept query string parameters in ASGI app by \u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1125\"\u003eprometheus/client_python#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEmit native histograms only when OM 2.0.0 is requested by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1128\"\u003eprometheus/client_python#1128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove space after comma in openmetrics exposition by \u003ca href=\"https://github.com/theSuess\"\u003e\u003ccode\u003e@​theSuess\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1132\"\u003eprometheus/client_python#1132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix issue parsing double spaces after # HELP/# TYPE by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1134\"\u003eprometheus/client_python#1134\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1125\"\u003eprometheus/client_python#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theSuess\"\u003e\u003ccode\u003e@​theSuess\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1132\"\u003eprometheus/client_python#1132\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.22.1...v0.23.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.22.1...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/2cd1738fb880fd0e6aa9a02ec48585128388a6cd\"\u003e\u003ccode\u003e2cd1738\u003c/code\u003e\u003c/a\u003e Release 0.25.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/daa1626eaf705318013b708954499b0a049088c8\"\u003e\u003ccode\u003edaa1626\u003c/code\u003e\u003c/a\u003e docs: add API reference for all metric types  (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1159\"\u003e#1159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/8673912276bdca7ddbca5d163eb11422b546bffb\"\u003e\u003ccode\u003e8673912\u003c/code\u003e\u003c/a\u003e Support MultiProcessCollector in RestrictedRegistry. (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1150\"\u003e#1150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/671f75c6f1f04838995fadd57cda21beee01838b\"\u003e\u003ccode\u003e671f75c\u003c/code\u003e\u003c/a\u003e Fix spaces in grouping key values for push_to_gateway (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/1cf53feae63b6ecb0bd76eee80582a0fba957e09\"\u003e\u003ccode\u003e1cf53fe\u003c/code\u003e\u003c/a\u003e Fix server shutdown documentation (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1155\"\u003e#1155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/a8541354519d04852d24688845f1d2d495eef59c\"\u003e\u003ccode\u003ea854135\u003c/code\u003e\u003c/a\u003e Migrate to Github Actions (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1153\"\u003e#1153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/f417f6ea8f058165a1934e368fed245e91aafc14\"\u003e\u003ccode\u003ef417f6e\u003c/code\u003e\u003c/a\u003e Release 0.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/6f0e967c1f7a408b75861d6833a8d303874be95d\"\u003e\u003ccode\u003e6f0e967\u003c/code\u003e\u003c/a\u003e Pass correct registry to MultiProcessCollector (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1152\"\u003e#1152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/c5024d310fbfcba45a5e9db62e337a3a7930ea16\"\u003e\u003ccode\u003ec5024d3\u003c/code\u003e\u003c/a\u003e Release 0.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/e1cdc203b1cf5f15c7b9a64d79fccc7907a62ca3\"\u003e\u003ccode\u003ee1cdc20\u003c/code\u003e\u003c/a\u003e Add Django exporter (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1088\"\u003e#1088\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1143\"\u003e#1143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"...\n\n_Description has been truncated_","html_url":"https://github.com/vllm-project/vllm/pull/41606","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vllm-project%2Fvllm/issues/41606","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/41606/packages"},{"uuid":"4372624195","node_id":"PR_kwDOR7Q0Q87Xz0G3","number":48,"state":"closed","title":"chore(deps): bump pycryptodomex from 3.20.0 to 3.23.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-04T06:08:42.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-03T18:33:33.000Z","updated_at":"2026-05-04T06:08:44.000Z","time_to_close":41709,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"pycryptodomex","old_version":"3.20.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.20.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.21.0 - Bourdeaux\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\nthe GMP library will not be used even if detected.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\nwith the canonical name of the curve.\u003c/li\u003e\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\ncontain any of the optional elements\n(parameters [0] and publicKey[1]).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.21.0 (30 September 2024)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\nthe GMP library will not be used even if detected.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\nwith the canonical name of the curve.\u003c/li\u003e\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.20.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.20.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/however-yir/yourrag/pull/48","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/however-yir%2Fyourrag/issues/48","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/48/packages"},{"uuid":"3985140269","node_id":"PR_kwDOOvuMPs7GAdPD","number":11,"state":"closed","title":"chore(deps): bump the pip group across 6 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-01T14:47:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-24T18:15:20.000Z","updated_at":"2026-03-01T14:47:57.000Z","time_to_close":419555,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":13,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"azure-core","old_version":"1.27.0","new_version":"1.38.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 2 updates in the /api directory: [urllib3](https://github.com/urllib3/urllib3) and [requests](https://github.com/psf/requests).\nBumps the pip group with 3 updates in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [python-multipart](https://github.com/Kludex/python-multipart).\nBumps the pip group with 8 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.27.0` | `1.38.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 4 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic), [certifi](https://github.com/certifi/python-certifi) and [sentencepiece](https://github.com/google/sentencepiece).\nBumps the pip group with 1 update in the /ee/quickwit directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 5 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.22` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0` |\n\n\nUpdates `urllib3` from 2.3.0 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.3.0 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `python-multipart` from 0.0.20 to 0.0.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Kludex/python-multipart/releases\"\u003epython-multipart's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 0.0.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop directory path from filename in \u003ccode\u003eFile\u003c/code\u003e \u003ca href=\"https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4\"\u003e9433f4b\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22\"\u003ehttps://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 0.0.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.14 and drop EOL 3.8 and 3.9 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Kludex/python-multipart/pull/216\"\u003eKludex/python-multipart#216\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/waketzheng\"\u003e\u003ccode\u003e@​waketzheng\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Kludex/python-multipart/pull/203\"\u003eKludex/python-multipart#203\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Kludex/python-multipart/compare/0.0.20...0.0.21\"\u003ehttps://github.com/Kludex/python-multipart/compare/0.0.20...0.0.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md\"\u003epython-multipart's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.0.22 (2026-01-25)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop directory path from filename in \u003ccode\u003eFile\u003c/code\u003e \u003ca href=\"https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4\"\u003e9433f4b\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.0.21 (2025-12-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.14 and drop EOL 3.8 and 3.9 \u003ca href=\"https://redirect.github.com/Kludex/python-multipart/pull/216\"\u003e#216\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/bea7bbb2904da8ce39123a845088dc72464eaddf\"\u003e\u003ccode\u003ebea7bbb\u003c/code\u003e\u003c/a\u003e Version 0.0.22 (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/0fb59a9df0f273bfde99740b302ccb2ae45e2b8a\"\u003e\u003ccode\u003e0fb59a9\u003c/code\u003e\u003c/a\u003e chore: add return type on test (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/221\"\u003e#221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4\"\u003e\u003ccode\u003e9433f4b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/d5c91ecb0aa1cae03fe2d9811d193c952e714f17\"\u003e\u003ccode\u003ed5c91ec\u003c/code\u003e\u003c/a\u003e Bump the github-actions group with 2 updates (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/219\"\u003e#219\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/5a90631b484f8d3284b691d453c24be3db57f5cb\"\u003e\u003ccode\u003e5a90631\u003c/code\u003e\u003c/a\u003e bump uv (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/218\"\u003e#218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/1f72955602445706b5517a6f58a720796ad3d96a\"\u003e\u003ccode\u003e1f72955\u003c/code\u003e\u003c/a\u003e Version 0.0.21 (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/217\"\u003e#217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/47ecfed3533ed8dcafd800508dbf594438fd0949\"\u003e\u003ccode\u003e47ecfed\u003c/code\u003e\u003c/a\u003e Add support for Python 3.14 and drop EOL 3.8 and 3.9 (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/f18b70941b727c947f7e6b17e1c3321f5ad3afb6\"\u003e\u003ccode\u003ef18b709\u003c/code\u003e\u003c/a\u003e Bump the github-actions group across 1 directory with 4 updates (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/b388e9a7a82605cc8613798926afe8f6074cb372\"\u003e\u003ccode\u003eb388e9a\u003c/code\u003e\u003c/a\u003e chore: use depedency-groups in \u003ccode\u003epyproject.toml\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/212\"\u003e#212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/6113e750971918a51f79c3bb2585e95ed1c53245\"\u003e\u003ccode\u003e6113e75\u003c/code\u003e\u003c/a\u003e Bump the github-actions group across 1 directory with 3 updates (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Kludex/python-multipart/compare/0.0.20...0.0.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure-core` from 1.27.0 to 1.38.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/releases\"\u003eazure-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eazure-core_1.38.0\u003c/h2\u003e\n\u003ch2\u003e1.38.0 (2026-01-12)\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the continuation token format. Continuation tokens generated by previous versions of azure-core are not compatible with this version.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6d2e6431ea0991861640e449e51e894247a7771a\"\u003e\u003ccode\u003e6d2e643\u003c/code\u003e\u003c/a\u003e update release date (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44609\"\u003e#44609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/ca2b965d8cce6eaa135fe01804b96164b56b7f16\"\u003e\u003ccode\u003eca2b965\u003c/code\u003e\u003c/a\u003e [Core] Prep release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44590\"\u003e#44590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fb8cbea1b9d85135f7ba99bfc6cbc2f3cee138ff\"\u003e\u003ccode\u003efb8cbea\u003c/code\u003e\u003c/a\u003e Introduce new version of continuation token (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44574\"\u003e#44574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6578a78f6a7429bbe73e27ebe904d7f362d7efa2\"\u003e\u003ccode\u003e6578a78\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44398\"\u003e#44398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/a69a3c26f3a3ed0c9e5a888d991ad447754ad00b\"\u003e\u003ccode\u003ea69a3c2\u003c/code\u003e\u003c/a\u003e add example to demo how to use truststore (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44343\"\u003e#44343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/5ade1087ec6a425d7639eefcff206ceffdf3d48f\"\u003e\u003ccode\u003e5ade108\u003c/code\u003e\u003c/a\u003e Bumping the targeted \u003ccode\u003ehttpx\u003c/code\u003e for \u003ccode\u003eazure-core-experimental\u003c/code\u003e dev reqs (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44328\"\u003e#44328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/cbb1db62711eae72aca1b2bbeedcbd7e02d21109\"\u003e\u003ccode\u003ecbb1db6\u003c/code\u003e\u003c/a\u003e [core] add tests and fix backcompat functions (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/4adcc524b09e09e4916f1280a32f9802cc798788\"\u003e\u003ccode\u003e4adcc52\u003c/code\u003e\u003c/a\u003e [Core] Support timeout error in requests+aiohttp transports (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43201\"\u003e#43201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fd709673eacbebc1107d998f217a131fa3394326\"\u003e\u003ccode\u003efd70967\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43435\"\u003e#43435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/b52527cdfdeff6b6aab4b93a87d4402b1403ce89\"\u003e\u003ccode\u003eb52527c\u003c/code\u003e\u003c/a\u003e [Core] Update TypeHandlerRegistry typing (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43393\"\u003e#43393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/compare/azure-core_1.27.0...azure-core_1.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix...\n\n_Description has been truncated_","html_url":"https://github.com/ssushant0011/openreplay/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssushant0011%2Fopenreplay/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"},{"uuid":"3928846244","node_id":"PR_kwDOFZ_7pM7DIC3S","number":4339,"state":"open","title":"chore(deps): bump the pip group across 4 directories with 14 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-11T21:53:16.000Z","updated_at":"2026-02-11T21:53:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":14,"packages":[{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"azure-core","old_version":"1.27.0","new_version":"1.38.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 8 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.27.0` | `1.38.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.3` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 4 updates in the /ee/intelligent_search directory: [certifi](https://github.com/certifi/python-certifi), [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [sentencepiece](https://github.com/google/sentencepiece).\nBumps the pip group with 6 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.3` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.22` |\n| [apache-airflow](https://github.com/apache/airflow) | `2.8.2` | `3.0.6` |\n\nBumps the pip group with 1 update in the /ee/recommendation/ml_trainer directory: [apache-airflow](https://github.com/apache/airflow).\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure-core` from 1.27.0 to 1.38.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/releases\"\u003eazure-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eazure-core_1.38.0\u003c/h2\u003e\n\u003ch2\u003e1.38.0 (2026-01-12)\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the continuation token format. Continuation tokens generated by previous versions of azure-core are not compatible with this version.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eazure-core_1.37.0\u003c/h2\u003e\n\u003ch2\u003e1.37.0 (2025-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eget_backcompat_attr_name\u003c/code\u003e to \u003ccode\u003eazure.core.serialization\u003c/code\u003e. \u003ccode\u003eget_backcompat_attr_name\u003c/code\u003e gets the backcompat name of an attribute using backcompat attribute access.  \u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6d2e6431ea0991861640e449e51e894247a7771a\"\u003e\u003ccode\u003e6d2e643\u003c/code\u003e\u003c/a\u003e update release date (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44609\"\u003e#44609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/ca2b965d8cce6eaa135fe01804b96164b56b7f16\"\u003e\u003ccode\u003eca2b965\u003c/code\u003e\u003c/a\u003e [Core] Prep release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44590\"\u003e#44590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fb8cbea1b9d85135f7ba99bfc6cbc2f3cee138ff\"\u003e\u003ccode\u003efb8cbea\u003c/code\u003e\u003c/a\u003e Introduce new version of continuation token (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44574\"\u003e#44574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6578a78f6a7429bbe73e27ebe904d7f362d7efa2\"\u003e\u003ccode\u003e6578a78\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44398\"\u003e#44398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/a69a3c26f3a3ed0c9e5a888d991ad447754ad00b\"\u003e\u003ccode\u003ea69a3c2\u003c/code\u003e\u003c/a\u003e add example to demo how to use truststore (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44343\"\u003e#44343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/5ade1087ec6a425d7639eefcff206ceffdf3d48f\"\u003e\u003ccode\u003e5ade108\u003c/code\u003e\u003c/a\u003e Bumping the targeted \u003ccode\u003ehttpx\u003c/code\u003e for \u003ccode\u003eazure-core-experimental\u003c/code\u003e dev reqs (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44328\"\u003e#44328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/cbb1db62711eae72aca1b2bbeedcbd7e02d21109\"\u003e\u003ccode\u003ecbb1db6\u003c/code\u003e\u003c/a\u003e [core] add tests and fix backcompat functions (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/4adcc524b09e09e4916f1280a32f9802cc798788\"\u003e\u003ccode\u003e4adcc52\u003c/code\u003e\u003c/a\u003e [Core] Support timeout error in requests+aiohttp transports (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43201\"\u003e#43201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fd709673eacbebc1107d998f217a131fa3394326\"\u003e\u003ccode\u003efd70967\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43435\"\u003e#43435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/b52527cdfdeff6b6aab4b93a87d4402b1403ce89\"\u003e\u003ccode\u003eb52527c\u003c/code\u003e\u003c/a\u003e [Core] Update TypeHandlerRegistry typing (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43393\"\u003e#43393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/compare/azure-core_1.27.0...azure-core_1.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.12...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke White]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChore: publish inline type annotations (\u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/224\"\u003e#224\u003c/a\u003e) [James Dow, James Dow]\u003c/p\u003e\n\u003cp\u003eAllow inline type hints to be packaged and distributed\nfollowing PEP561 specification\n\u003ca href=\"https://peps.python.org/pep-0561/#specification\"\u003ehttps://peps.python.org/pep-0561/#specification\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2 (2024-06-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTemporarily reverted the following commit which caused connection\nfailure for some Docker containers when SSL was enabled:\n“refactor(Connection): explicitly use TLS protocol for underlying\nconnection socket. previously TLS protocol was used by default.\nresolves deprecation warnings in Python 3.11\u0026quot; [Brooke White]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1 (2024-04-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix(auth, AdfsCredentialsProvider): Fixes a login issue that did not\nallow the loginToRp connection parameter in the\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5bbd061b03cbe555dbc783f44f716bcf8b4864c4\"\u003e\u003ccode\u003e5bbd061\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/8fb2f227b9a89bcd1e4184c171f3f8eb86252d5a\"\u003e\u003ccode\u003e8fb2f22\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/f9c0e493ece174c6c615f7a3d0dd2a7e98c305cf\"\u003e\u003ccode\u003ef9c0e49\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/632c5bf24a95c407ddbaf8d8265b71942e2dfcdc\"\u003e\u003ccode\u003e632c5bf\u003c/code\u003e\u003c/a\u003e fix: Modifying ssl_insecure connection parameter to be False by default.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5c6963f31bd3ec7a3283d36898cf9d095fbbfbd1\"\u003e\u003ccode\u003e5c6963f\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/845ed842e5c5c7621e798e6ea41febc91666e647\"\u003e\u003ccode\u003e845ed84\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/ea7df8aec96ac287e5406639d934cb3ea5e48301\"\u003e\u003ccode\u003eea7df8a\u003c/code\u003e\u003c/a\u003e Fix: Expending the cache cleanup triggers by adding DROP \u0026amp; ROLLBACK into the ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/bd3af3a76be3ef7443c21712ce645cadb287cf16\"\u003e\u003ccode\u003ebd3af3a\u003c/code\u003e\u003c/a\u003e Take version from loaded package when metadata are missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/dd8b334b6f98883bea7e6afe303c3dd0236e5af6\"\u003e\u003ccode\u003edd8b334\u003c/code\u003e\u003c/a\u003e Update changelog for version 2.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/287359102590d8a4d8181708febc9792fc487e27\"\u003e\u003ccode\u003e2873591\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/compare/v2.0.915...v2.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2023.7.22 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.3.0 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0 2023-09-25\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate pydantic-core to 2.10.0 by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBase64Url\u003c/code\u003e types by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7286\"\u003e#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement optional \u003ccode\u003enumber\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e coercion by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7508\"\u003e#7508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow access to \u003ccode\u003efield_name\u003c/code\u003e and \u003ccode\u003edata\u003c/code\u003e in all validators if there is data and a field name by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eBaseModel.model_validate_strings\u003c/code\u003e and \u003ccode\u003eTypeAdapter.validate_strings\u003c/code\u003e by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7552\"\u003e#7552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Pydantic \u003ccode\u003eplugins\u003c/code\u003e experimental implementation by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/6820\"\u003e#6820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDo not override \u003ccode\u003emodel_post_init\u003c/code\u003e in subclass with private attrs by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7302\"\u003e#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake fields with defaults not required in the serialization schema by default by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7275\"\u003e#7275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003eExtra\u003c/code\u003e as deprecated by \u003ca href=\"https://github.com/disrupted\"\u003e\u003ccode\u003e@​disrupted\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7299\"\u003e#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eEncodedStr\u003c/code\u003e a dataclass by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7396\"\u003e#7396\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003eannotated_handlers\u003c/code\u003e to be public by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7569\"\u003e#7569\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003ePerformance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSimplify flattening and inlining of \u003ccode\u003eCoreSchema\u003c/code\u003e by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7523\"\u003e#7523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused copies in \u003ccode\u003eCoreSchema\u003c/code\u003e walking by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7528\"\u003e#7528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd caches for collecting definitions and invalid schemas from a CoreSchema by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7527\"\u003e#7527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEagerly resolve discriminated unions and cache cases where we can't by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7529\"\u003e#7529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003edict.get\u003c/code\u003e and \u003ccode\u003edict.setdefault\u003c/code\u003e with more verbose versions in \u003ccode\u003eCoreSchema\u003c/code\u003e building hot paths by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7536\"\u003e#7536\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache invalid \u003ccode\u003eCoreSchema\u003c/code\u003e discovery by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7535\"\u003e#7535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow disabling \u003ccode\u003eCoreSchema\u003c/code\u003e validation for faster startup times by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7565\"\u003e#7565\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix config detection for \u003ccode\u003eTypedDict\u003c/code\u003e from grandparent classes by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7272\"\u003e#7272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix hash function generation for frozen models with unusual MRO by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7274\"\u003e#7274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003estrict\u003c/code\u003e config overridable in field for Path by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7281\"\u003e#7281\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eser_json_\u0026lt;timedelta|bytes\u0026gt;\u003c/code\u003e on default in \u003ccode\u003eGenerateJsonSchema\u003c/code\u003e by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7269\"\u003e#7269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding a check that alias is validated as an identifier for Python by \u003ca href=\"https://github.com/andree0\"\u003e\u003ccode\u003e@​andree0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7319\"\u003e#7319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise an error when computed field overrides field by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7346\"\u003e#7346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix applying \u003ccode\u003eSkipValidation\u003c/code\u003e to referenced schemas by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7381\"\u003e#7381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnforce behavior of private attributes having double leading underscore by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7265\"\u003e#7265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStandardize \u003ccode\u003e__get_pydantic_core_schema__\u003c/code\u003e signature by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7415\"\u003e#7415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix generic dataclass fields mutation bug (when using \u003ccode\u003eTypeAdapter\u003c/code\u003e) by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7435\"\u003e#7435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e on \u003ccode\u003emodel_validator\u003c/code\u003e in \u003ccode\u003ewrap\u003c/code\u003e mode by \u003ca href=\"https://github.com/pmmmwh\"\u003e\u003ccode\u003e@​pmmmwh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7496\"\u003e#7496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove enum error message by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7506\"\u003e#7506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003erepr\u003c/code\u003e work for instances that failed initialization when handling \u003ccode\u003eValidationError\u003c/code\u003es by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7439\"\u003e#7439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a regular expression denial of service issue by limiting whitespaces by \u003ca href=\"https://github.com/prodigysml\"\u003e\u003ccode\u003e@​prodigysml\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7360\"\u003e#7360\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix handling of \u003ccode\u003eUUID\u003c/code\u003e values having \u003ccode\u003eUUID.version=None\u003c/code\u003e by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7566\"\u003e#7566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0 (2023-09-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.4.0\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate pydantic-core to 2.10.0 by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBase64Url\u003c/code\u003e types by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7286\"\u003e#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement optional \u003ccode\u003enumber\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e coercion by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7508\"\u003e#7508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow access to \u003ccode\u003efield_name\u003c/code\u003e and \u003ccode\u003edata\u003c/code\u003e in all validators if there is data and a field name by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.git...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/4339","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/4339","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4339/packages"},{"uuid":"3838865912","node_id":"PR_kwDOFZ_7pM6-e7iL","number":4217,"state":"open","title":"chore(deps): bump the pip group across 5 directories with 12 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-21T15:47:22.000Z","updated_at":"2026-01-22T16:02:00.458Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":12,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"azure-core","old_version":"1.27.0","new_version":"1.38.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the /api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 1 update in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 8 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.27.0` | `1.38.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 5 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0` |\n\n\nUpdates `urllib3` from 2.6.2 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.6.2 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure-core` from 1.27.0 to 1.38.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/releases\"\u003eazure-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eazure-core_1.38.0\u003c/h2\u003e\n\u003ch2\u003e1.38.0 (2026-01-12)\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the continuation token format. Continuation tokens generated by previous versions of azure-core are not compatible with this version.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eazure-core_1.37.0\u003c/h2\u003e\n\u003ch2\u003e1.37.0 (2025-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eget_backcompat_attr_name\u003c/code\u003e to \u003ccode\u003eazure.core.serialization\u003c/code\u003e. \u003ccode\u003eget_backcompat_attr_name\u003c/code\u003e gets the backcompat name of an attribute using backcompat attribute access.  \u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6d2e6431ea0991861640e449e51e894247a7771a\"\u003e\u003ccode\u003e6d2e643\u003c/code\u003e\u003c/a\u003e update release date (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44609\"\u003e#44609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/ca2b965d8cce6eaa135fe01804b96164b56b7f16\"\u003e\u003ccode\u003eca2b965\u003c/code\u003e\u003c/a\u003e [Core] Prep release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44590\"\u003e#44590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fb8cbea1b9d85135f7ba99bfc6cbc2f3cee138ff\"\u003e\u003ccode\u003efb8cbea\u003c/code\u003e\u003c/a\u003e Introduce new version of continuation token (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44574\"\u003e#44574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6578a78f6a7429bbe73e27ebe904d7f362d7efa2\"\u003e\u003ccode\u003e6578a78\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44398\"\u003e#44398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/a69a3c26f3a3ed0c9e5a888d991ad447754ad00b\"\u003e\u003ccode\u003ea69a3c2\u003c/code\u003e\u003c/a\u003e add example to demo how to use truststore (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44343\"\u003e#44343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/5ade1087ec6a425d7639eefcff206ceffdf3d48f\"\u003e\u003ccode\u003e5ade108\u003c/code\u003e\u003c/a\u003e Bumping the targeted \u003ccode\u003ehttpx\u003c/code\u003e for \u003ccode\u003eazure-core-experimental\u003c/code\u003e dev reqs (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44328\"\u003e#44328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/cbb1db62711eae72aca1b2bbeedcbd7e02d21109\"\u003e\u003ccode\u003ecbb1db6\u003c/code\u003e\u003c/a\u003e [core] add tests and fix backcompat functions (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/4adcc524b09e09e4916f1280a32f9802cc798788\"\u003e\u003ccode\u003e4adcc52\u003c/code\u003e\u003c/a\u003e [Core] Support timeout error in requests+aiohttp transports (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43201\"\u003e#43201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fd709673eacbebc1107d998f217a131fa3394326\"\u003e\u003ccode\u003efd70967\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43435\"\u003e#43435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/b52527cdfdeff6b6aab4b93a87d4402b1403ce89\"\u003e\u003ccode\u003eb52527c\u003c/code\u003e\u003c/a\u003e [Core] Update TypeHandlerRegistry typing (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43393\"\u003e#43393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/compare/azure-core_1.27.0...azure-core_1.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke White]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChore: publish inline type annotations (\u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/224\"\u003e#224\u003c/a\u003e) [James Dow, James Dow]\u003c/p\u003e\n\u003cp\u003eAllow inline type hints to be packaged and distributed\nfollowing PEP561 specification\n\u003ca href=\"https://peps.python.org/pep-0561/#specification\"\u003ehttps://peps.python.org/pep-0561/#specification\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2 (2024-06-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTemporarily reverted the following commit which caused connection\nfailure for some Docker containers when SSL was enabled:\n“refactor(Connection): explicitly use TLS protocol for underlying\nconnection socket. previously TLS protocol was used by default.\nresolves deprecation warnings in Python 3.11\u0026quot; [Brooke White]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1 (2024-04-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix(auth, AdfsCredentialsProvider): Fixes a login issue that did not\nallow the loginToRp connection parameter in the\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5bbd061b03cbe555dbc783f44f716bcf8b4864c4\"\u003e\u003ccode\u003e5bbd061\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/8fb2f227b9a89bcd1e4184c171f3f8eb86252d5a\"\u003e\u003ccode\u003e8fb2f22\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/f9c0e493ece174c6c615f7a3d0dd2a7e98c305cf\"\u003e\u003ccode\u003ef9c0e49\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/632c5bf24a95c407ddbaf8d8265b71942e2dfcdc\"\u003e\u003ccode\u003e632c5bf\u003c/code\u003e\u003c/a\u003e fix: Modifying ssl_insecure connection parameter to be False by default.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5c6963f31bd3ec7a3283d36898cf9d095fbbfbd1\"\u003e\u003ccode\u003e5c6963f\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/845ed842e5c5c7621e798e6ea41febc91666e647\"\u003e\u003ccode\u003e845ed84\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/ea7df8aec96ac287e5406639d934cb3ea5e48301\"\u003e\u003ccode\u003eea7df8a\u003c/code\u003e\u003c/a\u003e Fix: Expending the cache cleanup triggers by adding DROP \u0026amp; ROLLBACK into the ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/bd3af3a76be3ef7443c21712ce645cadb287cf16\"\u003e\u003ccode\u003ebd3af3a\u003c/code\u003e\u003c/a\u003e Take version from loaded package when metadata are missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/dd8b334b6f98883bea7e6afe303c3dd0236e5af6\"\u003e\u003ccode\u003edd8b334\u003c/code\u003e\u003c/a\u003e Update changelog for version 2.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/287359102590d8a4d8181708febc9792fc487e27\"\u003e\u003ccode\u003e2873591\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/compare/v2.0.915...v2.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.3.0 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0 2023-09-25\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate pydantic-core to 2.10.0 by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBase64Url\u003c/code\u003e types by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7286\"\u003e#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement optional \u003ccode\u003enumber\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e coercion by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7508\"\u003e#7508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow access to \u003ccode\u003efield_name\u003c/code\u003e and \u003ccode\u003edata\u003c/code\u003e in all validators if there is data and a field name by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eBaseModel.model_validate_strings\u003c/code\u003e and \u003ccode\u003eTypeAdapter.validate_strings\u003c/code\u003e by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7552\"\u003e#7552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Pydantic \u003ccode\u003eplugins\u003c/code\u003e experimental implementation by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/6820\"\u003e#6820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDo not override \u003ccode\u003emodel_post_init\u003c/code\u003e in subclass with private attrs by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7302\"\u003e#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake fields with defaults not required in the serialization schema by default by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7275\"\u003e#7275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003eExtra\u003c/code\u003e as deprecated by \u003ca href=\"https://github.com/disrupted\"\u003e\u003ccode\u003e@​disrupted\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7299\"\u003e#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eEncodedStr\u003c/code\u003e a dataclass by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7396\"\u003e#7396\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003eannotated_handlers\u003c/code\u003e to be public by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7569\"\u003e#7569\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003ePerformance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSimplify flattening and inlining of \u003ccode\u003eCoreSchema\u003c/code\u003e by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7523\"\u003e#7523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused copies in \u003ccode\u003eCoreSchema\u003c/code\u003e walking by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7528\"\u003e#7528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd caches for collecting definitions and invalid schemas from a CoreSchema by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7527\"\u003e#7527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEagerly resolve discriminated unions and cache cases where we can't by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7529\"\u003e#7529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003edict.get\u003c/code\u003e and \u003ccode\u003edict.setdefault\u003c/code\u003e with more verbose versions in \u003ccode\u003eCoreSchema\u003c/code\u003e building hot paths by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7536\"\u003e#7536\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache invalid \u003ccode\u003eCoreSchema\u003c/code\u003e discovery by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7535\"\u003e#7535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow disabling \u003ccode\u003eCoreSchema\u003c/code\u003e validation for faster startup times by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7565\"\u003e#7565\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix config detection for \u003ccode\u003eTypedDict\u003c/code\u003e from grandparent classes by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7272\"\u003e#7272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix hash function generation for frozen models with unusual MRO by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7274\"\u003e#7274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003estrict\u003c/code\u003e config overridable in field for Path by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7281\"\u003e#7281\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eser_json_\u0026lt;timedelta|bytes\u0026gt;\u003c/code\u003e on default in \u003ccode\u003eGenerateJsonSchema\u003c/code\u003e by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7269\"\u003e#7269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding a check that alias is validated as an identifier for Python by \u003ca href=\"https://github.com/andree0\"\u003e\u003ccode\u003e@​andree0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7319\"\u003e#7319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise an error when computed field overrides field by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7346\"\u003e#7346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix applying \u003ccode\u003eSkipValidation\u003c/code\u003e to referenced schemas by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7381\"\u003e#7381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnforce behavior of private attributes having double leading underscore by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7265\"\u003e#7265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStandardize \u003ccode\u003e__get_pydantic_core_schema__\u003c/code\u003e signature by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7415\"\u003e#7415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix generic dataclass fields mutation bug (when using \u003ccode\u003eTypeAdapter\u003c/code\u003e) by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7435\"\u003e#7435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e on \u003ccode\u003emodel_validator\u003c/code\u003e in \u003ccode\u003ewrap\u003c/code\u003e mode by \u003ca href=\"https://github.com/pmmmwh\"\u003e\u003ccode\u003e@​pmmmwh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7496\"\u003e#7496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove enum error message by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7506\"\u003e#7506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003erepr\u003c/code\u003e work for instances that failed initialization when handling \u003ccode\u003eValidationError\u003c/code\u003es by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7439\"\u003e#7439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a regular expression denial of service issue by limiting whitespaces by \u003ca href=\"https://github.com/prodigysml\"\u003e\u003ccode\u003e@​prodigysml\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7360\"\u003e#7360\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix handling of \u003ccode\u003eUUID\u003c/code\u003e values having \u003ccode\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/4217","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/4217","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4217/packages"},{"uuid":"3810518053","node_id":"PR_kwDOFZ_7pM69BKc5","number":4188,"state":"open","title":"chore(deps): bump the pip group across 5 directories with 11 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-13T20:41:59.000Z","updated_at":"2026-01-20T13:01:41.835Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":11,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the /api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 1 update in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 7 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 5 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0` |\n\n\nUpdates `urllib3` from 2.5.0 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.6.2 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke White]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChore: publish inline type annotations (\u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/224\"\u003e#224\u003c/a\u003e) [James Dow, James Dow]\u003c/p\u003e\n\u003cp\u003eAllow inline type hints to be packaged and distributed\nfollowing PEP561 specification\n\u003ca href=\"https://peps.python.org/pep-0561/#specification\"\u003ehttps://peps.python.org/pep-0561/#specification\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2 (2024-06-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTemporarily reverted the following commit which caused connection\nfailure for some Docker containers when SSL was enabled:\n“refactor(Connection): explicitly use TLS protocol for underlying\nconnection socket. previously TLS protocol was used by default.\nresolves deprecation warnings in Python 3.11\u0026quot; [Brooke White]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1 (2024-04-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix(auth, AdfsCredentialsProvider): Fixes a login issue that did not\nallow the loginToRp connection parameter in the\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5bbd061b03cbe555dbc783f44f716bcf8b4864c4\"\u003e\u003ccode\u003e5bbd061\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/8fb2f227b9a89bcd1e4184c171f3f8eb86252d5a\"\u003e\u003ccode\u003e8fb2f22\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/f9c0e493ece174c6c615f7a3d0dd2a7e98c305cf\"\u003e\u003ccode\u003ef9c0e49\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/632c5bf24a95c407ddbaf8d8265b71942e2dfcdc\"\u003e\u003ccode\u003e632c5bf\u003c/code\u003e\u003c/a\u003e fix: Modifying ssl_insecure connection parameter to be False by default.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5c6963f31bd3ec7a3283d36898cf9d095fbbfbd1\"\u003e\u003ccode\u003e5c6963f\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/845ed842e5c5c7621e798e6ea41febc91666e647\"\u003e\u003ccode\u003e845ed84\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/ea7df8aec96ac287e5406639d934cb3ea5e48301\"\u003e\u003ccode\u003eea7df8a\u003c/code\u003e\u003c/a\u003e Fix: Expending the cache cleanup triggers by adding DROP \u0026amp; ROLLBACK into the ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/bd3af3a76be3ef7443c21712ce645cadb287cf16\"\u003e\u003ccode\u003ebd3af3a\u003c/code\u003e\u003c/a\u003e Take version from loaded package when metadata are missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/dd8b334b6f98883bea7e6afe303c3dd0236e5af6\"\u003e\u003ccode\u003edd8b334\u003c/code\u003e\u003c/a\u003e Update changelog for version 2.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/287359102590d8a4d8181708febc9792fc487e27\"\u003e\u003ccode\u003e2873591\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/compare/v2.0.915...v2.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.c...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/4188","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/4188","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4188/packages"},{"uuid":"3789360228","node_id":"PR_kwDOFZ_7pM678HyM","number":4162,"state":"closed","title":"chore(deps): bump the pip group across 4 directories with 11 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-01-09T13:35:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-07T16:06:11.000Z","updated_at":"2026-01-09T13:35:32.000Z","time_to_close":163743,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":11,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the /api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 7 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.0` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 5 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.0` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0rc0` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n\n\nUpdates `urllib3` from 2.5.0 to 2.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003cli\u003eIf you use custom decompressors, please make sure to update them to  respect the changed API of \u003ccode\u003eurllib3.response.ContentDecoder\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled retrieval, deletion, and membership testing in \u003ccode\u003eHTTPHeaderDict\u003c/code\u003e using bytes keys. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3653\"\u003e#3653\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded host and port information to string representations of \u003ccode\u003eHTTPConnection\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3666\"\u003e#3666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Python 3.14 free-threading builds explicitly. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3696\"\u003e#3696\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRemovals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers\u003c/code\u003e. Removed the \u003ccode\u003eHTTPResponse.getheader(name, default)\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers.get(name, default)\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3622\"\u003e#3622\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed redirect handling in \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e when an integer is passed for the retries parameter. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3649\"\u003e#3649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPConnectionPool\u003c/code\u003e when used in Emscripten with no explicit port. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3664\"\u003e#3664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling of \u003ccode\u003eSSLKEYLOGFILE\u003c/code\u003e with expandable variables. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3700\"\u003e#3700\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the \u003ccode\u003ezstd\u003c/code\u003e extra to install \u003ccode\u003ebackports.zstd\u003c/code\u003e instead of \u003ccode\u003ezstandard\u003c/code\u003e on Python 3.13 and before. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved the performance of content decoding by optimizing \u003ccode\u003eBytesQueueBuffer\u003c/code\u003e class. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3710\"\u003e#3710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllowed building the urllib3 package with newer setuptools-scm v9.x. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3652\"\u003e#3652\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsured successful urllib3 builds by setting Hatchling requirement to ≥ 1.27.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3638\"\u003e#3638\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\n\u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIf you use custom decompressors, please make sure to update them to\nrespect the changed API of \u003ccode\u003eurllib3.response.ContentDecoder\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled retrieval, deletion, and membership testing in \u003ccode\u003eHTTPHeaderDict\u003c/code\u003e using bytes keys. (\u003ccode\u003e[#3653](https://github.com/urllib3/urllib3/issues/3653) \u0026lt;https://github.com/urllib3/urllib3/issues/3653\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded host and port information to string representations of \u003ccode\u003eHTTPConnection\u003c/code\u003e. (\u003ccode\u003e[#3666](https://github.com/urllib3/urllib3/issues/3666) \u0026lt;https://github.com/urllib3/urllib3/issues/3666\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for Python 3.14 free-threading builds explicitly. (\u003ccode\u003e[#3696](https://github.com/urllib3/urllib3/issues/3696) \u0026lt;https://github.com/urllib3/urllib3/issues/3696\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRemovals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers\u003c/code\u003e.\nRemoved the \u003ccode\u003eHTTPResponse.getheader(name, default)\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers.get(name, default)\u003c/code\u003e. (\u003ccode\u003e[#3622](https://github.com/urllib3/urllib3/issues/3622) \u0026lt;https://github.com/urllib3/urllib3/issues/3622\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed redirect handling in \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e when an integer is passed\nfor the retries parameter. (\u003ccode\u003e[#3649](https://github.com/urllib3/urllib3/issues/3649) \u0026lt;https://github.com/urllib3/urllib3/issues/3649\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPConnectionPool\u003c/code\u003e when used in Emscripten with no explicit port. (\u003ccode\u003e[#3664](https://github.com/urllib3/urllib3/issues/3664) \u0026lt;https://github.com/urllib3/urllib3/issues/3664\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed handling of \u003ccode\u003eSSLKEYLOGFILE\u003c/code\u003e with expandable variables. (\u003ccode\u003e[#3700](https://github.com/urllib3/urllib3/issues/3700) \u0026lt;https://github.com/urllib3/urllib3/issues/3700\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/720f484b605f18887a48eef448d0084e2b76902d\"\u003e\u003ccode\u003e720f484\u003c/code\u003e\u003c/a\u003e Release 2.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8\"\u003e\u003ccode\u003e24d7b67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7\"\u003e\u003ccode\u003ec19571d\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/816fcf04528bc0f89672e13398eb813dcc892490\"\u003e\u003ccode\u003e816fcf0\u003c/code\u003e\u003c/a\u003e Bump actions/setup-python from 6.0.0 to 6.1.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3725\"\u003e#3725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/18af0a10efc4c99dd028f7ad5a461470b9a8b0fd\"\u003e\u003ccode\u003e18af0a1\u003c/code\u003e\u003c/a\u003e Improve speed of \u003ccode\u003eBytesQueueBuffer.get()\u003c/code\u003e by using memoryview (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3711\"\u003e#3711\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/1f6abac3e6d426c3939b8a17cf4afa099e691ab2\"\u003e\u003ccode\u003e1f6abac\u003c/code\u003e\u003c/a\u003e Bump versions of pre-commit hooks (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3716\"\u003e#3716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/1c8fbf787b8e6ed151842c5d6874c9d5bdbf1d0b\"\u003e\u003ccode\u003e1c8fbf7\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3722\"\u003e#3722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7784b9eee95b7c90802c02b111e98df70259ae4f\"\u003e\u003ccode\u003e7784b9e\u003c/code\u003e\u003c/a\u003e Add Python 3.15 to CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3717\"\u003e#3717\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0241c9e7286d3008e3cce18effc13b40dc633385\"\u003e\u003ccode\u003e0241c9e\u003c/code\u003e\u003c/a\u003e Updated docs to reflect change in optional zstd dependency from \u003ccode\u003ezstandard\u003c/code\u003e t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7afcabb6489d9a8ea95a40e5afcb46463af17351\"\u003e\u003ccode\u003e7afcabb\u003c/code\u003e\u003c/a\u003e Expand environment variable of SSLKEYLOGFILE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003cli\u003eIf you use custom decompressors, please make sure to update them to  respect the changed API of \u003ccode\u003eurllib3.response.ContentDecoder\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled retrieval, deletion, and membership testing in \u003ccode\u003eHTTPHeaderDict\u003c/code\u003e using bytes keys. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3653\"\u003e#3653\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded host and port information to string representations of \u003ccode\u003eHTTPConnection\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3666\"\u003e#3666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Python 3.14 free-threading builds explicitly. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3696\"\u003e#3696\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRemovals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers\u003c/code\u003e. Removed the \u003ccode\u003eHTTPResponse.getheader(name, default)\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers.get(name, default)\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3622\"\u003e#3622\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed redirect handling in \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e when an integer is passed for the retries parameter. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3649\"\u003e#3649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPConnectionPool\u003c/code\u003e when used in Emscripten with no explicit port. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3664\"\u003e#3664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling of \u003ccode\u003eSSLKEYLOGFILE\u003c/code\u003e with expandable variables. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3700\"\u003e#3700\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the \u003ccode\u003ezstd\u003c/code\u003e extra to install \u003ccode\u003ebackports.zstd\u003c/code\u003e instead of \u003ccode\u003ezstandard\u003c/code\u003e on Python 3.13 and before. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved the performance of content decoding by optimizing \u003ccode\u003eBytesQueueBuffer\u003c/code\u003e class. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3710\"\u003e#3710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllowed building the urllib3 package with newer setuptools-scm v9.x. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3652\"\u003e#3652\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsured successful urllib3 builds by setting Hatchling requirement to ≥ 1.27.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3638\"\u003e#3638\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\n\u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIf you use custom decompressors, please make sure to update them to\nrespect the changed API of \u003ccode\u003eurllib3.response.ContentDecoder\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled retrieval, deletion, and membership testing in \u003ccode\u003eHTTPHeaderDict\u003c/code\u003e using bytes keys. (\u003ccode\u003e[#3653](https://github.com/urllib3/urllib3/issues/3653) \u0026lt;https://github.com/urllib3/urllib3/issues/3653\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded host and port information to string representations of \u003ccode\u003eHTTPConnection\u003c/code\u003e. (\u003ccode\u003e[#3666](https://github.com/urllib3/urllib3/issues/3666) \u0026lt;https://github.com/urllib3/urllib3/issues/3666\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for Python 3.14 free-threading builds explicitly. (\u003ccode\u003e[#3696](https://github.com/urllib3/urllib3/issues/3696) \u0026lt;https://github.com/urllib3/urllib3/issues/3696\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRemovals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers\u003c/code\u003e.\nRemoved the \u003ccode\u003eHTTPResponse.getheader(name, default)\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers.get(name, default)\u003c/code\u003e. (\u003ccode\u003e[#3622](https://github.com/urllib3/urllib3/issues/3622) \u0026lt;https://github.com/urllib3/urllib3/issues/3622\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed redirect handling in \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e when an integer is passed\nfor the retries parameter. (\u003ccode\u003e[#3649](https://github.com/urllib3/urllib3/issues/3649) \u0026lt;https://github.com/urllib3/urllib3/issues/3649\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPConnectionPool\u003c/code\u003e when used in Emscripten with no explicit port. (\u003ccode\u003e[#3664](https://github.com/urllib3/urllib3/issues/3664) \u0026lt;https://github.com/urllib3/urllib3/issues/3664\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed handling of \u003ccode\u003eSSLKEYLOGFILE\u003c/code\u003e with expandable variables. (\u003ccode\u003e[#3700](https://github.com/urllib3/urllib3/issues/3700) \u0026lt;https://github.com/urllib3/urllib3/issues/3700\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/720f484b605f18887a48eef448d0084e2b76902d\"\u003e\u003ccode\u003e720f484\u003c/code\u003e\u003c/a\u003e Release 2.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8\"\u003e\u003ccode\u003e24d7b67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7\"\u003e\u003ccode\u003ec19571d\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/816fcf04528bc0f89672e13398eb813dcc892490\"\u003e\u003ccode\u003e816fcf0\u003c/code\u003e\u003c/a\u003e Bump actions/setup-python from 6.0.0 to 6.1.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3725\"\u003e#3725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/18af0a10efc4c99dd028f7ad5a461470b9a8b0fd\"\u003e\u003ccode\u003e18af0a1\u003c/code\u003e\u003c/a\u003e Improve speed of \u003ccode\u003eBytesQueueBuffer.get()\u003c/code\u003e by using memoryview (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3711\"\u003e#3711\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/1f6abac3e6d426c3939b8a17cf4afa099e691ab2\"\u003e\u003ccode\u003e1f6abac\u003c/code\u003e\u003c/a\u003e Bump versions of pre-commit hooks (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3716\"\u003e#3716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/1c8fbf787b8e6ed151842c5d6874c9d5bdbf1d0b\"\u003e\u003ccode\u003e1c8fbf7\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3722\"\u003e#3722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7784b9eee95b7c90802c02b111e98df70259ae4f\"\u003e\u003ccode\u003e7784b9e\u003c/code\u003e\u003c/a\u003e Add Python 3.15 to CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3717\"\u003e#3717\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0241c9e7286d3008e3cce18effc13b40dc633385\"\u003e\u003ccode\u003e0241c9e\u003c/code\u003e\u003c/a\u003e Updated docs to reflect change in optional zstd dependency from \u003ccode\u003ezstandard\u003c/code\u003e t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7afcabb6489d9a8ea95a40e5afcb46463af17351\"\u003e\u003ccode\u003e7afcabb\u003c/code\u003e\u003c/a\u003e Expand environment variable of SSLKEYLOGFILE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke White]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChore: publish inline type annotations (\u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/224\"\u003e#224\u003c/a\u003e) [James Dow, James Dow]\u003c/p\u003e\n\u003cp\u003eAllow inline type hints to be packaged and distributed\nfollowing PEP561 specification\n\u003ca href=\"https://peps.python.org/pep-0561/#specification\"\u003ehttps://peps.python.org/pep-0561/#specification\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2 (2024-06-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTemporarily reverted the following commit which caused connection\nfailure for some Docker containers when SSL was enabled:\n“refactor(Connection): explicitly use TLS protocol for underlying\nconnection socket. previously TLS protocol was used by default.\nresolves deprecation warnings in Python 3.11\u0026quot; [Brooke White]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1 (2024-04-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix(auth, AdfsCredentialsProvider): Fixes a login issue that did not\nallow the loginToRp connection parameter in the\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5bbd061b03cbe555dbc783f44f716bcf8b4864c4\"\u003e\u003ccode\u003e5bbd061\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/8fb2f227b9a89bcd1e4184c171f3f8eb86252d5a\"\u003e\u003ccode\u003e8fb2f22\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/f9c0e493ece174c6c615f7a3d0dd2a7e98c305cf\"\u003e\u003ccode\u003ef9c0e49\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/632c5bf24a95c407ddbaf8d8265b71942e2dfcdc\"\u003e\u003ccode\u003e632c5bf\u003c/code\u003e\u003c/a\u003e fix: Modifying ssl_insecure connection parameter to be False by default.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5c6963f31bd3ec7a3283d36898cf9d095fbbfbd1\"\u003e\u003ccode\u003e5c6963f\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/845ed842e5c5c7621e798e6ea41febc91666e647\"\u003e\u003ccode\u003e845ed84\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/ea7df8aec96ac287e5406639d934cb3ea5e48301\"\u003e\u003ccode\u003eea7df8a\u003c/code\u003e\u003c/a\u003e Fix: Expending the cache cleanup triggers by adding DROP \u0026amp; ROLLBACK into the ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/bd3af3a76be3ef7443c21712ce645cadb287cf16\"\u003e\u003ccode\u003ebd3af3a\u003c/code\u003e\u003c/a\u003e Take version from loaded package when metadata are missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/dd8b334b6f98883bea7e6afe303c3dd0236e5af6\"\u003e\u003ccode\u003edd8b334\u003c/code\u003e\u003c/a\u003e Update changelog for version 2.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/287359102590d8a4d8181708febc9792fc487e27\"\u003e\u003ccode\u003e2873591\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/compare/v2.0.915...v2.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.3.0 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0 2023-09-25\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate pydantic-core to 2.10.0 by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBase64Url\u003c/code\u003e types by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7286\"\u003e#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement optional \u003ccode\u003enumber\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e coercion by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7508\"\u003e#7508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow access to \u003ccode\u003efield_name\u003c/code\u003e and \u003ccode\u003edata\u003c/code\u003e in all validators if there is data and a field name by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eBaseModel.model_validate_strings\u003c/code\u003e and \u003ccode\u003eTypeAdapter.validate_strings\u003c/code\u003e by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7552\"\u003e#7552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Pydantic \u003ccode\u003eplugins\u003c/code\u003e experimental implementation by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/6820\"\u003e#6820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDo not override \u003ccode\u003emodel_post_init\u003c/code\u003e in subclass with private attrs by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7302\"\u003e#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake fields with defaults not required in the serialization schema by default by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7275\"\u003e#7275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003eExtra\u003c/code\u003e as deprecated by \u003ca href=\"https://github.com/disrupted\"\u003e\u003ccode\u003e@​disrupted\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7299\"\u003e#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eEncodedStr\u003c/code\u003e a dataclass by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7396\"\u003e#7396\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003eannotated_handlers\u003c/code\u003e to be public by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7569\"\u003e#7569\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003ePerformance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSimplify flattening and inlining of \u003ccode\u003eCoreSchema\u003c/code\u003e by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7523\"\u003e#7523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused copies in \u003ccode\u003eCoreSchema\u003c/code\u003e walking by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7528\"\u003e#7528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd caches for collecting definitions and invalid schemas from a CoreSchema by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7527\"\u003e#7527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEagerly resolve discriminated unions and cache cases where we can't by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7529\"\u003e#7529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003edict.get\u003c/code\u003e and \u003ccode\u003edict.setdefault\u003c/code\u003e with more verbose versions in \u003ccode\u003eCoreSchema\u003c/code\u003e building hot paths by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7536\"\u003e#7536\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache invalid \u003ccode\u003eCoreSchema\u003c/code\u003e discovery by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7535\"\u003e#7535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow disabling \u003ccode\u003eCoreSchema\u003c/code\u003e validation for faster startup times by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7565\"\u003e#7565\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix config detection for \u003ccode\u003eTypedDict\u003c/code\u003e from grandparent classes by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7272\"\u003e#7272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix hash function generation for frozen models with unusual MRO by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7274\"\u003e#7274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003estrict\u003c/code\u003e config overridable in field for Path by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7281\"\u003e#7281\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eser_json_\u0026lt;timedelta|bytes\u0026gt;\u003c/code\u003e on default in \u003ccode\u003eGenerateJsonSchema\u003c/code\u003e by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7269\"\u003e#7269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding a check that alias is validated as an identifier for Python by \u003ca href=\"https://github.com/andree0\"\u003e\u003ccode\u003e@​andree0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7319\"\u003e#7319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise an error when computed field overrides field by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7346\"\u003e#7346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix applying \u003ccode\u003eSkipValidation\u003c/code\u003e to referenced schemas by \u003ca href=\"https://github...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/4162","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/4162","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4162/packages"},{"uuid":"3580328777","node_id":"PR_kwDOK0Z3lM6xGQSb","number":593,"state":"open","title":"build(deps): bump pycryptodomex from 3.21.0 to 3.23.0","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":8,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-03T02:31:47.000Z","updated_at":"2026-03-18T19:00:33.934Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"pycryptodomex","old_version":"3.21.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.21.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.21.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=uv\u0026previous-version=3.21.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/algorandfoundation/puya/pull/593","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/algorandfoundation%2Fpuya/issues/593","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/593/packages"},{"uuid":"2876251249","node_id":"PR_kwDOADutIc6rcBxx","number":9916,"state":"closed","title":"Bump pycryptodomex from 3.21.0 to 3.23.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-10-06T09:06:10.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-30T23:08:48.000Z","updated_at":"2025-10-06T09:06:10.000Z","time_to_close":467842,"merged_at":"2025-10-06T09:06:10.000Z","merged_by":"acelaya","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"pycryptodomex","old_version":"3.21.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.21.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.21.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.21.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hypothesis/h/pull/9916","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hypothesis%2Fh/issues/9916","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9916/packages"},{"uuid":"2811489391","node_id":"PR_kwDOFZ_7pM6nk-xv","number":3643,"state":"closed","title":"build(deps): bump the pip group across 7 directories with 12 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-09-17T13:32:13.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-09T10:43:39.000Z","updated_at":"2025-09-17T13:32:14.000Z","time_to_close":701314,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":12,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 3 updates in the /api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [pydantic](https://github.com/pydantic/pydantic).\nBumps the pip group with 3 updates in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [pydantic](https://github.com/pydantic/pydantic).\nBumps the pip group with 7 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.5.0` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 1 update in the /ee/quickwit directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 7 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.5.0` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.6.3` | `2.11.7` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.1.0` |\n| [apache-airflow](https://github.com/apache/airflow) | `2.8.2` | `2.10.3` |\n\nBumps the pip group with 1 update in the /ee/recommendation/ml_trainer directory: [apache-airflow](https://github.com/apache/airflow).\n\nUpdates `urllib3` from 2.3.0 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.10.6 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.10.6...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.3.0 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.10.6 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.10.6...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://gith...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/3643","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/3643","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3643/packages"},{"uuid":"2786010792","node_id":"PR_kwDOMrw2JM6mDyao","number":2,"state":"open","title":"chore(deps): bump the pip group across 1 directory with 11 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-29T21:03:24.000Z","updated_at":"2025-08-29T21:03:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":11,"packages":[{"name":"ansible","old_version":"7.1.0","new_version":"8.5.0","repository_url":"https://github.com/ansible-community/ansible-build-data"},{"name":"ecdsa","old_version":"0.18.0","new_version":"0.19.1","repository_url":"https://github.com/tlsfuzzer/python-ecdsa"},{"name":"future","old_version":"0.18.3","new_version":"1.0.0","repository_url":"https://github.com/PythonCharmers/python-future"},{"name":"paramiko","old_version":"3.2.0","new_version":"3.4.0","repository_url":"https://github.com/paramiko/paramiko"},{"name":"pycryptodome","old_version":"3.18.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"requests","old_version":"2.31.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"djangorestframework","old_version":"3.14.0","new_version":"3.15.2","repository_url":"https://github.com/encode/django-rest-framework"},{"name":"pillow","old_version":"10.0.1","new_version":"10.3.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"eventlet","old_version":"0.33.3","new_version":"0.40.3","repository_url":"https://github.com/eventlet/eventlet"},{"name":"azure-identity","old_version":"1.16.0","new_version":"1.16.1","repository_url":"https://github.com/Azure/azure-sdk-for-python"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ansible](https://github.com/ansible-community/ansible-build-data) | `7.1.0` | `8.5.0` |\n| [ecdsa](https://github.com/tlsfuzzer/python-ecdsa) | `0.18.0` | `0.19.1` |\n| [future](https://github.com/PythonCharmers/python-future) | `0.18.3` | `1.0.0` |\n| [paramiko](https://github.com/paramiko/paramiko) | `3.2.0` | `3.4.0` |\n| [pycryptodome](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.23.0` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [djangorestframework](https://github.com/encode/django-rest-framework) | `3.14.0` | `3.15.2` |\n| [pillow](https://github.com/python-pillow/Pillow) | `10.0.1` | `10.3.0` |\n| [eventlet](https://github.com/eventlet/eventlet) | `0.33.3` | `0.40.3` |\n| [azure-identity](https://github.com/Azure/azure-sdk-for-python) | `1.16.0` | `1.16.1` |\n\n\nUpdates `ansible` from 7.1.0 to 8.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/16d36538b96c65d9e0e28d89781361b69857ac0e\"\u003e\u003ccode\u003e16d3653\u003c/code\u003e\u003c/a\u003e Ansible 8.5.0: Dependencies, changelog and porting guide (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/304\"\u003e#304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/23f5e493dbfd9da9e23c2fff69c5816d3d0439b0\"\u003e\u003ccode\u003e23f5e49\u003c/code\u003e\u003c/a\u003e Ansible 9.0.0a2: Dependencies, changelog and porting guide (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/303\"\u003e#303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/e9d24af3f7b204d4290bf1f3ec90b3b8a9c00a53\"\u003e\u003ccode\u003ee9d24af\u003c/code\u003e\u003c/a\u003e Ansible 9.0.0a1: Dependencies, changelog and porting guide (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/301\"\u003e#301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/c852649b925e24784be5cd9e10ebfa32b7a72616\"\u003e\u003ccode\u003ec852649\u003c/code\u003e\u003c/a\u003e Exclude collections whose releases aren't tagged with constraints files. (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/300\"\u003e#300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/9e71e5c648d889644ee7cb31700a7fb3a7073aa2\"\u003e\u003ccode\u003e9e71e5c\u003c/code\u003e\u003c/a\u003e Ansible 8.4.0: Dependencies, changelog and porting guide (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/879c56e454b5cc1a13e8efde4da68dc8e0ff1a09\"\u003e\u003ccode\u003e879c56e\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Ignore missing tag for cisco.intersight. (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/287\"\u003e#287\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/296771c4dd03f0fadb60a09bcb5c2a8d1984d94c\"\u003e\u003ccode\u003e296771c\u003c/code\u003e\u003c/a\u003e cisco.merkai is now developed in and released from \u003ca href=\"https://github.com/meraki/\"\u003ehttps://github.com/meraki/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/3b42722c5f0f0127956a7a9b021129ce3919ba33\"\u003e\u003ccode\u003e3b42722\u003c/code\u003e\u003c/a\u003e Ignore missing tag for cisco.intersight. (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/d2083966780ac288527d7479b9112069e9c5de91\"\u003e\u003ccode\u003ed208396\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 3 to 4 (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/084965e42b9d88f0358b3c1afec6509d4b2398fd\"\u003e\u003ccode\u003e084965e\u003c/code\u003e\u003c/a\u003e Deprecate hpe.nimble (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ansible-community/ansible-build-data/compare/7.1.0...8.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ecdsa` from 0.18.0 to 0.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/releases\"\u003eecdsa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eecdsa 0.19.1\u003c/h2\u003e\n\u003cp\u003eNew API:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eder.remove_implicit\u003c/code\u003e and \u003ccode\u003eder.encode_implicit\u003c/code\u003e for decoding and\nencoding DER IMPLICIT values with custom tag values and arbitrary\nclasses\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMinor fixes around arithmetic with curves that have non-prime order\n(useful for experimentation, not practical deployments)\u003c/li\u003e\n\u003cli\u003eFix arithmetic to work with curves that have (0, 0) on the curve\u003c/li\u003e\n\u003cli\u003eFix canonicalization of signatures when \u003ccode\u003es\u003c/code\u003e is just slightly\nabove half of curve order\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMaintenance:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped official support for Python 3.5 (again, issues with CI, support\nfor Python 2.6 and Python 2.7 is unchanged)\u003c/li\u003e\n\u003cli\u003eOfficially support Python 3.12 and 3.13 (add them to CI)\u003c/li\u003e\n\u003cli\u003eRemoval of few more unnecessary \u003ccode\u003esix.b\u003c/code\u003e literals (Alexandre Detiste)\u003c/li\u003e\n\u003cli\u003eFix typos in warning messages\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eecdsa 0.19.0\u003c/h2\u003e\n\u003ch2\u003eNew API:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eto_ssh\u003c/code\u003e in \u003ccode\u003eVerifyingKey\u003c/code\u003e and \u003ccode\u003eSigningKey\u003c/code\u003e, supports Ed25519 keys only\n(Pablo Mazzini)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew features:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for twisted Brainpool curves\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDoc fix:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix curve equation in glossary\u003c/li\u003e\n\u003cli\u003eDocumentation for signature encoding and signature decoding functions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaintenance:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDropped official support for 3.3 and 3.4 (because of problems running them\nin CI, not because it's actually incompatible; support for 2.6 and 2.7 is\nunaffected)\u003c/li\u003e\n\u003cli\u003eFixes around hypothesis parameters\u003c/li\u003e\n\u003cli\u003eOfficially support Python 3.11 and 3.12\u003c/li\u003e\n\u003cli\u003eSmall updates to test suite to make it work with 3.11 and 3.12 and new\nreleases of test dependencies\u003c/li\u003e\n\u003cli\u003eDropped the internal \u003ccode\u003e_rwlock\u003c/code\u003e module as it's unused\u003c/li\u003e\n\u003cli\u003eAdded mutation testing to CI, lots of speed-ups to the test suite\nto make it happen\u003c/li\u003e\n\u003cli\u003eRemoval of unnecessary \u003ccode\u003esix.b\u003c/code\u003e literals (Alexandre Detiste)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDeprecations:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/blob/master/NEWS\"\u003eecdsa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease 0.19.1 (13 Mar 2025)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew API:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eder.remove_implitic\u003c/code\u003e and \u003ccode\u003eder.encode_implicit\u003c/code\u003e for decoding and\nencoding DER IMPLICIT values with custom tag values and arbitrary\nclasses\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMinor fixes around arithmetic with curves that have non-prime order\n(useful for experimentation, not practical deployments)\u003c/li\u003e\n\u003cli\u003eFix arithmetic to work with curves that have (0, 0) on the curve\u003c/li\u003e\n\u003cli\u003eFix canonicalization of signatures when \u003ccode\u003es\u003c/code\u003e is just slightly\nabove half of curve order\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMaintenance:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDropped official support for Python 3.5 (again, issues with CI, support\nfor Python 2.6 and Python 2.7 is unchanged)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOfficialy support Python 3.12 and 3.13 (add them to CI)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoval of few more unnecessary \u003ccode\u003esix.b\u003c/code\u003e literals (Alexandre Detiste)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix typos in warning messages\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRelease 0.19.0 (08 Apr 2024)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew API:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eto_ssh\u003c/code\u003e in \u003ccode\u003eVerifyingKey\u003c/code\u003e and \u003ccode\u003eSigningKey\u003c/code\u003e, supports Ed25519 keys only\n(Pablo Mazzini)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew features:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for twisted Brainpool curves\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDoc fix:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix curve equation in glossary\u003c/li\u003e\n\u003cli\u003eDocumentation for signature encoding and signature decoding functions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMaintenance:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped official support for 3.3 and 3.4 (because of problems running them\nin CI, not because it's actually incompatible; support for 2.6 and 2.7 is\nunaffected)\u003c/li\u003e\n\u003cli\u003eFixes aroung hypothesis parameters\u003c/li\u003e\n\u003cli\u003eOfficially support Python 3.11 and 3.12\u003c/li\u003e\n\u003cli\u003eSmall updates to test suite to make it work with 3.11 and 3.12 and new\nreleases of test dependencies\u003c/li\u003e\n\u003cli\u003eDropped the internal \u003ccode\u003e_rwlock\u003c/code\u003e module as it's unused\u003c/li\u003e\n\u003cli\u003eAdded mutation testing to CI, lots of speed-ups to the test suite\nto make it happen\u003c/li\u003e\n\u003cli\u003eRemoval of unnecessary \u003ccode\u003esix.b\u003c/code\u003e literals (Alexandre Detiste)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDeprecations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eint_to_string\u003c/code\u003e, \u003ccode\u003estring_to_int\u003c/code\u003e, and \u003ccode\u003edigest_integer\u003c/code\u003e from \u003ccode\u003eecdsa.ecdsa\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/2a6593d840ad153a16ebdd4f9b772b290494f3e3\"\u003e\u003ccode\u003e2a6593d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/359\"\u003e#359\u003c/a\u003e from tlsfuzzer/release-0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/658ddc81bbd20e0197a59c9c0fa7dcc5b17d7d06\"\u003e\u003ccode\u003e658ddc8\u003c/code\u003e\u003c/a\u003e add release notes for 0.19.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/3c5df06ae85ea0b35557fe5f8874eec4f2b39db0\"\u003e\u003ccode\u003e3c5df06\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/358\"\u003e#358\u003c/a\u003e from tlsfuzzer/high-s-values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/b6d43c60e309bccd681eb1baab502f817ff226b6\"\u003e\u003ccode\u003eb6d43c6\u003c/code\u003e\u003c/a\u003e use integer division for canonicalization of signatures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/aa81ba3b7339f30362098580c754576bc15edba1\"\u003e\u003ccode\u003eaa81ba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/357\"\u003e#357\u003c/a\u003e from tlsfuzzer/new-badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/ef75fea937fee20561ba0d81a4d0a9bb371d20e7\"\u003e\u003ccode\u003eef75fea\u003c/code\u003e\u003c/a\u003e use the new badge URL for the build status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/10d74353c4e4e6fabc425d5a2791550430f4606d\"\u003e\u003ccode\u003e10d7435\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/356\"\u003e#356\u003c/a\u003e from tlsfuzzer/implicit-tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/dba9f8096268f7e97ff1f7a21c910fff4d764e6d\"\u003e\u003ccode\u003edba9f80\u003c/code\u003e\u003c/a\u003e add support for encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/8e3f653e66150b9c787d6ca4fb015d05dd164e51\"\u003e\u003ccode\u003e8e3f653\u003c/code\u003e\u003c/a\u003e add support for parsing implicit DER tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/55d2b569d42b40399694de4bd58c0f4410799766\"\u003e\u003ccode\u003e55d2b56\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/355\"\u003e#355\u003c/a\u003e from tlsfuzzer/doc-update\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/compare/python-ecdsa-0.18.0...python-ecdsa-0.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `future` from 0.18.3 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/releases\"\u003efuture's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eThe new version number of 1.0.0 indicates that the python-future project, like\nPython 2, is now done.\u003c/p\u003e\n\u003cp\u003eThe most important change in this release is adding support for Python 3.12\n(ba1cc50 and a6222d2 and bcced95).\u003c/p\u003e\n\u003cp\u003eThis release also includes these fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSmall updates to the docs\u003c/li\u003e\n\u003cli\u003eAdd SECURITY.md describing security policy (0598d1b)\u003c/li\u003e\n\u003cli\u003eFix pasteurize: NameError: name 'unicode' is not defined (de68c10)\u003c/li\u003e\n\u003cli\u003eMove CI to GitHub Actions (8cd11e8)\u003c/li\u003e\n\u003cli\u003eAdd setuptools to requirements for building docs (0c347ff)\u003c/li\u003e\n\u003cli\u003eFix typos in docs (350e87a)\u003c/li\u003e\n\u003cli\u003eMake the fix_unpacking fixer more robust (de68c10)\u003c/li\u003e\n\u003cli\u003eSmall improvements to shell scripts according to shellcheck (6153844)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/blob/master/docs/changelog.rst\"\u003efuture's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e.. _whats-old:\u003c/p\u003e\n\u003cp\u003eChanges in previous versions\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eChanges in the most recent major version are here: :ref:\u003ccode\u003ewhats-new\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/2bdbfa5664241fee622b23590abd3492f973afc9\"\u003e\u003ccode\u003e2bdbfa5\u003c/code\u003e\u003c/a\u003e Tidy up README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a7097f804cd83fe1fd6a50ab088ae1d4ab303246\"\u003e\u003ccode\u003ea7097f8\u003c/code\u003e\u003c/a\u003e Update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/e32250e67423aaf4fbccd332be8a40fdcdba2711\"\u003e\u003ccode\u003ee32250e\u003c/code\u003e\u003c/a\u003e Update docs pointing to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/dde60ad4c9857a11b9f54e8ae671aacde703e71a\"\u003e\u003ccode\u003edde60ad\u003c/code\u003e\u003c/a\u003e Move old \u0026quot;What's New\u0026quot; entries to the change log\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/b2ea4204fc269ede619526c7753c0fa6579d5d0d\"\u003e\u003ccode\u003eb2ea420\u003c/code\u003e\u003c/a\u003e Remove hacky logo from docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a10a78bbd2921a4deaa423bdf5712acf9eb8d5a4\"\u003e\u003ccode\u003ea10a78b\u003c/code\u003e\u003c/a\u003e Update \u0026quot;What's New\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/9f8763032b4ac1dbe043db363feae26fe6d0bacc\"\u003e\u003ccode\u003e9f87630\u003c/code\u003e\u003c/a\u003e Update the FAQ entries on compatibility and contributing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/f4a1f0406b47e8ef91838fcff9d679ee6fe186d9\"\u003e\u003ccode\u003ef4a1f04\u003c/code\u003e\u003c/a\u003e Docs: replace http links with https\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/30c525e1aa6aa5a5a2b5d2ec4769feb00aa7a726\"\u003e\u003ccode\u003e30c525e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/PythonCharmers/python-future\"\u003ehttps://github.com/PythonCharmers/python-future\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/70b36a8a514e45a2582589991be4a2c1fd1944b7\"\u003e\u003ccode\u003e70b36a8\u003c/code\u003e\u003c/a\u003e Disable Python 2.6 CI tests for now\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PythonCharmers/python-future/compare/v0.18.3...v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `paramiko` from 3.2.0 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/f0881ba8af57d1a122ef19c40d144afdcb6e0824\"\u003e\u003ccode\u003ef0881ba\u003c/code\u003e\u003c/a\u003e Cut 3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/3e4bdf998f5b1508322234a527e8fa432220368b\"\u003e\u003ccode\u003e3e4bdf9\u003c/code\u003e\u003c/a\u003e Changelog/comment updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/30b447b911c39460bbef5e7834e339c43a251316\"\u003e\u003ccode\u003e30b447b\u003c/code\u003e\u003c/a\u003e Linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/33508c920309860c4a775be70f209c2a400e18ec\"\u003e\u003ccode\u003e33508c9\u003c/code\u003e\u003c/a\u003e Expand MessageOrderError use to handle more packet types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/96db1e2be856eac66631761bae41167a1ebd2b4e\"\u003e\u003ccode\u003e96db1e2\u003c/code\u003e\u003c/a\u003e Raise exception when sequence numbers rollover during initial kex\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/58785d29c47570fa700e096d16b9a0d3a6069048\"\u003e\u003ccode\u003e58785d2\u003c/code\u003e\u003c/a\u003e Changelog tweak re: other new Transport kwarg\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/8dcb237f0ee095b1d8b26765c3d41d0ab6963be9\"\u003e\u003ccode\u003e8dcb237\u003c/code\u003e\u003c/a\u003e Test-suite-only bugfix: defer did not actually imply skip_verify\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/fa46de7feeeb8a01dc471581a0258252ce4f2db6\"\u003e\u003ccode\u003efa46de7\u003c/code\u003e\u003c/a\u003e Reset sequence numbers on rekey\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/75e311d3c0845a316b6e7b3fae2488d86ad5a270\"\u003e\u003ccode\u003e75e311d\u003c/code\u003e\u003c/a\u003e Enforce zero seqno on kexinit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/73f079f5a4bbba7f3048dadbe05b24242206745e\"\u003e\u003ccode\u003e73f079f\u003c/code\u003e\u003c/a\u003e Fill in CVE number for Terrapin attack\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/paramiko/paramiko/compare/3.2.0...3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodome` from 3.18.0 to 3.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodome's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.21.0 - Bourdeaux\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\nthe GMP library will not be used even if detected.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\nwith the canonical name of the curve.\u003c/li\u003e\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\ncontain any of the optional elements\n(parameters [0] and publicKey[1]).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodome's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.21.0 (30 September 2024)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\nthe GMP library will not be used even if detected.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\nwith the canonical name of the curve.\u003c/li\u003e\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.31.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `djangorestframework` from 3.14.0 to 3.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/django-rest-framework/releases\"\u003edjangorestframework's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/api\"\u003e\u003ccode\u003e@​api\u003c/code\u003e\u003c/a\u003e_view example to caching documentation by \u003ca href=\"https://github.com/BradWells\"\u003e\u003ccode\u003e@​BradWells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9131\"\u003eencode/django-rest-framework#9131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate docstring by \u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9340\"\u003eencode/django-rest-framework#9340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApply black formatting to caching markdown by \u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9341\"\u003eencode/django-rest-framework#9341\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate renderers documentation example by \u003ca href=\"https://github.com/mgaligniana\"\u003e\u003ccode\u003e@​mgaligniana\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9362\"\u003eencode/django-rest-framework#9362\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoving live examples of tutorial code that are no longer hosted by \u003ca href=\"https://github.com/TGoddessana\"\u003e\u003ccode\u003e@​TGoddessana\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9363\"\u003eencode/django-rest-framework#9363\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocs: Remove an unnecessary step from quickstart.md by \u003ca href=\"https://github.com/gogowitsch\"\u003e\u003ccode\u003e@​gogowitsch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9387\"\u003eencode/django-rest-framework#9387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation: Add Python 3.12 to the requirements by \u003ca href=\"https://github.com/Szaroslav\"\u003e\u003ccode\u003e@​Szaroslav\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9382\"\u003eencode/django-rest-framework#9382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTweak README.md links. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9375\"\u003eencode/django-rest-framework#9375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Ensure CursorPagination respects nulls in the ordering field\u0026quot; by \u003ca href=\"https://github.com/max-muoto\"\u003e\u003ccode\u003e@​max-muoto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9381\"\u003eencode/django-rest-framework#9381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse warnings rather than logging a warning for DecimalField warnings by \u003ca href=\"https://github.com/terencehonles\"\u003e\u003ccode\u003e@​terencehonles\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9367\"\u003eencode/django-rest-framework#9367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e20240426 docs by \u003ca href=\"https://github.com/peterthomassen\"\u003e\u003ccode\u003e@​peterthomassen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9392\"\u003eencode/django-rest-framework#9392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCleanup by \u003ca href=\"https://github.com/peterthomassen\"\u003e\u003ccode\u003e@​peterthomassen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9393\"\u003eencode/django-rest-framework#9393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etests: Check urlpatterns after cleanups by \u003ca href=\"https://github.com/stanislavlevin\"\u003e\u003ccode\u003e@​stanislavlevin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9400\"\u003eencode/django-rest-framework#9400\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Correct some evaluation results and a httpie option in Tutorial1 by \u003ca href=\"https://github.com/wkwkhautbois\"\u003e\u003ccode\u003e@​wkwkhautbois\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9421\"\u003eencode/django-rest-framework#9421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e__hash__\u003c/code\u003e method for \u003ccode\u003epermissions.OperandHolder\u003c/code\u003e class by \u003ca href=\"https://github.com/vanya909\"\u003e\u003ccode\u003e@​vanya909\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9417\"\u003eencode/django-rest-framework#9417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix potential XSS vulnerability in break_long_headers template filter by \u003ca href=\"https://github.com/ch4n3-yoon\"\u003e\u003ccode\u003e@​ch4n3-yoon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9435\"\u003eencode/django-rest-framework#9435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVersion 3.15.2. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9439\"\u003eencode/django-rest-framework#9439\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BradWells\"\u003e\u003ccode\u003e@​BradWells\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9131\"\u003eencode/django-rest-framework#9131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9340\"\u003eencode/django-rest-framework#9340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gogowitsch\"\u003e\u003ccode\u003e@​gogowitsch\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9387\"\u003eencode/django-rest-framework#9387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Szaroslav\"\u003e\u003ccode\u003e@​Szaroslav\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9382\"\u003eencode/django-rest-framework#9382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wkwkhautbois\"\u003e\u003ccode\u003e@​wkwkhautbois\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9421\"\u003eencode/django-rest-framework#9421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ch4n3-yoon\"\u003e\u003ccode\u003e@​ch4n3-yoon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9435\"\u003eencode/django-rest-framework#9435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/django-rest-framework/compare/3.15.1...3.15.2\"\u003ehttps://github.com/encode/django-rest-framework/compare/3.15.1...3.15.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 3.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the message to be consistent with the Django `HttpResponseBa… by \u003ca href=\"https://github.com/maycuatroi\"\u003e\u003ccode\u003e@​maycuatroi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9287\"\u003eencode/django-rest-framework#9287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003einflection\u003c/code\u003e package truly optional by \u003ca href=\"https://github.com/browniebroke\"\u003e\u003ccode\u003e@​browniebroke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9303\"\u003eencode/django-rest-framework#9303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix broken links in release notes for 3.15 by \u003ca href=\"https://github.com/browniebroke\"\u003e\u003ccode\u003e@​browniebroke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9305\"\u003eencode/django-rest-framework#9305\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTokenAdmin.autocomplete_fields Breaks Some Use Cases, Revert by \u003ca href=\"https://github.com/alexdlaird\"\u003e\u003ccode\u003e@​alexdlaird\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9301\"\u003eencode/django-rest-framework#9301\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd drf-sendables to third-party-packages.md by \u003ca href=\"https://github.com/amikrop\"\u003e\u003ccode\u003e@​amikrop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9261\"\u003eencode/django-rest-framework#9261\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Add some changes to ValidationError to support django style vad…\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9326\"\u003eencode/django-rest-framework#9326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Re-prefetch related objects after updating\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9327\"\u003eencode/django-rest-framework#9327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/8863\"\u003e#8863\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9330\"\u003eencode/django-rest-framework#9330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/8009\"\u003e#8009\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9332\"\u003eencode/django-rest-framework#9332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9030\"\u003e#9030\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9333\"\u003eencode/django-rest-framework#9333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespaces\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9335\"\u003eencode/django-rest-framework#9335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSearchFilter.get_search_terms\u003c/code\u003e returns list. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9338\"\u003eencode/django-rest-framework#9338\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVersion 3.15.1 by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9339\"\u003eencode/django-rest-framework#9339\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maycuatroi\"\u003e\u003ccode\u003e@​maycuatroi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9287\"\u003eencode/django-rest-framework#9287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alexdlaird\"\u003e\u003ccode\u003e@​alexdlaird\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9301\"\u003eencode/django-rest-framework#9301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/c7a7eae551528b6887614df816c8a26df70272d6\"\u003e\u003ccode\u003ec7a7eae\u003c/code\u003e\u003c/a\u003e Version 3.15.2 (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9439\"\u003e#9439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/3b41f0124194430da957b119712978fa2266b642\"\u003e\u003ccode\u003e3b41f01\u003c/code\u003e\u003c/a\u003e Fix potential XSS vulnerability in break_long_headers template filter (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9435\"\u003e#9435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/fe92f0dd0d4c587eed000c7de611ddbff241bd6a\"\u003e\u003ccode\u003efe92f0d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003e__hash__\u003c/code\u003e method for \u003ccode\u003epermissions.OperandHolder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9417\"\u003e#9417\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/fbdab09c776d5ceef041793a7acd1c9e91695e5d\"\u003e\u003ccode\u003efbdab09\u003c/code\u003e\u003c/a\u003e docs: Correct some evaluation results and a httpie option in Tutorial1 (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9421\"\u003e#9421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/36d5c0e74f562cbe3055f0d20818bd48d3c32359\"\u003e\u003ccode\u003e36d5c0e\u003c/code\u003e\u003c/a\u003e tests: Check urlpatterns after cleanups (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9400\"\u003e#9400\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/9d4ed054bf8acfac6209b7e7f837fc97517affcc\"\u003e\u003ccode\u003e9d4ed05\u003c/code\u003e\u003c/a\u003e Don't use Windows line endings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/b34bde47d7fff403df4143a35c71975d7c2e7763\"\u003e\u003ccode\u003eb34bde4\u003c/code\u003e\u003c/a\u003e Fix typo in setup.cfg setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/ab681f2d5e4a9645aa68eabf1ff18e41d0d5f642\"\u003e\u003ccode\u003eab681f2\u003c/code\u003e\u003c/a\u003e Update requirements in docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/22377241a89c8233b45441b5adde5b858edef371\"\u003e\u003ccode\u003e2237724\u003c/code\u003e\u003c/a\u003e bump pygments (security hygiene)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/d58b8da591120abedc94c1b71576cb9afb2d7868\"\u003e\u003ccode\u003ed58b8da\u003c/code\u003e\u003c/a\u003e Update deprecation hints\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/encode/django-rest-framework/compare/3.14.0...3.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 10.0.1 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDeprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate eval(), replacing it with lambda_eval() and unsafe_eval() \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDeprecate ImageCms constants and versions() function \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7702\"\u003e#7702\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-28219: Use strncpy to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003efunctools.lru_cache\u003c/code\u003e for \u003ccode\u003ehopper()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7912\"\u003e#7912\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImprove speed of loading QOI images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7925\"\u003e#7925\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd --report argument to \u003cstrong\u003emain\u003c/strong\u003e.py to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16, I;16L and I;16B conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e [\u003ca href=\"https://github.com/Yay295\"\u003e\u003ccode\u003e@​Yay295\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e [\u003ca href=\"https://github.com/scaramallion\"\u003e\u003ccode\u003e@​scaramallion\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7881\"\u003e#7881\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemoved Python and NumPy pinning on Cygwin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7880\"\u003e#7880\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate UnidentifiedImageError and \u003cstrong\u003eversion\u003c/strong\u003e imports \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7644\"\u003e#7644\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eStop reading EPS image at EOF marker \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7753\"\u003e#7753\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePSD layer co-ordinates may be negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7706\"\u003e#7706\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7791\"\u003e#7791\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eWhen saving GIF frame that restores to background color, do not fill identical pixels \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7788\"\u003e#7788\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed reading PNG iCCP compression method \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7823\"\u003e#7823\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAllow writing IFDRational to UNDEFINED tag \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7840\"\u003e#7840\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix logged tag name when loading Exif data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7842\"\u003e#7842\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse maximum frame size in IHDR chunk when saving APNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7821\"\u003e#7821\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePrevent opening P TGA images without a palette \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7797\"\u003e#7797\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse palette when loading ICO images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7798\"\u003e#7798\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse consistent arguments for load_read and load_seek \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7713\"\u003e#7713\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eTurn off nullability warnings for macOS SDK \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7827\"\u003e#7827\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix shift-sign issue in Convert.c \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7838\"\u003e#7838\u003c/a\u003e [\u003ca href=\"https://github.com/r-barnes\"\u003e\u003ccode\u003e@​r-barnes\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ewinbuild: Refactor dependency versions into constants \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7843\"\u003e#7843\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eBuild macOS arm64 wheels natively \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7852\"\u003e#7852\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed typo \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7855\"\u003e#7855\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eOpen 16-bit grayscale PNGs as I;16 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7849\"\u003e#7849\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle truncated chunks at the end of PNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7709\"\u003e#7709\u003c/a\u003e [\u003ca href=\"https://github.com/lajiyuan\"\u003e\u003ccode\u003e@​lajiyuan\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMatch mask size to pasted image size in GifImagePlugin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7779\"\u003e#7779\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst\"\u003epillow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0 (2024-04-01)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eCVE-2024-28219: Use \u003ccode\u003estrncpy\u003c/code\u003e to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate \u003ccode\u003eeval()\u003c/code\u003e, replacing it with \u003ccode\u003elambda_eval()\u003c/code\u003e and \u003ccode\u003eunsafe_eval()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise \u003ccode\u003eValueError\u003c/code\u003e if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003e--report\u003c/code\u003e argument to \u003ccode\u003e__main__.py\u003c/code\u003e to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e\n[nulano, radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded RGB to I;16, I;16L, I;16B and I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e\n[nulano, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e\n[Yay295, hugovk, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e\n[scaramallion, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5c89d88eee199ba53f64581ea39b6a1bc52feb1a\"\u003e\u003ccode\u003e5c89d88\u003c/code\u003e\u003c/a\u003e 10.3.0 version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/63cbfcfdea2d163ec93bae8d283fcfe4b73b5dc7\"\u003e\u003ccode\u003e63cbfcf\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2776126aa9af322b416eaca247f4f8ebefd08128\"\u003e\u003ccode\u003e2776126\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e from python-pillow/lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/aeb51cbb169eb3285818ba1390ddf2771d897e6e\"\u003e\u003ccode\u003eaeb51cb\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5beb0b66648db8b542bb5260eed79b25e33d643b\"\u003e\u003ccode\u003e5beb0b6\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cac6ffa7b399ea79b6239984d1307056a0b19af2\"\u003e\u003ccode\u003ecac6ffa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e from python-pillow/imagemath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/f5eeeacf7539eaa0d93a677d7666bc7c142c8d1c\"\u003e\u003ccode\u003ef5eeeac\u003c/code\u003e\u003c/a\u003e Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/facf3af93dabcbdd8cdbda8c3b50eefafa3bb04c\"\u003e\u003ccode\u003efacf3af\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061\"\u003e\u003ccode\u003e2a93aba\u003c/code\u003e\u003c/a\u003e Use strncpy to avoid buffer overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/a670597bc30e9d489656fc9d807170b8f3d7ca57\"\u003e\u003ccode\u003ea670597\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-pillow/Pillow/compare/10.0.1...10.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eventlet` from 0.33.3 to 0.40.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eventlet/eventlet/blob/master/NEWS\"\u003eeventlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.40.3\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[SECURITY] Fix request smuggling vulnerability by discarding trailers (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1062\"\u003e#1062\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.2\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility issues identified with Python 3.14 on Linux (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1058\"\u003e#1058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake database removal safer with IF EXISTS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1056\"\u003e#1056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare jobs and CI/CD for python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1055\"\u003e#1055\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] \u0026quot;Fix\u0026quot; fork() so it \u0026quot;works\u0026quot; on Python 3.13, and \u0026quot;works\u0026quot; better on older Python versions (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1047\"\u003e#1047\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eBehavior change: threads created by eventlet.green.threading.Thread and threading.Thead will be visible across both modules if monkey patching was used. Previously each module would only list threads created in that module.\u003c/li\u003e\n\u003cli\u003eBug fix: after fork(), greenlet threads are correctly listed in threading.enumerate() if monkey patching was used. You should not use fork()-without-execve().\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e[fix] Fix patching of removed URLopener class in Python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1053\"\u003e#1053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] ReferenceError except while count rlock (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1042\"\u003e#1042\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Replace deprecated datetime.utcfromtimestamp (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1050\"\u003e#1050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix][env] Remove duplicate steps (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1049\"\u003e#1049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Replace deprecated datetime.datetime.utcnow (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1046\"\u003e#1046\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Fix ssl test when linking against openssl 3.5 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1034\"\u003e#1034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop support Python 3.8 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1021\"\u003e#1021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[doc] Various doc updates (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/981\"\u003e#981\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1033\"\u003e#1033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[env] Drop PyPy support (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1035\"\u003e#1035\u003c/a\u003e \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1037\"\u003e#1037\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.39.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Make LightQueue and derivatives subscriptable (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1027\"\u003e#1027\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.39.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Remove monotonic from requirements (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1018\"\u003e#1018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] wsgi: Clean up some override logic (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/999\"\u003e#999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Correct line lookup from inspect.getsourcelines() (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/990\"\u003e#990\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop support of Python 3.7 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/967\"\u003e#967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Calling eventlet.sleep(0) isn't really blocking, so don't blow up (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1015\"\u003e#1015\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.38.2\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/b0d913362108941a3e71cba2b94a647ed3307a44\"\u003e\u003ccode\u003eb0d9133\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.40.3 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1064\"\u003e#1064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/0bfebd1117d392559e25b4bfbfcc941754de88fb\"\u003e\u003ccode\u003e0bfebd1\u003c/code\u003e\u003c/a\u003e [SECURITY] Fix request smuggling vulnerability by discarding trailers (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1062\"\u003e#1062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/e073b83f4569c07bc71d8f2176b557e75fba1f38\"\u003e\u003ccode\u003ee073b83\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.40.2 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1060\"\u003e#1060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/06d9572b9b92178a0d4accbc9d6b40b1d02add6f\"\u003e\u003ccode\u003e06d9572\u003c/code\u003e\u003c/a\u003e Fix tests on Python 3.14 on Linux (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1058\"\u003e#1058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/d4d5b8f9ee3429c844bbebf41a74a1d3f7caa185\"\u003e\u003ccode\u003ed4d5b8f\u003c/code\u003e\u003c/a\u003e Make database removal safer with IF EXISTS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1056\"\u003e#1056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/2f217ca6c120c91bed0964d0d9b55ec7c1538193\"\u003e\u003ccode\u003e2f217ca\u003c/code\u003e\u003c/a\u003e Prepare jobs and CI/CD for python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1055\"\u003e#1055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/d1e7a94643663225...\n\n_Description has been truncated_","html_url":"https://github.com/offsoc/jumpserver/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsoc%2Fjumpserver/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"2783270147","node_id":"PR_kwDOAxHU6M6l5VUD","number":8888,"state":"closed","title":"Bump pycryptodomex from 3.19.0 to 3.23.0","user":"dependabot[bot]","labels":["dependency update"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-21T07:08:03.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-29T00:06:36.000Z","updated_at":"2025-09-21T07:08:03.000Z","time_to_close":2012487,"merged_at":"2025-09-21T07:08:03.000Z","merged_by":"Harmon758","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"pycryptodomex","old_version":"3.19.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.19.0 to 3.23.0.\r\n\u003cdetails\u003e\r\n\u003csummary\u003eRelease notes\u003c/summary\u003e\r\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\r\n\u003cblockquote\u003e\r\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\r\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\r\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\r\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\r\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\r\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eOther changes\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003ev3.21.0 - Bourdeaux\u003c/h2\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\r\nthe GMP library will not be used even if detected.\u003c/li\u003e\r\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\r\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\r\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\r\nwith the canonical name of the curve.\u003c/li\u003e\r\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\r\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\r\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\r\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\r\ncontain any of the optional elements\r\n(parameters [0] and publicKey[1]).\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eOther changes\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eRemove support for Python 3.5.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003c!-- raw HTML omitted --\u003e\r\n\u003c/blockquote\u003e\r\n\u003cp\u003e... (truncated)\u003c/p\u003e\r\n\u003c/details\u003e\r\n\u003cdetails\u003e\r\n\u003csummary\u003eChangelog\u003c/summary\u003e\r\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\r\n\u003cblockquote\u003e\r\n\u003cp\u003e3.23.0 (17 May 2025)\r\n++++++++++++++++++++++++++\u003c/p\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\r\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\r\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003cp\u003e3.22.0 (16 March 2025)\r\n++++++++++++++++++++++++++\u003c/p\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\r\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\r\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\r\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eOther changes\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003cp\u003e3.21.0 (30 September 2024)\r\n++++++++++++++++++++++++++\u003c/p\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\r\nthe GMP library will not be used even if detected.\u003c/li\u003e\r\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\r\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\r\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\r\nwith the canonical name of the curve.\u003c/li\u003e\r\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\r\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\r\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\r\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003c!-- raw HTML omitted --\u003e\r\n\u003c/blockquote\u003e\r\n\u003cp\u003e... (truncated)\u003c/p\u003e\r\n\u003c/details\u003e\r\n\u003cdetails\u003e\r\n\u003csummary\u003eCommits\u003c/summary\u003e\r\n\u003cul\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\r\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.19.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003c/details\u003e\r\n\u003cbr /\u003e\r\n\r\n\r\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.19.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n\u003cdetails\u003e\r\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\r\n\u003cbr /\u003e\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\r\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\r\n\r\n\r\n\u003c/details\u003e\r\n\r\nResolves #8554 ","html_url":"https://github.com/Harmon758/Harmonbot/pull/8888","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Harmon758%2FHarmonbot/issues/8888","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8888/packages"},{"uuid":"2767795310","node_id":"PR_kwDOGeCA4s6k-TRu","number":3,"state":"open","title":"build(deps): bump pycryptodomex from 3.11.0 to 3.19.1 in /images/hub","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-22T23:56:47.000Z","updated_at":"2025-08-22T23:56:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"pycryptodomex","old_version":"3.11.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":"/images/hub","ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.11.0 to 3.19.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.18.0 - Trier\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for DER BOOLEAN encodings.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/p\u003e\n\u003cp\u003eResolved issues\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.17.0 - Stuttgart\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.16.0 - Ravensburg\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBuild wheels for musl Linux. Thanks to Ben Raz.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#639: ARC4 now also works with 'keys' as short as 8 bits.\u003c/li\u003e\n\u003cli\u003eGH#669: fix segfaults when running in a manylinux2010 i686 image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.18.0 (18 May 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for DER BOOLEAN encodings.\u003c/li\u003e\n\u003cli\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.17.0 (29 January 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the Counter Mode KDF defined in SP 800-108 Rev 1.\u003c/li\u003e\n\u003cli\u003eReduce the minimum tag length for the EAX cipher to 2 bytes.\u003c/li\u003e\n\u003cli\u003eAn RSA object has 4 new properties for the CRT coefficients:\n\u003ccode\u003edp\u003c/code\u003e, \u003ccode\u003edq\u003c/code\u003e, \u003ccode\u003einvq\u003c/code\u003e and \u003ccode\u003einvq\u003c/code\u003e (\u003ccode\u003einvp\u003c/code\u003e is the same value\nas the existing \u003ccode\u003eu\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.11.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.11.0\u0026new-version=3.19.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/etamong/zero-to-jupyterhub-k8s/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/etamong/zero-to-jupyterhub-k8s/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/etamong%2Fzero-to-jupyterhub-k8s/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"2767781254","node_id":"PR_kwDOMFk6Zc6k-P2G","number":5,"state":"open","title":"Bump the pip group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-22T23:45:01.000Z","updated_at":"2025-08-22T23:45:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":5,"packages":[{"name":"dnspython","old_version":"2.2.0","new_version":"2.6.1","repository_url":"https://github.com/rthalley/dnspython"},{"name":"future","old_version":"0.18.2","new_version":"1.0.0","repository_url":"https://github.com/PythonCharmers/python-future"},{"name":"jinja2","old_version":"3.0.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"pycryptodomex","old_version":"3.14.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"setuptools","old_version":"65.6.3","new_version":"78.1.1","repository_url":"https://github.com/pypa/setuptools"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.2.0` | `2.6.1` |\n| [future](https://github.com/PythonCharmers/python-future) | `0.18.2` | `1.0.0` |\n| [jinja2](https://github.com/pallets/jinja) | `3.0.3` | `3.1.6` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.14.0` | `3.19.1` |\n| [setuptools](https://github.com/pypa/setuptools) | `65.6.3` | `78.1.1` |\n\n\nUpdates `dnspython` from 2.2.0 to 2.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rthalley/dnspython/releases\"\u003ednspython's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ednspython 2.6.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://dnspython.readthedocs.io/en/latest/whatsnew.html\"\u003eWhat's New\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003eThis is a bug fix release for 2.6.0 where the \u0026quot;TuDoor\u0026quot; fix erroneously\nsuppressed legitimate Truncated exceptions.  This caused the stub\nresolver to timeout instead of failing over to TCP when a legitimate\ntruncated response was received over UDP.\u003c/p\u003e\n\u003cp\u003eThis release addresses the potential DoS issue discussed in the\n\u0026quot;TuDoor\u0026quot; paper (CVE-2023-29483).  The dnspython stub resolver is\nvulnerable to a potential DoS if a bad-in-some-way response from the\nright address and port forged by an attacker arrives before a\nlegitimate one on the UDP port dnspython is using for that query.  In\nthis situation, dnspython might switch to querying another resolver or\ngive up entirely, possibly denying service for that resolution.  This\nrelease addresses the issue by adopting the recommended mitigation,\nwhich is ignoring the bad packets and continuing to listen for a\nlegitimate response until the timeout for the query has expired.\u003c/p\u003e\n\u003cp\u003eThank you to all the contributors to this release, and, as usual,\nthanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian\nWellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.6.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://dnspython.readthedocs.io/en/latest/whatsnew.html\"\u003eWhat's New\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003eThis release addresses the potential DoS issue discussed in the \u0026quot;TuDoor\u0026quot; paper (CVE-2023-29483).  The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query.  In this situation, dnspython might switch to querying another resolver or give up entirely, possibly denying service for that resolution.  This release addresses the issue by adopting the recommended mitigation, which is ignoring the bad packets and continuing to listen for a legitimate response until the timeout for the query has expired.\u003c/p\u003e\n\u003cp\u003eThank you to all the contributors to this release, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.5.0\u003c/h2\u003e\n\u003cp\u003eSee the \u003ca href=\"https://dnspython.readthedocs.io/en/stable/whatsnew.html\"\u003eWhat's New\u003c/a\u003e page for a summary of this release.\u003c/p\u003e\n\u003cp\u003eThanks to all the contributors, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.4.2\u003c/h2\u003e\n\u003cp\u003eThis is a bug fix release, see the \u003ca href=\"https://dnspython.readthedocs.io/en/stable/whatsnew.html\"\u003eWhat's New\u003c/a\u003e page in the documentation for a summary.\u003c/p\u003e\n\u003cp\u003eThanks to the people who reported the bugs and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rthalley/dnspython/blob/main/doc/whatsnew.rst\"\u003ednspython's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe Tudoor fix ate legitimate Truncated exceptions, preventing the resolver from\nfailing over to TCP and causing the query to timeout \u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1053\"\u003e#1053\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAs mentioned in the \u0026quot;TuDoor\u0026quot; paper and the associated CVE-2023-29483, the dnspython\nstub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the\nright address and port forged by an attacker arrives before a legitimate one on the\nUDP port dnspython is using for that query.\u003c/p\u003e\n\u003cp\u003eThis release addresses the issue by adopting the recommended mitigation, which is\nignoring the bad packets and continuing to listen for a legitimate response until\nthe timeout for the query has expired.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for the NSID EDNS option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now looks for version metadata for optional packages and will not\nuse them if they are too old.  This prevents possible exceptions when a\nfeature like DoH is not desired in dnspython, but an old httpx is installed\nalong with dnspython for some other purpose.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe DoHNameserver class now allows GET to be used instead of the default POST,\nand also passes source and source_port correctly to the underlying query\nmethods.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now uses hatchling for builds.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAsynchronous destinationless sockets now work on Windows.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCython is no longer supported due to various typing issues.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now explicitly canonicalizes IPv4 and IPv6 addresses.\nPreviously it was possible for non-canonical IPv6 forms to be stored\nin a AAAA address, which would work correctly but possibly cause\nproblmes if the address were used as a key in a dictionary.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe number of messages in a section can be retrieved with\nsection_count().\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eTruncation preferences for messages can be specified.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe length of a message can be automatically prepended when\nrendering.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/0a742b9658977175663dc30da902342a8c2bacac\"\u003e\u003ccode\u003e0a742b9\u003c/code\u003e\u003c/a\u003e update CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2\"\u003e\u003ccode\u003e0ea5ad0\u003c/code\u003e\u003c/a\u003e The Tudoor fix should not eat valid Truncated exceptions \u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1053\"\u003e#1053\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1054\"\u003e#1054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/f12d398a6991dfaad94d7fefaf7e2f55d1fda3cb\"\u003e\u003ccode\u003ef12d398\u003c/code\u003e\u003c/a\u003e 2.6.1 version prep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/cecb8534f61de16aaa1a1a84eaaeb14dfdf67448\"\u003e\u003ccode\u003ececb853\u003c/code\u003e\u003c/a\u003e Further improve CVE fix coverage to 100% for sync and async.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/7952e311d47f6b34f5dc050681001fd34ab60d01\"\u003e\u003ccode\u003e7952e31\u003c/code\u003e\u003c/a\u003e test IgnoreErrors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/e093299a49967696b1c58b68e4767de5031a3e46\"\u003e\u003ccode\u003ee093299\u003c/code\u003e\u003c/a\u003e For the Tudoor fix, we also need the UDP nameserver to ignore_unexpected.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/3af9f78142084fff8523bc96b5f8cfd2b909dc18\"\u003e\u003ccode\u003e3af9f78\u003c/code\u003e\u003c/a\u003e 2.6.0 versioning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/ca63d95143e81975fc3fff4dff87b366dc661371\"\u003e\u003ccode\u003eca63d95\u003c/code\u003e\u003c/a\u003e Require cryptography \u0026gt;=41 instead of 42.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/902cbf3fcb11ddfd8625b4a071fe9f592f6fc753\"\u003e\u003ccode\u003e902cbf3\u003c/code\u003e\u003c/a\u003e Create CODE_OF_CONDUCT.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/ed9795fa9b39c4a12f5a1a9e0eeea4240d1efb07\"\u003e\u003ccode\u003eed9795f\u003c/code\u003e\u003c/a\u003e github contributing and pull request template\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rthalley/dnspython/compare/v2.2.0...v2.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `future` from 0.18.2 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/releases\"\u003efuture's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eThe new version number of 1.0.0 indicates that the python-future project, like\nPython 2, is now done.\u003c/p\u003e\n\u003cp\u003eThe most important change in this release is adding support for Python 3.12\n(ba1cc50 and a6222d2 and bcced95).\u003c/p\u003e\n\u003cp\u003eThis release also includes these fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSmall updates to the docs\u003c/li\u003e\n\u003cli\u003eAdd SECURITY.md describing security policy (0598d1b)\u003c/li\u003e\n\u003cli\u003eFix pasteurize: NameError: name 'unicode' is not defined (de68c10)\u003c/li\u003e\n\u003cli\u003eMove CI to GitHub Actions (8cd11e8)\u003c/li\u003e\n\u003cli\u003eAdd setuptools to requirements for building docs (0c347ff)\u003c/li\u003e\n\u003cli\u003eFix typos in docs (350e87a)\u003c/li\u003e\n\u003cli\u003eMake the fix_unpacking fixer more robust (de68c10)\u003c/li\u003e\n\u003cli\u003eSmall improvements to shell scripts according to shellcheck (6153844)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.18.3\u003c/h2\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/blob/master/docs/changelog.rst\"\u003efuture's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e.. _whats-old:\u003c/p\u003e\n\u003cp\u003eChanges in previous versions\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eChanges in the most recent major version are here: :ref:\u003ccode\u003ewhats-new\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eChanges in version 0.18.3 (2023-01-13)\u003c/h1\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003cli\u003eFix various py26 unit test failures (9ca5a14)\u003c/li\u003e\n\u003cli\u003eAdd initial contributing guide with docs build instruction (e55f915)\u003c/li\u003e\n\u003cli\u003eAdd docs building to tox.ini (3ee9e7f)\u003c/li\u003e\n\u003cli\u003eSupport NumPy's specialized int types in builtins.round (b4b54f0)\u003c/li\u003e\n\u003cli\u003eAdded r\u0026quot;\u0026quot;\u0026quot; to the docstring to avoid warnings in python3 (5f94572)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003esubclasscheck\u003c/strong\u003e for past.types.basestring (c9bc0ff)\u003c/li\u003e\n\u003cli\u003eCorrect example in README (681e78c)\u003c/li\u003e\n\u003cli\u003eAdd simple documentation (6c6e3ae)\u003c/li\u003e\n\u003cli\u003eAdd pre-commit hooks (a9c6a37)\u003c/li\u003e\n\u003cli\u003eHandling of \u003cstrong\u003enext\u003c/strong\u003e and next by future.utils.get_next was reversed (52b0ff9)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/2bdbfa5664241fee622b23590abd3492f973afc9\"\u003e\u003ccode\u003e2bdbfa5\u003c/code\u003e\u003c/a\u003e Tidy up README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a7097f804cd83fe1fd6a50ab088ae1d4ab303246\"\u003e\u003ccode\u003ea7097f8\u003c/code\u003e\u003c/a\u003e Update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/e32250e67423aaf4fbccd332be8a40fdcdba2711\"\u003e\u003ccode\u003ee32250e\u003c/code\u003e\u003c/a\u003e Update docs pointing to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/dde60ad4c9857a11b9f54e8ae671aacde703e71a\"\u003e\u003ccode\u003edde60ad\u003c/code\u003e\u003c/a\u003e Move old \u0026quot;What's New\u0026quot; entries to the change log\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/b2ea4204fc269ede619526c7753c0fa6579d5d0d\"\u003e\u003ccode\u003eb2ea420\u003c/code\u003e\u003c/a\u003e Remove hacky logo from docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a10a78bbd2921a4deaa423bdf5712acf9eb8d5a4\"\u003e\u003ccode\u003ea10a78b\u003c/code\u003e\u003c/a\u003e Update \u0026quot;What's New\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/9f8763032b4ac1dbe043db363feae26fe6d0bacc\"\u003e\u003ccode\u003e9f87630\u003c/code\u003e\u003c/a\u003e Update the FAQ entries on compatibility and contributing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/f4a1f0406b47e8ef91838fcff9d679ee6fe186d9\"\u003e\u003ccode\u003ef4a1f04\u003c/code\u003e\u003c/a\u003e Docs: replace http links with https\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/30c525e1aa6aa5a5a2b5d2ec4769feb00aa7a726\"\u003e\u003ccode\u003e30c525e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/PythonCharmers/python-future\"\u003ehttps://github.com/PythonCharmers/python-future\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/70b36a8a514e45a2582589991be4a2c1fd1944b7\"\u003e\u003ccode\u003e70b36a8\u003c/code\u003e\u003c/a\u003e Disable Python 2.6 CI tests for now\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PythonCharmers/python-future/compare/v0.18.2...v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.0.3 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.0.3...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.14.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.18.0 - Trier\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for DER BOOLEAN encodings.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/p\u003e\n\u003cp\u003eResolved issues\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.17.0 - Stuttgart\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.16.0 - Ravensburg\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBuild wheels for musl Linux. Thanks to Ben Raz.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#639: ARC4 now also works with 'keys' as short as 8 bits.\u003c/li\u003e\n\u003cli\u003eGH#669: fix segfaults when running in a manylinux2010 i686 image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.18.0 (18 May 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for DER BOOLEAN encodings.\u003c/li\u003e\n\u003cli\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.17.0 (29 January 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the Counter Mode KDF defined in SP 800-108 Rev 1.\u003c/li\u003e\n\u003cli\u003eReduce the minimum tag length for the EAX cipher to 2 bytes.\u003c/li\u003e\n\u003cli\u003eAn RSA object has 4 new properties for the CRT coefficients:\n\u003ccode\u003edp\u003c/code\u003e, \u003ccode\u003edq\u003c/code\u003e, \u003ccode\u003einvq\u003c/code\u003e and \u003ccode\u003einvq\u003c/code\u003e (\u003ccode\u003einvp\u003c/code\u003e is the same value\nas the existing \u003ccode\u003eu\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.14.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `setuptools` from 65.6.3 to 78.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/setuptools/blob/main/NEWS.rst\"\u003esetuptools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev78.1.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMore fully sanitized the filename in PackageIndex._download. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4946\"\u003e#4946\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore access to _get_vc_env with a warning. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4874\"\u003e#4874\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.2\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePostponed removals of deprecated dash-separated and uppercase fields in \u003ccode\u003esetup.cfg\u003c/code\u003e.\nAll packages with deprecated configurations are advised to move before 2026. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4911\"\u003e#4911\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.1\u003c/h1\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4909\"\u003e#4909\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.0\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReverted distutils changes that broke the monkey patching of command classes. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4902\"\u003e#4902\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSetuptools no longer accepts options containing uppercase or dash characters in \u003ccode\u003esetup.cfg\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8e4868a036b7fae3208d16cb4e5fe6d63c3752df\"\u003e\u003ccode\u003e8e4868a\u003c/code\u003e\u003c/a\u003e Bump version: 78.1.0 → 78.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/100e9a61ad24d5a147ada57357425a8d40626d09\"\u003e\u003ccode\u003e100e9a6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4951\"\u003e#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8faf1d7e0ca309983252e4f21837b73ee12e960f\"\u003e\u003ccode\u003e8faf1d7\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/2ca4a9fe4758fcd39d771d3d3a5b4840aacebdf7\"\u003e\u003ccode\u003e2ca4a9f\u003c/code\u003e\u003c/a\u003e Rely on re.sub to perform the decision in one expression.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/e409e8002932f2b86aae7b1abc8f8c2ebf96df2c\"\u003e\u003ccode\u003ee409e80\u003c/code\u003e\u003c/a\u003e Extract _sanitize method for sanitizing the filename.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b\"\u003e\u003ccode\u003e250a6d1\u003c/code\u003e\u003c/a\u003e Add a check to ensure the name resolves relative to the tmpdir.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a\"\u003e\u003ccode\u003ed8390fe\u003c/code\u003e\u003c/a\u003e Extract _resolve_download_filename with test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/4e1e89392de5cb405e7844cdc8b20fc2755dbaba\"\u003e\u003ccode\u003e4e1e893\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/3a3144f0d2887fa37c06550f42a101e9eebd953a\"\u003e\u003ccode\u003e3a3144f\u003c/code\u003e\u003c/a\u003e Fix typo: \u003ccode\u003epyproject.license\u003c/code\u003e -\u0026gt; \u003ccode\u003eproject.license\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4931\"\u003e#4931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d751068fd2627d6d8f1729e39cbcd8119049998f\"\u003e\u003ccode\u003ed751068\u003c/code\u003e\u003c/a\u003e Fix typo: pyproject.license -\u0026gt; project.license\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/setuptools/compare/v65.6.3...v78.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/offsoc/bofhound/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/offsoc/bofhound/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsoc%2Fbofhound/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"2767780101","node_id":"PR_kwDOEdIfM86k-PkF","number":6,"state":"open","title":"Bump the pip group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-22T23:44:14.000Z","updated_at":"2025-08-22T23:44:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":7,"packages":[{"name":"cryptography","old_version":"3.3.2","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"dnspython","old_version":"2.0.0","new_version":"2.6.1","repository_url":"https://github.com/rthalley/dnspython"},{"name":"flask","old_version":"1.1.2","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"future","old_version":"0.18.2","new_version":"1.0.0","repository_url":"https://github.com/PythonCharmers/python-future"},{"name":"jinja2","old_version":"2.11.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"pycryptodomex","old_version":"3.9.8","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"werkzeug","old_version":"1.0.1","new_version":"3.0.6","repository_url":"https://github.com/pallets/werkzeug"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [cryptography](https://github.com/pyca/cryptography) | `3.3.2` | `44.0.1` |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.0.0` | `2.6.1` |\n| [flask](https://github.com/pallets/flask) | `1.1.2` | `2.2.5` |\n| [future](https://github.com/PythonCharmers/python-future) | `0.18.2` | `1.0.0` |\n| [jinja2](https://github.com/pallets/jinja) | `2.11.3` | `3.1.6` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.9.8` | `3.19.1` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `1.0.1` | `3.0.6` |\n\n\nUpdates `cryptography` from 3.3.2 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/3.3.2...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dnspython` from 2.0.0 to 2.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rthalley/dnspython/releases\"\u003ednspython's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ednspython 2.6.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://dnspython.readthedocs.io/en/latest/whatsnew.html\"\u003eWhat's New\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003eThis is a bug fix release for 2.6.0 where the \u0026quot;TuDoor\u0026quot; fix erroneously\nsuppressed legitimate Truncated exceptions.  This caused the stub\nresolver to timeout instead of failing over to TCP when a legitimate\ntruncated response was received over UDP.\u003c/p\u003e\n\u003cp\u003eThis release addresses the potential DoS issue discussed in the\n\u0026quot;TuDoor\u0026quot; paper (CVE-2023-29483).  The dnspython stub resolver is\nvulnerable to a potential DoS if a bad-in-some-way response from the\nright address and port forged by an attacker arrives before a\nlegitimate one on the UDP port dnspython is using for that query.  In\nthis situation, dnspython might switch to querying another resolver or\ngive up entirely, possibly denying service for that resolution.  This\nrelease addresses the issue by adopting the recommended mitigation,\nwhich is ignoring the bad packets and continuing to listen for a\nlegitimate response until the timeout for the query has expired.\u003c/p\u003e\n\u003cp\u003eThank you to all the contributors to this release, and, as usual,\nthanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian\nWellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.6.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://dnspython.readthedocs.io/en/latest/whatsnew.html\"\u003eWhat's New\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003eThis release addresses the potential DoS issue discussed in the \u0026quot;TuDoor\u0026quot; paper (CVE-2023-29483).  The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query.  In this situation, dnspython might switch to querying another resolver or give up entirely, possibly denying service for that resolution.  This release addresses the issue by adopting the recommended mitigation, which is ignoring the bad packets and continuing to listen for a legitimate response until the timeout for the query has expired.\u003c/p\u003e\n\u003cp\u003eThank you to all the contributors to this release, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.5.0\u003c/h2\u003e\n\u003cp\u003eSee the \u003ca href=\"https://dnspython.readthedocs.io/en/stable/whatsnew.html\"\u003eWhat's New\u003c/a\u003e page for a summary of this release.\u003c/p\u003e\n\u003cp\u003eThanks to all the contributors, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.4.2\u003c/h2\u003e\n\u003cp\u003eThis is a bug fix release, see the \u003ca href=\"https://dnspython.readthedocs.io/en/stable/whatsnew.html\"\u003eWhat's New\u003c/a\u003e page in the documentation for a summary.\u003c/p\u003e\n\u003cp\u003eThanks to the people who reported the bugs and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rthalley/dnspython/blob/main/doc/whatsnew.rst\"\u003ednspython's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe Tudoor fix ate legitimate Truncated exceptions, preventing the resolver from\nfailing over to TCP and causing the query to timeout \u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1053\"\u003e#1053\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAs mentioned in the \u0026quot;TuDoor\u0026quot; paper and the associated CVE-2023-29483, the dnspython\nstub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the\nright address and port forged by an attacker arrives before a legitimate one on the\nUDP port dnspython is using for that query.\u003c/p\u003e\n\u003cp\u003eThis release addresses the issue by adopting the recommended mitigation, which is\nignoring the bad packets and continuing to listen for a legitimate response until\nthe timeout for the query has expired.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for the NSID EDNS option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now looks for version metadata for optional packages and will not\nuse them if they are too old.  This prevents possible exceptions when a\nfeature like DoH is not desired in dnspython, but an old httpx is installed\nalong with dnspython for some other purpose.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe DoHNameserver class now allows GET to be used instead of the default POST,\nand also passes source and source_port correctly to the underlying query\nmethods.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now uses hatchling for builds.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAsynchronous destinationless sockets now work on Windows.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCython is no longer supported due to various typing issues.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now explicitly canonicalizes IPv4 and IPv6 addresses.\nPreviously it was possible for non-canonical IPv6 forms to be stored\nin a AAAA address, which would work correctly but possibly cause\nproblmes if the address were used as a key in a dictionary.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe number of messages in a section can be retrieved with\nsection_count().\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eTruncation preferences for messages can be specified.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe length of a message can be automatically prepended when\nrendering.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/0a742b9658977175663dc30da902342a8c2bacac\"\u003e\u003ccode\u003e0a742b9\u003c/code\u003e\u003c/a\u003e update CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2\"\u003e\u003ccode\u003e0ea5ad0\u003c/code\u003e\u003c/a\u003e The Tudoor fix should not eat valid Truncated exceptions \u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1053\"\u003e#1053\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1054\"\u003e#1054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/f12d398a6991dfaad94d7fefaf7e2f55d1fda3cb\"\u003e\u003ccode\u003ef12d398\u003c/code\u003e\u003c/a\u003e 2.6.1 version prep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/cecb8534f61de16aaa1a1a84eaaeb14dfdf67448\"\u003e\u003ccode\u003ececb853\u003c/code\u003e\u003c/a\u003e Further improve CVE fix coverage to 100% for sync and async.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/7952e311d47f6b34f5dc050681001fd34ab60d01\"\u003e\u003ccode\u003e7952e31\u003c/code\u003e\u003c/a\u003e test IgnoreErrors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/e093299a49967696b1c58b68e4767de5031a3e46\"\u003e\u003ccode\u003ee093299\u003c/code\u003e\u003c/a\u003e For the Tudoor fix, we also need the UDP nameserver to ignore_unexpected.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/3af9f78142084fff8523bc96b5f8cfd2b909dc18\"\u003e\u003ccode\u003e3af9f78\u003c/code\u003e\u003c/a\u003e 2.6.0 versioning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/ca63d95143e81975fc3fff4dff87b366dc661371\"\u003e\u003ccode\u003eca63d95\u003c/code\u003e\u003c/a\u003e Require cryptography \u0026gt;=41 instead of 42.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/902cbf3fcb11ddfd8625b4a071fe9f592f6fc753\"\u003e\u003ccode\u003e902cbf3\u003c/code\u003e\u003c/a\u003e Create CODE_OF_CONDUCT.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/ed9795fa9b39c4a12f5a1a9e0eeea4240d1efb07\"\u003e\u003ccode\u003eed9795f\u003c/code\u003e\u003c/a\u003e github contributing and pull request template\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rthalley/dnspython/compare/v2.0.0...v2.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 1.1.2 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/1.1.2...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `future` from 0.18.2 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/releases\"\u003efuture's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eThe new version number of 1.0.0 indicates that the python-future project, like\nPython 2, is now done.\u003c/p\u003e\n\u003cp\u003eThe most important change in this release is adding support for Python 3.12\n(ba1cc50 and a6222d2 and bcced95).\u003c/p\u003e\n\u003cp\u003eThis release also includes these fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSmall updates to the docs\u003c/li\u003e\n\u003cli\u003eAdd SECURITY.md describing security policy (0598d1b)\u003c/li\u003e\n\u003cli\u003eFix pasteurize: NameError: name 'unicode' is not defined (de68c10)\u003c/li\u003e\n\u003cli\u003eMove CI to GitHub Actions (8cd11e8)\u003c/li\u003e\n\u003cli\u003eAdd setuptools to requirements for building docs (0c347ff)\u003c/li\u003e\n\u003cli\u003eFix typos in docs (350e87a)\u003c/li\u003e\n\u003cli\u003eMake the fix_unpacking fixer more robust (de68c10)\u003c/li\u003e\n\u003cli\u003eSmall improvements to shell scripts according to shellcheck (6153844)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.18.3\u003c/h2\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/blob/master/docs/changelog.rst\"\u003efuture's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e.. _whats-old:\u003c/p\u003e\n\u003cp\u003eChanges in previous versions\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eChanges in the most recent major version are here: :ref:\u003ccode\u003ewhats-new\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eChanges in version 0.18.3 (2023-01-13)\u003c/h1\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003cli\u003eFix various py26 unit test failures (9ca5a14)\u003c/li\u003e\n\u003cli\u003eAdd initial contributing guide with docs build instruction (e55f915)\u003c/li\u003e\n\u003cli\u003eAdd docs building to tox.ini (3ee9e7f)\u003c/li\u003e\n\u003cli\u003eSupport NumPy's specialized int types in builtins.round (b4b54f0)\u003c/li\u003e\n\u003cli\u003eAdded r\u0026quot;\u0026quot;\u0026quot; to the docstring to avoid warnings in python3 (5f94572)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003esubclasscheck\u003c/strong\u003e for past.types.basestring (c9bc0ff)\u003c/li\u003e\n\u003cli\u003eCorrect example in README (681e78c)\u003c/li\u003e\n\u003cli\u003eAdd simple documentation (6c6e3ae)\u003c/li\u003e\n\u003cli\u003eAdd pre-commit hooks (a9c6a37)\u003c/li\u003e\n\u003cli\u003eHandling of \u003cstrong\u003enext\u003c/strong\u003e and next by future.utils.get_next was reversed (52b0ff9)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/2bdbfa5664241fee622b23590abd3492f973afc9\"\u003e\u003ccode\u003e2bdbfa5\u003c/code\u003e\u003c/a\u003e Tidy up README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a7097f804cd83fe1fd6a50ab088ae1d4ab303246\"\u003e\u003ccode\u003ea7097f8\u003c/code\u003e\u003c/a\u003e Update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/e32250e67423aaf4fbccd332be8a40fdcdba2711\"\u003e\u003ccode\u003ee32250e\u003c/code\u003e\u003c/a\u003e Update docs pointing to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/dde60ad4c9857a11b9f54e8ae671aacde703e71a\"\u003e\u003ccode\u003edde60ad\u003c/code\u003e\u003c/a\u003e Move old \u0026quot;What's New\u0026quot; entries to the change log\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/b2ea4204fc269ede619526c7753c0fa6579d5d0d\"\u003e\u003ccode\u003eb2ea420\u003c/code\u003e\u003c/a\u003e Remove hacky logo from docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a10a78bbd2921a4deaa423bdf5712acf9eb8d5a4\"\u003e\u003ccode\u003ea10a78b\u003c/code\u003e\u003c/a\u003e Update \u0026quot;What's New\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/9f8763032b4ac1dbe043db363feae26fe6d0bacc\"\u003e\u003ccode\u003e9f87630\u003c/code\u003e\u003c/a\u003e Update the FAQ entries on compatibility and contributing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/f4a1f0406b47e8ef91838fcff9d679ee6fe186d9\"\u003e\u003ccode\u003ef4a1f04\u003c/code\u003e\u003c/a\u003e Docs: replace http links with https\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/30c525e1aa6aa5a5a2b5d2ec4769feb00aa7a726\"\u003e\u003ccode\u003e30c525e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/PythonCharmers/python-future\"\u003ehttps://github.com/PythonCharmers/python-future\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/70b36a8a514e45a2582589991be4a2c1fd1944b7\"\u003e\u003ccode\u003e70b36a8\u003c/code\u003e\u003c/a\u003e Disable Python 2.6 CI tests for now\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PythonCharmers/python-future/compare/v0.18.2...v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.11.3 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.11.3...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.9.8 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.18.0 - Trier\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for DER BOOLEAN encodings.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/p\u003e\n\u003cp\u003eResolved issues\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.17.0 - Stuttgart\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.16.0 - Ravensburg\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBuild wheels for musl Linux. Thanks to Ben Raz.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#639: ARC4 now also works with 'keys' as short as 8 bits.\u003c/li\u003e\n\u003cli\u003eGH#669: fix segfaults when running in a manylinux2010 i686 image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.18.0 (18 May 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for DER BOOLEAN encodings.\u003c/li\u003e\n\u003cli\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.17.0 (29 January 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the Counter Mode KDF defined in SP 800-108 Rev 1.\u003c/li\u003e\n\u003cli\u003eReduce the minimum tag length for the EAX cipher to 2 bytes.\u003c/li\u003e\n\u003cli\u003eAn RSA object has 4 new properties for the CRT coefficients:\n\u003ccode\u003edp\u003c/code\u003e, \u003ccode\u003edq\u003c/code\u003e, \u003ccode\u003einvq\u003c/code\u003e and \u003ccode\u003einvq\u003c/code\u003e (\u003ccode\u003einvp\u003c/code\u003e is the same value\nas the existing \u003ccode\u003eu\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.9.8...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `werkzeug` from 1.0.1 to 3.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/releases\"\u003ewerkzeug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.6\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.6 security fix release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.6/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix how \u003ccode\u003emax_form_memory_size\u003c/code\u003e is applied when parsing large non-file fields. \u003ca href=\"https://github.com/advisories/GHSA-q34m-jh98-gwm2\"\u003eGHSA-q34m-jh98-gwm2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e catches certain paths on Windows that were not caught by \u003ccode\u003entpath.isabs\u003c/code\u003e on Python \u0026lt; 3.11. \u003ca href=\"https://github.com/advisories/GHSA-f9vj-2wh5-fj8j\"\u003eGHSA-f9vj-2wh5-fj8j\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.5\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.5 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.5/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/37?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/37?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Watchdog reloader ignores file closed no write events. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2945\"\u003e#2945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLogging works with client addresses containing an IPv6 scope. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2952\"\u003e#2952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore invalid authorization parameters. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2955\"\u003e#2955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove type annotation fore \u003ccode\u003eSharedDataMiddleware\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2958\"\u003e#2958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCompatibility with Python 3.13 when generating debugger pin and the current UID does not have an associated name. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2957\"\u003e#2957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.4\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.4/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4\"\u003ehttps://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/36?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore behavior where parsing \u003ccode\u003emultipart/x-www-form-urlencoded\u003c/code\u003e data with\ninvalid UTF-8 bytes in the body results in no form data parsed rather than a\n413 error. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2930\"\u003e#2930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove \u003ccode\u003eparse_options_header\u003c/code\u003e performance when parsing unterminated\nquoted string values. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2904\"\u003e#2904\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth is synchronized across threads/processes when tracking\nfailed entries. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2916\"\u003e#2916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDev server handles unexpected \u003ccode\u003eSSLEOFError\u003c/code\u003e due to issue in Python \u0026lt; 3.13.\n\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2926\"\u003e#2926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth works when the URL already contains a query string.\n\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2918\"\u003e#2918\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.3 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.3/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3\"\u003ehttps://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/35?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/35?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOnly allow \u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. GHSA-2g68-c3qc-8985\u003c/li\u003e\n\u003cli\u003eMake reloader more robust when \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e is in \u003ccode\u003esys.path\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2823\"\u003e#2823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/blob/main/CHANGES.rst\"\u003ewerkzeug's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.0.6\u003c/h2\u003e\n\u003cp\u003eReleased 2024-10-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix how \u003ccode\u003emax_form_memory_size\u003c/code\u003e is applied when parsing large non-file\nfields. :ghsa:\u003ccode\u003eq34m-jh98-gwm2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e catches certain paths on Windows that were not caught by\n\u003ccode\u003entpath.isabs\u003c/code\u003e on Python \u0026lt; 3.11. :ghsa:\u003ccode\u003ef9vj-2wh5-fj8j\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-10-24\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Watchdog reloader ignores file closed no write events. :issue:\u003ccode\u003e2945\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eLogging works with client addresses containing an IPv6 scope :issue:\u003ccode\u003e2952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eIgnore invalid authorization parameters. :issue:\u003ccode\u003e2955\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove type annotation fore \u003ccode\u003eSharedDataMiddleware\u003c/code\u003e. :issue:\u003ccode\u003e2958\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCompatibility with Python 3.13 when generating debugger pin and the current\nUID does not have an associated name. :issue:\u003ccode\u003e2957\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.4\u003c/h2\u003e\n\u003cp\u003eReleased 2024-08-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore behavior where parsing \u003ccode\u003emultipart/x-www-form-urlencoded\u003c/code\u003e data with\ninvalid UTF-8 bytes in the body results in no form data parsed rather than a\n413 error. :issue:\u003ccode\u003e2930\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove \u003ccode\u003eparse_options_header\u003c/code\u003e performance when parsing unterminated\nquoted string values. :issue:\u003ccode\u003e2904\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth is synchronized across threads/processes when tracking\nfailed entries. :issue:\u003ccode\u003e2916\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDev server handles unexpected \u003ccode\u003eSSLEOFError\u003c/code\u003e due to issue in Python \u0026lt; 3.13.\n:issue:\u003ccode\u003e2926\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth works when the URL already contains a query string.\n:issue:\u003ccode\u003e2918\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.3\u003c/h2\u003e\n\u003cp\u003eReleased 2024-05-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOnly allow \u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, or the specified\nhostname when running the dev server, to make debugger requests. Additional\nhosts can be added by using the debugger middleware directly. The debugger\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/5eaefc3996aa5cc8c5237d8b82f1b89eed6ea624\"\u003e\u003ccode\u003e5eaefc3\u003c/code\u003e\u003c/a\u003e release version 3.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092\"\u003e\u003ccode\u003e2767bcb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/87cc78a25f782f8c59fbde786840a00cf0d09b3d\"\u003e\u003ccode\u003e87cc78a\u003c/code\u003e\u003c/a\u003e catch special absolute path on Windows Python \u0026lt; 3.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/50cfeebcb0727e18cc52ffbeb125f4a66551179b\"\u003e\u003ccode\u003e50cfeeb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8760275afb72bd10b57d92cb4d52abf759b2f3a7\"\u003e\u003ccode\u003e8760275\u003c/code\u003e\u003c/a\u003e apply max_form_memory_size another level up in the parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8d6a12e2af542a553853c870d106884a3cd1f73b\"\u003e\u003ccode\u003e8d6a12e\u003c/code\u003e\u003c/a\u003e start version 3.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/a7b121abc781b9a6557ca204f23247db654d0253\"\u003e\u003ccode\u003ea7b121a\u003c/code\u003e\u003c/a\u003e release version 3.0.5 (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2961\"\u003e#2961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/9caf72ac060181a3171d91fd12279e071df430ca\"\u003e\u003ccode\u003e9caf72a\u003c/code\u003e\u003c/a\u003e release version 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/e28a2451e99457ce71e460af276a02f27a3bdba1\"\u003e\u003ccode\u003ee28a245\u003c/code\u003e\u003c/a\u003e catch OSError from getpass.getuser (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2960\"\u003e#2960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/e6b4cce97eef17716004625bcf6754fa930f2618\"\u003e\u003ccode\u003ee6b4cce\u003c/code\u003e\u003c/a\u003e catch OSError from getpass.getuser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/werkzeug/compare/1.0.1...3.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/H1d3r/CVE-2020-1473/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/H1d3r/CVE-2020-1473/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/H1d3r%2FCVE-2020-1473/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"2717153662","node_id":"PR_kwDOPX3G1c6h9Hl-","number":5,"state":"open","title":"Bump pycryptodomex from 3.22.0 to 3.23.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-04T08:27:29.000Z","updated_at":"2025-08-04T08:27:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"pycryptodomex","old_version":"3.22.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.22.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.22.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.22.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eva57gr/Som-AI/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eva57gr%2FSom-AI/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"3281971580","node_id":"PR_kwDOBn3TTM6hnePl","number":7185,"state":"open","title":"Bump pycryptodomex from 3.21.0 to 3.23.0","user":"dependabot[bot]","labels":["stale","dependencies","python"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-31T23:15:18.000Z","updated_at":"2025-09-06T12:01:30.231Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"pycryptodomex","old_version":"3.21.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.21.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.21.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.21.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hypothesis/lms/pull/7185","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hypothesis%2Flms/issues/7185","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7185/packages"},{"uuid":"3274330835","node_id":"PR_kwDOFZ_7pM6hNx2Q","number":3578,"state":"open","title":"chore(deps): bump the pip group across 7 directories with 12 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-29T16:54:22.000Z","updated_at":"2025-09-08T16:36:11.289Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":12,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 3 updates in the /api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [pydantic](https://github.com/pydantic/pydantic).\nBumps the pip group with 3 updates in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [pydantic](https://github.com/pydantic/pydantic).\nBumps the pip group with 7 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.5.0` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 1 update in the /ee/quickwit directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 7 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.5.0` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.6.3` | `2.11.7` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.1.0` |\n| [apache-airflow](https://github.com/apache/airflow) | `2.8.2` | `2.10.3` |\n\nBumps the pip group with 1 update in the /ee/recommendation/ml_trainer directory: [apache-airflow](https://github.com/apache/airflow).\n\nUpdates `urllib3` from 2.3.0 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.10.6 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.10.6...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.3.0 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.10.6 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.10.6...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke Wh...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/3578","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/3578","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3578/packages"}],"issue_packages":[{"old_version":"3.22.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2026-05-26T23:33:44.000Z","version_change":"3.22.0 → 3.23.0","issue":{"uuid":"4528230982","node_id":"PR_kwDOSn3wsM7fnM-p","number":5,"state":"open","title":"Bump the minor-update group with 145 updates","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T23:33:44.000Z","updated_at":"2026-05-26T23:33:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"minor-update","update_count":145,"packages":[{"name":"regex","old_version":"2026.2.28","new_version":"2026.5.9","repository_url":"https://github.com/mrabarnett/mrab-regex"},{"name":"requests","old_version":"2.32.3","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"transformers","old_version":"5.5.3","new_version":"5.9.0","repository_url":"https://github.com/huggingface/transformers"},{"name":"tokenizers","old_version":"0.22.2","new_version":"0.23.1","repository_url":"https://github.com/huggingface/tokenizers"},{"name":"fastapi","old_version":"0.128.0","new_version":"0.136.3","repository_url":"https://github.com/fastapi/fastapi"},{"name":"pydantic","old_version":"2.12.0","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"prometheus-client","old_version":"0.22.0","new_version":"0.25.0","repository_url":"https://github.com/prometheus/client_python"},{"name":"tiktoken","old_version":"0.12.0","new_version":"0.13.0","repository_url":"https://github.com/openai/tiktoken"},{"name":"lark","old_version":"1.2.2","new_version":"1.3.1","repository_url":"https://github.com/lark-parser/lark"},{"name":"filelock","old_version":"3.16.1","new_version":"3.29.0","repository_url":"https://github.com/tox-dev/py-filelock"},{"name":"opentelemetry-sdk","old_version":"1.35.0","new_version":"1.42.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-api","old_version":"1.35.0","new_version":"1.42.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"tblib","old_version":"3.1.0","new_version":"3.2.2","repository_url":"https://github.com/ionelmc/python-tblib"},{"name":"absl-py","old_version":"2.1.0","new_version":"2.4.0","repository_url":"https://github.com/abseil/abseil-py"},{"name":"alembic","old_version":"1.16.4","new_version":"1.18.4","repository_url":"https://github.com/sqlalchemy/alembic"},{"name":"anyio","old_version":"4.6.2.post1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"argcomplete","old_version":"3.5.1","new_version":"3.6.3","repository_url":"https://github.com/kislyuk/argcomplete"},{"name":"arrow","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/arrow-py/arrow"},{"name":"audioread","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/beetbox/audioread"},{"name":"azure-core","old_version":"1.38.2","new_version":"1.41.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"azure-storage-blob","old_version":"12.28.0","new_version":"12.29.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"blobfile","old_version":"3.0.0","new_version":"3.2.0","repository_url":"https://github.com/blobfile/blobfile"},{"name":"bm25s","old_version":"0.2.13","new_version":"0.3.9","repository_url":"https://github.com/xhluca/bm25s"},{"name":"boto3","old_version":"1.35.57","new_version":"1.43.15","repository_url":"https://github.com/boto/boto3"},{"name":"botocore","old_version":"1.35.57","new_version":"1.43.15","repository_url":"https://github.com/boto/botocore"},{"name":"click","old_version":"8.1.7","new_version":"8.4.1","repository_url":"https://github.com/pallets/click"},{"name":"coverage","old_version":"7.10.6","new_version":"7.14.1","repository_url":"https://github.com/coveragepy/coveragepy"},{"name":"cramjam","old_version":"2.9.0","new_version":"2.11.0","repository_url":"https://github.com/milesgranger/pyrus-cramjam"},{"name":"cuda-bindings","old_version":"13.0.3","new_version":"13.2.0","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-pathfinder","old_version":"1.3.3","new_version":"1.5.4","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-toolkit","old_version":"13.0.2","new_version":"13.2.1"},{"name":"datamodel-code-generator","old_version":"0.26.3","new_version":"0.58.0","repository_url":"https://github.com/koxudaxi/datamodel-code-generator"},{"name":"dataproperty","old_version":"1.0.1","new_version":"1.1.1","repository_url":"https://github.com/thombashi/DataProperty"},{"name":"decorator","old_version":"5.1.1","new_version":"5.3.1","repository_url":"https://github.com/micheles/decorator"},{"name":"dill","old_version":"0.3.8","new_version":"0.4.1","repository_url":"https://github.com/uqfoundation/dill"},{"name":"distlib","old_version":"0.3.9","new_version":"0.4.0","repository_url":"https://github.com/pypa/distlib"},{"name":"dnspython","old_version":"2.7.0","new_version":"2.8.0","repository_url":"https://github.com/rthalley/dnspython"},{"name":"einx","old_version":"0.3.0","new_version":"0.4.3","repository_url":"https://github.com/fferflo/einx"},{"name":"email-validator","old_version":"2.2.0","new_version":"2.3.0","repository_url":"https://github.com/JoshData/python-email-validator"},{"name":"fastsafetensors","old_version":"0.2.2","new_version":"0.3.2","repository_url":"https://github.com/foundation-model-stack/fastsafetensors"},{"name":"fonttools","old_version":"4.55.0","new_version":"4.63.0","repository_url":"https://github.com/fonttools/fonttools"},{"name":"frozenlist","old_version":"1.5.0","new_version":"1.8.0","repository_url":"https://github.com/aio-libs/frozenlist"},{"name":"google-api-core","old_version":"2.24.2","new_version":"2.30.3","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-auth","old_version":"2.40.2","new_version":"2.53.0","repository_url":"https://github.com/googleapis/google-auth-library-python"},{"name":"google-cloud-core","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-cloud-storage","old_version":"3.4.0","new_version":"3.10.1","repository_url":"https://github.com/googleapis/python-storage"},{"name":"google-crc32c","old_version":"1.7.1","new_version":"1.8.0","repository_url":"https://github.com/googleapis/python-crc32c"},{"name":"google-resumable-media","old_version":"2.7.2","new_version":"2.9.0","repository_url":"https://github.com/googleapis/google-resumable-media-python"},{"name":"googleapis-common-protos","old_version":"1.70.0","new_version":"1.75.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"greenlet","old_version":"3.2.3","new_version":"3.5.1","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"grpcio","old_version":"1.78.0","new_version":"1.80.0","repository_url":"https://github.com/grpc/grpc"},{"name":"grpcio-reflection","old_version":"1.78.0","new_version":"1.80.0"},{"name":"h11","old_version":"0.14.0","new_version":"0.16.0","repository_url":"https://github.com/python-hyper/h11"},{"name":"harfile","old_version":"0.3.0","new_version":"0.4.0","repository_url":"https://github.com/schemathesis/harfile"},{"name":"hf-xet","old_version":"1.4.3","new_version":"1.5.0","repository_url":"https://github.com/huggingface/xet-core"},{"name":"hiredis","old_version":"3.0.0","new_version":"3.3.1","repository_url":"https://github.com/redis/hiredis-py"},{"name":"httpx","old_version":"0.27.2","new_version":"0.28.1","repository_url":"https://github.com/encode/httpx"},{"name":"huggingface-hub","old_version":"1.10.2","new_version":"1.16.4","repository_url":"https://github.com/huggingface/huggingface_hub"},{"name":"humanize","old_version":"4.11.0","new_version":"4.15.0","repository_url":"https://github.com/python-humanize/humanize"},{"name":"hypothesis","old_version":"6.131.0","new_version":"6.153.0","repository_url":"https://github.com/HypothesisWorks/hypothesis"},{"name":"hypothesis-graphql","old_version":"0.11.1","new_version":"0.12.0","repository_url":"https://github.com/Stranger6667/hypothesis-graphql"},{"name":"idna","old_version":"3.10","new_version":"3.16","repository_url":"https://github.com/kjd/idna"},{"name":"iniconfig","old_version":"2.0.0","new_version":"2.3.0","repository_url":"https://github.com/pytest-dev/iniconfig"},{"name":"jmespath","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/jmespath/jmespath.py"},{"name":"joblib","old_version":"1.4.2","new_version":"1.5.3","repository_url":"https://github.com/joblib/joblib"},{"name":"jsonpointer","old_version":"3.0.0","new_version":"3.1.1","repository_url":"https://github.com/stefankoegl/python-json-pointer"},{"name":"jsonschema","old_version":"4.23.0","new_version":"4.26.0","repository_url":"https://github.com/python-jsonschema/jsonschema"},{"name":"kiwisolver","old_version":"1.4.7","new_version":"1.5.0","repository_url":"https://github.com/nucleic/kiwi"},{"name":"lazy-loader","old_version":"0.4","new_version":"0.5","repository_url":"https://github.com/scientific-python/lazy-loader"},{"name":"librosa","old_version":"0.10.2.post1","new_version":"0.11.0","repository_url":"https://github.com/librosa/librosa"},{"name":"matplotlib","old_version":"3.9.2","new_version":"3.10.9","repository_url":"https://github.com/matplotlib/matplotlib"},{"name":"mpmath","old_version":"1.3.0","new_version":"1.4.1","repository_url":"https://github.com/mpmath/mpmath"},{"name":"msal","old_version":"1.34.0","new_version":"1.36.0","repository_url":"https://github.com/AzureAD/microsoft-authentication-library-for-python"},{"name":"mteb","old_version":"2.8.3","new_version":"2.12.30","repository_url":"https://github.com/embeddings-benchmark/mteb"},{"name":"multidict","old_version":"6.1.0","new_version":"6.7.1","repository_url":"https://github.com/aio-libs/multidict"},{"name":"mypy-extensions","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/python/mypy_extensions"},{"name":"networkx","old_version":"3.2.1","new_version":"3.4.2","repository_url":"https://github.com/networkx/networkx"},{"name":"nvidia-cublas","old_version":"13.1.0.3","new_version":"13.5.1.27"},{"name":"nvidia-cuda-cupti","old_version":"13.0.85","new_version":"13.3.35"},{"name":"nvidia-cuda-nvrtc","old_version":"13.0.88","new_version":"13.3.33"},{"name":"nvidia-cuda-runtime","old_version":"13.0.96","new_version":"13.3.29"},{"name":"nvidia-cudnn-cu13","old_version":"9.19.0.56","new_version":"9.22.0.52"},{"name":"nvidia-cufft","old_version":"12.0.0.61","new_version":"12.3.0.29"},{"name":"nvidia-cufile","old_version":"1.15.1.6","new_version":"1.18.0.66"},{"name":"nvidia-cusolver","old_version":"12.0.4.66","new_version":"12.2.2.18"},{"name":"nvidia-cusparse","old_version":"12.6.3.3","new_version":"12.8.1.7"},{"name":"nvidia-cusparselt-cu13","old_version":"0.8.0","new_version":"0.9.1"},{"name":"nvidia-nccl-cu13","old_version":"2.28.9","new_version":"2.30.4"},{"name":"nvidia-nvjitlink","old_version":"13.0.88","new_version":"13.3.33"},{"name":"nvidia-nvshmem-cu13","old_version":"3.4.5","new_version":"3.6.5"},{"name":"nvidia-nvtx","old_version":"13.0.85","new_version":"13.3.29"},{"name":"opentelemetry-exporter-prometheus","old_version":"0.56b0","new_version":"0.63b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-proto","old_version":"1.35.0","new_version":"1.42.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-semantic-conventions","old_version":"0.56b0","new_version":"0.63b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"pathvalidate","old_version":"3.2.1","new_version":"3.3.1","repository_url":"https://github.com/thombashi/pathvalidate"},{"name":"peft","old_version":"0.18.1","new_version":"0.19.1","repository_url":"https://github.com/huggingface/peft"},{"name":"perceptron","old_version":"0.1.4","new_version":"0.3.5","repository_url":"https://github.com/perceptron-ai-inc/perceptron"},{"name":"platformdirs","old_version":"4.3.6","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"pluggy","old_version":"1.5.0","new_version":"1.6.0","repository_url":"https://github.com/pytest-dev/pluggy"},{"name":"polars","old_version":"1.29.0","new_version":"1.41.0","repository_url":"https://github.com/pola-rs/polars"},{"name":"pooch","old_version":"1.8.2","new_version":"1.9.0","repository_url":"https://github.com/fatiando/pooch"},{"name":"propcache","old_version":"0.2.0","new_version":"0.5.2","repository_url":"https://github.com/aio-libs/propcache"},{"name":"proto-plus","old_version":"1.26.1","new_version":"1.28.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"pycryptodomex","old_version":"3.22.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"pydantic-core","old_version":"2.41.1","new_version":"2.47.0","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-extra-types","old_version":"2.10.5","new_version":"2.11.1","repository_url":"https://github.com/pydantic/pydantic-extra-types"},{"name":"pygments","old_version":"2.18.0","new_version":"2.20.0","repository_url":"https://github.com/pygments/pygments"},{"name":"pyjwt","old_version":"2.11.0","new_version":"2.13.0","repository_url":"https://github.com/jpadilla/pyjwt"},{"name":"pyparsing","old_version":"3.2.0","new_version":"3.3.2","repository_url":"https://github.com/pyparsing/pyparsing"},{"name":"pystemmer","old_version":"3.0.0","new_version":"3.1.0","repository_url":"https://github.com/snowballstem/pystemmer"},{"name":"pytest-mock","old_version":"3.14.0","new_version":"3.15.1","repository_url":"https://github.com/pytest-dev/pytest-mock"},{"name":"pytest-subtests","old_version":"0.14.1","new_version":"0.15.0","repository_url":"https://github.com/pytest-dev/pytest-subtests"},{"name":"pytest-timeout","old_version":"2.3.1","new_version":"2.4.0","repository_url":"https://github.com/pytest-dev/pytest-timeout"},{"name":"python-rapidjson","old_version":"1.20","new_version":"1.23","repository_url":"https://github.com/python-rapidjson/python-rapidjson"},{"name":"rapidfuzz","old_version":"3.12.1","new_version":"3.14.5","repository_url":"https://github.com/rapidfuzz/RapidFuzz"},{"name":"referencing","old_version":"0.35.1","new_version":"0.37.0","repository_url":"https://github.com/python-jsonschema/referencing"},{"name":"responses","old_version":"0.25.3","new_version":"0.26.1","repository_url":"https://github.com/getsentry/responses"},{"name":"rpds-py","old_version":"0.20.1","new_version":"0.30.0","repository_url":"https://github.com/crate-py/rpds"},{"name":"s3transfer","old_version":"0.10.3","new_version":"0.17.1","repository_url":"https://github.com/boto/s3transfer"},{"name":"sacrebleu","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/mjpost/sacrebleu"},{"name":"scikit-learn","old_version":"1.5.2","new_version":"1.7.2","repository_url":"https://github.com/scikit-learn/scikit-learn"},{"name":"scipy","old_version":"1.13.1","new_version":"1.15.3","repository_url":"https://github.com/scipy/scipy"},{"name":"sentence-transformers","old_version":"5.2.0","new_version":"5.5.1","repository_url":"https://github.com/huggingface/sentence-transformers"},{"name":"six","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/benjaminp/six"},{"name":"smart-open","old_version":"7.1.0","new_version":"7.6.1","repository_url":"https://github.com/piskvorky/smart_open"},{"name":"soundfile","old_version":"0.12.1","new_version":"0.13.1","repository_url":"https://github.com/bastibe/python-soundfile"},{"name":"structlog","old_version":"25.4.0","new_version":"25.5.0","repository_url":"https://github.com/hynek/structlog"},{"name":"sympy","old_version":"1.13.3","new_version":"1.14.0","repository_url":"https://github.com/sympy/sympy"},{"name":"tabulate","old_version":"0.9.0","new_version":"0.10.0","repository_url":"https://github.com/astanin/python-tabulate"},{"name":"tensorizer","old_version":"2.10.1","new_version":"2.12.1","repository_url":"https://github.com/coreweave/tensorizer"},{"name":"termcolor","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/termcolor/termcolor"},{"name":"threadpoolctl","old_version":"3.5.0","new_version":"3.6.0","repository_url":"https://github.com/joblib/threadpoolctl"},{"name":"tomli","old_version":"2.2.1","new_version":"2.4.1","repository_url":"https://github.com/hukkin/tomli"},{"name":"triton","old_version":"3.6.0","new_version":"3.7.0","repository_url":"https://github.com/triton-lang/triton"},{"name":"tritonclient","old_version":"2.64.0","new_version":"2.68.0","repository_url":"https://github.com/triton-inference-server/client"},{"name":"typer","old_version":"0.15.2","new_version":"0.26.1","repository_url":"https://github.com/fastapi/typer"},{"name":"urllib3","old_version":"2.2.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.35.0","new_version":"0.48.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"vector-quantize-pytorch","old_version":"1.21.2","new_version":"1.29.1","repository_url":"https://github.com/lucidrains/vector-quantizer-pytorch"},{"name":"wcwidth","old_version":"0.2.13","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"xxhash","old_version":"3.5.0","new_version":"3.7.0","repository_url":"https://github.com/ifduyue/python-xxhash"},{"name":"yarl","old_version":"1.17.1","new_version":"1.24.2","repository_url":"https://github.com/aio-libs/yarl"},{"name":"tpu-inference","old_version":"0.19.0","new_version":"0.20.0","repository_url":"https://github.com/vllm-project/tpu-inference"},{"name":"conch-triton-kernels","old_version":"1.2.1","new_version":"1.3","repository_url":"https://github.com/stackav-oss/conch"},{"name":"helion","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/pytorch/helion"}],"path":null,"ecosystem":"pip"},"body":"Bumps the minor-update group with 145 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [regex](https://github.com/mrabarnett/mrab-regex) | `2026.2.28` | `2026.5.9` |\n| [requests](https://github.com/psf/requests) | `2.32.3` | `2.34.2` |\n| [transformers](https://github.com/huggingface/transformers) | `5.5.3` | `5.9.0` |\n| [tokenizers](https://github.com/huggingface/tokenizers) | `0.22.2` | `0.23.1` |\n| [fastapi](https://github.com/fastapi/fastapi) | `0.128.0` | `0.136.3` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.0` | `2.13.4` |\n| [prometheus-client](https://github.com/prometheus/client_python) | `0.22.0` | `0.25.0` |\n| [tiktoken](https://github.com/openai/tiktoken) | `0.12.0` | `0.13.0` |\n| [lark](https://github.com/lark-parser/lark) | `1.2.2` | `1.3.1` |\n| [filelock](https://github.com/tox-dev/py-filelock) | `3.16.1` | `3.29.0` |\n| [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.42.1` |\n| [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.42.1` |\n| [tblib](https://github.com/ionelmc/python-tblib) | `3.1.0` | `3.2.2` |\n| [absl-py](https://github.com/abseil/abseil-py) | `2.1.0` | `2.4.0` |\n| [alembic](https://github.com/sqlalchemy/alembic) | `1.16.4` | `1.18.4` |\n| [anyio](https://github.com/agronholm/anyio) | `4.6.2.post1` | `4.13.0` |\n| [argcomplete](https://github.com/kislyuk/argcomplete) | `3.5.1` | `3.6.3` |\n| [arrow](https://github.com/arrow-py/arrow) | `1.3.0` | `1.4.0` |\n| [audioread](https://github.com/beetbox/audioread) | `3.0.1` | `3.1.0` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.38.2` | `1.41.0` |\n| [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) | `12.28.0` | `12.29.0` |\n| [blobfile](https://github.com/blobfile/blobfile) | `3.0.0` | `3.2.0` |\n| [bm25s](https://github.com/xhluca/bm25s) | `0.2.13` | `0.3.9` |\n| [boto3](https://github.com/boto/boto3) | `1.35.57` | `1.43.15` |\n| [botocore](https://github.com/boto/botocore) | `1.35.57` | `1.43.15` |\n| [click](https://github.com/pallets/click) | `8.1.7` | `8.4.1` |\n| [coverage](https://github.com/coveragepy/coveragepy) | `7.10.6` | `7.14.1` |\n| [cramjam](https://github.com/milesgranger/pyrus-cramjam) | `2.9.0` | `2.11.0` |\n| [cuda-bindings](https://github.com/NVIDIA/cuda-python) | `13.0.3` | `13.2.0` |\n| [cuda-pathfinder](https://github.com/NVIDIA/cuda-python) | `1.3.3` | `1.5.4` |\n| [cuda-toolkit](https://developer.nvidia.com/cuda-toolkit) | `13.0.2` | `13.2.1` |\n| [datamodel-code-generator](https://github.com/koxudaxi/datamodel-code-generator) | `0.26.3` | `0.58.0` |\n| [dataproperty](https://github.com/thombashi/DataProperty) | `1.0.1` | `1.1.1` |\n| [decorator](https://github.com/micheles/decorator) | `5.1.1` | `5.3.1` |\n| [dill](https://github.com/uqfoundation/dill) | `0.3.8` | `0.4.1` |\n| [distlib](https://github.com/pypa/distlib) | `0.3.9` | `0.4.0` |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.7.0` | `2.8.0` |\n| [einx](https://github.com/fferflo/einx) | `0.3.0` | `0.4.3` |\n| [email-validator](https://github.com/JoshData/python-email-validator) | `2.2.0` | `2.3.0` |\n| [fastsafetensors](https://github.com/foundation-model-stack/fastsafetensors) | `0.2.2` | `0.3.2` |\n| [fonttools](https://github.com/fonttools/fonttools) | `4.55.0` | `4.63.0` |\n| [frozenlist](https://github.com/aio-libs/frozenlist) | `1.5.0` | `1.8.0` |\n| [google-api-core](https://github.com/googleapis/google-cloud-python) | `2.24.2` | `2.30.3` |\n| [google-auth](https://github.com/googleapis/google-auth-library-python) | `2.40.2` | `2.53.0` |\n| [google-cloud-core](https://github.com/googleapis/google-cloud-python) | `2.4.3` | `2.6.0` |\n| [google-cloud-storage](https://github.com/googleapis/python-storage) | `3.4.0` | `3.10.1` |\n| [google-crc32c](https://github.com/googleapis/python-crc32c) | `1.7.1` | `1.8.0` |\n| [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) | `2.7.2` | `2.9.0` |\n| [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.70.0` | `1.75.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.2.3` | `3.5.1` |\n| [grpcio](https://github.com/grpc/grpc) | `1.78.0` | `1.80.0` |\n| [grpcio-reflection](https://grpc.io) | `1.78.0` | `1.80.0` |\n| [h11](https://github.com/python-hyper/h11) | `0.14.0` | `0.16.0` |\n| [harfile](https://github.com/schemathesis/harfile) | `0.3.0` | `0.4.0` |\n| [hf-xet](https://github.com/huggingface/xet-core) | `1.4.3` | `1.5.0` |\n| [hiredis](https://github.com/redis/hiredis-py) | `3.0.0` | `3.3.1` |\n| [httpx](https://github.com/encode/httpx) | `0.27.2` | `0.28.1` |\n| [huggingface-hub](https://github.com/huggingface/huggingface_hub) | `1.10.2` | `1.16.4` |\n| [humanize](https://github.com/python-humanize/humanize) | `4.11.0` | `4.15.0` |\n| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.131.0` | `6.153.0` |\n| [hypothesis-graphql](https://github.com/Stranger6667/hypothesis-graphql) | `0.11.1` | `0.12.0` |\n| [idna](https://github.com/kjd/idna) | `3.10` | `3.16` |\n| [iniconfig](https://github.com/pytest-dev/iniconfig) | `2.0.0` | `2.3.0` |\n| [jmespath](https://github.com/jmespath/jmespath.py) | `1.0.1` | `1.1.0` |\n| [joblib](https://github.com/joblib/joblib) | `1.4.2` | `1.5.3` |\n| [jsonpointer](https://github.com/stefankoegl/python-json-pointer) | `3.0.0` | `3.1.1` |\n| [jsonschema](https://github.com/python-jsonschema/jsonschema) | `4.23.0` | `4.26.0` |\n| [kiwisolver](https://github.com/nucleic/kiwi) | `1.4.7` | `1.5.0` |\n| [lazy-loader](https://github.com/scientific-python/lazy-loader) | `0.4` | `0.5` |\n| [librosa](https://github.com/librosa/librosa) | `0.10.2.post1` | `0.11.0` |\n| [matplotlib](https://github.com/matplotlib/matplotlib) | `3.9.2` | `3.10.9` |\n| [mpmath](https://github.com/mpmath/mpmath) | `1.3.0` | `1.4.1` |\n| [msal](https://github.com/AzureAD/microsoft-authentication-library-for-python) | `1.34.0` | `1.36.0` |\n| [mteb](https://github.com/embeddings-benchmark/mteb) | `2.8.3` | `2.12.30` |\n| [multidict](https://github.com/aio-libs/multidict) | `6.1.0` | `6.7.1` |\n| [mypy-extensions](https://github.com/python/mypy_extensions) | `1.0.0` | `1.1.0` |\n| [networkx](https://github.com/networkx/networkx) | `3.2.1` | `3.4.2` |\n| [nvidia-cublas](https://developer.nvidia.com/cuda-zone) | `13.1.0.3` | `13.5.1.27` |\n| [nvidia-cuda-cupti](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.3.35` |\n| [nvidia-cuda-nvrtc](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.3.33` |\n| [nvidia-cuda-runtime](https://developer.nvidia.com/cuda-zone) | `13.0.96` | `13.3.29` |\n| [nvidia-cudnn-cu13](https://developer.nvidia.com/cuda-zone) | `9.19.0.56` | `9.22.0.52` |\n| [nvidia-cufft](https://developer.nvidia.com/cuda-zone) | `12.0.0.61` | `12.3.0.29` |\n| [nvidia-cufile](https://developer.nvidia.com/cuda-zone) | `1.15.1.6` | `1.18.0.66` |\n| [nvidia-cusolver](https://developer.nvidia.com/cuda-zone) | `12.0.4.66` | `12.2.2.18` |\n| [nvidia-cusparse](https://developer.nvidia.com/cuda-zone) | `12.6.3.3` | `12.8.1.7` |\n| [nvidia-cusparselt-cu13](https://developer.nvidia.com/cusparselt) | `0.8.0` | `0.9.1` |\n| [nvidia-nccl-cu13](https://developer.nvidia.com/cuda-zone) | `2.28.9` | `2.30.4` |\n| [nvidia-nvjitlink](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.3.33` |\n| [nvidia-nvshmem-cu13](https://developer.nvidia.com/cuda-zone) | `3.4.5` | `3.6.5` |\n| [nvidia-nvtx](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.3.29` |\n| [opentelemetry-exporter-prometheus](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.63b1` |\n| [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.42.1` |\n| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.63b1` |\n| [pathvalidate](https://github.com/thombashi/pathvalidate) | `3.2.1` | `3.3.1` |\n| [peft](https://github.com/huggingface/peft) | `0.18.1` | `0.19.1` |\n| [perceptron](https://github.com/perceptron-ai-inc/perceptron) | `0.1.4` | `0.3.5` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.3.6` | `4.9.6` |\n| [pluggy](https://github.com/pytest-dev/pluggy) | `1.5.0` | `1.6.0` |\n| [polars](https://github.com/pola-rs/polars) | `1.29.0` | `1.41.0` |\n| [pooch](https://github.com/fatiando/pooch) | `1.8.2` | `1.9.0` |\n| [propcache](https://github.com/aio-libs/propcache) | `0.2.0` | `0.5.2` |\n| [proto-plus](https://github.com/googleapis/google-cloud-python) | `1.26.1` | `1.28.0` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.22.0` | `3.23.0` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.1` | `2.47.0` |\n| [pydantic-extra-types](https://github.com/pydantic/pydantic-extra-types) | `2.10.5` | `2.11.1` |\n| [pygments](https://github.com/pygments/pygments) | `2.18.0` | `2.20.0` |\n| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.11.0` | `2.13.0` |\n| [pyparsing](https://github.com/pyparsing/pyparsing) | `3.2.0` | `3.3.2` |\n| [pystemmer](https://github.com/snowballstem/pystemmer) | `3.0.0` | `3.1.0` |\n| [pytest-mock](https://github.com/pytest-dev/pytest-mock) | `3.14.0` | `3.15.1` |\n| [pytest-subtests](https://github.com/pytest-dev/pytest-subtests) | `0.14.1` | `0.15.0` |\n| [pytest-timeout](https://github.com/pytest-dev/pytest-timeout) | `2.3.1` | `2.4.0` |\n| [python-rapidjson](https://github.com/python-rapidjson/python-rapidjson) | `1.20` | `1.23` |\n| [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) | `3.12.1` | `3.14.5` |\n| [referencing](https://github.com/python-jsonschema/referencing) | `0.35.1` | `0.37.0` |\n| [responses](https://github.com/getsentry/responses) | `0.25.3` | `0.26.1` |\n| [rpds-py](https://github.com/crate-py/rpds) | `0.20.1` | `0.30.0` |\n| [s3transfer](https://github.com/boto/s3transfer) | `0.10.3` | `0.17.1` |\n| [sacrebleu](https://github.com/mjpost/sacrebleu) | `2.4.3` | `2.6.0` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.5.2` | `1.7.2` |\n| [scipy](https://github.com/scipy/scipy) | `1.13.1` | `1.15.3` |\n| [sentence-transformers](https://github.com/huggingface/sentence-transformers) | `5.2.0` | `5.5.1` |\n| [six](https://github.com/benjaminp/six) | `1.16.0` | `1.17.0` |\n| [smart-open](https://github.com/piskvorky/smart_open) | `7.1.0` | `7.6.1` |\n| [soundfile](https://github.com/bastibe/python-soundfile) | `0.12.1` | `0.13.1` |\n| [structlog](https://github.com/hynek/structlog) | `25.4.0` | `25.5.0` |\n| [sympy](https://github.com/sympy/sympy) | `1.13.3` | `1.14.0` |\n| [tabulate](https://github.com/astanin/python-tabulate) | `0.9.0` | `0.10.0` |\n| [tensorizer](https://github.com/coreweave/tensorizer) | `2.10.1` | `2.12.1` |\n| [termcolor](https://github.com/termcolor/termcolor) | `3.1.0` | `3.3.0` |\n| [threadpoolctl](https://github.com/joblib/threadpoolctl) | `3.5.0` | `3.6.0` |\n| [tomli](https://github.com/hukkin/tomli) | `2.2.1` | `2.4.1` |\n| [triton](https://github.com/triton-lang/triton) | `3.6.0` | `3.7.0` |\n| [tritonclient](https://github.com/triton-inference-server/client) | `2.64.0` | `2.68.0` |\n| [typer](https://github.com/fastapi/typer) | `0.15.2` | `0.26.1` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.2.3` | `2.7.0` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.35.0` | `0.48.0` |\n| [vector-quantize-pytorch](https://github.com/lucidrains/vector-quantizer-pytorch) | `1.21.2` | `1.29.1` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.2.13` | `0.7.0` |\n| [xxhash](https://github.com/ifduyue/python-xxhash) | `3.5.0` | `3.7.0` |\n| [yarl](https://github.com/aio-libs/yarl) | `1.17.1` | `1.24.2` |\n| [tpu-inference](https://github.com/vllm-project/tpu-inference) | `0.19.0` | `0.20.0` |\n| [conch-triton-kernels](https://github.com/stackav-oss/conch) | `1.2.1` | `1.3` |\n| [helion](https://github.com/pytorch/helion) | `1.0.0` | `1.1.0` |\n\nUpdates `regex` from 2026.2.28 to 2026.5.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt\"\u003eregex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eVersion: 2026.5.9\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eReverse matching with full unicode casefolding could lead to out-of-range string indexes.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.4.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eA fix for older Python versions before free-threading was  supported.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.4.3\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eMore fixes for free-threading.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.32\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed segfault.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.31\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed bug again.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.30\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed bug.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.28\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed version.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.27\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eVarious fixes, including ones to improve free-threading support.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.2.28\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eReplaced atomic operations with mutex on pattern object for free-threaded Python.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.2.26\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ePR [#598](https://github.com/mrabarnett/mrab-regex/issues/598): Fix race condition in storage caching with atomic operations.\n\u003cp\u003eReplaced use of PyUnicode_GET_LENGTH with PyUnicode_GetLength.\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eVersion: 2026.2.19\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eAdded \\z as alias of \\Z, like in re module.\n\u003cp\u003eAdded prefixmatch as alias of match, like in re module.\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eVersion: 2026.1.15\u003c/p\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/e57d185bb711729091907b23edac5dcba0426243\"\u003e\u003ccode\u003ee57d185\u003c/code\u003e\u003c/a\u003e Reverse matching with full unicode casefolding lead to out-of-range string in...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/bc57b04b00de68590345ac2eb621b9a8dd222d7d\"\u003e\u003ccode\u003ebc57b04\u003c/code\u003e\u003c/a\u003e A fix for older Python versions before free-threading was  supported.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/773e213b5d7a78806e795d2513a37345dc793e97\"\u003e\u003ccode\u003e773e213\u003c/code\u003e\u003c/a\u003e More fixes for free-threading.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/5d51c75da03116e08bb6fb537fae6d8c804cc92c\"\u003e\u003ccode\u003e5d51c75\u003c/code\u003e\u003c/a\u003e Fixed segfault.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2aff2db5542ec5b58705be6ddb7b69a99d3e38a8\"\u003e\u003ccode\u003e2aff2db\u003c/code\u003e\u003c/a\u003e Fixed bug again.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/16af8aed2b3211e90588d2ac96f7c588ed477b2c\"\u003e\u003ccode\u003e16af8ae\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2356563bbfd51b3986320a866c35a50b89833949\"\u003e\u003ccode\u003e2356563\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/f579e8ff60e2993a11cf4fd96748e4b7866c9fed\"\u003e\u003ccode\u003ef579e8f\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/55315a0497722898bed8286a596a64db698f498e\"\u003e\u003ccode\u003e55315a0\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/923d78e39b8ff92db67606be3bfbc2e595b6475a\"\u003e\u003ccode\u003e923d78e\u003c/code\u003e\u003c/a\u003e Various fixes, including ones to improve free-threading support.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mrabarnett/mrab-regex/compare/2026.2.28...2026.5.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.1\u003c/h2\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/k223kim\"\u003e\u003ccode\u003e@​k223kim\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7433\"\u003epsf/requests#7433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.0\u003c/h2\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. \u003cstrong\u003eWe believe types are comprehensive but if you find issues, please\nreport them to the \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003epinned tracking issue\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. We believe types are comprehensive but if you find issues, please\nreport them to the pinned tracking issue.\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\nproxy_bypass implementation has been updated with CPython's fix from\nbpo-39057. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer incorrectly strips duplicate leading slashes in\nURI paths. This should address user issues with specific presigned\nURLs. Note the full fix requires urllib3 2.7.0+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7315\"\u003e#7315\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/b7b549b54571d03950b16afd2d01bc6ff0348224\"\u003e\u003ccode\u003eb7b549b\u003c/code\u003e\u003c/a\u003e v2.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e511bc72777a94c45d004e010c597925092e1efe\"\u003e\u003ccode\u003ee511bc7\u003c/code\u003e\u003c/a\u003e Fix mutability issues with headers input types (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5691f596134c2feb121e595c77a0178921fcce61\"\u003e\u003ccode\u003e5691f59\u003c/code\u003e\u003c/a\u003e Update JsonType containers to read-based collections (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/2144213c307691710c9d665700860fc4993c3035\"\u003e\u003ccode\u003e2144213\u003c/code\u003e\u003c/a\u003e Constrain Response.reason to str (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6404f345e562d962abe6700a1c357ec1e7e18232\"\u003e\u003ccode\u003e6404f34\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eprepare_body\u003c/code\u003e stream detection for \u003ccode\u003e__getattr__\u003c/code\u003e-based file wrappers (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7\"\u003e#7\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0b401c76b6e80a4eecf3c690085b2553f6e261ca\"\u003e\u003ccode\u003e0b401c7\u003c/code\u003e\u003c/a\u003e v2.34.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/86b378d3f60f828daa13ca50aa82e287ff7b66b4\"\u003e\u003ccode\u003e86b378d\u003c/code\u003e\u003c/a\u003e Align Session.get parameters with requests.get (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7429\"\u003e#7429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a4f9a5999bdb9bf2d6e7c8aa973b28cacb17134f\"\u003e\u003ccode\u003ea4f9a59\u003c/code\u003e\u003c/a\u003e Port bpo-39057 to Requests (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `transformers` from 5.5.3 to 5.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/transformers/releases\"\u003etransformers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease v5.9.0\u003c/h1\u003e\n\u003ch2\u003eNew Model additions\u003c/h2\u003e\n\u003ch3\u003eCohere2Moe\u003c/h3\u003e\n\u003cp\u003eCommand A+ is a Mixture-of-Experts (MoE) language model from Cohere that features a hybrid attention pattern combining sliding window and full attention layers. The model incorporates both shared and routed experts and supports a very large context window for processing extensive text sequences.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/cohere2_moe\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd new cohere2_moe model (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46115\"\u003e#46115\u003c/a\u003e) by \u003ca href=\"https://github.com/Cyrilvallez\"\u003e\u003ccode\u003e@​Cyrilvallez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/46115\"\u003e#46115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eParakeet tdt (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44171\"\u003e#44171\u003c/a\u003e)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eParakeet tdt (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44171\"\u003e#44171\u003c/a\u003e) by \u003ca href=\"https://github.com/lmaksym\"\u003e\u003ccode\u003e@​lmaksym\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eHRM-Text\u003c/h3\u003e\n\u003cp\u003eHRM-Text is an improved autoregressive language-modeling variant of the Hierarchical Reasoning Model (HRM) that uses a hierarchical recurrent forward pass with two transformer stacks - one for slow, abstract planning (H) and one for fast, detailed computation (L) - reused inside a nested recurrence. It features PrefixLM attention where instruction tokens attend bidirectionally while response tokens attend causally, per-head sigmoid output gates, and parameterless RMSNorm. The model is designed as a base language model without instruction tuning or chat templates.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/hrm_text\"\u003eDocumentation\u003c/a\u003e | \u003ca href=\"https://huggingface.co/papers/2506.21734\"\u003ePaper\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd hrm text (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46025\"\u003e#46025\u003c/a\u003e) by \u003ca href=\"https://github.com/abcd1927\"\u003e\u003ccode\u003e@​abcd1927\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/46025\"\u003e#46025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking changes\u003c/h2\u003e\n\u003cp\u003eThe \u003ccode\u003etext_embeds\u003c/code\u003e input for SAM3, EdgeTAM, and SAM3-Lite-Text models now expects full text embeddings instead of just pooler outputs, aligning with other models in the library — users must update their inputs accordingly.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e🚨Fix memory leaks caused by lru decorators in vision models (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45922\"\u003e#45922\u003c/a\u003e) by \u003ca href=\"https://github.com/yonigozlan\"\u003e\u003ccode\u003e@​yonigozlan\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAudio\u003c/h2\u003e\n\u003cp\u003eAudio support was expanded with the addition of AudioFlamingoNext model checkpoints and improved compilability of audio/vision encoders via standalone pure functions. Additional improvements include better error messaging when loading audio from video files and new documentation for audio/video processors.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003euser friendly error when loading audio from video (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45221\"\u003e#45221\u003c/a\u003e) by \u003ca href=\"https://github.com/eustlb\"\u003e\u003ccode\u003e@​eustlb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45221\"\u003e#45221\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[docs] adding audio/video processors (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45795\"\u003e#45795\u003c/a\u003e) by \u003ca href=\"https://github.com/stevhliu\"\u003e\u003ccode\u003e@​stevhliu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45795\"\u003e#45795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport Audio Flamingo Next checkpoints (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44830\"\u003e#44830\u003c/a\u003e) by \u003ca href=\"https://github.com/lashahub\"\u003e\u003ccode\u003e@​lashahub\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44830\"\u003e#44830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtract dynamic vision/audio tensors into standalone pure functions (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45396\"\u003e#45396\u003c/a\u003e) by \u003ca href=\"https://github.com/IlyasMoutawwakil\"\u003e\u003ccode\u003e@​IlyasMoutawwakil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45396\"\u003e#45396\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGeneration\u003c/h2\u003e\n\u003cp\u003eFixed generation issues including \u003ccode\u003einputs_embeds\u003c/code\u003e and \u003ccode\u003eper_layer_inputs\u003c/code\u003e handling for Gemma4, an \u003ccode\u003eAttributeError\u003c/code\u003e in RAG's \u003ccode\u003egenerate()\u003c/code\u003e caused by missing config fields, and flaky VLM generation tests by blocking special image tokens during sampling.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix Gemma4 generation from inputs_embeds and per_layer_inputs (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46049\"\u003e#46049\u003c/a\u003e) by \u003ca href=\"https://github.com/Cyrilvallez\"\u003e\u003ccode\u003e@​Cyrilvallez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46049\"\u003e#46049\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix AttributeError in RAG generate() for missing config fields (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46035\"\u003e#46035\u003c/a\u003e) by \u003ca href=\"https://github.com/Sriniketh24\"\u003e\u003ccode\u003e@​Sriniketh24\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46035\"\u003e#46035\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/0a2757da521a7a49b8143d9e0c938f08747d682e\"\u003e\u003ccode\u003e0a2757d\u003c/code\u003e\u003c/a\u003e release v5.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/e370a7f3f49c3c759cf8c7c01a935ce0e00c3f44\"\u003e\u003ccode\u003ee370a7f\u003c/code\u003e\u003c/a\u003e fix cohere2 tp_plan for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/f59ffd1ef95634f9b0317ec5d8d43d71e3604a10\"\u003e\u003ccode\u003ef59ffd1\u003c/code\u003e\u003c/a\u003e Add new cohere2_moe model (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46115\"\u003e#46115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/4f41f261efcfd71ce08db2890b7c632cc9ffc0bc\"\u003e\u003ccode\u003e4f41f26\u003c/code\u003e\u003c/a\u003e [loading] Free up tensors faster inside ConversionOps (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46110\"\u003e#46110\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/d5dd7eed2f7d5b2ccba569e150647ef275e56365\"\u003e\u003ccode\u003ed5dd7ee\u003c/code\u003e\u003c/a\u003e Fix post processing RF-DETR (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46041\"\u003e#46041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/0b25f8c49c37530ce9f8742d7a8c19ed8d254d7d\"\u003e\u003ccode\u003e0b25f8c\u003c/code\u003e\u003c/a\u003e [serve] Support for reasoning  (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45690\"\u003e#45690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/0df9b7fcaab447c75543598e6d959065c2296a24\"\u003e\u003ccode\u003e0df9b7f\u003c/code\u003e\u003c/a\u003e Fix Gemma4 generation from inputs_embeds and per_layer_inputs (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46049\"\u003e#46049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/38a8b55f22d593c103e8bcc616413e70a5ef03ca\"\u003e\u003ccode\u003e38a8b55\u003c/code\u003e\u003c/a\u003e Parakeet tdt (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44171\"\u003e#44171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/3428030a179620b01cb598928b6cc7d5e5e60990\"\u003e\u003ccode\u003e3428030\u003c/code\u003e\u003c/a\u003e Remove mask visualization tool from \u003ccode\u003emasking_utils.py\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/46066\"\u003e#46066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/dda06506142a0efe4081a0ab574fbd3c7c72dc37\"\u003e\u003ccode\u003edda0650\u003c/code\u003e\u003c/a\u003e user friendly error when loading audio from video (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45221\"\u003e#45221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/transformers/compare/v5.5.3...v5.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tokenizers` from 0.22.2 to 0.23.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/tokenizers/releases\"\u003etokenizers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v0.23.1\u003c/h2\u003e\n\u003ch2\u003eTL;DR\u003c/h2\u003e\n\u003cp\u003e\u003ccode\u003etokenizers 0.23.1\u003c/code\u003e is the first proper stable release in the \u003ccode\u003e0.23\u003c/code\u003e line — \u003ccode\u003e0.23.0\u003c/code\u003e only ever shipped as \u003ccode\u003erc0\u003c/code\u003e because the release pipeline itself was broken (Node side hadn't shipped multi-platform binaries since 2023, Python side was on \u003ccode\u003epyo3 0.27\u003c/code\u003e without free-threaded support). \u003ccode\u003e0.23.1\u003c/code\u003e is the version where everything actually goes out the door together: full Node multi-platform wheels for the first time in years, Python 3.14 (regular \u003cstrong\u003eand\u003c/strong\u003e free-threaded \u003ccode\u003e3.14t\u003c/code\u003e), full type hints for every Python class, and a stack of measurable perf wins on the BPE / added-vocab hot paths.\u003c/p\u003e\n\u003cp\u003eThere is no functional \u003ccode\u003e0.23.0\u003c/code\u003e published — we tag \u003ccode\u003e0.23.1\u003c/code\u003e directly so users don't accidentally pull a never-shipped version.\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003e🚨 Breaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDrop Python 3.9\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1952\"\u003e#1952\u003c/a\u003e) — \u003ccode\u003erequires-python = \u0026quot;\u0026gt;=3.10\u0026quot;\u003c/code\u003e; 3.9 users stay on \u003ccode\u003e0.22.x\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eadd_tokens\u003c/code\u003e normalizes \u003ccode\u003econtent\u003c/code\u003e at insertion\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e) — re-saved \u003ccode\u003etokenizer.json\u003c/code\u003e may differ in the \u003ccode\u003eadded_tokens\u003c/code\u003e block. Existing files load unchanged.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType stubs are precise\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1928\"\u003e#1928\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1997\"\u003e#1997\u003c/a\u003e) — methods that returned \u003ccode\u003eAny\u003c/code\u003e now return real types; \u003ccode\u003emypy --strict\u003c/code\u003e may surface previously-hidden errors. Stub layout also moved from \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;/__init__.pyi\u003c/code\u003e to \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;.pyi\u003c/code\u003e. This breaks the surface of some of the processors like \u003ccode\u003eRobertaProcessign\u003c/code\u003e's \u003ccode\u003e__init__\u003c/code\u003e .\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e3.14t-only\u003c/strong\u003e: setters/getters return \u003ccode\u003ePyResult\u0026lt;T\u0026gt;\u003c/code\u003e because of \u003ccode\u003eArc\u0026lt;RwLock\u0026lt;Tokenizer\u0026gt;\u0026gt;\u003c/code\u003e; a poisoned lock surfaces as \u003ccode\u003ePyException\u003c/code\u003e instead of a panic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e⚡ Performance — measured locally on this Mac, not lifted from PRs\u003c/h2\u003e\n\u003cp\u003eRun with \u003ccode\u003ecargo bench --bench \u0026lt;name\u0026gt; -- --save-baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.22.2\u003c/code\u003e, then \u003ccode\u003e--baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.23.1\u003c/code\u003e. Numbers are point-in-time wall clock on a single laptop; relative deltas are what matters, absolute numbers will differ on CI hardware.\u003c/p\u003e\n\u003ch3\u003eAdded-vocabulary deserialize — the headline win (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1999\"\u003e#1999\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003e\u003ccode\u003ebench: improve added_vocab_deserialize to reflect real-world workloads\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2000\"\u003e#2000\u003c/a\u003e) is now representative of how transformers actually loads tokenizer.json files. The combined effect of \u003ccode\u003edaachorse\u003c/code\u003e for the matching automaton plus the normalize-on-insert refactor is enormous on this workload:\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~410 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e248 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.1 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e273 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~395 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e235 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.4 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e290 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e400k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~15 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e980 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−94%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eReal-world impact: loading a Llama-3-style tokenizer with a large set of added tokens dropped from \u0026quot;noticeable pause\u0026quot; to \u0026quot;instant\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eBPE encode\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch, no cache\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e530 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e446 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−16%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch\u003c/code\u003e (cached)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e690 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e685 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode\u003c/code\u003e (single)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.95 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.94 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (small)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e32.6 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e31.5 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−3%\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (big)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.01 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e988 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−2%\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eThe BPE per-thread cache PR (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e) shows much larger wins on highly-parallel workloads (+47–62% at 88+ threads on a server box, per the PR's own measurements on Vera). Single-thread batch numbers above are flat or slightly improved because cache-hit overhead was already low without contention.\u003c/p\u003e\n\u003ch3\u003eLlama-3 encode\u003c/h3\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/7f1623b90b5adfb9bc327d4c3468d2f70bbce262\"\u003e\u003ccode\u003e7f1623b\u003c/code\u003e\u003c/a\u003e Bump version to 0.23.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bbe43ad73d8fc8932b9d0e657ddee3cd70c649a4\"\u003e\u003ccode\u003ebbe43ad\u003c/code\u003e\u003c/a\u003e ci: release workflow fixes (node + python) (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2043\"\u003e#2043\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/ab0c5d8fc13eb1c5001d9c06806635e2b5a42e9f\"\u003e\u003ccode\u003eab0c5d8\u003c/code\u003e\u003c/a\u003e Fix node release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2034\"\u003e#2034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/decd8e07dad15f296c0adc2bc3a560f62d3de2eb\"\u003e\u003ccode\u003edecd8e0\u003c/code\u003e\u003c/a\u003e bindings/python: free-threaded Python (3.14t) support (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/3992692d483bf3177219b52cb101b1bb055c18e6\"\u003e\u003ccode\u003e3992692\u003c/code\u003e\u003c/a\u003e update for release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bcdd25b97fcd78549903082ecf3ddd87d42c456b\"\u003e\u003ccode\u003ebcdd25b\u003c/code\u003e\u003c/a\u003e BPE cache: per-thread read-through cache to avoid RwLock atomics on hits (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/618eb383f43e207139eb5cdb9bca17796b5e9bd7\"\u003e\u003ccode\u003e618eb38\u003c/code\u003e\u003c/a\u003e Bump follow-redirects in /tokenizers/examples/unstable_wasm/www (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2024\"\u003e#2024\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/b6b1688bef2e87efc91af18edf7ac38b4d2dfbe6\"\u003e\u003ccode\u003eb6b1688\u003c/code\u003e\u003c/a\u003e chore: bump doc-builder SHA for PR upload workflow (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2025\"\u003e#2025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/19015d6b44aa3896626de5092e4171aed1b56d5b\"\u003e\u003ccode\u003e19015d6\u003c/code\u003e\u003c/a\u003e fix: use uvx --with cairosvg instead of uv pip install --system (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2021\"\u003e#2021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/efbcc68e321c364c8f9541f1c93a158df54d7da4\"\u003e\u003ccode\u003eefbcc68\u003c/code\u003e\u003c/a\u003e Ci benchmarks (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2019\"\u003e#2019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/tokenizers/compare/v0.22.2...v0.23.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastapi` from 0.128.0 to 0.136.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastapi/fastapi/releases\"\u003efastapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.136.3\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Do not accept underscore headers when using \u003ccode\u003econvert_underscores=True\u003c/code\u003e (the default). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15589\"\u003e#15589\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.136.2\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Validate Server Sent Event fields to avoid applications from sending broken data. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15588\"\u003e#15588\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e📝 Document \u003ccode\u003e--entrypoint\u003c/code\u003e CLI option. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15464\"\u003e#15464\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update and simplify docs about help and management. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15583\"\u003e#15583\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Add docs references to central contributing docs. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15580\"\u003e#15580\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update security policy. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15577\"\u003e#15577\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🍱 Update sponsors: TalorData image. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15562\"\u003e#15562\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update docs, simplify usage of admonitions, only default ones. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15553\"\u003e#15553\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Fix image URLs in \u003ccode\u003eindex.md\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15534\"\u003e#15534\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e✏️ Fix Azkaban spelling typo in \u003ccode\u003evirtual-environments.md‎\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15463\"\u003e#15463\u003c/a\u003e by \u003ca href=\"https://github.com/isaacbernat\"\u003e\u003ccode\u003e@​isaacbernat\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e💄 Improve layout and styling. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15462\"\u003e#15462\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e💄 Refactor opinions section with interactive tabs and new logos. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15458\"\u003e#15458\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Add FastAPI Conf '26 announcement to docs. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15457\"\u003e#15457\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🌐 Improve translation consistency in \u003ccode\u003e‎docs/pt/docs/advanced/generate-clients.md‎\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15456\"\u003e#15456\u003c/a\u003e by \u003ca href=\"https://github.com/Will-thom\"\u003e\u003ccode\u003e@​Will-thom\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ja (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15530\"\u003e#15530\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for uk (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15529\"\u003e#15529\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for pt (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15528\"\u003e#15528\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for de (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15527\"\u003e#15527\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for tr (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15526\"\u003e#15526\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ko (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15525\"\u003e#15525\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for zh-hant (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15524\"\u003e#15524\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for fr (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15522\"\u003e#15522\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for es (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15523\"\u003e#15523\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for zh (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15520\"\u003e#15520\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ru (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15521\"\u003e#15521\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Fix typos in Spanish LLM-prompt. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15472\"\u003e#15472\u003c/a\u003e by \u003ca href=\"https://github.com/crr004\"\u003e\u003ccode\u003e@​crr004\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e✅ Update tests, don't double dispose the engine. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15587\"\u003e#15587\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⚡️ Speed up test suite via caching and fixture scopes to make it ~24% faster. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/13583\"\u003e#13583\u003c/a\u003e by \u003ca href=\"https://github.com/dikos1337\"\u003e\u003ccode\u003e@​dikos1337\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔥 Remove config files now in central GitHub repo. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15585\"\u003e#15585\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump urllib3 from 2.6.3 to 2.7.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15502\"\u003e#15502\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump idna from 3.11 to 3.15. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15565\"\u003e#15565\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump cloudflare/wrangler-action from 3.15.0 to 4.0.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15571\"\u003e#15571\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Migrate docs from MkDocs to Zensical. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15563\"\u003e#15563\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔒️ Only allow team members to modify dependencies. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15548\"\u003e#15548\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/82064857539e6286522c347b4b11331b48dd2378\"\u003e\u003ccode\u003e8206485\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c910e0139f983d0e04e2d1d235cd71803afeae34\"\u003e\u003ccode\u003ec910e01\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/063b5bf582d31fb155cc6bc6f88cf512329d0fd5\"\u003e\u003ccode\u003e063b5bf\u003c/code\u003e\u003c/a\u003e ♻️ Do not accept underscore headers when using \u003ccode\u003econvert_underscores=True\u003c/code\u003e (th...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/22b02e26f9e8c7e32bd8266e2b0ebe8bb3a0db2b\"\u003e\u003ccode\u003e22b02e2\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/3b252a2a22ba27a8ab83d6bde7d9cddbc5bf738e\"\u003e\u003ccode\u003e3b252a2\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c7fb7851b3389f24c51701d705458989be53ccbb\"\u003e\u003ccode\u003ec7fb785\u003c/code\u003e\u003c/a\u003e ♻️ Validate Server Sent Event fields to avoid applications from sending broke...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/cb83b83dcf78eab4ea17d504db5abcda705fbdc4\"\u003e\u003ccode\u003ecb83b83\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/00f805cec94c0bf48c1f9a563535a3ab2e6f90ab\"\u003e\u003ccode\u003e00f805c\u003c/code\u003e\u003c/a\u003e ✅ Update tests, don't double dispose the engine (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15587\"\u003e#15587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/3675137523dc167981aa3a3c44599b4f3079ccd8\"\u003e\u003ccode\u003e3675137\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/7b57e42986bb4d40c9eb6580537d13fb8e76097e\"\u003e\u003ccode\u003e7b57e42\u003c/code\u003e\u003c/a\u003e 📝 Document \u003ccode\u003e--entrypoint\u003c/code\u003e CLI option (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15464\"\u003e#15464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastapi/fastapi/compare/0.128.0...0.136.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.12.0 to 2.13.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.4 2026-05-06\u003c/h2\u003e\n\u003ch2\u003ev2.13.4 (2026-05-06)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump libc from 0.2.155 to 0.2.185 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13109\"\u003e#13109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS by \u003ca href=\"https://github.com/washingtoneg\"\u003e\u003ccode\u003e@​washingtoneg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13147\"\u003e#13147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13129\"\u003e#13129\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.3 2026-04-20\u003c/h2\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.2 2026-04-17\u003c/h2\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.1 2026-04-15\u003c/h2\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.0 2026-04-13\u003c/h2\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.4 (2026-05-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump libc from 0.2.155 to 0.2.185 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13109\"\u003e#13109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS by \u003ca href=\"https://github.com/washingtoneg\"\u003e\u003ccode\u003e@​washingtoneg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13147\"\u003e#13147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13129\"\u003e#13129\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.3\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.2\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.1\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.0 (2026-04-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.0\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThe highlights of the v2.13 release are available in the \u003ca href=\"https://pydantic.dev/articles/pydantic-v2-13-release\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/cf67d4b3193c3fe43ede18612ed62785eee11382\"\u003e\u003ccode\u003ecf67d4b\u003c/code\u003e\u003c/a\u003e Fix linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/f0d8a214a5803036db46a56b1f62f1e56b81d662\"\u003e\u003ccode\u003ef0d8a21\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e3fe1d41a00f441204241c66078003ae0391f9a\"\u003e\u003ccode\u003e5e3fe1d\u003c/code\u003e\u003c/a\u003e Check for pydantic tag pattern in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/7f9edcc2a191d2eaa9751220eb910914e716a686\"\u003e\u003ccode\u003e7f9edcc\u003c/code\u003e\u003c/a\u003e Document tagging conventions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/b46a0c9b8a4dd967fda8ec1a92f6437076bf262c\"\u003e\u003ccode\u003eb46a0c9\u003c/code\u003e\u003c/a\u003e Adapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/50629c851e61d887d5420452c311ec6203f1f400\"\u003e\u003ccode\u003e50629c8\u003c/code\u003e\u003c/a\u003e Update to PyPy 7.3.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8522ebb71e5e9a6f7188af5f009f01785b8cf725\"\u003e\u003ccode\u003e8522ebb\u003c/code\u003e\u003c/a\u003e Preserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/a37f3aff090ca342dc5f48304889963530b993f8\"\u003e\u003ccode\u003ea37f3af\u003c/code\u003e\u003c/a\u003e Adapt \u003ccode\u003eMISSING\u003c/code\u003e sentinel test to work with unreleased \u003ccode\u003etyping_extensions\u003c/code\u003e ver...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/909259a9df660518033aa686b689f045a6eaf9d2\"\u003e\u003ccode\u003e909259a\u003c/code\u003e\u003c/a\u003e Remove Logfire example in documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/2c4174c366606fc2dc46cb806833a080aefa77df\"\u003e\u003ccode\u003e2c4174c\u003c/code\u003e\u003c/a\u003e Bump libc from 0.2.155 to 0.2.185\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.12.0...v2.13.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prometheus-client` from 0.22.0 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_python/releases\"\u003eprometheus-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix spaces in grouping key values for push_to_gateway by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1156\"\u003eprometheus/client_python#1156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport MultiProcessCollector in RestrictedRegistry by \u003ca href=\"https://github.com/mathias-kende\"\u003e\u003ccode\u003e@​mathias-kende\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1150\"\u003eprometheus/client_python#1150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Django] Pass correct registry to MultiProcessCollector by \u003ca href=\"https://github.com/jelly\"\u003e\u003ccode\u003e@​jelly\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1152\"\u003eprometheus/client_python#1152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd an AIOHTTP exporter by \u003ca href=\"https://github.com/Lexicality\"\u003e\u003ccode\u003e@​Lexicality\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1139\"\u003eprometheus/client_python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd remove_matching() method for metric label deletion by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1121\"\u003eprometheus/client_python#1121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(multiprocess): avoid double-building child metric names (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1035\"\u003e#1035\u003c/a\u003e) by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1146\"\u003eprometheus/client_python#1146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't interleave histogram metrics in multi-process collector by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1148\"\u003eprometheus/client_python#1148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax registry type annotations for exposition by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1149\"\u003eprometheus/client_python#1149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded compression support in pushgateway by \u003ca href=\"https://github.com/ritesh-avesha\"\u003e\u003ccode\u003e@​ritesh-avesha\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1144\"\u003eprometheus/client_python#1144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Django exporter (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1088\"\u003e#1088\u003c/a\u003e) by \u003ca href=\"https://github.com/Chadys\"\u003e\u003ccode\u003e@​Chadys\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1143\"\u003eprometheus/client_python#1143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use tuples instead of packaging Version by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUTF-8 Content Negotiation by \u003ca href=\"https://github.com/ywwg\"\u003e\u003ccode\u003e@​ywwg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1102\"\u003eprometheus/client_python#1102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRe include test data by \u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove parser performance by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1117\"\u003eprometheus/client_python#1117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support to \u003ccode\u003ewrite_to_textfile\u003c/code\u003e for custom tmpdir by \u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOM text exposition for NH by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1087\"\u003eprometheus/client_python#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug which caused metric publishing to not accept query string parameters in ASGI app by \u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1125\"\u003eprometheus/client_python#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEmit native histograms only when OM 2.0.0 is requested by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1128\"\u003eprometheus/client_python#1128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove space after comma in openmetrics exposition by \u003ca href=\"https://github.com/theSuess\"\u003e\u003ccode\u003e@​theSuess\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1132\"\u003eprometheus/client_python#1132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix issue parsing double spaces after # HELP/# TYPE by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code...\n\n_Description has been truncated_","html_url":"https://github.com/kingcharlezz/deepseek-v4-flash-deterministic-vllm/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kingcharlezz%2Fdeepseek-v4-flash-deterministic-vllm/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"3.22.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2026-05-15T08:01:08.000Z","version_change":"3.22.0 → 3.23.0","issue":{"uuid":"4452313204","node_id":"PR_kwDOI7xefs7b1Vf9","number":42717,"state":"open","title":"Bump the minor-update group across 1 directory with 143 updates","user":"dependabot[bot]","labels":["rocm","ci/build","nvidia","dependencies"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T08:01:08.000Z","updated_at":"2026-05-20T05:01:30.742Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"minor-update","update_count":143,"packages":[{"name":"regex","old_version":"2026.2.28","new_version":"2026.5.9","repository_url":"https://github.com/mrabarnett/mrab-regex"},{"name":"requests","old_version":"2.32.3","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"transformers","old_version":"5.5.3","new_version":"5.8.1","repository_url":"https://github.com/huggingface/transformers"},{"name":"tokenizers","old_version":"0.22.2","new_version":"0.23.1","repository_url":"https://github.com/huggingface/tokenizers"},{"name":"fastapi","old_version":"0.128.0","new_version":"0.136.1","repository_url":"https://github.com/fastapi/fastapi"},{"name":"pydantic","old_version":"2.12.0","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"prometheus-client","old_version":"0.22.0","new_version":"0.25.0","repository_url":"https://github.com/prometheus/client_python"},{"name":"tiktoken","old_version":"0.12.0","new_version":"0.13.0","repository_url":"https://github.com/openai/tiktoken"},{"name":"lark","old_version":"1.2.2","new_version":"1.3.1","repository_url":"https://github.com/lark-parser/lark"},{"name":"filelock","old_version":"3.16.1","new_version":"3.29.0","repository_url":"https://github.com/tox-dev/py-filelock"},{"name":"opentelemetry-sdk","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-api","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"tblib","old_version":"3.1.0","new_version":"3.2.2","repository_url":"https://github.com/ionelmc/python-tblib"},{"name":"absl-py","old_version":"2.1.0","new_version":"2.4.0","repository_url":"https://github.com/abseil/abseil-py"},{"name":"alembic","old_version":"1.16.4","new_version":"1.18.4","repository_url":"https://github.com/sqlalchemy/alembic"},{"name":"anyio","old_version":"4.6.2.post1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"argcomplete","old_version":"3.5.1","new_version":"3.6.3","repository_url":"https://github.com/kislyuk/argcomplete"},{"name":"arrow","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/arrow-py/arrow"},{"name":"audioread","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/beetbox/audioread"},{"name":"azure-core","old_version":"1.38.2","new_version":"1.41.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"azure-storage-blob","old_version":"12.28.0","new_version":"12.29.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"blobfile","old_version":"3.0.0","new_version":"3.2.0","repository_url":"https://github.com/blobfile/blobfile"},{"name":"bm25s","old_version":"0.2.13","new_version":"0.3.9","repository_url":"https://github.com/xhluca/bm25s"},{"name":"boto3","old_version":"1.35.57","new_version":"1.43.10","repository_url":"https://github.com/boto/boto3"},{"name":"botocore","old_version":"1.35.57","new_version":"1.43.10","repository_url":"https://github.com/boto/botocore"},{"name":"click","old_version":"8.1.7","new_version":"8.4.0","repository_url":"https://github.com/pallets/click"},{"name":"coverage","old_version":"7.10.6","new_version":"7.14.0","repository_url":"https://github.com/coveragepy/coveragepy"},{"name":"cramjam","old_version":"2.9.0","new_version":"2.11.0","repository_url":"https://github.com/milesgranger/pyrus-cramjam"},{"name":"cuda-bindings","old_version":"13.0.3","new_version":"13.2.0","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-pathfinder","old_version":"1.3.3","new_version":"1.5.4","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-toolkit","old_version":"13.0.2","new_version":"13.2.1"},{"name":"datamodel-code-generator","old_version":"0.26.3","new_version":"0.57.0","repository_url":"https://github.com/koxudaxi/datamodel-code-generator"},{"name":"dataproperty","old_version":"1.0.1","new_version":"1.1.1","repository_url":"https://github.com/thombashi/DataProperty"},{"name":"decorator","old_version":"5.1.1","new_version":"5.3.1","repository_url":"https://github.com/micheles/decorator"},{"name":"dill","old_version":"0.3.8","new_version":"0.4.1","repository_url":"https://github.com/uqfoundation/dill"},{"name":"distlib","old_version":"0.3.9","new_version":"0.4.0","repository_url":"https://github.com/pypa/distlib"},{"name":"dnspython","old_version":"2.7.0","new_version":"2.8.0","repository_url":"https://github.com/rthalley/dnspython"},{"name":"einx","old_version":"0.3.0","new_version":"0.4.3","repository_url":"https://github.com/fferflo/einx"},{"name":"email-validator","old_version":"2.2.0","new_version":"2.3.0","repository_url":"https://github.com/JoshData/python-email-validator"},{"name":"fastsafetensors","old_version":"0.2.2","new_version":"0.3.1","repository_url":"https://github.com/foundation-model-stack/fastsafetensors"},{"name":"fonttools","old_version":"4.55.0","new_version":"4.63.0","repository_url":"https://github.com/fonttools/fonttools"},{"name":"frozenlist","old_version":"1.5.0","new_version":"1.8.0","repository_url":"https://github.com/aio-libs/frozenlist"},{"name":"google-api-core","old_version":"2.24.2","new_version":"2.30.3","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-auth","old_version":"2.40.2","new_version":"2.53.0","repository_url":"https://github.com/googleapis/google-auth-library-python"},{"name":"google-cloud-core","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-cloud-storage","old_version":"3.4.0","new_version":"3.10.1","repository_url":"https://github.com/googleapis/python-storage"},{"name":"google-crc32c","old_version":"1.7.1","new_version":"1.8.0","repository_url":"https://github.com/googleapis/python-crc32c"},{"name":"google-resumable-media","old_version":"2.7.2","new_version":"2.9.0","repository_url":"https://github.com/googleapis/google-resumable-media-python"},{"name":"googleapis-common-protos","old_version":"1.70.0","new_version":"1.75.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"greenlet","old_version":"3.2.3","new_version":"3.5.0","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"grpcio","old_version":"1.78.0","new_version":"1.80.0","repository_url":"https://github.com/grpc/grpc"},{"name":"grpcio-reflection","old_version":"1.78.0","new_version":"1.80.0"},{"name":"h11","old_version":"0.14.0","new_version":"0.16.0","repository_url":"https://github.com/python-hyper/h11"},{"name":"harfile","old_version":"0.3.0","new_version":"0.4.0","repository_url":"https://github.com/schemathesis/harfile"},{"name":"hf-xet","old_version":"1.4.3","new_version":"1.5.0","repository_url":"https://github.com/huggingface/xet-core"},{"name":"hiredis","old_version":"3.0.0","new_version":"3.3.1","repository_url":"https://github.com/redis/hiredis-py"},{"name":"httpx","old_version":"0.27.2","new_version":"0.28.1","repository_url":"https://github.com/encode/httpx"},{"name":"huggingface-hub","old_version":"1.10.2","new_version":"1.15.0","repository_url":"https://github.com/huggingface/huggingface_hub"},{"name":"humanize","old_version":"4.11.0","new_version":"4.15.0","repository_url":"https://github.com/python-humanize/humanize"},{"name":"hypothesis","old_version":"6.131.0","new_version":"6.152.8","repository_url":"https://github.com/HypothesisWorks/hypothesis"},{"name":"hypothesis-graphql","old_version":"0.11.1","new_version":"0.12.0","repository_url":"https://github.com/Stranger6667/hypothesis-graphql"},{"name":"idna","old_version":"3.10","new_version":"3.15","repository_url":"https://github.com/kjd/idna"},{"name":"iniconfig","old_version":"2.0.0","new_version":"2.3.0","repository_url":"https://github.com/pytest-dev/iniconfig"},{"name":"jmespath","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/jmespath/jmespath.py"},{"name":"joblib","old_version":"1.4.2","new_version":"1.5.3","repository_url":"https://github.com/joblib/joblib"},{"name":"jsonpointer","old_version":"3.0.0","new_version":"3.1.1","repository_url":"https://github.com/stefankoegl/python-json-pointer"},{"name":"jsonschema","old_version":"4.23.0","new_version":"4.26.0","repository_url":"https://github.com/python-jsonschema/jsonschema"},{"name":"kiwisolver","old_version":"1.4.7","new_version":"1.5.0","repository_url":"https://github.com/nucleic/kiwi"},{"name":"lazy-loader","old_version":"0.4","new_version":"0.5","repository_url":"https://github.com/scientific-python/lazy-loader"},{"name":"librosa","old_version":"0.10.2.post1","new_version":"0.11.0","repository_url":"https://github.com/librosa/librosa"},{"name":"matplotlib","old_version":"3.9.2","new_version":"3.10.9","repository_url":"https://github.com/matplotlib/matplotlib"},{"name":"mpmath","old_version":"1.3.0","new_version":"1.4.1","repository_url":"https://github.com/mpmath/mpmath"},{"name":"msal","old_version":"1.34.0","new_version":"1.36.0","repository_url":"https://github.com/AzureAD/microsoft-authentication-library-for-python"},{"name":"mteb","old_version":"2.8.3","new_version":"2.12.30","repository_url":"https://github.com/embeddings-benchmark/mteb"},{"name":"multidict","old_version":"6.1.0","new_version":"6.7.1","repository_url":"https://github.com/aio-libs/multidict"},{"name":"mypy-extensions","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/python/mypy_extensions"},{"name":"networkx","old_version":"3.2.1","new_version":"3.4.2","repository_url":"https://github.com/networkx/networkx"},{"name":"nvidia-cublas","old_version":"13.1.0.3","new_version":"13.4.1.1"},{"name":"nvidia-cuda-cupti","old_version":"13.0.85","new_version":"13.2.75"},{"name":"nvidia-cuda-nvrtc","old_version":"13.0.88","new_version":"13.2.78"},{"name":"nvidia-cuda-runtime","old_version":"13.0.96","new_version":"13.2.75"},{"name":"nvidia-cudnn-cu13","old_version":"9.19.0.56","new_version":"9.22.0.52"},{"name":"nvidia-cufft","old_version":"12.0.0.61","new_version":"12.2.0.46"},{"name":"nvidia-cufile","old_version":"1.15.1.6","new_version":"1.17.1.22"},{"name":"nvidia-cusolver","old_version":"12.0.4.66","new_version":"12.2.0.1"},{"name":"nvidia-cusparse","old_version":"12.6.3.3","new_version":"12.7.10.1"},{"name":"nvidia-cusparselt-cu13","old_version":"0.8.0","new_version":"0.9.1"},{"name":"nvidia-nccl-cu13","old_version":"2.28.9","new_version":"2.30.4"},{"name":"nvidia-nvjitlink","old_version":"13.0.88","new_version":"13.2.78"},{"name":"nvidia-nvshmem-cu13","old_version":"3.4.5","new_version":"3.6.5"},{"name":"nvidia-nvtx","old_version":"13.0.85","new_version":"13.2.75"},{"name":"opentelemetry-exporter-prometheus","old_version":"0.56b0","new_version":"0.62b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-proto","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-semantic-conventions","old_version":"0.56b0","new_version":"0.62b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"pathvalidate","old_version":"3.2.1","new_version":"3.3.1","repository_url":"https://github.com/thombashi/pathvalidate"},{"name":"peft","old_version":"0.18.1","new_version":"0.19.1","repository_url":"https://github.com/huggingface/peft"},{"name":"perceptron","old_version":"0.1.4","new_version":"0.3.5","repository_url":"https://github.com/perceptron-ai-inc/perceptron"},{"name":"platformdirs","old_version":"4.3.6","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"pluggy","old_version":"1.5.0","new_version":"1.6.0","repository_url":"https://github.com/pytest-dev/pluggy"},{"name":"polars","old_version":"1.29.0","new_version":"1.40.1","repository_url":"https://github.com/pola-rs/polars"},{"name":"pooch","old_version":"1.8.2","new_version":"1.9.0","repository_url":"https://github.com/fatiando/pooch"},{"name":"propcache","old_version":"0.2.0","new_version":"0.5.2","repository_url":"https://github.com/aio-libs/propcache"},{"name":"proto-plus","old_version":"1.26.1","new_version":"1.28.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"pycryptodomex","old_version":"3.22.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"pydantic-core","old_version":"2.41.1","new_version":"2.46.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-extra-types","old_version":"2.10.5","new_version":"2.11.1","repository_url":"https://github.com/pydantic/pydantic-extra-types"},{"name":"pygments","old_version":"2.18.0","new_version":"2.20.0","repository_url":"https://github.com/pygments/pygments"},{"name":"pyjwt","old_version":"2.11.0","new_version":"2.12.1","repository_url":"https://github.com/jpadilla/pyjwt"},{"name":"pyparsing","old_version":"3.2.0","new_version":"3.3.2","repository_url":"https://github.com/pyparsing/pyparsing"},{"name":"pytest-mock","old_version":"3.14.0","new_version":"3.15.1","repository_url":"https://github.com/pytest-dev/pytest-mock"},{"name":"pytest-subtests","old_version":"0.14.1","new_version":"0.15.0","repository_url":"https://github.com/pytest-dev/pytest-subtests"},{"name":"pytest-timeout","old_version":"2.3.1","new_version":"2.4.0","repository_url":"https://github.com/pytest-dev/pytest-timeout"},{"name":"python-rapidjson","old_version":"1.20","new_version":"1.23","repository_url":"https://github.com/python-rapidjson/python-rapidjson"},{"name":"rapidfuzz","old_version":"3.12.1","new_version":"3.14.5","repository_url":"https://github.com/rapidfuzz/RapidFuzz"},{"name":"referencing","old_version":"0.35.1","new_version":"0.37.0","repository_url":"https://github.com/python-jsonschema/referencing"},{"name":"responses","old_version":"0.25.3","new_version":"0.26.0","repository_url":"https://github.com/getsentry/responses"},{"name":"rpds-py","old_version":"0.20.1","new_version":"0.30.0","repository_url":"https://github.com/crate-py/rpds"},{"name":"s3transfer","old_version":"0.10.3","new_version":"0.17.0","repository_url":"https://github.com/boto/s3transfer"},{"name":"sacrebleu","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/mjpost/sacrebleu"},{"name":"safetensors","old_version":"0.4.5","new_version":"0.7.0","repository_url":"https://github.com/huggingface/safetensors"},{"name":"scikit-learn","old_version":"1.5.2","new_version":"1.7.2","repository_url":"https://github.com/scikit-learn/scikit-learn"},{"name":"scipy","old_version":"1.13.1","new_version":"1.15.3","repository_url":"https://github.com/scipy/scipy"},{"name":"sentence-transformers","old_version":"5.2.0","new_version":"5.5.0","repository_url":"https://github.com/huggingface/sentence-transformers"},{"name":"six","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/benjaminp/six"},{"name":"smart-open","old_version":"7.1.0","new_version":"7.6.1","repository_url":"https://github.com/piskvorky/smart_open"},{"name":"soundfile","old_version":"0.12.1","new_version":"0.13.1","repository_url":"https://github.com/bastibe/python-soundfile"},{"name":"structlog","old_version":"25.4.0","new_version":"25.5.0","repository_url":"https://github.com/hynek/structlog"},{"name":"sympy","old_version":"1.13.3","new_version":"1.14.0","repository_url":"https://github.com/sympy/sympy"},{"name":"tabulate","old_version":"0.9.0","new_version":"0.10.0","repository_url":"https://github.com/astanin/python-tabulate"},{"name":"tensorizer","old_version":"2.10.1","new_version":"2.12.1","repository_url":"https://github.com/coreweave/tensorizer"},{"name":"termcolor","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/termcolor/termcolor"},{"name":"threadpoolctl","old_version":"3.5.0","new_version":"3.6.0","repository_url":"https://github.com/joblib/threadpoolctl"},{"name":"tomli","old_version":"2.2.1","new_version":"2.4.1","repository_url":"https://github.com/hukkin/tomli"},{"name":"triton","old_version":"3.6.0","new_version":"3.7.0","repository_url":"https://github.com/triton-lang/triton"},{"name":"tritonclient","old_version":"2.64.0","new_version":"2.68.0","repository_url":"https://github.com/triton-inference-server/client"},{"name":"typer","old_version":"0.15.2","new_version":"0.25.1","repository_url":"https://github.com/fastapi/typer"},{"name":"urllib3","old_version":"2.2.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.35.0","new_version":"0.47.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"vector-quantize-pytorch","old_version":"1.21.2","new_version":"1.29.1","repository_url":"https://github.com/lucidrains/vector-quantizer-pytorch"},{"name":"wcwidth","old_version":"0.2.13","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"xxhash","old_version":"3.5.0","new_version":"3.7.0","repository_url":"https://github.com/ifduyue/python-xxhash"},{"name":"yarl","old_version":"1.17.1","new_version":"1.23.0","repository_url":"https://github.com/aio-libs/yarl"},{"name":"conch-triton-kernels","old_version":"1.2.1","new_version":"1.3","repository_url":"https://github.com/stackav-oss/conch"}],"path":null,"ecosystem":"pip"},"body":"Bumps the minor-update group with 143 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [regex](https://github.com/mrabarnett/mrab-regex) | `2026.2.28` | `2026.5.9` |\n| [requests](https://github.com/psf/requests) | `2.32.3` | `2.34.2` |\n| [transformers](https://github.com/huggingface/transformers) | `5.5.3` | `5.8.1` |\n| [tokenizers](https://github.com/huggingface/tokenizers) | `0.22.2` | `0.23.1` |\n| [fastapi](https://github.com/fastapi/fastapi) | `0.128.0` | `0.136.1` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.0` | `2.13.4` |\n| [prometheus-client](https://github.com/prometheus/client_python) | `0.22.0` | `0.25.0` |\n| [tiktoken](https://github.com/openai/tiktoken) | `0.12.0` | `0.13.0` |\n| [lark](https://github.com/lark-parser/lark) | `1.2.2` | `1.3.1` |\n| [filelock](https://github.com/tox-dev/py-filelock) | `3.16.1` | `3.29.0` |\n| [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [tblib](https://github.com/ionelmc/python-tblib) | `3.1.0` | `3.2.2` |\n| [absl-py](https://github.com/abseil/abseil-py) | `2.1.0` | `2.4.0` |\n| [alembic](https://github.com/sqlalchemy/alembic) | `1.16.4` | `1.18.4` |\n| [anyio](https://github.com/agronholm/anyio) | `4.6.2.post1` | `4.13.0` |\n| [argcomplete](https://github.com/kislyuk/argcomplete) | `3.5.1` | `3.6.3` |\n| [arrow](https://github.com/arrow-py/arrow) | `1.3.0` | `1.4.0` |\n| [audioread](https://github.com/beetbox/audioread) | `3.0.1` | `3.1.0` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.38.2` | `1.41.0` |\n| [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) | `12.28.0` | `12.29.0` |\n| [blobfile](https://github.com/blobfile/blobfile) | `3.0.0` | `3.2.0` |\n| [bm25s](https://github.com/xhluca/bm25s) | `0.2.13` | `0.3.9` |\n| [boto3](https://github.com/boto/boto3) | `1.35.57` | `1.43.10` |\n| [botocore](https://github.com/boto/botocore) | `1.35.57` | `1.43.10` |\n| [click](https://github.com/pallets/click) | `8.1.7` | `8.4.0` |\n| [coverage](https://github.com/coveragepy/coveragepy) | `7.10.6` | `7.14.0` |\n| [cramjam](https://github.com/milesgranger/pyrus-cramjam) | `2.9.0` | `2.11.0` |\n| [cuda-bindings](https://github.com/NVIDIA/cuda-python) | `13.0.3` | `13.2.0` |\n| [cuda-pathfinder](https://github.com/NVIDIA/cuda-python) | `1.3.3` | `1.5.4` |\n| [cuda-toolkit](https://developer.nvidia.com/cuda-toolkit) | `13.0.2` | `13.2.1` |\n| [datamodel-code-generator](https://github.com/koxudaxi/datamodel-code-generator) | `0.26.3` | `0.57.0` |\n| [dataproperty](https://github.com/thombashi/DataProperty) | `1.0.1` | `1.1.1` |\n| [decorator](https://github.com/micheles/decorator) | `5.1.1` | `5.3.1` |\n| [dill](https://github.com/uqfoundation/dill) | `0.3.8` | `0.4.1` |\n| [distlib](https://github.com/pypa/distlib) | `0.3.9` | `0.4.0` |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.7.0` | `2.8.0` |\n| [einx](https://github.com/fferflo/einx) | `0.3.0` | `0.4.3` |\n| [email-validator](https://github.com/JoshData/python-email-validator) | `2.2.0` | `2.3.0` |\n| [fastsafetensors](https://github.com/foundation-model-stack/fastsafetensors) | `0.2.2` | `0.3.1` |\n| [fonttools](https://github.com/fonttools/fonttools) | `4.55.0` | `4.63.0` |\n| [frozenlist](https://github.com/aio-libs/frozenlist) | `1.5.0` | `1.8.0` |\n| [google-api-core](https://github.com/googleapis/google-cloud-python) | `2.24.2` | `2.30.3` |\n| [google-auth](https://github.com/googleapis/google-auth-library-python) | `2.40.2` | `2.53.0` |\n| [google-cloud-core](https://github.com/googleapis/google-cloud-python) | `2.4.3` | `2.6.0` |\n| [google-cloud-storage](https://github.com/googleapis/python-storage) | `3.4.0` | `3.10.1` |\n| [google-crc32c](https://github.com/googleapis/python-crc32c) | `1.7.1` | `1.8.0` |\n| [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) | `2.7.2` | `2.9.0` |\n| [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.70.0` | `1.75.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.2.3` | `3.5.0` |\n| [grpcio](https://github.com/grpc/grpc) | `1.78.0` | `1.80.0` |\n| [grpcio-reflection](https://grpc.io) | `1.78.0` | `1.80.0` |\n| [h11](https://github.com/python-hyper/h11) | `0.14.0` | `0.16.0` |\n| [harfile](https://github.com/schemathesis/harfile) | `0.3.0` | `0.4.0` |\n| [hf-xet](https://github.com/huggingface/xet-core) | `1.4.3` | `1.5.0` |\n| [hiredis](https://github.com/redis/hiredis-py) | `3.0.0` | `3.3.1` |\n| [httpx](https://github.com/encode/httpx) | `0.27.2` | `0.28.1` |\n| [huggingface-hub](https://github.com/huggingface/huggingface_hub) | `1.10.2` | `1.15.0` |\n| [humanize](https://github.com/python-humanize/humanize) | `4.11.0` | `4.15.0` |\n| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.131.0` | `6.152.8` |\n| [hypothesis-graphql](https://github.com/Stranger6667/hypothesis-graphql) | `0.11.1` | `0.12.0` |\n| [idna](https://github.com/kjd/idna) | `3.10` | `3.15` |\n| [iniconfig](https://github.com/pytest-dev/iniconfig) | `2.0.0` | `2.3.0` |\n| [jmespath](https://github.com/jmespath/jmespath.py) | `1.0.1` | `1.1.0` |\n| [joblib](https://github.com/joblib/joblib) | `1.4.2` | `1.5.3` |\n| [jsonpointer](https://github.com/stefankoegl/python-json-pointer) | `3.0.0` | `3.1.1` |\n| [jsonschema](https://github.com/python-jsonschema/jsonschema) | `4.23.0` | `4.26.0` |\n| [kiwisolver](https://github.com/nucleic/kiwi) | `1.4.7` | `1.5.0` |\n| [lazy-loader](https://github.com/scientific-python/lazy-loader) | `0.4` | `0.5` |\n| [librosa](https://github.com/librosa/librosa) | `0.10.2.post1` | `0.11.0` |\n| [matplotlib](https://github.com/matplotlib/matplotlib) | `3.9.2` | `3.10.9` |\n| [mpmath](https://github.com/mpmath/mpmath) | `1.3.0` | `1.4.1` |\n| [msal](https://github.com/AzureAD/microsoft-authentication-library-for-python) | `1.34.0` | `1.36.0` |\n| [mteb](https://github.com/embeddings-benchmark/mteb) | `2.8.3` | `2.12.30` |\n| [multidict](https://github.com/aio-libs/multidict) | `6.1.0` | `6.7.1` |\n| [mypy-extensions](https://github.com/python/mypy_extensions) | `1.0.0` | `1.1.0` |\n| [networkx](https://github.com/networkx/networkx) | `3.2.1` | `3.4.2` |\n| [nvidia-cublas](https://developer.nvidia.com/cuda-zone) | `13.1.0.3` | `13.4.1.1` |\n| [nvidia-cuda-cupti](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.2.75` |\n| [nvidia-cuda-nvrtc](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.2.78` |\n| [nvidia-cuda-runtime](https://developer.nvidia.com/cuda-zone) | `13.0.96` | `13.2.75` |\n| [nvidia-cudnn-cu13](https://developer.nvidia.com/cuda-zone) | `9.19.0.56` | `9.22.0.52` |\n| [nvidia-cufft](https://developer.nvidia.com/cuda-zone) | `12.0.0.61` | `12.2.0.46` |\n| [nvidia-cufile](https://developer.nvidia.com/cuda-zone) | `1.15.1.6` | `1.17.1.22` |\n| [nvidia-cusolver](https://developer.nvidia.com/cuda-zone) | `12.0.4.66` | `12.2.0.1` |\n| [nvidia-cusparse](https://developer.nvidia.com/cuda-zone) | `12.6.3.3` | `12.7.10.1` |\n| [nvidia-cusparselt-cu13](https://developer.nvidia.com/cusparselt) | `0.8.0` | `0.9.1` |\n| [nvidia-nccl-cu13](https://developer.nvidia.com/cuda-zone) | `2.28.9` | `2.30.4` |\n| [nvidia-nvjitlink](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.2.78` |\n| [nvidia-nvshmem-cu13](https://developer.nvidia.com/cuda-zone) | `3.4.5` | `3.6.5` |\n| [nvidia-nvtx](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.2.75` |\n| [opentelemetry-exporter-prometheus](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.62b1` |\n| [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.62b1` |\n| [pathvalidate](https://github.com/thombashi/pathvalidate) | `3.2.1` | `3.3.1` |\n| [peft](https://github.com/huggingface/peft) | `0.18.1` | `0.19.1` |\n| [perceptron](https://github.com/perceptron-ai-inc/perceptron) | `0.1.4` | `0.3.5` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.3.6` | `4.9.6` |\n| [pluggy](https://github.com/pytest-dev/pluggy) | `1.5.0` | `1.6.0` |\n| [polars](https://github.com/pola-rs/polars) | `1.29.0` | `1.40.1` |\n| [pooch](https://github.com/fatiando/pooch) | `1.8.2` | `1.9.0` |\n| [propcache](https://github.com/aio-libs/propcache) | `0.2.0` | `0.5.2` |\n| [proto-plus](https://github.com/googleapis/google-cloud-python) | `1.26.1` | `1.28.0` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.22.0` | `3.23.0` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.1` | `2.46.4` |\n| [pydantic-extra-types](https://github.com/pydantic/pydantic-extra-types) | `2.10.5` | `2.11.1` |\n| [pygments](https://github.com/pygments/pygments) | `2.18.0` | `2.20.0` |\n| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.11.0` | `2.12.1` |\n| [pyparsing](https://github.com/pyparsing/pyparsing) | `3.2.0` | `3.3.2` |\n| [pytest-mock](https://github.com/pytest-dev/pytest-mock) | `3.14.0` | `3.15.1` |\n| [pytest-subtests](https://github.com/pytest-dev/pytest-subtests) | `0.14.1` | `0.15.0` |\n| [pytest-timeout](https://github.com/pytest-dev/pytest-timeout) | `2.3.1` | `2.4.0` |\n| [python-rapidjson](https://github.com/python-rapidjson/python-rapidjson) | `1.20` | `1.23` |\n| [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) | `3.12.1` | `3.14.5` |\n| [referencing](https://github.com/python-jsonschema/referencing) | `0.35.1` | `0.37.0` |\n| [responses](https://github.com/getsentry/responses) | `0.25.3` | `0.26.0` |\n| [rpds-py](https://github.com/crate-py/rpds) | `0.20.1` | `0.30.0` |\n| [s3transfer](https://github.com/boto/s3transfer) | `0.10.3` | `0.17.0` |\n| [sacrebleu](https://github.com/mjpost/sacrebleu) | `2.4.3` | `2.6.0` |\n| [safetensors](https://github.com/huggingface/safetensors) | `0.4.5` | `0.7.0` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.5.2` | `1.7.2` |\n| [scipy](https://github.com/scipy/scipy) | `1.13.1` | `1.15.3` |\n| [sentence-transformers](https://github.com/huggingface/sentence-transformers) | `5.2.0` | `5.5.0` |\n| [six](https://github.com/benjaminp/six) | `1.16.0` | `1.17.0` |\n| [smart-open](https://github.com/piskvorky/smart_open) | `7.1.0` | `7.6.1` |\n| [soundfile](https://github.com/bastibe/python-soundfile) | `0.12.1` | `0.13.1` |\n| [structlog](https://github.com/hynek/structlog) | `25.4.0` | `25.5.0` |\n| [sympy](https://github.com/sympy/sympy) | `1.13.3` | `1.14.0` |\n| [tabulate](https://github.com/astanin/python-tabulate) | `0.9.0` | `0.10.0` |\n| [tensorizer](https://github.com/coreweave/tensorizer) | `2.10.1` | `2.12.1` |\n| [termcolor](https://github.com/termcolor/termcolor) | `3.1.0` | `3.3.0` |\n| [threadpoolctl](https://github.com/joblib/threadpoolctl) | `3.5.0` | `3.6.0` |\n| [tomli](https://github.com/hukkin/tomli) | `2.2.1` | `2.4.1` |\n| [triton](https://github.com/triton-lang/triton) | `3.6.0` | `3.7.0` |\n| [tritonclient](https://github.com/triton-inference-server/client) | `2.64.0` | `2.68.0` |\n| [typer](https://github.com/fastapi/typer) | `0.15.2` | `0.25.1` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.2.3` | `2.7.0` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.35.0` | `0.47.0` |\n| [vector-quantize-pytorch](https://github.com/lucidrains/vector-quantizer-pytorch) | `1.21.2` | `1.29.1` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.2.13` | `0.7.0` |\n| [xxhash](https://github.com/ifduyue/python-xxhash) | `3.5.0` | `3.7.0` |\n| [yarl](https://github.com/aio-libs/yarl) | `1.17.1` | `1.23.0` |\n| [conch-triton-kernels](https://github.com/stackav-oss/conch) | `1.2.1` | `1.3` |\n\n\nUpdates `regex` from 2026.2.28 to 2026.5.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt\"\u003eregex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eVersion: 2026.5.9\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eReverse matching with full unicode casefolding could lead to out-of-range string indexes.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.4.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eA fix for older Python versions before free-threading was  supported.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.4.3\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eMore fixes for free-threading.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.32\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed segfault.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.31\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed bug again.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.30\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed bug.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.28\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eFixed version.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.3.27\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eVarious fixes, including ones to improve free-threading support.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.2.28\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eReplaced atomic operations with mutex on pattern object for free-threaded Python.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVersion: 2026.2.26\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ePR [#598](https://github.com/mrabarnett/mrab-regex/issues/598): Fix race condition in storage caching with atomic operations.\n\u003cp\u003eReplaced use of PyUnicode_GET_LENGTH with PyUnicode_GetLength.\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eVersion: 2026.2.19\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eAdded \\z as alias of \\Z, like in re module.\n\u003cp\u003eAdded prefixmatch as alias of match, like in re module.\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eVersion: 2026.1.15\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/e57d185bb711729091907b23edac5dcba0426243\"\u003e\u003ccode\u003ee57d185\u003c/code\u003e\u003c/a\u003e Reverse matching with full unicode casefolding lead to out-of-range string in...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/bc57b04b00de68590345ac2eb621b9a8dd222d7d\"\u003e\u003ccode\u003ebc57b04\u003c/code\u003e\u003c/a\u003e A fix for older Python versions before free-threading was  supported.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/773e213b5d7a78806e795d2513a37345dc793e97\"\u003e\u003ccode\u003e773e213\u003c/code\u003e\u003c/a\u003e More fixes for free-threading.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/5d51c75da03116e08bb6fb537fae6d8c804cc92c\"\u003e\u003ccode\u003e5d51c75\u003c/code\u003e\u003c/a\u003e Fixed segfault.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2aff2db5542ec5b58705be6ddb7b69a99d3e38a8\"\u003e\u003ccode\u003e2aff2db\u003c/code\u003e\u003c/a\u003e Fixed bug again.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/16af8aed2b3211e90588d2ac96f7c588ed477b2c\"\u003e\u003ccode\u003e16af8ae\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2356563bbfd51b3986320a866c35a50b89833949\"\u003e\u003ccode\u003e2356563\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/f579e8ff60e2993a11cf4fd96748e4b7866c9fed\"\u003e\u003ccode\u003ef579e8f\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/55315a0497722898bed8286a596a64db698f498e\"\u003e\u003ccode\u003e55315a0\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/923d78e39b8ff92db67606be3bfbc2e595b6475a\"\u003e\u003ccode\u003e923d78e\u003c/code\u003e\u003c/a\u003e Various fixes, including ones to improve free-threading support.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mrabarnett/mrab-regex/compare/2026.2.28...2026.5.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.1\u003c/h2\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/k223kim\"\u003e\u003ccode\u003e@​k223kim\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7433\"\u003epsf/requests#7433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.0\u003c/h2\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. \u003cstrong\u003eWe believe types are comprehensive but if you find issues, please\nreport them to the \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003epinned tracking issue\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. We believe types are comprehensive but if you find issues, please\nreport them to the pinned tracking issue.\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\nproxy_bypass implementation has been updated with CPython's fix from\nbpo-39057. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer incorrectly strips duplicate leading slashes in\nURI paths. This should address user issues with specific presigned\nURLs. Note the full fix requires urllib3 2.7.0+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7315\"\u003e#7315\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/b7b549b54571d03950b16afd2d01bc6ff0348224\"\u003e\u003ccode\u003eb7b549b\u003c/code\u003e\u003c/a\u003e v2.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e511bc72777a94c45d004e010c597925092e1efe\"\u003e\u003ccode\u003ee511bc7\u003c/code\u003e\u003c/a\u003e Fix mutability issues with headers input types (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5691f596134c2feb121e595c77a0178921fcce61\"\u003e\u003ccode\u003e5691f59\u003c/code\u003e\u003c/a\u003e Update JsonType containers to read-based collections (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/2144213c307691710c9d665700860fc4993c3035\"\u003e\u003ccode\u003e2144213\u003c/code\u003e\u003c/a\u003e Constrain Response.reason to str (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6404f345e562d962abe6700a1c357ec1e7e18232\"\u003e\u003ccode\u003e6404f34\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eprepare_body\u003c/code\u003e stream detection for \u003ccode\u003e__getattr__\u003c/code\u003e-based file wrappers (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7\"\u003e#7\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0b401c76b6e80a4eecf3c690085b2553f6e261ca\"\u003e\u003ccode\u003e0b401c7\u003c/code\u003e\u003c/a\u003e v2.34.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/86b378d3f60f828daa13ca50aa82e287ff7b66b4\"\u003e\u003ccode\u003e86b378d\u003c/code\u003e\u003c/a\u003e Align Session.get parameters with requests.get (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7429\"\u003e#7429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a4f9a5999bdb9bf2d6e7c8aa973b28cacb17134f\"\u003e\u003ccode\u003ea4f9a59\u003c/code\u003e\u003c/a\u003e Port bpo-39057 to Requests (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `transformers` from 5.5.3 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/transformers/releases\"\u003etransformers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ePatch release v5.8.1\u003c/h1\u003e\n\u003cp\u003eThis release is mainly to fix the Deepseek V4 integration!!!\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Add fatal_error to ContinuousBatchingManager so the serving... by \u003ca href=\"https://github.com/qgallouedec\"\u003e\u003ccode\u003e@​qgallouedec\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/remi-or\"\u003e\u003ccode\u003e@​remi-or\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix WeightConverter regex incorrectly matching shared_experts as experts by \u003ca href=\"https://github.com/silencelamb\"\u003e\u003ccode\u003e@​silencelamb\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix deepseek v4 by \u003ca href=\"https://github.com/ArthurZucker\"\u003e\u003ccode\u003e@​ArthurZucker\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45892\"\u003e#45892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDeepseek v4 csa mask collapse by \u003ca href=\"https://github.com/ArthurZucker\"\u003e\u003ccode\u003e@​ArthurZucker\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/Sawyer117\"\u003e\u003ccode\u003e@​Sawyer117\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45928\"\u003e#45928\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 5.8.0\u003c/h2\u003e\n\u003ch1\u003eRelease v5.8.0\u003c/h1\u003e\n\u003ch2\u003eNew Model additions\u003c/h2\u003e\n\u003ch3\u003eDeepSeek-V4\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eDeepSeek-V4 is the next-generation MoE (Mixture of Experts) language model from DeepSeek that introduces several architectural innovations over DeepSeek-V3. The architecture replaces Multi-head Latent Attention (MLA) with a hybrid local + long-range attention design, swaps residual connections for Manifold-Constrained Hyper-Connections (mHC), and bootstraps the first few MoE layers with a static token-id → expert-id hash table. This implementation covers DeepSeek-V4-Flash, DeepSeek-V4-Pro, and their -Base pretrained variants, which share the same architecture but differ in width, depth, expert count and weights.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/deepseek_v4\"\u003eDocumentation\u003c/a\u003e | \u003ca href=\"https://huggingface.co/deepseek-ai/DeepSeek-V4-Flash/blob/main/DeepSeek_V4.pdf\"\u003ePaper\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd DeepSeek V4 (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45643\"\u003e#45643\u003c/a\u003e) by \u003ca href=\"https://github.com/ArthurZucker\"\u003e\u003ccode\u003e@​ArthurZucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45643\"\u003e#45643\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eGemma 4 Assistant\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eGemma 4 Assistant is a small, text-only model that enables speculative decoding for Gemma 4 models using the Multi-Token Prediction (MTP) method and associated candidate generator. The model shares the same Gemma4TextModel backbone as other Gemma 4 models but uses KV sharing throughout the entire model, allowing it to reuse the KV cache populated by the target model and skip the pre-fill phase entirely. This architecture includes cross-attention to make the most of the target model's context, allowing the assistant to accurately predict more drafted tokens per drafting round.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/gemma4_assistant\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFirst model (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45788\"\u003e#45788\u003c/a\u003e) by \u003ca href=\"https://github.com/SindhuRaghuram97\"\u003e\u003ccode\u003e@​SindhuRaghuram97\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45788\"\u003e#45788\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eGraniteSpeechPlus\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eGranite Speech Plus is a variant of Granite Speech that enhances the projector by consuming the concatenation of the encoder's final hidden states with an arbitrary subset of its intermediate hidden states along the feature dimension. It is a multimodal speech-to-text model that can transcribe audio, provide speaker annotation and word level timestamps by responding to text prompts. The model inherits the same architecture components as Granite Speech including the speech encoder, query transformer projector, language model, and optional LoRA adapter.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/granite_speech_plus\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for a new Granite-Speech-Plus model (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45695\"\u003e#45695\u003c/a\u003e) by \u003ca href=\"https://github.com/zvik\"\u003e\u003ccode\u003e@​zvik\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45695\"\u003e#45695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eGranite4Vision\u003c/h3\u003e\n\u003cp\u003eGranite Vision 4.1 is a vision-language model from IBM Research designed for enterprise-grade document data extraction. It specializes in chart extraction (Chart2CSV, Chart2Summary, Chart2Code), table extraction (JSON, HTML, OTSL), and semantic key-value pair extraction. The model builds on LLaVA-NeXT with architectural innovations including SigLIP2 Vision Encoder, Window Q-Former Projectors, and DeepStack Feature Injection with 8 vision-to-LLM injection points.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/granite4_vision\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Granite 4.1 Vision (granite4_vision) (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45597\"\u003e#45597\u003c/a\u003e) by \u003ca href=\"https://github.com/artem-spector\"\u003e\u003ccode\u003e@​artem-spector\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45597\"\u003e#45597\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/cc832f9055ba11c8c55f918ab4bda9472b910d48\"\u003e\u003ccode\u003ecc832f9\u003c/code\u003e\u003c/a\u003e up\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/f966d7b36278c7ca15967af062c4556f8bf4eea4\"\u003e\u003ccode\u003ef966d7b\u003c/code\u003e\u003c/a\u003e Deepseek v4 csa mask collapse (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45928\"\u003e#45928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/283f3f08614c0ee09e0bdc60d57dbc4d8d37af39\"\u003e\u003ccode\u003e283f3f0\u003c/code\u003e\u003c/a\u003e Fix deepseek v4 (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45892\"\u003e#45892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/4e0be9c4c5f2edb62f2e28c28c4149d3b84a3ae0\"\u003e\u003ccode\u003e4e0be9c\u003c/code\u003e\u003c/a\u003e Fix WeightConverter regex incorrectly matching shared_experts as experts in D...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/ec852625706cbe9a1264949659dad82b43fafa57\"\u003e\u003ccode\u003eec85262\u003c/code\u003e\u003c/a\u003e [fix] Add \u003ccode\u003efatal_error\u003c/code\u003e to \u003ccode\u003eContinuousBatchingManager\u003c/code\u003e so the serving layer c...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/049d2bf1220747b6d39e2a978b9f5fe0defa1dca\"\u003e\u003ccode\u003e049d2bf\u003c/code\u003e\u003c/a\u003e v5.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/2871cafffb3b221b5f1df7e59033a15a7830309f\"\u003e\u003ccode\u003e2871caf\u003c/code\u003e\u003c/a\u003e Add Granite 4.1 Vision (granite4_vision) (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45597\"\u003e#45597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/aaec1092d413d0ea7249101ea43f74b5d6d60936\"\u003e\u003ccode\u003eaaec109\u003c/code\u003e\u003c/a\u003e fix: correct spelling in continuous_api docstring (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45749\"\u003e#45749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/7050d0e0bf5a97c7c0149c319681601373621eae\"\u003e\u003ccode\u003e7050d0e\u003c/code\u003e\u003c/a\u003e Fix link to modular transformers documentation (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45746\"\u003e#45746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/df2f2b539902c78db6a0f71fb2c175880e390576\"\u003e\u003ccode\u003edf2f2b5\u003c/code\u003e\u003c/a\u003e Gemma4: fix failed test cases (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45568\"\u003e#45568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/transformers/compare/v5.5.3...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tokenizers` from 0.22.2 to 0.23.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/tokenizers/releases\"\u003etokenizers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v0.23.1\u003c/h2\u003e\n\u003ch2\u003eTL;DR\u003c/h2\u003e\n\u003cp\u003e\u003ccode\u003etokenizers 0.23.1\u003c/code\u003e is the first proper stable release in the \u003ccode\u003e0.23\u003c/code\u003e line — \u003ccode\u003e0.23.0\u003c/code\u003e only ever shipped as \u003ccode\u003erc0\u003c/code\u003e because the release pipeline itself was broken (Node side hadn't shipped multi-platform binaries since 2023, Python side was on \u003ccode\u003epyo3 0.27\u003c/code\u003e without free-threaded support). \u003ccode\u003e0.23.1\u003c/code\u003e is the version where everything actually goes out the door together: full Node multi-platform wheels for the first time in years, Python 3.14 (regular \u003cstrong\u003eand\u003c/strong\u003e free-threaded \u003ccode\u003e3.14t\u003c/code\u003e), full type hints for every Python class, and a stack of measurable perf wins on the BPE / added-vocab hot paths.\u003c/p\u003e\n\u003cp\u003eThere is no functional \u003ccode\u003e0.23.0\u003c/code\u003e published — we tag \u003ccode\u003e0.23.1\u003c/code\u003e directly so users don't accidentally pull a never-shipped version.\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003e🚨 Breaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDrop Python 3.9\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1952\"\u003e#1952\u003c/a\u003e) — \u003ccode\u003erequires-python = \u0026quot;\u0026gt;=3.10\u0026quot;\u003c/code\u003e; 3.9 users stay on \u003ccode\u003e0.22.x\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eadd_tokens\u003c/code\u003e normalizes \u003ccode\u003econtent\u003c/code\u003e at insertion\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e) — re-saved \u003ccode\u003etokenizer.json\u003c/code\u003e may differ in the \u003ccode\u003eadded_tokens\u003c/code\u003e block. Existing files load unchanged.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType stubs are precise\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1928\"\u003e#1928\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1997\"\u003e#1997\u003c/a\u003e) — methods that returned \u003ccode\u003eAny\u003c/code\u003e now return real types; \u003ccode\u003emypy --strict\u003c/code\u003e may surface previously-hidden errors. Stub layout also moved from \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;/__init__.pyi\u003c/code\u003e to \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;.pyi\u003c/code\u003e. This breaks the surface of some of the processors like \u003ccode\u003eRobertaProcessign\u003c/code\u003e's \u003ccode\u003e__init__\u003c/code\u003e .\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e3.14t-only\u003c/strong\u003e: setters/getters return \u003ccode\u003ePyResult\u0026lt;T\u0026gt;\u003c/code\u003e because of \u003ccode\u003eArc\u0026lt;RwLock\u0026lt;Tokenizer\u0026gt;\u0026gt;\u003c/code\u003e; a poisoned lock surfaces as \u003ccode\u003ePyException\u003c/code\u003e instead of a panic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e⚡ Performance — measured locally on this Mac, not lifted from PRs\u003c/h2\u003e\n\u003cp\u003eRun with \u003ccode\u003ecargo bench --bench \u0026lt;name\u0026gt; -- --save-baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.22.2\u003c/code\u003e, then \u003ccode\u003e--baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.23.1\u003c/code\u003e. Numbers are point-in-time wall clock on a single laptop; relative deltas are what matters, absolute numbers will differ on CI hardware.\u003c/p\u003e\n\u003ch3\u003eAdded-vocabulary deserialize — the headline win (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1999\"\u003e#1999\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003e\u003ccode\u003ebench: improve added_vocab_deserialize to reflect real-world workloads\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2000\"\u003e#2000\u003c/a\u003e) is now representative of how transformers actually loads tokenizer.json files. The combined effect of \u003ccode\u003edaachorse\u003c/code\u003e for the matching automaton plus the normalize-on-insert refactor is enormous on this workload:\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~410 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e248 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.1 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e273 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~395 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e235 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.4 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e290 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e400k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~15 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e980 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−94%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eReal-world impact: loading a Llama-3-style tokenizer with a large set of added tokens dropped from \u0026quot;noticeable pause\u0026quot; to \u0026quot;instant\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eBPE encode\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch, no cache\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e530 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e446 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−16%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch\u003c/code\u003e (cached)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e690 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e685 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode\u003c/code\u003e (single)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.95 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.94 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (small)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e32.6 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e31.5 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−3%\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (big)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.01 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e988 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−2%\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eThe BPE per-thread cache PR (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e) shows much larger wins on highly-parallel workloads (+47–62% at 88+ threads on a server box, per the PR's own measurements on Vera). Single-thread batch numbers above are flat or slightly improved because cache-hit overhead was already low without contention.\u003c/p\u003e\n\u003ch3\u003eLlama-3 encode\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/7f1623b90b5adfb9bc327d4c3468d2f70bbce262\"\u003e\u003ccode\u003e7f1623b\u003c/code\u003e\u003c/a\u003e Bump version to 0.23.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bbe43ad73d8fc8932b9d0e657ddee3cd70c649a4\"\u003e\u003ccode\u003ebbe43ad\u003c/code\u003e\u003c/a\u003e ci: release workflow fixes (node + python) (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2043\"\u003e#2043\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/ab0c5d8fc13eb1c5001d9c06806635e2b5a42e9f\"\u003e\u003ccode\u003eab0c5d8\u003c/code\u003e\u003c/a\u003e Fix node release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2034\"\u003e#2034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/decd8e07dad15f296c0adc2bc3a560f62d3de2eb\"\u003e\u003ccode\u003edecd8e0\u003c/code\u003e\u003c/a\u003e bindings/python: free-threaded Python (3.14t) support (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/3992692d483bf3177219b52cb101b1bb055c18e6\"\u003e\u003ccode\u003e3992692\u003c/code\u003e\u003c/a\u003e update for release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bcdd25b97fcd78549903082ecf3ddd87d42c456b\"\u003e\u003ccode\u003ebcdd25b\u003c/code\u003e\u003c/a\u003e BPE cache: per-thread read-through cache to avoid RwLock atomics on hits (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/618eb383f43e207139eb5cdb9bca17796b5e9bd7\"\u003e\u003ccode\u003e618eb38\u003c/code\u003e\u003c/a\u003e Bump follow-redirects in /tokenizers/examples/unstable_wasm/www (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2024\"\u003e#2024\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/b6b1688bef2e87efc91af18edf7ac38b4d2dfbe6\"\u003e\u003ccode\u003eb6b1688\u003c/code\u003e\u003c/a\u003e chore: bump doc-builder SHA for PR upload workflow (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2025\"\u003e#2025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/19015d6b44aa3896626de5092e4171aed1b56d5b\"\u003e\u003ccode\u003e19015d6\u003c/code\u003e\u003c/a\u003e fix: use uvx --with cairosvg instead of uv pip install --system (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2021\"\u003e#2021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/efbcc68e321c364c8f9541f1c93a158df54d7da4\"\u003e\u003ccode\u003eefbcc68\u003c/code\u003e\u003c/a\u003e Ci benchmarks (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2019\"\u003e#2019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/tokenizers/compare/v0.22.2...v0.23.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastapi` from 0.128.0 to 0.136.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastapi/fastapi/releases\"\u003efastapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.136.1\u003c/h2\u003e\n\u003ch3\u003eUpgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆️ Update Pydantic v2 code to address deprecations. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15101\"\u003e#15101\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🔨 Tweak translation script. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15174\"\u003e#15174\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump mkdocs-material from 9.7.1 to 9.7.6. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15408\"\u003e#15408\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump inline-snapshot from 0.31.1 to 0.32.6. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15409\"\u003e#15409\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest-codspeed from 4.3.0 to 4.4.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15407\"\u003e#15407\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest-cov from 7.0.0 to 7.1.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15406\"\u003e#15406\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump cloudflare/wrangler-action from 3.14.1 to 3.15.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15405\"\u003e#15405\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump mypy from 1.19.1 to 1.20.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15410\"\u003e#15410\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump python-dotenv from 1.2.1 to 1.2.2. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15400\"\u003e#15400\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump starlette from 0.52.1 to 1.0.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15397\"\u003e#15397\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pygithub from 2.8.1 to 2.9.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15396\"\u003e#15396\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pyjwt from 2.12.0 to 2.12.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15393\"\u003e#15393\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump zizmor from 1.23.1 to 1.24.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15394\"\u003e#15394\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump strawberry-graphql from 0.312.3 to 0.314.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15395\"\u003e#15395\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump python-multipart from 0.0.22 to 0.0.26. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15360\"\u003e#15360\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump authlib from 1.6.9 to 1.6.11. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15373\"\u003e#15373\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump aiohttp from 3.13.3 to 3.13.4. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15282\"\u003e#15282\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pygments from 2.19.2 to 2.20.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15263\"\u003e#15263\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pymdown-extensions from 10.20.1 to 10.21.2. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15391\"\u003e#15391\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pillow from 12.1.1 to 12.2.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15333\"\u003e#15333\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest from 9.0.2 to 9.0.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15334\"\u003e#15334\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump actions/upload-artifact from 7.0.0 to 7.0.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15374\"\u003e#15374\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump actions/cache from 5.0.4 to 5.0.5. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15385\"\u003e#15385\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Update sponsors: remove Zuplo. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15369\"\u003e#15369\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Update sponsors: remove Speakeasy. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15368\"\u003e#15368\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔒️ Add zizmor and fix audit findings. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15316\"\u003e#15316\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.136.0\u003c/h2\u003e\n\u003ch3\u003eUpgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆️ Support free-threaded Python 3.14t. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15149\"\u003e#15149\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.135.4\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🔥 Remove April Fool's \u003ccode\u003e@app.vibe()\u003c/code\u003e 🤪. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15363\"\u003e#15363\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆ Bump cryptography from 46.0.5 to 46.0.7. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15314\"\u003e#15314\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump strawberry-graphql from 0.307.1 to 0.312.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15309\"\u003e#15309\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔨 Add pre-commit hook to ensure latest release header has date. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15293\"\u003e#15293\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.135.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/e54e5a8980ffa6d7ff68ee7b25a1c46036375521\"\u003e\u003ccode\u003ee54e5a8\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/9a8a5fd99902c3b80d4cc94b85e120e2b808825f\"\u003e\u003ccode\u003e9a8a5fd\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/7815a32f2ed177b8b786a48b3e0712c05b5c644f\"\u003e\u003ccode\u003e7815a32\u003c/code\u003e\u003c/a\u003e ⬆️ Update Pydantic v2 code to address deprecations (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15101\"\u003e#15101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/ef1c927b0558d414e199a666833942a6fabb3a51\"\u003e\u003ccode\u003eef1c927\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/38039e12a86e67f2001b9b7d96c219691d6cb4af\"\u003e\u003ccode\u003e38039e1\u003c/code\u003e\u003c/a\u003e 🔨 Tweak translation script (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15174\"\u003e#15174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/4fa826ce0a3b16884a04f51e5aac95d01790b599\"\u003e\u003ccode\u003e4fa826c\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c39415673e621665fdb7bbdde69beba7eb1dfd12\"\u003e\u003ccode\u003ec394156\u003c/code\u003e\u003c/a\u003e ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6 (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15408\"\u003e#15408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/ae230ad2f9d90a4e3f6222ff1a5d6e8da41ec0ad\"\u003e\u003ccode\u003eae230ad\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/d9eb39d1a1bf2f6e6e5d3a55088f61c712cb864e\"\u003e\u003ccode\u003ed9eb39d\u003c/code\u003e\u003c/a\u003e ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6 (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15409\"\u003e#15409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/4f8b5d14d324ae8e15cfae8d85adb4186d4c2175\"\u003e\u003ccode\u003e4f8b5d1\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastapi/fastapi/compare/0.128.0...0.136.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.12.0 to 2.13.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.4 2026-05-06\u003c/h2\u003e\n\u003ch2\u003ev2.13.4 (2026-05-06)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump libc from 0.2.155 to 0.2.185 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13109\"\u003e#13109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS by \u003ca href=\"https://github.com/washingtoneg\"\u003e\u003ccode\u003e@​washingtoneg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13147\"\u003e#13147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13129\"\u003e#13129\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.3 2026-04-20\u003c/h2\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.2 2026-04-17\u003c/h2\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.1 2026-04-15\u003c/h2\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.0 2026-04-13\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/v2.13.4/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.4 (2026-05-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump libc from 0.2.155 to 0.2.185 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13109\"\u003e#13109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS by \u003ca href=\"https://github.com/washingtoneg\"\u003e\u003ccode\u003e@​washingtoneg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13147\"\u003e#13147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13129\"\u003e#13129\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.3\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.2\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.1\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.0 (2026-04-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.0\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThe highlights of the v2.13 release are available in the \u003ca href=\"https://pydantic.dev/articles/pydantic-v2-13-release\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/cf67d4b3193c3fe43ede18612ed62785eee11382\"\u003e\u003ccode\u003ecf67d4b\u003c/code\u003e\u003c/a\u003e Fix linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/f0d8a214a5803036db46a56b1f62f1e56b81d662\"\u003e\u003ccode\u003ef0d8a21\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e3fe1d41a00f441204241c66078003ae0391f9a\"\u003e\u003ccode\u003e5e3fe1d\u003c/code\u003e\u003c/a\u003e Check for pydantic tag pattern in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/7f9edcc2a191d2eaa9751220eb910914e716a686\"\u003e\u003ccode\u003e7f9edcc\u003c/code\u003e\u003c/a\u003e Document tagging conventions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/b46a0c9b8a4dd967fda8ec1a92f6437076bf262c\"\u003e\u003ccode\u003eb46a0c9\u003c/code\u003e\u003c/a\u003e Adapt \u003ccode\u003epydantic-core\u003c/code\u003e linker flags on macOS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/50629c851e61d887d5420452c311ec6203f1f400\"\u003e\u003ccode\u003e50629c8\u003c/code\u003e\u003c/a\u003e Update to PyPy 7.3.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8522ebb71e5e9a6f7188af5f009f01785b8cf725\"\u003e\u003ccode\u003e8522ebb\u003c/code\u003e\u003c/a\u003e Preserve \u003ccode\u003eRootModel\u003c/code\u003e core metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/a37f3aff090ca342dc5f48304889963530b993f8\"\u003e\u003ccode\u003ea37f3af\u003c/code\u003e\u003c/a\u003e Adapt \u003ccode\u003eMISSING\u003c/code\u003e sentinel test to work with unreleased \u003ccode\u003etyping_extensions\u003c/code\u003e ver...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/909259a9df660518033aa686b689f045a6eaf9d2\"\u003e\u003ccode\u003e909259a\u003c/code\u003e\u003c/a\u003e Remove Logfire example in documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/2c4174c366606fc2dc46cb806833a080aefa77df\"\u003e\u003ccode\u003e2c4174c\u003c/code\u003e\u003c/a\u003e Bump libc from 0.2.155 to 0.2.185\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.12.0...v2.13.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prometheus-client` from 0.22.0 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_python/releases\"\u003eprometheus-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix spaces in grouping key values for push_to_gateway by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1156\"\u003eprometheus/client_python#1156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport MultiProcessCollector in RestrictedRegistry by \u003ca href=\"https://github.com/mathias-kende\"\u003e\u003ccode\u003e@​mathias-kende\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1150\"\u003eprometheus/client_python#1150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Django] Pass correct registry to MultiProcessCollector by \u003ca href=\"https://github.com/jelly\"\u003e\u003ccode\u003e@​jelly\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1152\"\u003eprometheus/client_python#1152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd an AIOHTTP exporter by \u003ca href=\"https://github.com/Lexicality\"\u003e\u003ccode\u003e@​Lexicality\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1139\"\u003eprometheus/client_python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd remove_matching() method for metric label deletion by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1121\"\u003eprometheus/client_python#1121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(multiprocess): avoid double-building child metric names (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1035\"\u003e#1035\u003c/a\u003e) by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1146\"\u003eprometheus/client_python#1146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't interleave histogram metrics in multi-process collector by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1148\"\u003eprometheus/client_python#1148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax registry type annotations for exposition by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1149\"\u003eprometheus/client_python#1149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded compression support in pushgateway by \u003ca href=\"https://github.com/ritesh-avesha\"\u003e\u003ccode\u003e@​ritesh-avesha\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1144\"\u003eprometheus/client_python#1144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Django exporter (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1088\"\u003e#1088\u003c/a\u003e) by \u003ca href=\"https://github.com/Chadys\"\u003e\u003ccode\u003e@​Chadys\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1143\"\u003eprometheus/client_python#1143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use tuples instead of packaging Version by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUTF-8 Content Negotiation by \u003ca href=\"https://github.com/ywwg\"\u003e\u003ccode\u003e@​ywwg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1102\"\u003eprometheus/client_python#1102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRe include test data by \u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove parser performance by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1117\"\u003eprometheus/client_python#1117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support to \u003ccode\u003ewrite_to_textfile\u003c/code\u003e for custom tmpdir by \u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOM text exposition for NH by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1087\"\u003eprometheus/client_python#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug which caused metric publishing to not accept query string parameters in ASGI app by \u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1125\"\u003eprometheus/client_python#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEmit native histograms only when OM 2.0.0 is requested by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1128\"\u003eprometheus/client_python#1128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove space after comma in openmetrics exposition by \u003ca href=\"https://github.com/theSuess\"\u003e\u003ccode\u003e@​theSuess\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1132\"\u003eprometheus/client_python#1132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix issue parsing double spaces after # HELP/# TYPE by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1134\"\u003eprometheus/client_python#1134\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003c...\n\n_Description has been truncated_","html_url":"https://github.com/vllm-project/vllm/pull/42717","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vllm-project%2Fvllm/issues/42717","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/42717/packages"}},{"old_version":"3.22.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2026-05-04T05:33:52.000Z","version_change":"3.22.0 → 3.23.0","issue":{"uuid":"4374224451","node_id":"PR_kwDOI7xefs7X4umm","number":41606,"state":"closed","title":"Bump the minor-update group across 1 directory with 140 updates","user":"dependabot[bot]","labels":["rocm","ci/build","nvidia","dependencies"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":"2026-05-05T23:42:41.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-04T05:33:52.000Z","updated_at":"2026-05-05T23:42:43.000Z","time_to_close":151729,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"minor-update","update_count":140,"packages":[{"name":"regex","old_version":"2026.2.28","new_version":"2026.4.4","repository_url":"https://github.com/mrabarnett/mrab-regex"},{"name":"requests","old_version":"2.32.3","new_version":"2.33.1","repository_url":"https://github.com/psf/requests"},{"name":"transformers","old_version":"5.5.3","new_version":"5.7.0","repository_url":"https://github.com/huggingface/transformers"},{"name":"tokenizers","old_version":"0.22.2","new_version":"0.23.1","repository_url":"https://github.com/huggingface/tokenizers"},{"name":"fastapi","old_version":"0.128.0","new_version":"0.136.1","repository_url":"https://github.com/fastapi/fastapi"},{"name":"pydantic","old_version":"2.12.0","new_version":"2.13.3","repository_url":"https://github.com/pydantic/pydantic"},{"name":"prometheus-client","old_version":"0.22.0","new_version":"0.25.0","repository_url":"https://github.com/prometheus/client_python"},{"name":"lark","old_version":"1.2.2","new_version":"1.3.1","repository_url":"https://github.com/lark-parser/lark"},{"name":"filelock","old_version":"3.16.1","new_version":"3.29.0","repository_url":"https://github.com/tox-dev/py-filelock"},{"name":"opentelemetry-sdk","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-api","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"fastsafetensors","old_version":"0.2.2","new_version":"0.3","repository_url":"https://github.com/foundation-model-stack/fastsafetensors"},{"name":"absl-py","old_version":"2.1.0","new_version":"2.4.0","repository_url":"https://github.com/abseil/abseil-py"},{"name":"alembic","old_version":"1.16.4","new_version":"1.18.4","repository_url":"https://github.com/sqlalchemy/alembic"},{"name":"anyio","old_version":"4.6.2.post1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"argcomplete","old_version":"3.5.1","new_version":"3.6.3","repository_url":"https://github.com/kislyuk/argcomplete"},{"name":"arrow","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/arrow-py/arrow"},{"name":"audioread","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/beetbox/audioread"},{"name":"azure-core","old_version":"1.38.2","new_version":"1.40.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"blobfile","old_version":"3.0.0","new_version":"3.2.0","repository_url":"https://github.com/blobfile/blobfile"},{"name":"bm25s","old_version":"0.2.13","new_version":"0.3.8","repository_url":"https://github.com/xhluca/bm25s"},{"name":"boto3","old_version":"1.35.57","new_version":"1.43.3","repository_url":"https://github.com/boto/boto3"},{"name":"botocore","old_version":"1.35.57","new_version":"1.43.3","repository_url":"https://github.com/boto/botocore"},{"name":"click","old_version":"8.1.7","new_version":"8.3.3","repository_url":"https://github.com/pallets/click"},{"name":"coverage","old_version":"7.10.6","new_version":"7.13.5","repository_url":"https://github.com/coveragepy/coveragepy"},{"name":"cramjam","old_version":"2.9.0","new_version":"2.11.0","repository_url":"https://github.com/milesgranger/pyrus-cramjam"},{"name":"cuda-bindings","old_version":"13.0.3","new_version":"13.2.0","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-pathfinder","old_version":"1.3.3","new_version":"1.5.4","repository_url":"https://github.com/NVIDIA/cuda-python"},{"name":"cuda-toolkit","old_version":"13.0.2","new_version":"13.2.1"},{"name":"datamodel-code-generator","old_version":"0.26.3","new_version":"0.56.1","repository_url":"https://github.com/koxudaxi/datamodel-code-generator"},{"name":"dataproperty","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/thombashi/DataProperty"},{"name":"decorator","old_version":"5.1.1","new_version":"5.2.1","repository_url":"https://github.com/micheles/decorator"},{"name":"dill","old_version":"0.3.8","new_version":"0.4.1","repository_url":"https://github.com/uqfoundation/dill"},{"name":"distlib","old_version":"0.3.9","new_version":"0.4.0","repository_url":"https://github.com/pypa/distlib"},{"name":"dnspython","old_version":"2.7.0","new_version":"2.8.0","repository_url":"https://github.com/rthalley/dnspython"},{"name":"einx","old_version":"0.3.0","new_version":"0.4.3","repository_url":"https://github.com/fferflo/einx"},{"name":"email-validator","old_version":"2.2.0","new_version":"2.3.0","repository_url":"https://github.com/JoshData/python-email-validator"},{"name":"fonttools","old_version":"4.55.0","new_version":"4.62.1","repository_url":"https://github.com/fonttools/fonttools"},{"name":"frozenlist","old_version":"1.5.0","new_version":"1.8.0","repository_url":"https://github.com/aio-libs/frozenlist"},{"name":"google-api-core","old_version":"2.24.2","new_version":"2.30.3","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-auth","old_version":"2.40.2","new_version":"2.50.0","repository_url":"https://github.com/googleapis/google-auth-library-python"},{"name":"google-cloud-core","old_version":"2.4.3","new_version":"2.5.1","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"google-cloud-storage","old_version":"3.4.0","new_version":"3.10.1","repository_url":"https://github.com/googleapis/python-storage"},{"name":"google-crc32c","old_version":"1.7.1","new_version":"1.8.0","repository_url":"https://github.com/googleapis/python-crc32c"},{"name":"google-resumable-media","old_version":"2.7.2","new_version":"2.8.2","repository_url":"https://github.com/googleapis/google-resumable-media-python"},{"name":"googleapis-common-protos","old_version":"1.70.0","new_version":"1.74.0","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"greenlet","old_version":"3.2.3","new_version":"3.5.0","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"grpcio","old_version":"1.78.0","new_version":"1.80.0","repository_url":"https://github.com/grpc/grpc"},{"name":"grpcio-reflection","old_version":"1.78.0","new_version":"1.80.0"},{"name":"h11","old_version":"0.14.0","new_version":"0.16.0","repository_url":"https://github.com/python-hyper/h11"},{"name":"harfile","old_version":"0.3.0","new_version":"0.4.0","repository_url":"https://github.com/schemathesis/harfile"},{"name":"hiredis","old_version":"3.0.0","new_version":"3.3.1","repository_url":"https://github.com/redis/hiredis-py"},{"name":"httpx","old_version":"0.27.2","new_version":"0.28.1","repository_url":"https://github.com/encode/httpx"},{"name":"huggingface-hub","old_version":"1.10.2","new_version":"1.13.0","repository_url":"https://github.com/huggingface/huggingface_hub"},{"name":"humanize","old_version":"4.11.0","new_version":"4.15.0","repository_url":"https://github.com/python-humanize/humanize"},{"name":"hypothesis","old_version":"6.131.0","new_version":"6.152.4","repository_url":"https://github.com/HypothesisWorks/hypothesis"},{"name":"hypothesis-graphql","old_version":"0.11.1","new_version":"0.12.0","repository_url":"https://github.com/Stranger6667/hypothesis-graphql"},{"name":"idna","old_version":"3.10","new_version":"3.13","repository_url":"https://github.com/kjd/idna"},{"name":"iniconfig","old_version":"2.0.0","new_version":"2.3.0","repository_url":"https://github.com/pytest-dev/iniconfig"},{"name":"jmespath","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/jmespath/jmespath.py"},{"name":"joblib","old_version":"1.4.2","new_version":"1.5.3","repository_url":"https://github.com/joblib/joblib"},{"name":"jsonpointer","old_version":"3.0.0","new_version":"3.1.1","repository_url":"https://github.com/stefankoegl/python-json-pointer"},{"name":"jsonschema","old_version":"4.23.0","new_version":"4.26.0","repository_url":"https://github.com/python-jsonschema/jsonschema"},{"name":"kiwisolver","old_version":"1.4.7","new_version":"1.5.0","repository_url":"https://github.com/nucleic/kiwi"},{"name":"lazy-loader","old_version":"0.4","new_version":"0.5","repository_url":"https://github.com/scientific-python/lazy-loader"},{"name":"librosa","old_version":"0.10.2.post1","new_version":"0.11.0","repository_url":"https://github.com/librosa/librosa"},{"name":"matplotlib","old_version":"3.9.2","new_version":"3.10.9","repository_url":"https://github.com/matplotlib/matplotlib"},{"name":"mpmath","old_version":"1.3.0","new_version":"1.4.1","repository_url":"https://github.com/mpmath/mpmath"},{"name":"msal","old_version":"1.34.0","new_version":"1.36.0","repository_url":"https://github.com/AzureAD/microsoft-authentication-library-for-python"},{"name":"mteb","old_version":"2.8.3","new_version":"2.12.30","repository_url":"https://github.com/embeddings-benchmark/mteb"},{"name":"multidict","old_version":"6.1.0","new_version":"6.7.1","repository_url":"https://github.com/aio-libs/multidict"},{"name":"mypy-extensions","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/python/mypy_extensions"},{"name":"networkx","old_version":"3.2.1","new_version":"3.4.2","repository_url":"https://github.com/networkx/networkx"},{"name":"nvidia-cublas","old_version":"13.1.0.3","new_version":"13.4.1.1"},{"name":"nvidia-cuda-cupti","old_version":"13.0.85","new_version":"13.2.75"},{"name":"nvidia-cuda-nvrtc","old_version":"13.0.88","new_version":"13.2.78"},{"name":"nvidia-cuda-runtime","old_version":"13.0.96","new_version":"13.2.75"},{"name":"nvidia-cudnn-cu13","old_version":"9.19.0.56","new_version":"9.21.1.3"},{"name":"nvidia-cufft","old_version":"12.0.0.61","new_version":"12.2.0.46"},{"name":"nvidia-cufile","old_version":"1.15.1.6","new_version":"1.17.1.22"},{"name":"nvidia-cusolver","old_version":"12.0.4.66","new_version":"12.2.0.1"},{"name":"nvidia-cusparse","old_version":"12.6.3.3","new_version":"12.7.10.1"},{"name":"nvidia-cusparselt-cu13","old_version":"0.8.0","new_version":"0.9.1"},{"name":"nvidia-nccl-cu13","old_version":"2.28.9","new_version":"2.30.4"},{"name":"nvidia-nvjitlink","old_version":"13.0.88","new_version":"13.2.78"},{"name":"nvidia-nvshmem-cu13","old_version":"3.4.5","new_version":"3.6.5"},{"name":"nvidia-nvtx","old_version":"13.0.85","new_version":"13.2.75"},{"name":"opentelemetry-exporter-prometheus","old_version":"0.56b0","new_version":"0.62b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-proto","old_version":"1.35.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"opentelemetry-semantic-conventions","old_version":"0.56b0","new_version":"0.62b1","repository_url":"https://github.com/open-telemetry/opentelemetry-python"},{"name":"pathvalidate","old_version":"3.2.1","new_version":"3.3.1","repository_url":"https://github.com/thombashi/pathvalidate"},{"name":"peft","old_version":"0.18.1","new_version":"0.19.1","repository_url":"https://github.com/huggingface/peft"},{"name":"perceptron","old_version":"0.1.4","new_version":"0.2.1","repository_url":"https://github.com/perceptron-ai-inc/perceptron"},{"name":"platformdirs","old_version":"4.3.6","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"pluggy","old_version":"1.5.0","new_version":"1.6.0","repository_url":"https://github.com/pytest-dev/pluggy"},{"name":"polars","old_version":"1.29.0","new_version":"1.40.1","repository_url":"https://github.com/pola-rs/polars"},{"name":"pooch","old_version":"1.8.2","new_version":"1.9.0","repository_url":"https://github.com/fatiando/pooch"},{"name":"propcache","old_version":"0.2.0","new_version":"0.4.1","repository_url":"https://github.com/aio-libs/propcache"},{"name":"proto-plus","old_version":"1.26.1","new_version":"1.27.2","repository_url":"https://github.com/googleapis/google-cloud-python"},{"name":"pycryptodomex","old_version":"3.22.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"pydantic-core","old_version":"2.41.1","new_version":"2.46.3","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-extra-types","old_version":"2.10.5","new_version":"2.11.1","repository_url":"https://github.com/pydantic/pydantic-extra-types"},{"name":"pygments","old_version":"2.18.0","new_version":"2.20.0","repository_url":"https://github.com/pygments/pygments"},{"name":"pyjwt","old_version":"2.11.0","new_version":"2.12.1","repository_url":"https://github.com/jpadilla/pyjwt"},{"name":"pyparsing","old_version":"3.2.0","new_version":"3.3.2","repository_url":"https://github.com/pyparsing/pyparsing"},{"name":"pytest-mock","old_version":"3.14.0","new_version":"3.15.1","repository_url":"https://github.com/pytest-dev/pytest-mock"},{"name":"pytest-subtests","old_version":"0.14.1","new_version":"0.15.0","repository_url":"https://github.com/pytest-dev/pytest-subtests"},{"name":"pytest-timeout","old_version":"2.3.1","new_version":"2.4.0","repository_url":"https://github.com/pytest-dev/pytest-timeout"},{"name":"python-rapidjson","old_version":"1.20","new_version":"1.23","repository_url":"https://github.com/python-rapidjson/python-rapidjson"},{"name":"rapidfuzz","old_version":"3.12.1","new_version":"3.14.5","repository_url":"https://github.com/rapidfuzz/RapidFuzz"},{"name":"referencing","old_version":"0.35.1","new_version":"0.37.0","repository_url":"https://github.com/python-jsonschema/referencing"},{"name":"responses","old_version":"0.25.3","new_version":"0.26.0","repository_url":"https://github.com/getsentry/responses"},{"name":"rpds-py","old_version":"0.20.1","new_version":"0.30.0","repository_url":"https://github.com/crate-py/rpds"},{"name":"s3transfer","old_version":"0.10.3","new_version":"0.17.0","repository_url":"https://github.com/boto/s3transfer"},{"name":"sacrebleu","old_version":"2.4.3","new_version":"2.6.0","repository_url":"https://github.com/mjpost/sacrebleu"},{"name":"safetensors","old_version":"0.4.5","new_version":"0.7.0","repository_url":"https://github.com/huggingface/safetensors"},{"name":"scikit-learn","old_version":"1.5.2","new_version":"1.7.2","repository_url":"https://github.com/scikit-learn/scikit-learn"},{"name":"scipy","old_version":"1.13.1","new_version":"1.15.3","repository_url":"https://github.com/scipy/scipy"},{"name":"sentence-transformers","old_version":"5.2.0","new_version":"5.4.1","repository_url":"https://github.com/huggingface/sentence-transformers"},{"name":"six","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/benjaminp/six"},{"name":"smart-open","old_version":"7.1.0","new_version":"7.6.0","repository_url":"https://github.com/piskvorky/smart_open"},{"name":"soundfile","old_version":"0.12.1","new_version":"0.13.1","repository_url":"https://github.com/bastibe/python-soundfile"},{"name":"structlog","old_version":"25.4.0","new_version":"25.5.0","repository_url":"https://github.com/hynek/structlog"},{"name":"sympy","old_version":"1.13.3","new_version":"1.14.0","repository_url":"https://github.com/sympy/sympy"},{"name":"tabulate","old_version":"0.9.0","new_version":"0.10.0","repository_url":"https://github.com/astanin/python-tabulate"},{"name":"tblib","old_version":"3.1.0","new_version":"3.2.2","repository_url":"https://github.com/ionelmc/python-tblib"},{"name":"tensorizer","old_version":"2.10.1","new_version":"2.12.1","repository_url":"https://github.com/coreweave/tensorizer"},{"name":"termcolor","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/termcolor/termcolor"},{"name":"threadpoolctl","old_version":"3.5.0","new_version":"3.6.0","repository_url":"https://github.com/joblib/threadpoolctl"},{"name":"tomli","old_version":"2.2.1","new_version":"2.4.1","repository_url":"https://github.com/hukkin/tomli"},{"name":"tritonclient","old_version":"2.64.0","new_version":"2.68.0","repository_url":"https://github.com/triton-inference-server/client"},{"name":"typer","old_version":"0.15.2","new_version":"0.25.1","repository_url":"https://github.com/fastapi/typer"},{"name":"urllib3","old_version":"2.2.3","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.35.0","new_version":"0.46.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"vector-quantize-pytorch","old_version":"1.21.2","new_version":"1.28.2","repository_url":"https://github.com/lucidrains/vector-quantizer-pytorch"},{"name":"wcwidth","old_version":"0.2.13","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"xxhash","old_version":"3.5.0","new_version":"3.7.0","repository_url":"https://github.com/ifduyue/python-xxhash"},{"name":"yarl","old_version":"1.17.1","new_version":"1.23.0","repository_url":"https://github.com/aio-libs/yarl"},{"name":"zstandard","old_version":"0.23.0","new_version":"0.25.0","repository_url":"https://github.com/indygreg/python-zstandard"},{"name":"conch-triton-kernels","old_version":"1.2.1","new_version":"1.3","repository_url":"https://github.com/stackav-oss/conch"}],"path":null,"ecosystem":"pip"},"body":"Bumps the minor-update group with 140 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [regex](https://github.com/mrabarnett/mrab-regex) | `2026.2.28` | `2026.4.4` |\n| [requests](https://github.com/psf/requests) | `2.32.3` | `2.33.1` |\n| [transformers](https://github.com/huggingface/transformers) | `5.5.3` | `5.7.0` |\n| [tokenizers](https://github.com/huggingface/tokenizers) | `0.22.2` | `0.23.1` |\n| [fastapi](https://github.com/fastapi/fastapi) | `0.128.0` | `0.136.1` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.0` | `2.13.3` |\n| [prometheus-client](https://github.com/prometheus/client_python) | `0.22.0` | `0.25.0` |\n| [lark](https://github.com/lark-parser/lark) | `1.2.2` | `1.3.1` |\n| [filelock](https://github.com/tox-dev/py-filelock) | `3.16.1` | `3.29.0` |\n| [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [fastsafetensors](https://github.com/foundation-model-stack/fastsafetensors) | `0.2.2` | `0.3` |\n| [absl-py](https://github.com/abseil/abseil-py) | `2.1.0` | `2.4.0` |\n| [alembic](https://github.com/sqlalchemy/alembic) | `1.16.4` | `1.18.4` |\n| [anyio](https://github.com/agronholm/anyio) | `4.6.2.post1` | `4.13.0` |\n| [argcomplete](https://github.com/kislyuk/argcomplete) | `3.5.1` | `3.6.3` |\n| [arrow](https://github.com/arrow-py/arrow) | `1.3.0` | `1.4.0` |\n| [audioread](https://github.com/beetbox/audioread) | `3.0.1` | `3.1.0` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.38.2` | `1.40.0` |\n| [blobfile](https://github.com/blobfile/blobfile) | `3.0.0` | `3.2.0` |\n| [bm25s](https://github.com/xhluca/bm25s) | `0.2.13` | `0.3.8` |\n| [boto3](https://github.com/boto/boto3) | `1.35.57` | `1.43.3` |\n| [botocore](https://github.com/boto/botocore) | `1.35.57` | `1.43.3` |\n| [click](https://github.com/pallets/click) | `8.1.7` | `8.3.3` |\n| [coverage](https://github.com/coveragepy/coveragepy) | `7.10.6` | `7.13.5` |\n| [cramjam](https://github.com/milesgranger/pyrus-cramjam) | `2.9.0` | `2.11.0` |\n| [cuda-bindings](https://github.com/NVIDIA/cuda-python) | `13.0.3` | `13.2.0` |\n| [cuda-pathfinder](https://github.com/NVIDIA/cuda-python) | `1.3.3` | `1.5.4` |\n| [cuda-toolkit](https://developer.nvidia.com/cuda-toolkit) | `13.0.2` | `13.2.1` |\n| [datamodel-code-generator](https://github.com/koxudaxi/datamodel-code-generator) | `0.26.3` | `0.56.1` |\n| [dataproperty](https://github.com/thombashi/DataProperty) | `1.0.1` | `1.1.0` |\n| [decorator](https://github.com/micheles/decorator) | `5.1.1` | `5.2.1` |\n| [dill](https://github.com/uqfoundation/dill) | `0.3.8` | `0.4.1` |\n| [distlib](https://github.com/pypa/distlib) | `0.3.9` | `0.4.0` |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.7.0` | `2.8.0` |\n| [einx](https://github.com/fferflo/einx) | `0.3.0` | `0.4.3` |\n| [email-validator](https://github.com/JoshData/python-email-validator) | `2.2.0` | `2.3.0` |\n| [fonttools](https://github.com/fonttools/fonttools) | `4.55.0` | `4.62.1` |\n| [frozenlist](https://github.com/aio-libs/frozenlist) | `1.5.0` | `1.8.0` |\n| [google-api-core](https://github.com/googleapis/google-cloud-python) | `2.24.2` | `2.30.3` |\n| [google-auth](https://github.com/googleapis/google-auth-library-python) | `2.40.2` | `2.50.0` |\n| [google-cloud-core](https://github.com/googleapis/google-cloud-python) | `2.4.3` | `2.5.1` |\n| [google-cloud-storage](https://github.com/googleapis/python-storage) | `3.4.0` | `3.10.1` |\n| [google-crc32c](https://github.com/googleapis/python-crc32c) | `1.7.1` | `1.8.0` |\n| [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) | `2.7.2` | `2.8.2` |\n| [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.70.0` | `1.74.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.2.3` | `3.5.0` |\n| [grpcio](https://github.com/grpc/grpc) | `1.78.0` | `1.80.0` |\n| [grpcio-reflection](https://grpc.io) | `1.78.0` | `1.80.0` |\n| [h11](https://github.com/python-hyper/h11) | `0.14.0` | `0.16.0` |\n| [harfile](https://github.com/schemathesis/harfile) | `0.3.0` | `0.4.0` |\n| [hiredis](https://github.com/redis/hiredis-py) | `3.0.0` | `3.3.1` |\n| [httpx](https://github.com/encode/httpx) | `0.27.2` | `0.28.1` |\n| [huggingface-hub](https://github.com/huggingface/huggingface_hub) | `1.10.2` | `1.13.0` |\n| [humanize](https://github.com/python-humanize/humanize) | `4.11.0` | `4.15.0` |\n| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.131.0` | `6.152.4` |\n| [hypothesis-graphql](https://github.com/Stranger6667/hypothesis-graphql) | `0.11.1` | `0.12.0` |\n| [idna](https://github.com/kjd/idna) | `3.10` | `3.13` |\n| [iniconfig](https://github.com/pytest-dev/iniconfig) | `2.0.0` | `2.3.0` |\n| [jmespath](https://github.com/jmespath/jmespath.py) | `1.0.1` | `1.1.0` |\n| [joblib](https://github.com/joblib/joblib) | `1.4.2` | `1.5.3` |\n| [jsonpointer](https://github.com/stefankoegl/python-json-pointer) | `3.0.0` | `3.1.1` |\n| [jsonschema](https://github.com/python-jsonschema/jsonschema) | `4.23.0` | `4.26.0` |\n| [kiwisolver](https://github.com/nucleic/kiwi) | `1.4.7` | `1.5.0` |\n| [lazy-loader](https://github.com/scientific-python/lazy-loader) | `0.4` | `0.5` |\n| [librosa](https://github.com/librosa/librosa) | `0.10.2.post1` | `0.11.0` |\n| [matplotlib](https://github.com/matplotlib/matplotlib) | `3.9.2` | `3.10.9` |\n| [mpmath](https://github.com/mpmath/mpmath) | `1.3.0` | `1.4.1` |\n| [msal](https://github.com/AzureAD/microsoft-authentication-library-for-python) | `1.34.0` | `1.36.0` |\n| [mteb](https://github.com/embeddings-benchmark/mteb) | `2.8.3` | `2.12.30` |\n| [multidict](https://github.com/aio-libs/multidict) | `6.1.0` | `6.7.1` |\n| [mypy-extensions](https://github.com/python/mypy_extensions) | `1.0.0` | `1.1.0` |\n| [networkx](https://github.com/networkx/networkx) | `3.2.1` | `3.4.2` |\n| [nvidia-cublas](https://developer.nvidia.com/cuda-zone) | `13.1.0.3` | `13.4.1.1` |\n| [nvidia-cuda-cupti](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.2.75` |\n| [nvidia-cuda-nvrtc](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.2.78` |\n| [nvidia-cuda-runtime](https://developer.nvidia.com/cuda-zone) | `13.0.96` | `13.2.75` |\n| [nvidia-cudnn-cu13](https://developer.nvidia.com/cuda-zone) | `9.19.0.56` | `9.21.1.3` |\n| [nvidia-cufft](https://developer.nvidia.com/cuda-zone) | `12.0.0.61` | `12.2.0.46` |\n| [nvidia-cufile](https://developer.nvidia.com/cuda-zone) | `1.15.1.6` | `1.17.1.22` |\n| [nvidia-cusolver](https://developer.nvidia.com/cuda-zone) | `12.0.4.66` | `12.2.0.1` |\n| [nvidia-cusparse](https://developer.nvidia.com/cuda-zone) | `12.6.3.3` | `12.7.10.1` |\n| [nvidia-cusparselt-cu13](https://developer.nvidia.com/cusparselt) | `0.8.0` | `0.9.1` |\n| [nvidia-nccl-cu13](https://developer.nvidia.com/cuda-zone) | `2.28.9` | `2.30.4` |\n| [nvidia-nvjitlink](https://developer.nvidia.com/cuda-zone) | `13.0.88` | `13.2.78` |\n| [nvidia-nvshmem-cu13](https://developer.nvidia.com/cuda-zone) | `3.4.5` | `3.6.5` |\n| [nvidia-nvtx](https://developer.nvidia.com/cuda-zone) | `13.0.85` | `13.2.75` |\n| [opentelemetry-exporter-prometheus](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.62b1` |\n| [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.35.0` | `1.41.1` |\n| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.56b0` | `0.62b1` |\n| [pathvalidate](https://github.com/thombashi/pathvalidate) | `3.2.1` | `3.3.1` |\n| [peft](https://github.com/huggingface/peft) | `0.18.1` | `0.19.1` |\n| [perceptron](https://github.com/perceptron-ai-inc/perceptron) | `0.1.4` | `0.2.1` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.3.6` | `4.9.6` |\n| [pluggy](https://github.com/pytest-dev/pluggy) | `1.5.0` | `1.6.0` |\n| [polars](https://github.com/pola-rs/polars) | `1.29.0` | `1.40.1` |\n| [pooch](https://github.com/fatiando/pooch) | `1.8.2` | `1.9.0` |\n| [propcache](https://github.com/aio-libs/propcache) | `0.2.0` | `0.4.1` |\n| [proto-plus](https://github.com/googleapis/google-cloud-python) | `1.26.1` | `1.27.2` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.22.0` | `3.23.0` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.1` | `2.46.3` |\n| [pydantic-extra-types](https://github.com/pydantic/pydantic-extra-types) | `2.10.5` | `2.11.1` |\n| [pygments](https://github.com/pygments/pygments) | `2.18.0` | `2.20.0` |\n| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.11.0` | `2.12.1` |\n| [pyparsing](https://github.com/pyparsing/pyparsing) | `3.2.0` | `3.3.2` |\n| [pytest-mock](https://github.com/pytest-dev/pytest-mock) | `3.14.0` | `3.15.1` |\n| [pytest-subtests](https://github.com/pytest-dev/pytest-subtests) | `0.14.1` | `0.15.0` |\n| [pytest-timeout](https://github.com/pytest-dev/pytest-timeout) | `2.3.1` | `2.4.0` |\n| [python-rapidjson](https://github.com/python-rapidjson/python-rapidjson) | `1.20` | `1.23` |\n| [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) | `3.12.1` | `3.14.5` |\n| [referencing](https://github.com/python-jsonschema/referencing) | `0.35.1` | `0.37.0` |\n| [responses](https://github.com/getsentry/responses) | `0.25.3` | `0.26.0` |\n| [rpds-py](https://github.com/crate-py/rpds) | `0.20.1` | `0.30.0` |\n| [s3transfer](https://github.com/boto/s3transfer) | `0.10.3` | `0.17.0` |\n| [sacrebleu](https://github.com/mjpost/sacrebleu) | `2.4.3` | `2.6.0` |\n| [safetensors](https://github.com/huggingface/safetensors) | `0.4.5` | `0.7.0` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.5.2` | `1.7.2` |\n| [scipy](https://github.com/scipy/scipy) | `1.13.1` | `1.15.3` |\n| [sentence-transformers](https://github.com/huggingface/sentence-transformers) | `5.2.0` | `5.4.1` |\n| [six](https://github.com/benjaminp/six) | `1.16.0` | `1.17.0` |\n| [smart-open](https://github.com/piskvorky/smart_open) | `7.1.0` | `7.6.0` |\n| [soundfile](https://github.com/bastibe/python-soundfile) | `0.12.1` | `0.13.1` |\n| [structlog](https://github.com/hynek/structlog) | `25.4.0` | `25.5.0` |\n| [sympy](https://github.com/sympy/sympy) | `1.13.3` | `1.14.0` |\n| [tabulate](https://github.com/astanin/python-tabulate) | `0.9.0` | `0.10.0` |\n| [tblib](https://github.com/ionelmc/python-tblib) | `3.1.0` | `3.2.2` |\n| [tensorizer](https://github.com/coreweave/tensorizer) | `2.10.1` | `2.12.1` |\n| [termcolor](https://github.com/termcolor/termcolor) | `3.1.0` | `3.3.0` |\n| [threadpoolctl](https://github.com/joblib/threadpoolctl) | `3.5.0` | `3.6.0` |\n| [tomli](https://github.com/hukkin/tomli) | `2.2.1` | `2.4.1` |\n| [tritonclient](https://github.com/triton-inference-server/client) | `2.64.0` | `2.68.0` |\n| [typer](https://github.com/fastapi/typer) | `0.15.2` | `0.25.1` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.2.3` | `2.6.3` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.35.0` | `0.46.0` |\n| [vector-quantize-pytorch](https://github.com/lucidrains/vector-quantizer-pytorch) | `1.21.2` | `1.28.2` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.2.13` | `0.7.0` |\n| [xxhash](https://github.com/ifduyue/python-xxhash) | `3.5.0` | `3.7.0` |\n| [yarl](https://github.com/aio-libs/yarl) | `1.17.1` | `1.23.0` |\n| [zstandard](https://github.com/indygreg/python-zstandard) | `0.23.0` | `0.25.0` |\n| [conch-triton-kernels](https://github.com/stackav-oss/conch) | `1.2.1` | `1.3` |\n\n\nUpdates `regex` from 2026.2.28 to 2026.4.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/bc57b04b00de68590345ac2eb621b9a8dd222d7d\"\u003e\u003ccode\u003ebc57b04\u003c/code\u003e\u003c/a\u003e A fix for older Python versions before free-threading was  supported.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/773e213b5d7a78806e795d2513a37345dc793e97\"\u003e\u003ccode\u003e773e213\u003c/code\u003e\u003c/a\u003e More fixes for free-threading.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/5d51c75da03116e08bb6fb537fae6d8c804cc92c\"\u003e\u003ccode\u003e5d51c75\u003c/code\u003e\u003c/a\u003e Fixed segfault.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2aff2db5542ec5b58705be6ddb7b69a99d3e38a8\"\u003e\u003ccode\u003e2aff2db\u003c/code\u003e\u003c/a\u003e Fixed bug again.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/16af8aed2b3211e90588d2ac96f7c588ed477b2c\"\u003e\u003ccode\u003e16af8ae\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/2356563bbfd51b3986320a866c35a50b89833949\"\u003e\u003ccode\u003e2356563\u003c/code\u003e\u003c/a\u003e Fixed bug.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/f579e8ff60e2993a11cf4fd96748e4b7866c9fed\"\u003e\u003ccode\u003ef579e8f\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/55315a0497722898bed8286a596a64db698f498e\"\u003e\u003ccode\u003e55315a0\u003c/code\u003e\u003c/a\u003e Fixed version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrabarnett/mrab-regex/commit/923d78e39b8ff92db67606be3bfbc2e595b6475a\"\u003e\u003ccode\u003e923d78e\u003c/code\u003e\u003c/a\u003e Various fixes, including ones to improve free-threading support.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mrabarnett/mrab-regex/compare/2026.2.28...2026.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.33.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.1\u003c/h2\u003e\n\u003ch2\u003e2.33.1 (2026-03-30)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary\nfiles in the tmp directory. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7305\"\u003e#7305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed Content-Type header parsing for malformed values. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved error consistency for malformed header values. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7308\"\u003e#7308\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ferdnyc\"\u003e\u003ccode\u003e@​ferdnyc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7277\"\u003epsf/requests#7277\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.1 (2026-03-30)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary\nfiles in the tmp directory. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7305\"\u003e#7305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed Content-Type header parsing for malformed values. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved error consistency for malformed header values. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7308\"\u003e#7308\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/111d2b77790bf49943c0dfa09b365371c24aec7e\"\u003e\u003ccode\u003e111d2b7\u003c/code\u003e\u003c/a\u003e v2.33.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/f0198e6dfc431a2293dc16e1b1e8fcddc910a7f3\"\u003e\u003ccode\u003ef0198e6\u003c/code\u003e\u003c/a\u003e Fix malformed value parsing for Content-Type (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc7dd0fc4d56e808bcdd85ac2d797b3107c89259\"\u003e\u003ccode\u003ebc7dd0f\u003c/code\u003e\u003c/a\u003e Fix cosmetic header validity parsing regex (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7308\"\u003e#7308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/4443b1a847b190010c2972a658924b98b5db6360\"\u003e\u003ccode\u003e4443b1a\u003c/code\u003e\u003c/a\u003e Fix unintended test extra (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7306\"\u003e#7306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/389eea58dfb2f2ee096421a812e3af29c0298951\"\u003e\u003ccode\u003e389eea5\u003c/code\u003e\u003c/a\u003e Cleanup extracted file after extract_zipped_path test (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7305\"\u003e#7305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7407309c8a8a73aa2f4337184025d440bbedab7a\"\u003e\u003ccode\u003e7407309\u003c/code\u003e\u003c/a\u003e Packaging: DRY out extras definition (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7277\"\u003e#7277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.33.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `transformers` from 5.5.3 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/transformers/releases\"\u003etransformers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease v5.7.0\u003c/h1\u003e\n\u003ch2\u003eNew Model additions\u003c/h2\u003e\n\u003ch3\u003eLaguna\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eLaguna is Poolside's mixture-of-experts language model family that extends standard SwiGLU MoE transformers with two key innovations. It features per-layer head counts allowing different decoder layers to have different query-head counts while sharing the same KV cache shape, and implements a sigmoid MoE router with auxiliary-loss-free load balancing that uses element-wise sigmoid of gate logits plus learned per-expert bias for router scoring.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/laguna\"\u003eDocumentation\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLaguna XS.2 implementation (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45673\"\u003e#45673\u003c/a\u003e) by \u003ca href=\"https://github.com/joerowell\"\u003e\u003ccode\u003e@​joerowell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/45673\"\u003e#45673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDEIMv2\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eDEIMv2 (DETR with Improved Matching v2) is a real-time object detection model that extends DEIM with DINOv3 features and spans eight model sizes from X to Atto for diverse deployment scenarios. It uses a Spatial Tuning Adapter (STA) for larger variants to convert DINOv3's single-scale output into multi-scale features, while ultra-lightweight models employ pruned HGNetv2 backbones. The unified design achieves superior performance-cost trade-offs, with DEIMv2-X reaching 57.8 AP with only 50.3M parameters and DEIMv2-S being the first sub-10M model to exceed 50 AP on COCO.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eLinks:\u003c/strong\u003e \u003ca href=\"https://huggingface.co/docs/transformers/main/en/model_doc/deimv2\"\u003eDocumentation\u003c/a\u003e | \u003ca href=\"https://huggingface.co/papers/2509.20787\"\u003ePaper\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emodel: Add DEIMv2 to Transformers (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/44339\"\u003e#44339\u003c/a\u003e) by \u003ca href=\"https://github.com/harshaljanjani\"\u003e\u003ccode\u003e@​harshaljanjani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/pull/44339\"\u003e#44339\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAttention\u003c/h2\u003e\n\u003cp\u003eSeveral attention-related bugs were fixed across multiple models, including a cross-attention cache type error in T5Gemma2 for long inputs, incorrect cached forward behavior in Qwen3.5's gated-delta-net linear attention, and a crash in GraniteMoeHybrid when no Mamba layers are present. Attention function dispatch was also updated to align with the latest model implementations.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix cross-attention cache layer type for T5Gemma2 long inputs (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45540\"\u003e#45540\u003c/a\u003e) by \u003ca href=\"https://github.com/Beichen-Ma\"\u003e\u003ccode\u003e@​Beichen-Ma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45540\"\u003e#45540\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Qwen3.5] Fix GDN linear attention multi-token cached forward (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45513\"\u003e#45513\u003c/a\u003e) by \u003ca href=\"https://github.com/kashif\"\u003e\u003ccode\u003e@​kashif\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45513\"\u003e#45513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix GraniteMoeHybrid _update_mamba_mask crash on attention-only models (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45514\"\u003e#45514\u003c/a\u003e) by \u003ca href=\"https://github.com/tianhaocui\"\u003e\u003ccode\u003e@​tianhaocui\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45514\"\u003e#45514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign latest model attention function dispatch (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45598\"\u003e#45598\u003c/a\u003e) by \u003ca href=\"https://github.com/Cyrilvallez\"\u003e\u003ccode\u003e@​Cyrilvallez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45598\"\u003e#45598\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTokenizers\u003c/h2\u003e\n\u003cp\u003eThere was a bug in AutoTokenizer that caused the wrong tokenizer class to be initialized. This caused regressions in models like DeepSeek R1.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003echange got reverted (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45680\"\u003e#45680\u003c/a\u003e) by \u003ca href=\"https://github.com/itazap\"\u003e\u003ccode\u003e@​itazap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45680\"\u003e#45680\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGeneration\u003c/h2\u003e\n\u003cp\u003eContinuous batching generation received several fixes and improvements, including correcting KV deduplication and memory estimation for long sequences (16K+), and removing misleading warnings about \u003ccode\u003enum_return_sequences\u003c/code\u003e and other unsupported features that were incorrectly firing even when functionality worked correctly. Documentation for per-request sampling parameters was also added.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003egenerate: drop stale num_return_sequences warning on continuous batching path (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45582\"\u003e#45582\u003c/a\u003e) by \u003ca href=\"https://github.com/joaquinhuigomez\"\u003e\u003ccode\u003e@​joaquinhuigomez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45582\"\u003e#45582\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/6ffbb07f93d9e44457450d1150136309b0dc966b\"\u003e\u003ccode\u003e6ffbb07\u003c/code\u003e\u003c/a\u003e v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/18e7fd752e6fa7dd4ff8b828ff8f3aec5b0882ae\"\u003e\u003ccode\u003e18e7fd7\u003c/code\u003e\u003c/a\u003e change got reverted (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45680\"\u003e#45680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/2dff8f76f48abd7dd31b8dc156046509887d3cf1\"\u003e\u003ccode\u003e2dff8f7\u003c/code\u003e\u003c/a\u003e v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/93bed93e7518444cce442a89c78008fa0a21c963\"\u003e\u003ccode\u003e93bed93\u003c/code\u003e\u003c/a\u003e fixing more typos (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45689\"\u003e#45689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/a29e9675a864e2c7854a4d0f574589a8db1dac2e\"\u003e\u003ccode\u003ea29e967\u003c/code\u003e\u003c/a\u003e [docs] cb memory management (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45587\"\u003e#45587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/2d01799735d455f745b9c53d5a9d2eebdd7be569\"\u003e\u003ccode\u003e2d01799\u003c/code\u003e\u003c/a\u003e [docs] cpu offloading (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45660\"\u003e#45660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/4aba7167e328965caadcdfc6834b982037889f86\"\u003e\u003ccode\u003e4aba716\u003c/code\u003e\u003c/a\u003e docs(README_zh-hans): clarify conditions for not using Transformers (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45688\"\u003e#45688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/f4fc6d013864f5389b6518787438cf55359613d1\"\u003e\u003ccode\u003ef4fc6d0\u003c/code\u003e\u003c/a\u003e fix padding side issue for fast_vlm tests (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45592\"\u003e#45592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/5d7ff4393ab99aa7cadf4cccd1f814dbb799f2bb\"\u003e\u003ccode\u003e5d7ff43\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003ex_clip\u003c/code\u003e: 8 failed test cases (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45394\"\u003e#45394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/transformers/commit/aadc005711da266af1f75c33185172af9d9f19bf\"\u003e\u003ccode\u003eaadc005\u003c/code\u003e\u003c/a\u003e zero_shot_object_detection ValueError fix for python 3.13 (\u003ca href=\"https://redirect.github.com/huggingface/transformers/issues/45669\"\u003e#45669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/transformers/compare/v5.5.3...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tokenizers` from 0.22.2 to 0.23.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/huggingface/tokenizers/releases\"\u003etokenizers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v0.23.1\u003c/h2\u003e\n\u003ch2\u003eTL;DR\u003c/h2\u003e\n\u003cp\u003e\u003ccode\u003etokenizers 0.23.1\u003c/code\u003e is the first proper stable release in the \u003ccode\u003e0.23\u003c/code\u003e line — \u003ccode\u003e0.23.0\u003c/code\u003e only ever shipped as \u003ccode\u003erc0\u003c/code\u003e because the release pipeline itself was broken (Node side hadn't shipped multi-platform binaries since 2023, Python side was on \u003ccode\u003epyo3 0.27\u003c/code\u003e without free-threaded support). \u003ccode\u003e0.23.1\u003c/code\u003e is the version where everything actually goes out the door together: full Node multi-platform wheels for the first time in years, Python 3.14 (regular \u003cstrong\u003eand\u003c/strong\u003e free-threaded \u003ccode\u003e3.14t\u003c/code\u003e), full type hints for every Python class, and a stack of measurable perf wins on the BPE / added-vocab hot paths.\u003c/p\u003e\n\u003cp\u003eThere is no functional \u003ccode\u003e0.23.0\u003c/code\u003e published — we tag \u003ccode\u003e0.23.1\u003c/code\u003e directly so users don't accidentally pull a never-shipped version.\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003e🚨 Breaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDrop Python 3.9\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1952\"\u003e#1952\u003c/a\u003e) — \u003ccode\u003erequires-python = \u0026quot;\u0026gt;=3.10\u0026quot;\u003c/code\u003e; 3.9 users stay on \u003ccode\u003e0.22.x\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eadd_tokens\u003c/code\u003e normalizes \u003ccode\u003econtent\u003c/code\u003e at insertion\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e) — re-saved \u003ccode\u003etokenizer.json\u003c/code\u003e may differ in the \u003ccode\u003eadded_tokens\u003c/code\u003e block. Existing files load unchanged.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType stubs are precise\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1928\"\u003e#1928\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1997\"\u003e#1997\u003c/a\u003e) — methods that returned \u003ccode\u003eAny\u003c/code\u003e now return real types; \u003ccode\u003emypy --strict\u003c/code\u003e may surface previously-hidden errors. Stub layout also moved from \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;/__init__.pyi\u003c/code\u003e to \u003ccode\u003etokenizers/\u0026lt;sub\u0026gt;.pyi\u003c/code\u003e. This breaks the surface of some of the processors like \u003ccode\u003eRobertaProcessign\u003c/code\u003e's \u003ccode\u003e__init__\u003c/code\u003e .\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e3.14t-only\u003c/strong\u003e: setters/getters return \u003ccode\u003ePyResult\u0026lt;T\u0026gt;\u003c/code\u003e because of \u003ccode\u003eArc\u0026lt;RwLock\u0026lt;Tokenizer\u0026gt;\u0026gt;\u003c/code\u003e; a poisoned lock surfaces as \u003ccode\u003ePyException\u003c/code\u003e instead of a panic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e⚡ Performance — measured locally on this Mac, not lifted from PRs\u003c/h2\u003e\n\u003cp\u003eRun with \u003ccode\u003ecargo bench --bench \u0026lt;name\u0026gt; -- --save-baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.22.2\u003c/code\u003e, then \u003ccode\u003e--baseline v0_22_2\u003c/code\u003e on \u003ccode\u003ev0.23.1\u003c/code\u003e. Numbers are point-in-time wall clock on a single laptop; relative deltas are what matters, absolute numbers will differ on CI hardware.\u003c/p\u003e\n\u003ch3\u003eAdded-vocabulary deserialize — the headline win (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1995\"\u003e#1995\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/1999\"\u003e#1999\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003e\u003ccode\u003ebench: improve added_vocab_deserialize to reflect real-world workloads\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2000\"\u003e#2000\u003c/a\u003e) is now representative of how transformers actually loads tokenizer.json files. The combined effect of \u003ccode\u003edaachorse\u003c/code\u003e for the matching automaton plus the normalize-on-insert refactor is enormous on this workload:\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~410 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e248 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.1 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e273 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~395 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e235 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−40%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e100k tokens, non-special, NFKC\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~7.4 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e290 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−96%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e400k tokens, special, no norm\u003c/td\u003e\n\u003ctd align=\"right\"\u003e~15 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e980 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−94%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eReal-world impact: loading a Llama-3-style tokenizer with a large set of added tokens dropped from \u0026quot;noticeable pause\u0026quot; to \u0026quot;instant\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eBPE encode\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ebenchmark\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.22.2\u003c/th\u003e\n\u003cth align=\"right\"\u003ev0.23.1\u003c/th\u003e\n\u003cth align=\"right\"\u003echange\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch, no cache\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e530 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e446 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e\u003cstrong\u003e−16%\u003c/strong\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode batch\u003c/code\u003e (cached)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e690 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e685 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE GPT2 encode\u003c/code\u003e (single)\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.95 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.94 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003enoise\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (small)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e32.6 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e31.5 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−3%\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003eBPE Train (big)\u003c/code\u003e\u003c/td\u003e\n\u003ctd align=\"right\"\u003e1.01 s\u003c/td\u003e\n\u003ctd align=\"right\"\u003e988 ms\u003c/td\u003e\n\u003ctd align=\"right\"\u003e−2%\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003cp\u003eThe BPE per-thread cache PR (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e) shows much larger wins on highly-parallel workloads (+47–62% at 88+ threads on a server box, per the PR's own measurements on Vera). Single-thread batch numbers above are flat or slightly improved because cache-hit overhead was already low without contention.\u003c/p\u003e\n\u003ch3\u003eLlama-3 encode\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/7f1623b90b5adfb9bc327d4c3468d2f70bbce262\"\u003e\u003ccode\u003e7f1623b\u003c/code\u003e\u003c/a\u003e Bump version to 0.23.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bbe43ad73d8fc8932b9d0e657ddee3cd70c649a4\"\u003e\u003ccode\u003ebbe43ad\u003c/code\u003e\u003c/a\u003e ci: release workflow fixes (node + python) (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2043\"\u003e#2043\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/ab0c5d8fc13eb1c5001d9c06806635e2b5a42e9f\"\u003e\u003ccode\u003eab0c5d8\u003c/code\u003e\u003c/a\u003e Fix node release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2034\"\u003e#2034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/decd8e07dad15f296c0adc2bc3a560f62d3de2eb\"\u003e\u003ccode\u003edecd8e0\u003c/code\u003e\u003c/a\u003e bindings/python: free-threaded Python (3.14t) support (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/3992692d483bf3177219b52cb101b1bb055c18e6\"\u003e\u003ccode\u003e3992692\u003c/code\u003e\u003c/a\u003e update for release (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/bcdd25b97fcd78549903082ecf3ddd87d42c456b\"\u003e\u003ccode\u003ebcdd25b\u003c/code\u003e\u003c/a\u003e BPE cache: per-thread read-through cache to avoid RwLock atomics on hits (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/618eb383f43e207139eb5cdb9bca17796b5e9bd7\"\u003e\u003ccode\u003e618eb38\u003c/code\u003e\u003c/a\u003e Bump follow-redirects in /tokenizers/examples/unstable_wasm/www (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2024\"\u003e#2024\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/b6b1688bef2e87efc91af18edf7ac38b4d2dfbe6\"\u003e\u003ccode\u003eb6b1688\u003c/code\u003e\u003c/a\u003e chore: bump doc-builder SHA for PR upload workflow (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2025\"\u003e#2025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/19015d6b44aa3896626de5092e4171aed1b56d5b\"\u003e\u003ccode\u003e19015d6\u003c/code\u003e\u003c/a\u003e fix: use uvx --with cairosvg instead of uv pip install --system (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2021\"\u003e#2021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/huggingface/tokenizers/commit/efbcc68e321c364c8f9541f1c93a158df54d7da4\"\u003e\u003ccode\u003eefbcc68\u003c/code\u003e\u003c/a\u003e Ci benchmarks (\u003ca href=\"https://redirect.github.com/huggingface/tokenizers/issues/2019\"\u003e#2019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/huggingface/tokenizers/compare/v0.22.2...v0.23.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastapi` from 0.128.0 to 0.136.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastapi/fastapi/releases\"\u003efastapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.136.1\u003c/h2\u003e\n\u003ch3\u003eUpgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆️ Update Pydantic v2 code to address deprecations. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15101\"\u003e#15101\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🔨 Tweak translation script. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15174\"\u003e#15174\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump mkdocs-material from 9.7.1 to 9.7.6. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15408\"\u003e#15408\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump inline-snapshot from 0.31.1 to 0.32.6. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15409\"\u003e#15409\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest-codspeed from 4.3.0 to 4.4.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15407\"\u003e#15407\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest-cov from 7.0.0 to 7.1.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15406\"\u003e#15406\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump cloudflare/wrangler-action from 3.14.1 to 3.15.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15405\"\u003e#15405\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump mypy from 1.19.1 to 1.20.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15410\"\u003e#15410\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump python-dotenv from 1.2.1 to 1.2.2. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15400\"\u003e#15400\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump starlette from 0.52.1 to 1.0.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15397\"\u003e#15397\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pygithub from 2.8.1 to 2.9.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15396\"\u003e#15396\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pyjwt from 2.12.0 to 2.12.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15393\"\u003e#15393\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump zizmor from 1.23.1 to 1.24.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15394\"\u003e#15394\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump strawberry-graphql from 0.312.3 to 0.314.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15395\"\u003e#15395\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump python-multipart from 0.0.22 to 0.0.26. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15360\"\u003e#15360\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump authlib from 1.6.9 to 1.6.11. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15373\"\u003e#15373\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump aiohttp from 3.13.3 to 3.13.4. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15282\"\u003e#15282\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pygments from 2.19.2 to 2.20.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15263\"\u003e#15263\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pymdown-extensions from 10.20.1 to 10.21.2. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15391\"\u003e#15391\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pillow from 12.1.1 to 12.2.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15333\"\u003e#15333\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump pytest from 9.0.2 to 9.0.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15334\"\u003e#15334\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump actions/upload-artifact from 7.0.0 to 7.0.1. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15374\"\u003e#15374\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump actions/cache from 5.0.4 to 5.0.5. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15385\"\u003e#15385\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Update sponsors: remove Zuplo. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15369\"\u003e#15369\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Update sponsors: remove Speakeasy. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15368\"\u003e#15368\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔒️ Add zizmor and fix audit findings. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15316\"\u003e#15316\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.136.0\u003c/h2\u003e\n\u003ch3\u003eUpgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆️ Support free-threaded Python 3.14t. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15149\"\u003e#15149\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.135.4\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🔥 Remove April Fool's \u003ccode\u003e@app.vibe()\u003c/code\u003e 🤪. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15363\"\u003e#15363\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e⬆ Bump cryptography from 46.0.5 to 46.0.7. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15314\"\u003e#15314\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump strawberry-graphql from 0.307.1 to 0.312.3. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15309\"\u003e#15309\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔨 Add pre-commit hook to ensure latest release header has date. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15293\"\u003e#15293\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.135.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/e54e5a8980ffa6d7ff68ee7b25a1c46036375521\"\u003e\u003ccode\u003ee54e5a8\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/9a8a5fd99902c3b80d4cc94b85e120e2b808825f\"\u003e\u003ccode\u003e9a8a5fd\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/7815a32f2ed177b8b786a48b3e0712c05b5c644f\"\u003e\u003ccode\u003e7815a32\u003c/code\u003e\u003c/a\u003e ⬆️ Update Pydantic v2 code to address deprecations (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15101\"\u003e#15101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/ef1c927b0558d414e199a666833942a6fabb3a51\"\u003e\u003ccode\u003eef1c927\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/38039e12a86e67f2001b9b7d96c219691d6cb4af\"\u003e\u003ccode\u003e38039e1\u003c/code\u003e\u003c/a\u003e 🔨 Tweak translation script (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15174\"\u003e#15174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/4fa826ce0a3b16884a04f51e5aac95d01790b599\"\u003e\u003ccode\u003e4fa826c\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c39415673e621665fdb7bbdde69beba7eb1dfd12\"\u003e\u003ccode\u003ec394156\u003c/code\u003e\u003c/a\u003e ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6 (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15408\"\u003e#15408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/ae230ad2f9d90a4e3f6222ff1a5d6e8da41ec0ad\"\u003e\u003ccode\u003eae230ad\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/d9eb39d1a1bf2f6e6e5d3a55088f61c712cb864e\"\u003e\u003ccode\u003ed9eb39d\u003c/code\u003e\u003c/a\u003e ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6 (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15409\"\u003e#15409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/4f8b5d14d324ae8e15cfae8d85adb4186d4c2175\"\u003e\u003ccode\u003e4f8b5d1\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastapi/fastapi/compare/0.128.0...0.136.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.12.0 to 2.13.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.3 2026-04-20\u003c/h2\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.2...v2.13.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.2 2026-04-17\u003c/h2\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.1 2026-04-15\u003c/h2\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.0 2026-04-13\u003c/h2\u003e\n\u003ch2\u003ev2.13.0 (2026-04-13)\u003c/h2\u003e\n\u003cp\u003eThe highlights of the v2.13 release are available in the \u003ca href=\"https://pydantic.dev/articles/pydantic-v2-13-release\"\u003eblog post\u003c/a\u003e.\nSeveral minor changes (considered non-breaking changes according to our \u003ca href=\"https://pydantic.dev/docs/validation/2.13/get-started/version-policy/#pydantic-v2\"\u003eversioning policy\u003c/a\u003e) are also included in this release. Make sure to look into them before upgrading.\u003c/p\u003e\n\u003cp\u003eThis release contains the updated \u003ccode\u003epydantic.v1\u003c/code\u003e namespace, matching version 1.10.26 which includes support for Python 3.14.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003eSee the beta releases for all changes sinces 2.12.\u003c/p\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd zizmor for GitHub Actions workflow linting by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13039\"\u003e#13039\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate jiter to v0.14.0 to fix a segmentation fault on musl Linux by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13064\"\u003e#13064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.3 (2026-04-20)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.3\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHandle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13096\"\u003e#13096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.2 (2026-04-17)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.2\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13084\"\u003e#13084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.1 (2026-04-15)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.1\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e by \u003ca href=\"https://github.com/davidhewitt\"\u003e\u003ccode\u003e@​davidhewitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13079\"\u003e#13079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.13.0 (2026-04-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.13.0\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThe highlights of the v2.13 release are available in the \u003ca href=\"https://pydantic.dev/articles/pydantic-v2-13-release\"\u003eblog post\u003c/a\u003e.\nSeveral minor changes (considered non-breaking changes according to our \u003ca href=\"https://pydantic.dev/docs/validation/2.13/get-started/version-policy/#pydantic-v2\"\u003eversioning policy\u003c/a\u003e)\nare also included in this release. Make sure to look into them before upgrading.\u003c/p\u003e\n\u003cp\u003eThis release contains the updated \u003ccode\u003epydantic.v1\u003c/code\u003e namespace, matching version 1.10.26 which includes support for Python 3.14.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003eSee the beta releases for all changes sinces 2.12.\u003c/p\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow default factories of private attributes to take validated model data by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/13013\"\u003e#13013\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/9e9a11132c980c4ec84ff6d2df06d4c1a55ca8f3\"\u003e\u003ccode\u003e9e9a111\u003c/code\u003e\u003c/a\u003e Fix backported test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1ec8c6aa0cae1c78409c6f31af738a24e16c7124\"\u003e\u003ccode\u003e1ec8c6a\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/fb4f2044436e9fa4ff9745479ce263016a99c4d6\"\u003e\u003ccode\u003efb4f204\u003c/code\u003e\u003c/a\u003e Handle \u003ccode\u003eAttributeError\u003c/code\u003e subclasses with \u003ccode\u003efrom_attributes\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/ca3ddd1149bd3b14273922a29da174804496a055\"\u003e\u003ccode\u003eca3ddd1\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/000e823a3ab7545b0c6064fde34effdcd02044ab\"\u003e\u003ccode\u003e000e823\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eValidationInfo.field_name\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/d45d8be3ffb6dfc6d0c64da6980140c91ff841fb\"\u003e\u003ccode\u003ed45d8be\u003c/code\u003e\u003c/a\u003e Prepare release 2.13.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/54aca609ce58e73dfe1c681d93432fbe3a4621da\"\u003e\u003ccode\u003e54aca60\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eValidationInfo.data\u003c/code\u003e missing with \u003ccode\u003emodel_validate_json()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/46bf4fa648af3a1fbf4603a37f210e9d9c618357\"\u003e\u003ccode\u003e46bf4fa\u003c/code\u003e\u003c/a\u003e Fix Pydantic release workflow (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/13067\"\u003e#13067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b359edab09c623464d23c6fd2503ae5ff276d43\"\u003e\u003ccode\u003e1b359ed\u003c/code\u003e\u003c/a\u003e Prepare release v2.13.0 (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/13065\"\u003e#13065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/b1bf19445d8ac144a7a0e82674d2d87eebab6c18\"\u003e\u003ccode\u003eb1bf194\u003c/code\u003e\u003c/a\u003e Fix model equality when using runtime \u003ccode\u003eextra\u003c/code\u003e configuration (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/13062\"\u003e#13062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.12.0...v2.13.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prometheus-client` from 0.22.0 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_python/releases\"\u003eprometheus-client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix spaces in grouping key values for push_to_gateway by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1156\"\u003eprometheus/client_python#1156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport MultiProcessCollector in RestrictedRegistry by \u003ca href=\"https://github.com/mathias-kende\"\u003e\u003ccode\u003e@​mathias-kende\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1150\"\u003eprometheus/client_python#1150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.24.1...v0.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Django] Pass correct registry to MultiProcessCollector by \u003ca href=\"https://github.com/jelly\"\u003e\u003ccode\u003e@​jelly\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1152\"\u003eprometheus/client_python#1152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd an AIOHTTP exporter by \u003ca href=\"https://github.com/Lexicality\"\u003e\u003ccode\u003e@​Lexicality\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1139\"\u003eprometheus/client_python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd remove_matching() method for metric label deletion by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1121\"\u003eprometheus/client_python#1121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(multiprocess): avoid double-building child metric names (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1035\"\u003e#1035\u003c/a\u003e) by \u003ca href=\"https://github.com/hazel-shen\"\u003e\u003ccode\u003e@​hazel-shen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1146\"\u003eprometheus/client_python#1146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't interleave histogram metrics in multi-process collector by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1148\"\u003eprometheus/client_python#1148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax registry type annotations for exposition by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1149\"\u003eprometheus/client_python#1149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded compression support in pushgateway by \u003ca href=\"https://github.com/ritesh-avesha\"\u003e\u003ccode\u003e@​ritesh-avesha\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1144\"\u003eprometheus/client_python#1144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Django exporter (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1088\"\u003e#1088\u003c/a\u003e) by \u003ca href=\"https://github.com/Chadys\"\u003e\u003ccode\u003e@​Chadys\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1143\"\u003eprometheus/client_python#1143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use tuples instead of packaging Version by \u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efiop\"\u003e\u003ccode\u003e@​efiop\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1136\"\u003eprometheus/client_python#1136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUTF-8 Content Negotiation by \u003ca href=\"https://github.com/ywwg\"\u003e\u003ccode\u003e@​ywwg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1102\"\u003eprometheus/client_python#1102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRe include test data by \u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove parser performance by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1117\"\u003eprometheus/client_python#1117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support to \u003ccode\u003ewrite_to_textfile\u003c/code\u003e for custom tmpdir by \u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOM text exposition for NH by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1087\"\u003eprometheus/client_python#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug which caused metric publishing to not accept query string parameters in ASGI app by \u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1125\"\u003eprometheus/client_python#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEmit native histograms only when OM 2.0.0 is requested by \u003ca href=\"https://github.com/vesari\"\u003e\u003ccode\u003e@​vesari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1128\"\u003eprometheus/client_python#1128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove space after comma in openmetrics exposition by \u003ca href=\"https://github.com/theSuess\"\u003e\u003ccode\u003e@​theSuess\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1132\"\u003eprometheus/client_python#1132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix issue parsing double spaces after # HELP/# TYPE by \u003ca href=\"https://github.com/csmarchbanks\"\u003e\u003ccode\u003e@​csmarchbanks\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1134\"\u003eprometheus/client_python#1134\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mgorny\"\u003e\u003ccode\u003e@​mgorny\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1113\"\u003eprometheus/client_python#1113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aadityadhruv\"\u003e\u003ccode\u003e@​aadityadhruv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1115\"\u003eprometheus/client_python#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hacksparr0w\"\u003e\u003ccode\u003e@​hacksparr0w\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1125\"\u003eprometheus/client_python#1125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theSuess\"\u003e\u003ccode\u003e@​theSuess\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/prometheus/client_python/pull/1132\"\u003eprometheus/client_python#1132\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_python/compare/v0.22.1...v0.23.0\"\u003ehttps://github.com/prometheus/client_python/compare/v0.22.1...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/2cd1738fb880fd0e6aa9a02ec48585128388a6cd\"\u003e\u003ccode\u003e2cd1738\u003c/code\u003e\u003c/a\u003e Release 0.25.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/daa1626eaf705318013b708954499b0a049088c8\"\u003e\u003ccode\u003edaa1626\u003c/code\u003e\u003c/a\u003e docs: add API reference for all metric types  (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1159\"\u003e#1159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/8673912276bdca7ddbca5d163eb11422b546bffb\"\u003e\u003ccode\u003e8673912\u003c/code\u003e\u003c/a\u003e Support MultiProcessCollector in RestrictedRegistry. (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1150\"\u003e#1150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/671f75c6f1f04838995fadd57cda21beee01838b\"\u003e\u003ccode\u003e671f75c\u003c/code\u003e\u003c/a\u003e Fix spaces in grouping key values for push_to_gateway (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/1cf53feae63b6ecb0bd76eee80582a0fba957e09\"\u003e\u003ccode\u003e1cf53fe\u003c/code\u003e\u003c/a\u003e Fix server shutdown documentation (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1155\"\u003e#1155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/a8541354519d04852d24688845f1d2d495eef59c\"\u003e\u003ccode\u003ea854135\u003c/code\u003e\u003c/a\u003e Migrate to Github Actions (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1153\"\u003e#1153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/f417f6ea8f058165a1934e368fed245e91aafc14\"\u003e\u003ccode\u003ef417f6e\u003c/code\u003e\u003c/a\u003e Release 0.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/6f0e967c1f7a408b75861d6833a8d303874be95d\"\u003e\u003ccode\u003e6f0e967\u003c/code\u003e\u003c/a\u003e Pass correct registry to MultiProcessCollector (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1152\"\u003e#1152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/c5024d310fbfcba45a5e9db62e337a3a7930ea16\"\u003e\u003ccode\u003ec5024d3\u003c/code\u003e\u003c/a\u003e Release 0.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_python/commit/e1cdc203b1cf5f15c7b9a64d79fccc7907a62ca3\"\u003e\u003ccode\u003ee1cdc20\u003c/code\u003e\u003c/a\u003e Add Django exporter (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1088\"\u003e#1088\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/prometheus/client_python/issues/1143\"\u003e#1143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"...\n\n_Description has been truncated_","html_url":"https://github.com/vllm-project/vllm/pull/41606","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vllm-project%2Fvllm/issues/41606","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/41606/packages"}},{"old_version":"3.20.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2026-05-03T18:33:33.000Z","version_change":"3.20.0 → 3.23.0","issue":{"uuid":"4372624195","node_id":"PR_kwDOR7Q0Q87Xz0G3","number":48,"state":"closed","title":"chore(deps): bump pycryptodomex from 3.20.0 to 3.23.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-04T06:08:42.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-03T18:33:33.000Z","updated_at":"2026-05-04T06:08:44.000Z","time_to_close":41709,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"pycryptodomex","old_version":"3.20.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.20.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.21.0 - Bourdeaux\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\nthe GMP library will not be used even if detected.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\nwith the canonical name of the curve.\u003c/li\u003e\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\ncontain any of the optional elements\n(parameters [0] and publicKey[1]).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.21.0 (30 September 2024)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\nthe GMP library will not be used even if detected.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\nwith the canonical name of the curve.\u003c/li\u003e\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.20.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.20.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/however-yir/yourrag/pull/48","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/however-yir%2Fyourrag/issues/48","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/48/packages"}},{"old_version":"3.18.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-02-24T18:15:20.000Z","version_change":"3.18.0 → 3.19.1","issue":{"uuid":"3985140269","node_id":"PR_kwDOOvuMPs7GAdPD","number":11,"state":"closed","title":"chore(deps): bump the pip group across 6 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-01T14:47:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-24T18:15:20.000Z","updated_at":"2026-03-01T14:47:57.000Z","time_to_close":419555,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":13,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"azure-core","old_version":"1.27.0","new_version":"1.38.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 2 updates in the /api directory: [urllib3](https://github.com/urllib3/urllib3) and [requests](https://github.com/psf/requests).\nBumps the pip group with 3 updates in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [python-multipart](https://github.com/Kludex/python-multipart).\nBumps the pip group with 8 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.27.0` | `1.38.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 4 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic), [certifi](https://github.com/certifi/python-certifi) and [sentencepiece](https://github.com/google/sentencepiece).\nBumps the pip group with 1 update in the /ee/quickwit directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 5 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.22` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0` |\n\n\nUpdates `urllib3` from 2.3.0 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.3.0 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `python-multipart` from 0.0.20 to 0.0.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Kludex/python-multipart/releases\"\u003epython-multipart's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 0.0.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop directory path from filename in \u003ccode\u003eFile\u003c/code\u003e \u003ca href=\"https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4\"\u003e9433f4b\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22\"\u003ehttps://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 0.0.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.14 and drop EOL 3.8 and 3.9 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Kludex/python-multipart/pull/216\"\u003eKludex/python-multipart#216\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/waketzheng\"\u003e\u003ccode\u003e@​waketzheng\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Kludex/python-multipart/pull/203\"\u003eKludex/python-multipart#203\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Kludex/python-multipart/compare/0.0.20...0.0.21\"\u003ehttps://github.com/Kludex/python-multipart/compare/0.0.20...0.0.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md\"\u003epython-multipart's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.0.22 (2026-01-25)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop directory path from filename in \u003ccode\u003eFile\u003c/code\u003e \u003ca href=\"https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4\"\u003e9433f4b\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.0.21 (2025-12-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.14 and drop EOL 3.8 and 3.9 \u003ca href=\"https://redirect.github.com/Kludex/python-multipart/pull/216\"\u003e#216\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/bea7bbb2904da8ce39123a845088dc72464eaddf\"\u003e\u003ccode\u003ebea7bbb\u003c/code\u003e\u003c/a\u003e Version 0.0.22 (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/0fb59a9df0f273bfde99740b302ccb2ae45e2b8a\"\u003e\u003ccode\u003e0fb59a9\u003c/code\u003e\u003c/a\u003e chore: add return type on test (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/221\"\u003e#221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4\"\u003e\u003ccode\u003e9433f4b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/d5c91ecb0aa1cae03fe2d9811d193c952e714f17\"\u003e\u003ccode\u003ed5c91ec\u003c/code\u003e\u003c/a\u003e Bump the github-actions group with 2 updates (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/219\"\u003e#219\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/5a90631b484f8d3284b691d453c24be3db57f5cb\"\u003e\u003ccode\u003e5a90631\u003c/code\u003e\u003c/a\u003e bump uv (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/218\"\u003e#218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/1f72955602445706b5517a6f58a720796ad3d96a\"\u003e\u003ccode\u003e1f72955\u003c/code\u003e\u003c/a\u003e Version 0.0.21 (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/217\"\u003e#217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/47ecfed3533ed8dcafd800508dbf594438fd0949\"\u003e\u003ccode\u003e47ecfed\u003c/code\u003e\u003c/a\u003e Add support for Python 3.14 and drop EOL 3.8 and 3.9 (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/f18b70941b727c947f7e6b17e1c3321f5ad3afb6\"\u003e\u003ccode\u003ef18b709\u003c/code\u003e\u003c/a\u003e Bump the github-actions group across 1 directory with 4 updates (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/b388e9a7a82605cc8613798926afe8f6074cb372\"\u003e\u003ccode\u003eb388e9a\u003c/code\u003e\u003c/a\u003e chore: use depedency-groups in \u003ccode\u003epyproject.toml\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/212\"\u003e#212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/python-multipart/commit/6113e750971918a51f79c3bb2585e95ed1c53245\"\u003e\u003ccode\u003e6113e75\u003c/code\u003e\u003c/a\u003e Bump the github-actions group across 1 directory with 3 updates (\u003ca href=\"https://redirect.github.com/Kludex/python-multipart/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Kludex/python-multipart/compare/0.0.20...0.0.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure-core` from 1.27.0 to 1.38.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/releases\"\u003eazure-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eazure-core_1.38.0\u003c/h2\u003e\n\u003ch2\u003e1.38.0 (2026-01-12)\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the continuation token format. Continuation tokens generated by previous versions of azure-core are not compatible with this version.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6d2e6431ea0991861640e449e51e894247a7771a\"\u003e\u003ccode\u003e6d2e643\u003c/code\u003e\u003c/a\u003e update release date (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44609\"\u003e#44609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/ca2b965d8cce6eaa135fe01804b96164b56b7f16\"\u003e\u003ccode\u003eca2b965\u003c/code\u003e\u003c/a\u003e [Core] Prep release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44590\"\u003e#44590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fb8cbea1b9d85135f7ba99bfc6cbc2f3cee138ff\"\u003e\u003ccode\u003efb8cbea\u003c/code\u003e\u003c/a\u003e Introduce new version of continuation token (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44574\"\u003e#44574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6578a78f6a7429bbe73e27ebe904d7f362d7efa2\"\u003e\u003ccode\u003e6578a78\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44398\"\u003e#44398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/a69a3c26f3a3ed0c9e5a888d991ad447754ad00b\"\u003e\u003ccode\u003ea69a3c2\u003c/code\u003e\u003c/a\u003e add example to demo how to use truststore (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44343\"\u003e#44343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/5ade1087ec6a425d7639eefcff206ceffdf3d48f\"\u003e\u003ccode\u003e5ade108\u003c/code\u003e\u003c/a\u003e Bumping the targeted \u003ccode\u003ehttpx\u003c/code\u003e for \u003ccode\u003eazure-core-experimental\u003c/code\u003e dev reqs (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44328\"\u003e#44328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/cbb1db62711eae72aca1b2bbeedcbd7e02d21109\"\u003e\u003ccode\u003ecbb1db6\u003c/code\u003e\u003c/a\u003e [core] add tests and fix backcompat functions (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/4adcc524b09e09e4916f1280a32f9802cc798788\"\u003e\u003ccode\u003e4adcc52\u003c/code\u003e\u003c/a\u003e [Core] Support timeout error in requests+aiohttp transports (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43201\"\u003e#43201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fd709673eacbebc1107d998f217a131fa3394326\"\u003e\u003ccode\u003efd70967\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43435\"\u003e#43435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/b52527cdfdeff6b6aab4b93a87d4402b1403ce89\"\u003e\u003ccode\u003eb52527c\u003c/code\u003e\u003c/a\u003e [Core] Update TypeHandlerRegistry typing (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43393\"\u003e#43393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/compare/azure-core_1.27.0...azure-core_1.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix...\n\n_Description has been truncated_","html_url":"https://github.com/ssushant0011/openreplay/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssushant0011%2Fopenreplay/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"}},{"old_version":"3.18.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-02-11T21:53:16.000Z","version_change":"3.18.0 → 3.19.1","issue":{"uuid":"3928846244","node_id":"PR_kwDOFZ_7pM7DIC3S","number":4339,"state":"open","title":"chore(deps): bump the pip group across 4 directories with 14 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-11T21:53:16.000Z","updated_at":"2026-02-11T21:53:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":14,"packages":[{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"azure-core","old_version":"1.27.0","new_version":"1.38.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 8 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.27.0` | `1.38.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.3` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 4 updates in the /ee/intelligent_search directory: [certifi](https://github.com/certifi/python-certifi), [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [sentencepiece](https://github.com/google/sentencepiece).\nBumps the pip group with 6 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.3` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.22` |\n| [apache-airflow](https://github.com/apache/airflow) | `2.8.2` | `3.0.6` |\n\nBumps the pip group with 1 update in the /ee/recommendation/ml_trainer directory: [apache-airflow](https://github.com/apache/airflow).\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure-core` from 1.27.0 to 1.38.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/releases\"\u003eazure-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eazure-core_1.38.0\u003c/h2\u003e\n\u003ch2\u003e1.38.0 (2026-01-12)\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the continuation token format. Continuation tokens generated by previous versions of azure-core are not compatible with this version.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eazure-core_1.37.0\u003c/h2\u003e\n\u003ch2\u003e1.37.0 (2025-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eget_backcompat_attr_name\u003c/code\u003e to \u003ccode\u003eazure.core.serialization\u003c/code\u003e. \u003ccode\u003eget_backcompat_attr_name\u003c/code\u003e gets the backcompat name of an attribute using backcompat attribute access.  \u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6d2e6431ea0991861640e449e51e894247a7771a\"\u003e\u003ccode\u003e6d2e643\u003c/code\u003e\u003c/a\u003e update release date (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44609\"\u003e#44609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/ca2b965d8cce6eaa135fe01804b96164b56b7f16\"\u003e\u003ccode\u003eca2b965\u003c/code\u003e\u003c/a\u003e [Core] Prep release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44590\"\u003e#44590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fb8cbea1b9d85135f7ba99bfc6cbc2f3cee138ff\"\u003e\u003ccode\u003efb8cbea\u003c/code\u003e\u003c/a\u003e Introduce new version of continuation token (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44574\"\u003e#44574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6578a78f6a7429bbe73e27ebe904d7f362d7efa2\"\u003e\u003ccode\u003e6578a78\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44398\"\u003e#44398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/a69a3c26f3a3ed0c9e5a888d991ad447754ad00b\"\u003e\u003ccode\u003ea69a3c2\u003c/code\u003e\u003c/a\u003e add example to demo how to use truststore (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44343\"\u003e#44343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/5ade1087ec6a425d7639eefcff206ceffdf3d48f\"\u003e\u003ccode\u003e5ade108\u003c/code\u003e\u003c/a\u003e Bumping the targeted \u003ccode\u003ehttpx\u003c/code\u003e for \u003ccode\u003eazure-core-experimental\u003c/code\u003e dev reqs (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44328\"\u003e#44328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/cbb1db62711eae72aca1b2bbeedcbd7e02d21109\"\u003e\u003ccode\u003ecbb1db6\u003c/code\u003e\u003c/a\u003e [core] add tests and fix backcompat functions (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/4adcc524b09e09e4916f1280a32f9802cc798788\"\u003e\u003ccode\u003e4adcc52\u003c/code\u003e\u003c/a\u003e [Core] Support timeout error in requests+aiohttp transports (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43201\"\u003e#43201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fd709673eacbebc1107d998f217a131fa3394326\"\u003e\u003ccode\u003efd70967\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43435\"\u003e#43435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/b52527cdfdeff6b6aab4b93a87d4402b1403ce89\"\u003e\u003ccode\u003eb52527c\u003c/code\u003e\u003c/a\u003e [Core] Update TypeHandlerRegistry typing (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43393\"\u003e#43393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/compare/azure-core_1.27.0...azure-core_1.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.12...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke White]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChore: publish inline type annotations (\u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/224\"\u003e#224\u003c/a\u003e) [James Dow, James Dow]\u003c/p\u003e\n\u003cp\u003eAllow inline type hints to be packaged and distributed\nfollowing PEP561 specification\n\u003ca href=\"https://peps.python.org/pep-0561/#specification\"\u003ehttps://peps.python.org/pep-0561/#specification\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2 (2024-06-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTemporarily reverted the following commit which caused connection\nfailure for some Docker containers when SSL was enabled:\n“refactor(Connection): explicitly use TLS protocol for underlying\nconnection socket. previously TLS protocol was used by default.\nresolves deprecation warnings in Python 3.11\u0026quot; [Brooke White]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1 (2024-04-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix(auth, AdfsCredentialsProvider): Fixes a login issue that did not\nallow the loginToRp connection parameter in the\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5bbd061b03cbe555dbc783f44f716bcf8b4864c4\"\u003e\u003ccode\u003e5bbd061\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/8fb2f227b9a89bcd1e4184c171f3f8eb86252d5a\"\u003e\u003ccode\u003e8fb2f22\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/f9c0e493ece174c6c615f7a3d0dd2a7e98c305cf\"\u003e\u003ccode\u003ef9c0e49\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/632c5bf24a95c407ddbaf8d8265b71942e2dfcdc\"\u003e\u003ccode\u003e632c5bf\u003c/code\u003e\u003c/a\u003e fix: Modifying ssl_insecure connection parameter to be False by default.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5c6963f31bd3ec7a3283d36898cf9d095fbbfbd1\"\u003e\u003ccode\u003e5c6963f\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/845ed842e5c5c7621e798e6ea41febc91666e647\"\u003e\u003ccode\u003e845ed84\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/ea7df8aec96ac287e5406639d934cb3ea5e48301\"\u003e\u003ccode\u003eea7df8a\u003c/code\u003e\u003c/a\u003e Fix: Expending the cache cleanup triggers by adding DROP \u0026amp; ROLLBACK into the ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/bd3af3a76be3ef7443c21712ce645cadb287cf16\"\u003e\u003ccode\u003ebd3af3a\u003c/code\u003e\u003c/a\u003e Take version from loaded package when metadata are missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/dd8b334b6f98883bea7e6afe303c3dd0236e5af6\"\u003e\u003ccode\u003edd8b334\u003c/code\u003e\u003c/a\u003e Update changelog for version 2.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/287359102590d8a4d8181708febc9792fc487e27\"\u003e\u003ccode\u003e2873591\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/compare/v2.0.915...v2.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2023.7.22 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.3.0 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0 2023-09-25\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate pydantic-core to 2.10.0 by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBase64Url\u003c/code\u003e types by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7286\"\u003e#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement optional \u003ccode\u003enumber\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e coercion by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7508\"\u003e#7508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow access to \u003ccode\u003efield_name\u003c/code\u003e and \u003ccode\u003edata\u003c/code\u003e in all validators if there is data and a field name by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eBaseModel.model_validate_strings\u003c/code\u003e and \u003ccode\u003eTypeAdapter.validate_strings\u003c/code\u003e by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7552\"\u003e#7552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Pydantic \u003ccode\u003eplugins\u003c/code\u003e experimental implementation by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/6820\"\u003e#6820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDo not override \u003ccode\u003emodel_post_init\u003c/code\u003e in subclass with private attrs by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7302\"\u003e#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake fields with defaults not required in the serialization schema by default by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7275\"\u003e#7275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003eExtra\u003c/code\u003e as deprecated by \u003ca href=\"https://github.com/disrupted\"\u003e\u003ccode\u003e@​disrupted\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7299\"\u003e#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eEncodedStr\u003c/code\u003e a dataclass by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7396\"\u003e#7396\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003eannotated_handlers\u003c/code\u003e to be public by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7569\"\u003e#7569\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003ePerformance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSimplify flattening and inlining of \u003ccode\u003eCoreSchema\u003c/code\u003e by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7523\"\u003e#7523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused copies in \u003ccode\u003eCoreSchema\u003c/code\u003e walking by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7528\"\u003e#7528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd caches for collecting definitions and invalid schemas from a CoreSchema by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7527\"\u003e#7527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEagerly resolve discriminated unions and cache cases where we can't by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7529\"\u003e#7529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003edict.get\u003c/code\u003e and \u003ccode\u003edict.setdefault\u003c/code\u003e with more verbose versions in \u003ccode\u003eCoreSchema\u003c/code\u003e building hot paths by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7536\"\u003e#7536\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache invalid \u003ccode\u003eCoreSchema\u003c/code\u003e discovery by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7535\"\u003e#7535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow disabling \u003ccode\u003eCoreSchema\u003c/code\u003e validation for faster startup times by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7565\"\u003e#7565\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix config detection for \u003ccode\u003eTypedDict\u003c/code\u003e from grandparent classes by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7272\"\u003e#7272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix hash function generation for frozen models with unusual MRO by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7274\"\u003e#7274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003estrict\u003c/code\u003e config overridable in field for Path by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7281\"\u003e#7281\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eser_json_\u0026lt;timedelta|bytes\u0026gt;\u003c/code\u003e on default in \u003ccode\u003eGenerateJsonSchema\u003c/code\u003e by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7269\"\u003e#7269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding a check that alias is validated as an identifier for Python by \u003ca href=\"https://github.com/andree0\"\u003e\u003ccode\u003e@​andree0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7319\"\u003e#7319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise an error when computed field overrides field by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7346\"\u003e#7346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix applying \u003ccode\u003eSkipValidation\u003c/code\u003e to referenced schemas by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7381\"\u003e#7381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnforce behavior of private attributes having double leading underscore by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7265\"\u003e#7265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStandardize \u003ccode\u003e__get_pydantic_core_schema__\u003c/code\u003e signature by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7415\"\u003e#7415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix generic dataclass fields mutation bug (when using \u003ccode\u003eTypeAdapter\u003c/code\u003e) by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7435\"\u003e#7435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e on \u003ccode\u003emodel_validator\u003c/code\u003e in \u003ccode\u003ewrap\u003c/code\u003e mode by \u003ca href=\"https://github.com/pmmmwh\"\u003e\u003ccode\u003e@​pmmmwh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7496\"\u003e#7496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove enum error message by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7506\"\u003e#7506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003erepr\u003c/code\u003e work for instances that failed initialization when handling \u003ccode\u003eValidationError\u003c/code\u003es by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7439\"\u003e#7439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a regular expression denial of service issue by limiting whitespaces by \u003ca href=\"https://github.com/prodigysml\"\u003e\u003ccode\u003e@​prodigysml\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7360\"\u003e#7360\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix handling of \u003ccode\u003eUUID\u003c/code\u003e values having \u003ccode\u003eUUID.version=None\u003c/code\u003e by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7566\"\u003e#7566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0 (2023-09-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.4.0\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate pydantic-core to 2.10.0 by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBase64Url\u003c/code\u003e types by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7286\"\u003e#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement optional \u003ccode\u003enumber\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e coercion by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7508\"\u003e#7508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow access to \u003ccode\u003efield_name\u003c/code\u003e and \u003ccode\u003edata\u003c/code\u003e in all validators if there is data and a field name by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.git...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/4339","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/4339","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4339/packages"}},{"old_version":"3.18.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-01-21T15:47:22.000Z","version_change":"3.18.0 → 3.19.1","issue":{"uuid":"3838865912","node_id":"PR_kwDOFZ_7pM6-e7iL","number":4217,"state":"open","title":"chore(deps): bump the pip group across 5 directories with 12 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-21T15:47:22.000Z","updated_at":"2026-01-22T16:02:00.458Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":12,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"azure-core","old_version":"1.27.0","new_version":"1.38.0","repository_url":"https://github.com/Azure/azure-sdk-for-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the /api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 1 update in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 8 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.27.0` | `1.38.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 5 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0` |\n\n\nUpdates `urllib3` from 2.6.2 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.6.2 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure-core` from 1.27.0 to 1.38.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/releases\"\u003eazure-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eazure-core_1.38.0\u003c/h2\u003e\n\u003ch2\u003e1.38.0 (2026-01-12)\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the continuation token format. Continuation tokens generated by previous versions of azure-core are not compatible with this version.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eazure-core_1.37.0\u003c/h2\u003e\n\u003ch2\u003e1.37.0 (2025-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eget_backcompat_attr_name\u003c/code\u003e to \u003ccode\u003eazure.core.serialization\u003c/code\u003e. \u003ccode\u003eget_backcompat_attr_name\u003c/code\u003e gets the backcompat name of an attribute using backcompat attribute access.  \u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6d2e6431ea0991861640e449e51e894247a7771a\"\u003e\u003ccode\u003e6d2e643\u003c/code\u003e\u003c/a\u003e update release date (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44609\"\u003e#44609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/ca2b965d8cce6eaa135fe01804b96164b56b7f16\"\u003e\u003ccode\u003eca2b965\u003c/code\u003e\u003c/a\u003e [Core] Prep release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44590\"\u003e#44590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fb8cbea1b9d85135f7ba99bfc6cbc2f3cee138ff\"\u003e\u003ccode\u003efb8cbea\u003c/code\u003e\u003c/a\u003e Introduce new version of continuation token (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44574\"\u003e#44574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/6578a78f6a7429bbe73e27ebe904d7f362d7efa2\"\u003e\u003ccode\u003e6578a78\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44398\"\u003e#44398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/a69a3c26f3a3ed0c9e5a888d991ad447754ad00b\"\u003e\u003ccode\u003ea69a3c2\u003c/code\u003e\u003c/a\u003e add example to demo how to use truststore (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44343\"\u003e#44343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/5ade1087ec6a425d7639eefcff206ceffdf3d48f\"\u003e\u003ccode\u003e5ade108\u003c/code\u003e\u003c/a\u003e Bumping the targeted \u003ccode\u003ehttpx\u003c/code\u003e for \u003ccode\u003eazure-core-experimental\u003c/code\u003e dev reqs (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44328\"\u003e#44328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/cbb1db62711eae72aca1b2bbeedcbd7e02d21109\"\u003e\u003ccode\u003ecbb1db6\u003c/code\u003e\u003c/a\u003e [core] add tests and fix backcompat functions (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/44084\"\u003e#44084\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/4adcc524b09e09e4916f1280a32f9802cc798788\"\u003e\u003ccode\u003e4adcc52\u003c/code\u003e\u003c/a\u003e [Core] Support timeout error in requests+aiohttp transports (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43201\"\u003e#43201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/fd709673eacbebc1107d998f217a131fa3394326\"\u003e\u003ccode\u003efd70967\u003c/code\u003e\u003c/a\u003e [Core] Increment version for core release (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43435\"\u003e#43435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-python/commit/b52527cdfdeff6b6aab4b93a87d4402b1403ce89\"\u003e\u003ccode\u003eb52527c\u003c/code\u003e\u003c/a\u003e [Core] Update TypeHandlerRegistry typing (\u003ca href=\"https://redirect.github.com/Azure/azure-sdk-for-python/issues/43393\"\u003e#43393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Azure/azure-sdk-for-python/compare/azure-core_1.27.0...azure-core_1.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke White]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChore: publish inline type annotations (\u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/224\"\u003e#224\u003c/a\u003e) [James Dow, James Dow]\u003c/p\u003e\n\u003cp\u003eAllow inline type hints to be packaged and distributed\nfollowing PEP561 specification\n\u003ca href=\"https://peps.python.org/pep-0561/#specification\"\u003ehttps://peps.python.org/pep-0561/#specification\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2 (2024-06-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTemporarily reverted the following commit which caused connection\nfailure for some Docker containers when SSL was enabled:\n“refactor(Connection): explicitly use TLS protocol for underlying\nconnection socket. previously TLS protocol was used by default.\nresolves deprecation warnings in Python 3.11\u0026quot; [Brooke White]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1 (2024-04-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix(auth, AdfsCredentialsProvider): Fixes a login issue that did not\nallow the loginToRp connection parameter in the\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5bbd061b03cbe555dbc783f44f716bcf8b4864c4\"\u003e\u003ccode\u003e5bbd061\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/8fb2f227b9a89bcd1e4184c171f3f8eb86252d5a\"\u003e\u003ccode\u003e8fb2f22\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/f9c0e493ece174c6c615f7a3d0dd2a7e98c305cf\"\u003e\u003ccode\u003ef9c0e49\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/632c5bf24a95c407ddbaf8d8265b71942e2dfcdc\"\u003e\u003ccode\u003e632c5bf\u003c/code\u003e\u003c/a\u003e fix: Modifying ssl_insecure connection parameter to be False by default.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5c6963f31bd3ec7a3283d36898cf9d095fbbfbd1\"\u003e\u003ccode\u003e5c6963f\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/845ed842e5c5c7621e798e6ea41febc91666e647\"\u003e\u003ccode\u003e845ed84\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/ea7df8aec96ac287e5406639d934cb3ea5e48301\"\u003e\u003ccode\u003eea7df8a\u003c/code\u003e\u003c/a\u003e Fix: Expending the cache cleanup triggers by adding DROP \u0026amp; ROLLBACK into the ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/bd3af3a76be3ef7443c21712ce645cadb287cf16\"\u003e\u003ccode\u003ebd3af3a\u003c/code\u003e\u003c/a\u003e Take version from loaded package when metadata are missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/dd8b334b6f98883bea7e6afe303c3dd0236e5af6\"\u003e\u003ccode\u003edd8b334\u003c/code\u003e\u003c/a\u003e Update changelog for version 2.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/287359102590d8a4d8181708febc9792fc487e27\"\u003e\u003ccode\u003e2873591\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/compare/v2.0.915...v2.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.3.0 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0 2023-09-25\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate pydantic-core to 2.10.0 by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBase64Url\u003c/code\u003e types by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7286\"\u003e#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement optional \u003ccode\u003enumber\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e coercion by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7508\"\u003e#7508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow access to \u003ccode\u003efield_name\u003c/code\u003e and \u003ccode\u003edata\u003c/code\u003e in all validators if there is data and a field name by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eBaseModel.model_validate_strings\u003c/code\u003e and \u003ccode\u003eTypeAdapter.validate_strings\u003c/code\u003e by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7552\"\u003e#7552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Pydantic \u003ccode\u003eplugins\u003c/code\u003e experimental implementation by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/6820\"\u003e#6820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDo not override \u003ccode\u003emodel_post_init\u003c/code\u003e in subclass with private attrs by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7302\"\u003e#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake fields with defaults not required in the serialization schema by default by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7275\"\u003e#7275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003eExtra\u003c/code\u003e as deprecated by \u003ca href=\"https://github.com/disrupted\"\u003e\u003ccode\u003e@​disrupted\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7299\"\u003e#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eEncodedStr\u003c/code\u003e a dataclass by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7396\"\u003e#7396\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003eannotated_handlers\u003c/code\u003e to be public by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7569\"\u003e#7569\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003ePerformance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSimplify flattening and inlining of \u003ccode\u003eCoreSchema\u003c/code\u003e by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7523\"\u003e#7523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused copies in \u003ccode\u003eCoreSchema\u003c/code\u003e walking by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7528\"\u003e#7528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd caches for collecting definitions and invalid schemas from a CoreSchema by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7527\"\u003e#7527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEagerly resolve discriminated unions and cache cases where we can't by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7529\"\u003e#7529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003edict.get\u003c/code\u003e and \u003ccode\u003edict.setdefault\u003c/code\u003e with more verbose versions in \u003ccode\u003eCoreSchema\u003c/code\u003e building hot paths by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7536\"\u003e#7536\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache invalid \u003ccode\u003eCoreSchema\u003c/code\u003e discovery by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7535\"\u003e#7535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow disabling \u003ccode\u003eCoreSchema\u003c/code\u003e validation for faster startup times by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7565\"\u003e#7565\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix config detection for \u003ccode\u003eTypedDict\u003c/code\u003e from grandparent classes by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7272\"\u003e#7272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix hash function generation for frozen models with unusual MRO by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7274\"\u003e#7274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003estrict\u003c/code\u003e config overridable in field for Path by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7281\"\u003e#7281\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eser_json_\u0026lt;timedelta|bytes\u0026gt;\u003c/code\u003e on default in \u003ccode\u003eGenerateJsonSchema\u003c/code\u003e by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7269\"\u003e#7269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding a check that alias is validated as an identifier for Python by \u003ca href=\"https://github.com/andree0\"\u003e\u003ccode\u003e@​andree0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7319\"\u003e#7319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise an error when computed field overrides field by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7346\"\u003e#7346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix applying \u003ccode\u003eSkipValidation\u003c/code\u003e to referenced schemas by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7381\"\u003e#7381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnforce behavior of private attributes having double leading underscore by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7265\"\u003e#7265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStandardize \u003ccode\u003e__get_pydantic_core_schema__\u003c/code\u003e signature by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7415\"\u003e#7415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix generic dataclass fields mutation bug (when using \u003ccode\u003eTypeAdapter\u003c/code\u003e) by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7435\"\u003e#7435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e on \u003ccode\u003emodel_validator\u003c/code\u003e in \u003ccode\u003ewrap\u003c/code\u003e mode by \u003ca href=\"https://github.com/pmmmwh\"\u003e\u003ccode\u003e@​pmmmwh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7496\"\u003e#7496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove enum error message by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7506\"\u003e#7506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003erepr\u003c/code\u003e work for instances that failed initialization when handling \u003ccode\u003eValidationError\u003c/code\u003es by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7439\"\u003e#7439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a regular expression denial of service issue by limiting whitespaces by \u003ca href=\"https://github.com/prodigysml\"\u003e\u003ccode\u003e@​prodigysml\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7360\"\u003e#7360\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix handling of \u003ccode\u003eUUID\u003c/code\u003e values having \u003ccode\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/4217","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/4217","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4217/packages"}},{"old_version":"3.18.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-01-13T20:41:59.000Z","version_change":"3.18.0 → 3.19.1","issue":{"uuid":"3810518053","node_id":"PR_kwDOFZ_7pM69BKc5","number":4188,"state":"open","title":"chore(deps): bump the pip group across 5 directories with 11 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-13T20:41:59.000Z","updated_at":"2026-01-20T13:01:41.835Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":11,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.3","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the /api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 1 update in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 7 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 5 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.3` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0` |\n\n\nUpdates `urllib3` from 2.5.0 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.6.2 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3734\"\u003eurllib3/urllib3#3734\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3731\"\u003e#3731\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.3 (2026-01-07)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a high-severity security issue where decompression-bomb safeguards of\nthe streaming API were bypassed when HTTP redirects were followed.\n(\u003ccode\u003eGHSA-38jv-5279-wg99 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by\ndefault. (\u003ccode\u003e[#3743](https://github.com/urllib3/urllib3/issues/3743) \u0026lt;https://github.com/urllib3/urllib3/issues/3743\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten.\n(\u003ccode\u003e[#3752](https://github.com/urllib3/urllib3/issues/3752) \u0026lt;https://github.com/urllib3/urllib3/issues/3752\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.2 (2025-12-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to properly handle leftover data in\nthe decoder's buffer when reading compressed chunked responses.\n(\u003ccode\u003e[#3734](https://github.com/urllib3/urllib3/issues/3734) \u0026lt;https://github.com/urllib3/urllib3/issues/3734\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.1 (2025-12-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRestore previously removed \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\n(\u003ccode\u003e[#3731](https://github.com/urllib3/urllib3/issues/3731) \u0026lt;https://github.com/urllib3/urllib3/issues/3731\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc\"\u003e\u003ccode\u003e0248277\u003c/code\u003e\u003c/a\u003e Release 2.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b\"\u003e\u003ccode\u003e8864ac4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c\"\u003e\u003ccode\u003e70cecb2\u003c/code\u003e\u003c/a\u003e Fix Scorecard issues related to vulnerable dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359\"\u003e\u003ccode\u003e41f249a\u003c/code\u003e\u003c/a\u003e Move \u0026quot;v2.0 Migration Guide\u0026quot; to the end of the table of contents (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3747\"\u003e#3747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c\"\u003e\u003ccode\u003efd4dffd\u003c/code\u003e\u003c/a\u003e Patch \u003ccode\u003eVerifiedHTTPSConnection\u003c/code\u003e for Emscripten (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003e#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab\"\u003e\u003ccode\u003e13f0bfd\u003c/code\u003e\u003c/a\u003e Handle massive values in Retry-After when calculating time to sleep for (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b\"\u003e\u003ccode\u003e8c480bf\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3748\"\u003e#3748\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1\"\u003e\u003ccode\u003e4b40616\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4.3.0 to 5.0.1 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3750\"\u003e#3750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b\"\u003e\u003ccode\u003e82b8479\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3749\"\u003e#3749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2\"\u003e\u003ccode\u003e34284cb\u003c/code\u003e\u003c/a\u003e Mention experimental features in the security policy (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3746\"\u003e#3746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke White]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChore: publish inline type annotations (\u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/224\"\u003e#224\u003c/a\u003e) [James Dow, James Dow]\u003c/p\u003e\n\u003cp\u003eAllow inline type hints to be packaged and distributed\nfollowing PEP561 specification\n\u003ca href=\"https://peps.python.org/pep-0561/#specification\"\u003ehttps://peps.python.org/pep-0561/#specification\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2 (2024-06-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTemporarily reverted the following commit which caused connection\nfailure for some Docker containers when SSL was enabled:\n“refactor(Connection): explicitly use TLS protocol for underlying\nconnection socket. previously TLS protocol was used by default.\nresolves deprecation warnings in Python 3.11\u0026quot; [Brooke White]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1 (2024-04-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix(auth, AdfsCredentialsProvider): Fixes a login issue that did not\nallow the loginToRp connection parameter in the\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5bbd061b03cbe555dbc783f44f716bcf8b4864c4\"\u003e\u003ccode\u003e5bbd061\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/8fb2f227b9a89bcd1e4184c171f3f8eb86252d5a\"\u003e\u003ccode\u003e8fb2f22\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/f9c0e493ece174c6c615f7a3d0dd2a7e98c305cf\"\u003e\u003ccode\u003ef9c0e49\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/632c5bf24a95c407ddbaf8d8265b71942e2dfcdc\"\u003e\u003ccode\u003e632c5bf\u003c/code\u003e\u003c/a\u003e fix: Modifying ssl_insecure connection parameter to be False by default.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5c6963f31bd3ec7a3283d36898cf9d095fbbfbd1\"\u003e\u003ccode\u003e5c6963f\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/845ed842e5c5c7621e798e6ea41febc91666e647\"\u003e\u003ccode\u003e845ed84\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/ea7df8aec96ac287e5406639d934cb3ea5e48301\"\u003e\u003ccode\u003eea7df8a\u003c/code\u003e\u003c/a\u003e Fix: Expending the cache cleanup triggers by adding DROP \u0026amp; ROLLBACK into the ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/bd3af3a76be3ef7443c21712ce645cadb287cf16\"\u003e\u003ccode\u003ebd3af3a\u003c/code\u003e\u003c/a\u003e Take version from loaded package when metadata are missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/dd8b334b6f98883bea7e6afe303c3dd0236e5af6\"\u003e\u003ccode\u003edd8b334\u003c/code\u003e\u003c/a\u003e Update changelog for version 2.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/287359102590d8a4d8181708febc9792fc487e27\"\u003e\u003ccode\u003e2873591\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/compare/v2.0.915...v2.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.c...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/4188","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/4188","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4188/packages"}},{"old_version":"3.18.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-01-07T16:06:11.000Z","version_change":"3.18.0 → 3.19.1","issue":{"uuid":"3789360228","node_id":"PR_kwDOFZ_7pM678HyM","number":4162,"state":"closed","title":"chore(deps): bump the pip group across 4 directories with 11 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-01-09T13:35:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-07T16:06:11.000Z","updated_at":"2026-01-09T13:35:32.000Z","time_to_close":163743,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":11,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.6.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the /api directory: [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 7 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.6.0` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 5 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.6.0` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.5.0rc0` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n\n\nUpdates `urllib3` from 2.5.0 to 2.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003cli\u003eIf you use custom decompressors, please make sure to update them to  respect the changed API of \u003ccode\u003eurllib3.response.ContentDecoder\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled retrieval, deletion, and membership testing in \u003ccode\u003eHTTPHeaderDict\u003c/code\u003e using bytes keys. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3653\"\u003e#3653\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded host and port information to string representations of \u003ccode\u003eHTTPConnection\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3666\"\u003e#3666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Python 3.14 free-threading builds explicitly. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3696\"\u003e#3696\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRemovals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers\u003c/code\u003e. Removed the \u003ccode\u003eHTTPResponse.getheader(name, default)\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers.get(name, default)\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3622\"\u003e#3622\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed redirect handling in \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e when an integer is passed for the retries parameter. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3649\"\u003e#3649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPConnectionPool\u003c/code\u003e when used in Emscripten with no explicit port. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3664\"\u003e#3664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling of \u003ccode\u003eSSLKEYLOGFILE\u003c/code\u003e with expandable variables. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3700\"\u003e#3700\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the \u003ccode\u003ezstd\u003c/code\u003e extra to install \u003ccode\u003ebackports.zstd\u003c/code\u003e instead of \u003ccode\u003ezstandard\u003c/code\u003e on Python 3.13 and before. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved the performance of content decoding by optimizing \u003ccode\u003eBytesQueueBuffer\u003c/code\u003e class. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3710\"\u003e#3710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllowed building the urllib3 package with newer setuptools-scm v9.x. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3652\"\u003e#3652\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsured successful urllib3 builds by setting Hatchling requirement to ≥ 1.27.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3638\"\u003e#3638\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\n\u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIf you use custom decompressors, please make sure to update them to\nrespect the changed API of \u003ccode\u003eurllib3.response.ContentDecoder\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled retrieval, deletion, and membership testing in \u003ccode\u003eHTTPHeaderDict\u003c/code\u003e using bytes keys. (\u003ccode\u003e[#3653](https://github.com/urllib3/urllib3/issues/3653) \u0026lt;https://github.com/urllib3/urllib3/issues/3653\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded host and port information to string representations of \u003ccode\u003eHTTPConnection\u003c/code\u003e. (\u003ccode\u003e[#3666](https://github.com/urllib3/urllib3/issues/3666) \u0026lt;https://github.com/urllib3/urllib3/issues/3666\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for Python 3.14 free-threading builds explicitly. (\u003ccode\u003e[#3696](https://github.com/urllib3/urllib3/issues/3696) \u0026lt;https://github.com/urllib3/urllib3/issues/3696\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRemovals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers\u003c/code\u003e.\nRemoved the \u003ccode\u003eHTTPResponse.getheader(name, default)\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers.get(name, default)\u003c/code\u003e. (\u003ccode\u003e[#3622](https://github.com/urllib3/urllib3/issues/3622) \u0026lt;https://github.com/urllib3/urllib3/issues/3622\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed redirect handling in \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e when an integer is passed\nfor the retries parameter. (\u003ccode\u003e[#3649](https://github.com/urllib3/urllib3/issues/3649) \u0026lt;https://github.com/urllib3/urllib3/issues/3649\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPConnectionPool\u003c/code\u003e when used in Emscripten with no explicit port. (\u003ccode\u003e[#3664](https://github.com/urllib3/urllib3/issues/3664) \u0026lt;https://github.com/urllib3/urllib3/issues/3664\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed handling of \u003ccode\u003eSSLKEYLOGFILE\u003c/code\u003e with expandable variables. (\u003ccode\u003e[#3700](https://github.com/urllib3/urllib3/issues/3700) \u0026lt;https://github.com/urllib3/urllib3/issues/3700\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/720f484b605f18887a48eef448d0084e2b76902d\"\u003e\u003ccode\u003e720f484\u003c/code\u003e\u003c/a\u003e Release 2.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8\"\u003e\u003ccode\u003e24d7b67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7\"\u003e\u003ccode\u003ec19571d\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/816fcf04528bc0f89672e13398eb813dcc892490\"\u003e\u003ccode\u003e816fcf0\u003c/code\u003e\u003c/a\u003e Bump actions/setup-python from 6.0.0 to 6.1.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3725\"\u003e#3725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/18af0a10efc4c99dd028f7ad5a461470b9a8b0fd\"\u003e\u003ccode\u003e18af0a1\u003c/code\u003e\u003c/a\u003e Improve speed of \u003ccode\u003eBytesQueueBuffer.get()\u003c/code\u003e by using memoryview (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3711\"\u003e#3711\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/1f6abac3e6d426c3939b8a17cf4afa099e691ab2\"\u003e\u003ccode\u003e1f6abac\u003c/code\u003e\u003c/a\u003e Bump versions of pre-commit hooks (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3716\"\u003e#3716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/1c8fbf787b8e6ed151842c5d6874c9d5bdbf1d0b\"\u003e\u003ccode\u003e1c8fbf7\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3722\"\u003e#3722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7784b9eee95b7c90802c02b111e98df70259ae4f\"\u003e\u003ccode\u003e7784b9e\u003c/code\u003e\u003c/a\u003e Add Python 3.15 to CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3717\"\u003e#3717\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0241c9e7286d3008e3cce18effc13b40dc633385\"\u003e\u003ccode\u003e0241c9e\u003c/code\u003e\u003c/a\u003e Updated docs to reflect change in optional zstd dependency from \u003ccode\u003ezstandard\u003c/code\u003e t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7afcabb6489d9a8ea95a40e5afcb46463af17351\"\u003e\u003ccode\u003e7afcabb\u003c/code\u003e\u003c/a\u003e Expand environment variable of SSLKEYLOGFILE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly compressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-2xpw-w6gg-jr37)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by \u003ca href=\"https://github.com/illia-v\"\u003e\u003ccode\u003e@​illia-v\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-gm62-xv2j-4w53)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to  benefit from the security fixes and avoid warnings. Prefer using  \u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/li\u003e\n\u003cli\u003eIf you use custom decompressors, please make sure to update them to  respect the changed API of \u003ccode\u003eurllib3.response.ContentDecoder\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled retrieval, deletion, and membership testing in \u003ccode\u003eHTTPHeaderDict\u003c/code\u003e using bytes keys. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3653\"\u003e#3653\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded host and port information to string representations of \u003ccode\u003eHTTPConnection\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3666\"\u003e#3666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for Python 3.14 free-threading builds explicitly. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3696\"\u003e#3696\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRemovals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers\u003c/code\u003e. Removed the \u003ccode\u003eHTTPResponse.getheader(name, default)\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers.get(name, default)\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3622\"\u003e#3622\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed redirect handling in \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e when an integer is passed for the retries parameter. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3649\"\u003e#3649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPConnectionPool\u003c/code\u003e when used in Emscripten with no explicit port. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3664\"\u003e#3664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed handling of \u003ccode\u003eSSLKEYLOGFILE\u003c/code\u003e with expandable variables. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3700\"\u003e#3700\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged the \u003ccode\u003ezstd\u003c/code\u003e extra to install \u003ccode\u003ebackports.zstd\u003c/code\u003e instead of \u003ccode\u003ezstandard\u003c/code\u003e on Python 3.13 and before. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3693\"\u003e#3693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved the performance of content decoding by optimizing \u003ccode\u003eBytesQueueBuffer\u003c/code\u003e class. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3710\"\u003e#3710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllowed building the urllib3 package with newer setuptools-scm v9.x. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3652\"\u003e#3652\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsured successful urllib3 builds by setting Hatchling requirement to ≥ 1.27.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3638\"\u003e#3638\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.6.0 (2025-12-05)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where streaming API could improperly handle highly\ncompressed HTTP content (\u0026quot;decompression bombs\u0026quot;) leading to excessive resource\nconsumption even when a small amount of data was requested. Reading small\nchunks of compressed data is safer and much more efficient now.\n(\u003ccode\u003eGHSA-2xpw-w6gg-jr37 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a security issue where an attacker could compose an HTTP response with\nvirtually unlimited links in the \u003ccode\u003eContent-Encoding\u003c/code\u003e header, potentially\nleading to a denial of service (DoS) attack by exhausting system resources\nduring decoding. The number of allowed chained encodings is now limited to 5.\n(\u003ccode\u003eGHSA-gm62-xv2j-4w53 \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. caution::\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eIf urllib3 is not installed with the optional \u003ccode\u003eurllib3[brotli]\u003c/code\u003e extra, but\nyour environment contains a Brotli/brotlicffi/brotlipy package anyway, make\nsure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to\nbenefit from the security fixes and avoid warnings. Prefer using\n\u003ccode\u003eurllib3[brotli]\u003c/code\u003e to install a compatible Brotli package automatically.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIf you use custom decompressors, please make sure to update them to\nrespect the changed API of \u003ccode\u003eurllib3.response.ContentDecoder\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnabled retrieval, deletion, and membership testing in \u003ccode\u003eHTTPHeaderDict\u003c/code\u003e using bytes keys. (\u003ccode\u003e[#3653](https://github.com/urllib3/urllib3/issues/3653) \u0026lt;https://github.com/urllib3/urllib3/issues/3653\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded host and port information to string representations of \u003ccode\u003eHTTPConnection\u003c/code\u003e. (\u003ccode\u003e[#3666](https://github.com/urllib3/urllib3/issues/3666) \u0026lt;https://github.com/urllib3/urllib3/issues/3666\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for Python 3.14 free-threading builds explicitly. (\u003ccode\u003e[#3696](https://github.com/urllib3/urllib3/issues/3696) \u0026lt;https://github.com/urllib3/urllib3/issues/3696\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRemovals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers\u003c/code\u003e.\nRemoved the \u003ccode\u003eHTTPResponse.getheader(name, default)\u003c/code\u003e method in favor of \u003ccode\u003eHTTPResponse.headers.get(name, default)\u003c/code\u003e. (\u003ccode\u003e[#3622](https://github.com/urllib3/urllib3/issues/3622) \u0026lt;https://github.com/urllib3/urllib3/issues/3622\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed redirect handling in \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e when an integer is passed\nfor the retries parameter. (\u003ccode\u003e[#3649](https://github.com/urllib3/urllib3/issues/3649) \u0026lt;https://github.com/urllib3/urllib3/issues/3649\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPConnectionPool\u003c/code\u003e when used in Emscripten with no explicit port. (\u003ccode\u003e[#3664](https://github.com/urllib3/urllib3/issues/3664) \u0026lt;https://github.com/urllib3/urllib3/issues/3664\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed handling of \u003ccode\u003eSSLKEYLOGFILE\u003c/code\u003e with expandable variables. (\u003ccode\u003e[#3700](https://github.com/urllib3/urllib3/issues/3700) \u0026lt;https://github.com/urllib3/urllib3/issues/3700\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/720f484b605f18887a48eef448d0084e2b76902d\"\u003e\u003ccode\u003e720f484\u003c/code\u003e\u003c/a\u003e Release 2.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8\"\u003e\u003ccode\u003e24d7b67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7\"\u003e\u003ccode\u003ec19571d\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/816fcf04528bc0f89672e13398eb813dcc892490\"\u003e\u003ccode\u003e816fcf0\u003c/code\u003e\u003c/a\u003e Bump actions/setup-python from 6.0.0 to 6.1.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3725\"\u003e#3725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/18af0a10efc4c99dd028f7ad5a461470b9a8b0fd\"\u003e\u003ccode\u003e18af0a1\u003c/code\u003e\u003c/a\u003e Improve speed of \u003ccode\u003eBytesQueueBuffer.get()\u003c/code\u003e by using memoryview (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3711\"\u003e#3711\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/1f6abac3e6d426c3939b8a17cf4afa099e691ab2\"\u003e\u003ccode\u003e1f6abac\u003c/code\u003e\u003c/a\u003e Bump versions of pre-commit hooks (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3716\"\u003e#3716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/1c8fbf787b8e6ed151842c5d6874c9d5bdbf1d0b\"\u003e\u003ccode\u003e1c8fbf7\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5.0.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3722\"\u003e#3722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7784b9eee95b7c90802c02b111e98df70259ae4f\"\u003e\u003ccode\u003e7784b9e\u003c/code\u003e\u003c/a\u003e Add Python 3.15 to CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3717\"\u003e#3717\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/0241c9e7286d3008e3cce18effc13b40dc633385\"\u003e\u003ccode\u003e0241c9e\u003c/code\u003e\u003c/a\u003e Updated docs to reflect change in optional zstd dependency from \u003ccode\u003ezstandard\u003c/code\u003e t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7afcabb6489d9a8ea95a40e5afcb46463af17351\"\u003e\u003ccode\u003e7afcabb\u003c/code\u003e\u003c/a\u003e Expand environment variable of SSLKEYLOGFILE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.5.0...2.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/9701b3e05c814f227ed4c69522c558e86888b902\"\u003e\u003ccode\u003e9701b3e\u003c/code\u003e\u003c/a\u003e bump gh action (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2144\"\u003e#2144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/2331d23889cc3ee5b0a92dbf8a2168d46d439d7e\"\u003e\u003ccode\u003e2331d23\u003c/code\u003e\u003c/a\u003e release 3.13.0 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2141\"\u003e#2141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/598ab4c4dce6025e17a3195fe6d42430e049a085\"\u003e\u003ccode\u003e598ab4c\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2139\"\u003e#2139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/66cc90bbad4084366605999332003b019ddeae42\"\u003e\u003ccode\u003e66cc90b\u003c/code\u003e\u003c/a\u003e SNOW-1882588 Add Test for PR 2136 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2138\"\u003e#2138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/compare/v3.0.4...v3.13.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2022.09.24 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.09.24...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke White]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChore: publish inline type annotations (\u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/224\"\u003e#224\u003c/a\u003e) [James Dow, James Dow]\u003c/p\u003e\n\u003cp\u003eAllow inline type hints to be packaged and distributed\nfollowing PEP561 specification\n\u003ca href=\"https://peps.python.org/pep-0561/#specification\"\u003ehttps://peps.python.org/pep-0561/#specification\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2 (2024-06-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTemporarily reverted the following commit which caused connection\nfailure for some Docker containers when SSL was enabled:\n“refactor(Connection): explicitly use TLS protocol for underlying\nconnection socket. previously TLS protocol was used by default.\nresolves deprecation warnings in Python 3.11\u0026quot; [Brooke White]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1 (2024-04-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix(auth, AdfsCredentialsProvider): Fixes a login issue that did not\nallow the loginToRp connection parameter in the\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5bbd061b03cbe555dbc783f44f716bcf8b4864c4\"\u003e\u003ccode\u003e5bbd061\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/8fb2f227b9a89bcd1e4184c171f3f8eb86252d5a\"\u003e\u003ccode\u003e8fb2f22\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/f9c0e493ece174c6c615f7a3d0dd2a7e98c305cf\"\u003e\u003ccode\u003ef9c0e49\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/632c5bf24a95c407ddbaf8d8265b71942e2dfcdc\"\u003e\u003ccode\u003e632c5bf\u003c/code\u003e\u003c/a\u003e fix: Modifying ssl_insecure connection parameter to be False by default.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/5c6963f31bd3ec7a3283d36898cf9d095fbbfbd1\"\u003e\u003ccode\u003e5c6963f\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/845ed842e5c5c7621e798e6ea41febc91666e647\"\u003e\u003ccode\u003e845ed84\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/ea7df8aec96ac287e5406639d934cb3ea5e48301\"\u003e\u003ccode\u003eea7df8a\u003c/code\u003e\u003c/a\u003e Fix: Expending the cache cleanup triggers by adding DROP \u0026amp; ROLLBACK into the ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/bd3af3a76be3ef7443c21712ce645cadb287cf16\"\u003e\u003ccode\u003ebd3af3a\u003c/code\u003e\u003c/a\u003e Take version from loaded package when metadata are missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/dd8b334b6f98883bea7e6afe303c3dd0236e5af6\"\u003e\u003ccode\u003edd8b334\u003c/code\u003e\u003c/a\u003e Update changelog for version 2.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/commit/287359102590d8a4d8181708febc9792fc487e27\"\u003e\u003ccode\u003e2873591\u003c/code\u003e\u003c/a\u003e chore: bump version to 2.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/compare/v2.0.915...v2.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.3.0 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0 2023-09-25\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate pydantic-core to 2.10.0 by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eNew Features\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eBase64Url\u003c/code\u003e types by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7286\"\u003e#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImplement optional \u003ccode\u003enumber\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e coercion by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7508\"\u003e#7508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow access to \u003ccode\u003efield_name\u003c/code\u003e and \u003ccode\u003edata\u003c/code\u003e in all validators if there is data and a field name by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7542\"\u003e#7542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eBaseModel.model_validate_strings\u003c/code\u003e and \u003ccode\u003eTypeAdapter.validate_strings\u003c/code\u003e by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7552\"\u003e#7552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Pydantic \u003ccode\u003eplugins\u003c/code\u003e experimental implementation by \u003ca href=\"https://github.com/lig\"\u003e\u003ccode\u003e@​lig\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/6820\"\u003e#6820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDo not override \u003ccode\u003emodel_post_init\u003c/code\u003e in subclass with private attrs by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7302\"\u003e#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake fields with defaults not required in the serialization schema by default by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7275\"\u003e#7275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003eExtra\u003c/code\u003e as deprecated by \u003ca href=\"https://github.com/disrupted\"\u003e\u003ccode\u003e@​disrupted\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7299\"\u003e#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eEncodedStr\u003c/code\u003e a dataclass by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7396\"\u003e#7396\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003eannotated_handlers\u003c/code\u003e to be public by \u003ca href=\"https://github.com/samuelcolvin\"\u003e\u003ccode\u003e@​samuelcolvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7569\"\u003e#7569\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003ePerformance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSimplify flattening and inlining of \u003ccode\u003eCoreSchema\u003c/code\u003e by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7523\"\u003e#7523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused copies in \u003ccode\u003eCoreSchema\u003c/code\u003e walking by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7528\"\u003e#7528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd caches for collecting definitions and invalid schemas from a CoreSchema by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7527\"\u003e#7527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEagerly resolve discriminated unions and cache cases where we can't by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7529\"\u003e#7529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003edict.get\u003c/code\u003e and \u003ccode\u003edict.setdefault\u003c/code\u003e with more verbose versions in \u003ccode\u003eCoreSchema\u003c/code\u003e building hot paths by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7536\"\u003e#7536\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache invalid \u003ccode\u003eCoreSchema\u003c/code\u003e discovery by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7535\"\u003e#7535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow disabling \u003ccode\u003eCoreSchema\u003c/code\u003e validation for faster startup times by \u003ca href=\"https://github.com/adriangb\"\u003e\u003ccode\u003e@​adriangb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7565\"\u003e#7565\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix config detection for \u003ccode\u003eTypedDict\u003c/code\u003e from grandparent classes by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7272\"\u003e#7272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix hash function generation for frozen models with unusual MRO by \u003ca href=\"https://github.com/dmontagu\"\u003e\u003ccode\u003e@​dmontagu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7274\"\u003e#7274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003estrict\u003c/code\u003e config overridable in field for Path by \u003ca href=\"https://github.com/hramezani\"\u003e\u003ccode\u003e@​hramezani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7281\"\u003e#7281\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eser_json_\u0026lt;timedelta|bytes\u0026gt;\u003c/code\u003e on default in \u003ccode\u003eGenerateJsonSchema\u003c/code\u003e by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7269\"\u003e#7269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding a check that alias is validated as an identifier for Python by \u003ca href=\"https://github.com/andree0\"\u003e\u003ccode\u003e@​andree0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7319\"\u003e#7319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise an error when computed field overrides field by \u003ca href=\"https://github.com/sydney-runkle\"\u003e\u003ccode\u003e@​sydney-runkle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/7346\"\u003e#7346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix applying \u003ccode\u003eSkipValidation\u003c/code\u003e to referenced schemas by \u003ca href=\"https://github...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/4162","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/4162","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4162/packages"}},{"old_version":"3.21.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2025-11-03T02:31:47.000Z","version_change":"3.21.0 → 3.23.0","issue":{"uuid":"3580328777","node_id":"PR_kwDOK0Z3lM6xGQSb","number":593,"state":"open","title":"build(deps): bump pycryptodomex from 3.21.0 to 3.23.0","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":8,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-03T02:31:47.000Z","updated_at":"2026-03-18T19:00:33.934Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"pycryptodomex","old_version":"3.21.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.21.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.21.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=uv\u0026previous-version=3.21.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/algorandfoundation/puya/pull/593","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/algorandfoundation%2Fpuya/issues/593","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/593/packages"}},{"old_version":"3.21.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2025-09-30T23:08:48.000Z","version_change":"3.21.0 → 3.23.0","issue":{"uuid":"2876251249","node_id":"PR_kwDOADutIc6rcBxx","number":9916,"state":"closed","title":"Bump pycryptodomex from 3.21.0 to 3.23.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-10-06T09:06:10.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-30T23:08:48.000Z","updated_at":"2025-10-06T09:06:10.000Z","time_to_close":467842,"merged_at":"2025-10-06T09:06:10.000Z","merged_by":"acelaya","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"pycryptodomex","old_version":"3.21.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.21.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.21.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.21.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hypothesis/h/pull/9916","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hypothesis%2Fh/issues/9916","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9916/packages"}},{"old_version":"3.18.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2025-09-09T10:43:39.000Z","version_change":"3.18.0 → 3.19.1","issue":{"uuid":"2811489391","node_id":"PR_kwDOFZ_7pM6nk-xv","number":3643,"state":"closed","title":"build(deps): bump the pip group across 7 directories with 12 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-09-17T13:32:13.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-09T10:43:39.000Z","updated_at":"2025-09-17T13:32:14.000Z","time_to_close":701314,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":12,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 3 updates in the /api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [pydantic](https://github.com/pydantic/pydantic).\nBumps the pip group with 3 updates in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [pydantic](https://github.com/pydantic/pydantic).\nBumps the pip group with 7 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.5.0` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 1 update in the /ee/quickwit directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 7 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.5.0` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.6.3` | `2.11.7` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.1.0` |\n| [apache-airflow](https://github.com/apache/airflow) | `2.8.2` | `2.10.3` |\n\nBumps the pip group with 1 update in the /ee/recommendation/ml_trainer directory: [apache-airflow](https://github.com/apache/airflow).\n\nUpdates `urllib3` from 2.3.0 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.10.6 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.10.6...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.3.0 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.10.6 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.10.6...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `snowflake-connector-python` from 3.0.4 to 3.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/releases\"\u003esnowflake-connector-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.13.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.1(January 29, 2025)\n\u003cul\u003e\n\u003cli\u003eRemedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-2vpq-fh52-j3wv\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability in deserialization of the OCSP response cache. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemedied vulnerability connected to cache files permissions. See more: \u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\"\u003ehttps://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-r2x6-cjg7-8r43\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.13.0(January 23,2025)\n\u003cul\u003e\n\u003cli\u003eAdded a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.\u003c/li\u003e\n\u003cli\u003eUpdated README.md to include instructions on how to verify package signatures using \u003ccode\u003ecosign\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for cursor's chunk rowcount from INFO to DEBUG.\u003c/li\u003e\n\u003cli\u003eAdded a feature to verify if the connection is still good enough to send queries over.\u003c/li\u003e\n\u003cli\u003eAdded support for base64-encoded DER private key strings in the \u003ccode\u003eprivate_key\u003c/code\u003e authentication type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.4(December 3,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug where multipart uploads to Azure would be missing their MD5 hashes.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.\u003c/li\u003e\n\u003cli\u003eFixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.\u003c/li\u003e\n\u003cli\u003eBumped pyOpenSSL dependency from \u0026gt;=16.2.0,\u0026lt;25.0.0 to \u0026gt;=22.0.0,\u0026lt;25.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.3(October 25,2024)\n\u003cul\u003e\n\u003cli\u003eImproved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.\u003c/li\u003e\n\u003cli\u003eImproved error message for SQL execution cancellations caused by timeout.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.2(September 11,2024)\n\u003cul\u003e\n\u003cli\u003eImproved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.\u003c/li\u003e\n\u003cli\u003eImproved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.\u003c/li\u003e\n\u003cli\u003eImproved implementation of the \u003ccode\u003esnowflake.connector.util_text.random_string\u003c/code\u003e to reduce the likelihood of collisions.\u003c/li\u003e\n\u003cli\u003eUpdated the log level for OCSP fail-open warning messages from ERROR to WARNING.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.1(August 20,2024)\n\u003cul\u003e\n\u003cli\u003eFixed a bug that logged the session token when renewing a session.\u003c/li\u003e\n\u003cli\u003eFixed a bug where disabling client telemetry did not work.\u003c/li\u003e\n\u003cli\u003eFixed a bug where passing \u003ccode\u003elogin_timeout\u003c/code\u003e as a string raised a \u003ccode\u003eTypeError\u003c/code\u003e during the login retry step.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epathlib\u003c/code\u003e instead of \u003ccode\u003eos\u003c/code\u003e for default config file location resolution.\u003c/li\u003e\n\u003cli\u003eRemoved upper \u003ccode\u003ecryptogaphy\u003c/code\u003e version pin.\u003c/li\u003e\n\u003cli\u003eRemoved reference to script \u003ccode\u003esnowflake-export-certs\u003c/code\u003e (its backing module was already removed long ago)\u003c/li\u003e\n\u003cli\u003eEnhanced retry mechanism for handling transient network failures during query result polling when no server response is received.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev3.12.0(July 24,2024)\n\u003cul\u003e\n\u003cli\u003eSet default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.\u003c/li\u003e\n\u003cli\u003eOptimized \u003ccode\u003eto_pandas()\u003c/code\u003e performance by fully parallel downloading logic.\u003c/li\u003e\n\u003cli\u003eFixed a bug that specifying client_session_keep_alive_heartbeat_frequency in snowflake-sqlalchemy could crash the connector.\u003c/li\u003e\n\u003cli\u003eFixed incorrect type hint of connection parameter \u003ccode\u003eprivate_key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded support for connectivity to multiple domains.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/51bd4842f9e282e98706ca9736d169fd8f362663\"\u003e\u003ccode\u003e51bd484\u003c/code\u003e\u003c/a\u003e Release version 3.13.1 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2152\"\u003e#2152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/f3f9b666518d29c31a49384bbaa9a65889e72056\"\u003e\u003ccode\u003ef3f9b66\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch 2 (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2155\"\u003e#2155\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af\"\u003e\u003ccode\u003e3769b43\u003c/code\u003e\u003c/a\u003e SNOW-1902019: Python CVEs january batch (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2154\"\u003e#2154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/ec3002d2736225681b58604137f6b3d9ffb9c672\"\u003e\u003ccode\u003eec3002d\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2149\"\u003e#2149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/07990e00108cfbfc75693aedf93beb6cd837a622\"\u003e\u003ccode\u003e07990e0\u003c/code\u003e\u003c/a\u003e pin qemu used for arm64 linux wheels  (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2151\"\u003e#2151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/snowflakedb/snowflake-connector-python/commit/94e99433b9d21283bfeb5c0ed904ba9221386ddc\"\u003e\u003ccode\u003e94e9943\u003c/code\u003e\u003c/a\u003e remove 38 reqs file (\u003ca href=\"https://redirect.github.com/snowflakedb/snowflake-connector-python/issues/2146\"\u003e#2146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://gith...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/3643","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/3643","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3643/packages"}},{"old_version":"3.18.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2025-08-29T21:03:24.000Z","version_change":"3.18.0 → 3.19.1","issue":{"uuid":"2786010792","node_id":"PR_kwDOMrw2JM6mDyao","number":2,"state":"open","title":"chore(deps): bump the pip group across 1 directory with 11 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-29T21:03:24.000Z","updated_at":"2025-08-29T21:03:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":11,"packages":[{"name":"ansible","old_version":"7.1.0","new_version":"8.5.0","repository_url":"https://github.com/ansible-community/ansible-build-data"},{"name":"ecdsa","old_version":"0.18.0","new_version":"0.19.1","repository_url":"https://github.com/tlsfuzzer/python-ecdsa"},{"name":"future","old_version":"0.18.3","new_version":"1.0.0","repository_url":"https://github.com/PythonCharmers/python-future"},{"name":"paramiko","old_version":"3.2.0","new_version":"3.4.0","repository_url":"https://github.com/paramiko/paramiko"},{"name":"pycryptodome","old_version":"3.18.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"requests","old_version":"2.31.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"djangorestframework","old_version":"3.14.0","new_version":"3.15.2","repository_url":"https://github.com/encode/django-rest-framework"},{"name":"pillow","old_version":"10.0.1","new_version":"10.3.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"eventlet","old_version":"0.33.3","new_version":"0.40.3","repository_url":"https://github.com/eventlet/eventlet"},{"name":"azure-identity","old_version":"1.16.0","new_version":"1.16.1","repository_url":"https://github.com/Azure/azure-sdk-for-python"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ansible](https://github.com/ansible-community/ansible-build-data) | `7.1.0` | `8.5.0` |\n| [ecdsa](https://github.com/tlsfuzzer/python-ecdsa) | `0.18.0` | `0.19.1` |\n| [future](https://github.com/PythonCharmers/python-future) | `0.18.3` | `1.0.0` |\n| [paramiko](https://github.com/paramiko/paramiko) | `3.2.0` | `3.4.0` |\n| [pycryptodome](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.23.0` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [djangorestframework](https://github.com/encode/django-rest-framework) | `3.14.0` | `3.15.2` |\n| [pillow](https://github.com/python-pillow/Pillow) | `10.0.1` | `10.3.0` |\n| [eventlet](https://github.com/eventlet/eventlet) | `0.33.3` | `0.40.3` |\n| [azure-identity](https://github.com/Azure/azure-sdk-for-python) | `1.16.0` | `1.16.1` |\n\n\nUpdates `ansible` from 7.1.0 to 8.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/16d36538b96c65d9e0e28d89781361b69857ac0e\"\u003e\u003ccode\u003e16d3653\u003c/code\u003e\u003c/a\u003e Ansible 8.5.0: Dependencies, changelog and porting guide (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/304\"\u003e#304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/23f5e493dbfd9da9e23c2fff69c5816d3d0439b0\"\u003e\u003ccode\u003e23f5e49\u003c/code\u003e\u003c/a\u003e Ansible 9.0.0a2: Dependencies, changelog and porting guide (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/303\"\u003e#303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/e9d24af3f7b204d4290bf1f3ec90b3b8a9c00a53\"\u003e\u003ccode\u003ee9d24af\u003c/code\u003e\u003c/a\u003e Ansible 9.0.0a1: Dependencies, changelog and porting guide (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/301\"\u003e#301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/c852649b925e24784be5cd9e10ebfa32b7a72616\"\u003e\u003ccode\u003ec852649\u003c/code\u003e\u003c/a\u003e Exclude collections whose releases aren't tagged with constraints files. (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/300\"\u003e#300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/9e71e5c648d889644ee7cb31700a7fb3a7073aa2\"\u003e\u003ccode\u003e9e71e5c\u003c/code\u003e\u003c/a\u003e Ansible 8.4.0: Dependencies, changelog and porting guide (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/879c56e454b5cc1a13e8efde4da68dc8e0ff1a09\"\u003e\u003ccode\u003e879c56e\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Ignore missing tag for cisco.intersight. (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/287\"\u003e#287\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/296771c4dd03f0fadb60a09bcb5c2a8d1984d94c\"\u003e\u003ccode\u003e296771c\u003c/code\u003e\u003c/a\u003e cisco.merkai is now developed in and released from \u003ca href=\"https://github.com/meraki/\"\u003ehttps://github.com/meraki/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/3b42722c5f0f0127956a7a9b021129ce3919ba33\"\u003e\u003ccode\u003e3b42722\u003c/code\u003e\u003c/a\u003e Ignore missing tag for cisco.intersight. (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/d2083966780ac288527d7479b9112069e9c5de91\"\u003e\u003ccode\u003ed208396\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 3 to 4 (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ansible-community/ansible-build-data/commit/084965e42b9d88f0358b3c1afec6509d4b2398fd\"\u003e\u003ccode\u003e084965e\u003c/code\u003e\u003c/a\u003e Deprecate hpe.nimble (\u003ca href=\"https://redirect.github.com/ansible-community/ansible-build-data/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ansible-community/ansible-build-data/compare/7.1.0...8.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ecdsa` from 0.18.0 to 0.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/releases\"\u003eecdsa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eecdsa 0.19.1\u003c/h2\u003e\n\u003cp\u003eNew API:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eder.remove_implicit\u003c/code\u003e and \u003ccode\u003eder.encode_implicit\u003c/code\u003e for decoding and\nencoding DER IMPLICIT values with custom tag values and arbitrary\nclasses\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMinor fixes around arithmetic with curves that have non-prime order\n(useful for experimentation, not practical deployments)\u003c/li\u003e\n\u003cli\u003eFix arithmetic to work with curves that have (0, 0) on the curve\u003c/li\u003e\n\u003cli\u003eFix canonicalization of signatures when \u003ccode\u003es\u003c/code\u003e is just slightly\nabove half of curve order\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMaintenance:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped official support for Python 3.5 (again, issues with CI, support\nfor Python 2.6 and Python 2.7 is unchanged)\u003c/li\u003e\n\u003cli\u003eOfficially support Python 3.12 and 3.13 (add them to CI)\u003c/li\u003e\n\u003cli\u003eRemoval of few more unnecessary \u003ccode\u003esix.b\u003c/code\u003e literals (Alexandre Detiste)\u003c/li\u003e\n\u003cli\u003eFix typos in warning messages\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eecdsa 0.19.0\u003c/h2\u003e\n\u003ch2\u003eNew API:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eto_ssh\u003c/code\u003e in \u003ccode\u003eVerifyingKey\u003c/code\u003e and \u003ccode\u003eSigningKey\u003c/code\u003e, supports Ed25519 keys only\n(Pablo Mazzini)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew features:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for twisted Brainpool curves\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDoc fix:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix curve equation in glossary\u003c/li\u003e\n\u003cli\u003eDocumentation for signature encoding and signature decoding functions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaintenance:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDropped official support for 3.3 and 3.4 (because of problems running them\nin CI, not because it's actually incompatible; support for 2.6 and 2.7 is\nunaffected)\u003c/li\u003e\n\u003cli\u003eFixes around hypothesis parameters\u003c/li\u003e\n\u003cli\u003eOfficially support Python 3.11 and 3.12\u003c/li\u003e\n\u003cli\u003eSmall updates to test suite to make it work with 3.11 and 3.12 and new\nreleases of test dependencies\u003c/li\u003e\n\u003cli\u003eDropped the internal \u003ccode\u003e_rwlock\u003c/code\u003e module as it's unused\u003c/li\u003e\n\u003cli\u003eAdded mutation testing to CI, lots of speed-ups to the test suite\nto make it happen\u003c/li\u003e\n\u003cli\u003eRemoval of unnecessary \u003ccode\u003esix.b\u003c/code\u003e literals (Alexandre Detiste)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDeprecations:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/blob/master/NEWS\"\u003eecdsa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease 0.19.1 (13 Mar 2025)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew API:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eder.remove_implitic\u003c/code\u003e and \u003ccode\u003eder.encode_implicit\u003c/code\u003e for decoding and\nencoding DER IMPLICIT values with custom tag values and arbitrary\nclasses\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMinor fixes around arithmetic with curves that have non-prime order\n(useful for experimentation, not practical deployments)\u003c/li\u003e\n\u003cli\u003eFix arithmetic to work with curves that have (0, 0) on the curve\u003c/li\u003e\n\u003cli\u003eFix canonicalization of signatures when \u003ccode\u003es\u003c/code\u003e is just slightly\nabove half of curve order\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMaintenance:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDropped official support for Python 3.5 (again, issues with CI, support\nfor Python 2.6 and Python 2.7 is unchanged)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOfficialy support Python 3.12 and 3.13 (add them to CI)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemoval of few more unnecessary \u003ccode\u003esix.b\u003c/code\u003e literals (Alexandre Detiste)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix typos in warning messages\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRelease 0.19.0 (08 Apr 2024)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew API:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eto_ssh\u003c/code\u003e in \u003ccode\u003eVerifyingKey\u003c/code\u003e and \u003ccode\u003eSigningKey\u003c/code\u003e, supports Ed25519 keys only\n(Pablo Mazzini)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew features:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for twisted Brainpool curves\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDoc fix:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix curve equation in glossary\u003c/li\u003e\n\u003cli\u003eDocumentation for signature encoding and signature decoding functions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMaintenance:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped official support for 3.3 and 3.4 (because of problems running them\nin CI, not because it's actually incompatible; support for 2.6 and 2.7 is\nunaffected)\u003c/li\u003e\n\u003cli\u003eFixes aroung hypothesis parameters\u003c/li\u003e\n\u003cli\u003eOfficially support Python 3.11 and 3.12\u003c/li\u003e\n\u003cli\u003eSmall updates to test suite to make it work with 3.11 and 3.12 and new\nreleases of test dependencies\u003c/li\u003e\n\u003cli\u003eDropped the internal \u003ccode\u003e_rwlock\u003c/code\u003e module as it's unused\u003c/li\u003e\n\u003cli\u003eAdded mutation testing to CI, lots of speed-ups to the test suite\nto make it happen\u003c/li\u003e\n\u003cli\u003eRemoval of unnecessary \u003ccode\u003esix.b\u003c/code\u003e literals (Alexandre Detiste)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDeprecations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eint_to_string\u003c/code\u003e, \u003ccode\u003estring_to_int\u003c/code\u003e, and \u003ccode\u003edigest_integer\u003c/code\u003e from \u003ccode\u003eecdsa.ecdsa\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/2a6593d840ad153a16ebdd4f9b772b290494f3e3\"\u003e\u003ccode\u003e2a6593d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/359\"\u003e#359\u003c/a\u003e from tlsfuzzer/release-0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/658ddc81bbd20e0197a59c9c0fa7dcc5b17d7d06\"\u003e\u003ccode\u003e658ddc8\u003c/code\u003e\u003c/a\u003e add release notes for 0.19.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/3c5df06ae85ea0b35557fe5f8874eec4f2b39db0\"\u003e\u003ccode\u003e3c5df06\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/358\"\u003e#358\u003c/a\u003e from tlsfuzzer/high-s-values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/b6d43c60e309bccd681eb1baab502f817ff226b6\"\u003e\u003ccode\u003eb6d43c6\u003c/code\u003e\u003c/a\u003e use integer division for canonicalization of signatures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/aa81ba3b7339f30362098580c754576bc15edba1\"\u003e\u003ccode\u003eaa81ba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/357\"\u003e#357\u003c/a\u003e from tlsfuzzer/new-badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/ef75fea937fee20561ba0d81a4d0a9bb371d20e7\"\u003e\u003ccode\u003eef75fea\u003c/code\u003e\u003c/a\u003e use the new badge URL for the build status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/10d74353c4e4e6fabc425d5a2791550430f4606d\"\u003e\u003ccode\u003e10d7435\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/356\"\u003e#356\u003c/a\u003e from tlsfuzzer/implicit-tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/dba9f8096268f7e97ff1f7a21c910fff4d764e6d\"\u003e\u003ccode\u003edba9f80\u003c/code\u003e\u003c/a\u003e add support for encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/8e3f653e66150b9c787d6ca4fb015d05dd164e51\"\u003e\u003ccode\u003e8e3f653\u003c/code\u003e\u003c/a\u003e add support for parsing implicit DER tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/commit/55d2b569d42b40399694de4bd58c0f4410799766\"\u003e\u003ccode\u003e55d2b56\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tlsfuzzer/python-ecdsa/issues/355\"\u003e#355\u003c/a\u003e from tlsfuzzer/doc-update\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tlsfuzzer/python-ecdsa/compare/python-ecdsa-0.18.0...python-ecdsa-0.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `future` from 0.18.3 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/releases\"\u003efuture's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eThe new version number of 1.0.0 indicates that the python-future project, like\nPython 2, is now done.\u003c/p\u003e\n\u003cp\u003eThe most important change in this release is adding support for Python 3.12\n(ba1cc50 and a6222d2 and bcced95).\u003c/p\u003e\n\u003cp\u003eThis release also includes these fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSmall updates to the docs\u003c/li\u003e\n\u003cli\u003eAdd SECURITY.md describing security policy (0598d1b)\u003c/li\u003e\n\u003cli\u003eFix pasteurize: NameError: name 'unicode' is not defined (de68c10)\u003c/li\u003e\n\u003cli\u003eMove CI to GitHub Actions (8cd11e8)\u003c/li\u003e\n\u003cli\u003eAdd setuptools to requirements for building docs (0c347ff)\u003c/li\u003e\n\u003cli\u003eFix typos in docs (350e87a)\u003c/li\u003e\n\u003cli\u003eMake the fix_unpacking fixer more robust (de68c10)\u003c/li\u003e\n\u003cli\u003eSmall improvements to shell scripts according to shellcheck (6153844)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/blob/master/docs/changelog.rst\"\u003efuture's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e.. _whats-old:\u003c/p\u003e\n\u003cp\u003eChanges in previous versions\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eChanges in the most recent major version are here: :ref:\u003ccode\u003ewhats-new\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/2bdbfa5664241fee622b23590abd3492f973afc9\"\u003e\u003ccode\u003e2bdbfa5\u003c/code\u003e\u003c/a\u003e Tidy up README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a7097f804cd83fe1fd6a50ab088ae1d4ab303246\"\u003e\u003ccode\u003ea7097f8\u003c/code\u003e\u003c/a\u003e Update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/e32250e67423aaf4fbccd332be8a40fdcdba2711\"\u003e\u003ccode\u003ee32250e\u003c/code\u003e\u003c/a\u003e Update docs pointing to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/dde60ad4c9857a11b9f54e8ae671aacde703e71a\"\u003e\u003ccode\u003edde60ad\u003c/code\u003e\u003c/a\u003e Move old \u0026quot;What's New\u0026quot; entries to the change log\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/b2ea4204fc269ede619526c7753c0fa6579d5d0d\"\u003e\u003ccode\u003eb2ea420\u003c/code\u003e\u003c/a\u003e Remove hacky logo from docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a10a78bbd2921a4deaa423bdf5712acf9eb8d5a4\"\u003e\u003ccode\u003ea10a78b\u003c/code\u003e\u003c/a\u003e Update \u0026quot;What's New\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/9f8763032b4ac1dbe043db363feae26fe6d0bacc\"\u003e\u003ccode\u003e9f87630\u003c/code\u003e\u003c/a\u003e Update the FAQ entries on compatibility and contributing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/f4a1f0406b47e8ef91838fcff9d679ee6fe186d9\"\u003e\u003ccode\u003ef4a1f04\u003c/code\u003e\u003c/a\u003e Docs: replace http links with https\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/30c525e1aa6aa5a5a2b5d2ec4769feb00aa7a726\"\u003e\u003ccode\u003e30c525e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/PythonCharmers/python-future\"\u003ehttps://github.com/PythonCharmers/python-future\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/70b36a8a514e45a2582589991be4a2c1fd1944b7\"\u003e\u003ccode\u003e70b36a8\u003c/code\u003e\u003c/a\u003e Disable Python 2.6 CI tests for now\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PythonCharmers/python-future/compare/v0.18.3...v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `paramiko` from 3.2.0 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/f0881ba8af57d1a122ef19c40d144afdcb6e0824\"\u003e\u003ccode\u003ef0881ba\u003c/code\u003e\u003c/a\u003e Cut 3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/3e4bdf998f5b1508322234a527e8fa432220368b\"\u003e\u003ccode\u003e3e4bdf9\u003c/code\u003e\u003c/a\u003e Changelog/comment updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/30b447b911c39460bbef5e7834e339c43a251316\"\u003e\u003ccode\u003e30b447b\u003c/code\u003e\u003c/a\u003e Linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/33508c920309860c4a775be70f209c2a400e18ec\"\u003e\u003ccode\u003e33508c9\u003c/code\u003e\u003c/a\u003e Expand MessageOrderError use to handle more packet types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/96db1e2be856eac66631761bae41167a1ebd2b4e\"\u003e\u003ccode\u003e96db1e2\u003c/code\u003e\u003c/a\u003e Raise exception when sequence numbers rollover during initial kex\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/58785d29c47570fa700e096d16b9a0d3a6069048\"\u003e\u003ccode\u003e58785d2\u003c/code\u003e\u003c/a\u003e Changelog tweak re: other new Transport kwarg\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/8dcb237f0ee095b1d8b26765c3d41d0ab6963be9\"\u003e\u003ccode\u003e8dcb237\u003c/code\u003e\u003c/a\u003e Test-suite-only bugfix: defer did not actually imply skip_verify\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/fa46de7feeeb8a01dc471581a0258252ce4f2db6\"\u003e\u003ccode\u003efa46de7\u003c/code\u003e\u003c/a\u003e Reset sequence numbers on rekey\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/75e311d3c0845a316b6e7b3fae2488d86ad5a270\"\u003e\u003ccode\u003e75e311d\u003c/code\u003e\u003c/a\u003e Enforce zero seqno on kexinit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/paramiko/paramiko/commit/73f079f5a4bbba7f3048dadbe05b24242206745e\"\u003e\u003ccode\u003e73f079f\u003c/code\u003e\u003c/a\u003e Fill in CVE number for Terrapin attack\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/paramiko/paramiko/compare/3.2.0...3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodome` from 3.18.0 to 3.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodome's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.21.0 - Bourdeaux\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\nthe GMP library will not be used even if detected.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\nwith the canonical name of the curve.\u003c/li\u003e\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\ncontain any of the optional elements\n(parameters [0] and publicKey[1]).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodome's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.21.0 (30 September 2024)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\nthe GMP library will not be used even if detected.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\nwith the canonical name of the curve.\u003c/li\u003e\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.18.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.18.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.31.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `djangorestframework` from 3.14.0 to 3.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/django-rest-framework/releases\"\u003edjangorestframework's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/api\"\u003e\u003ccode\u003e@​api\u003c/code\u003e\u003c/a\u003e_view example to caching documentation by \u003ca href=\"https://github.com/BradWells\"\u003e\u003ccode\u003e@​BradWells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9131\"\u003eencode/django-rest-framework#9131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate docstring by \u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9340\"\u003eencode/django-rest-framework#9340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApply black formatting to caching markdown by \u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9341\"\u003eencode/django-rest-framework#9341\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate renderers documentation example by \u003ca href=\"https://github.com/mgaligniana\"\u003e\u003ccode\u003e@​mgaligniana\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9362\"\u003eencode/django-rest-framework#9362\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoving live examples of tutorial code that are no longer hosted by \u003ca href=\"https://github.com/TGoddessana\"\u003e\u003ccode\u003e@​TGoddessana\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9363\"\u003eencode/django-rest-framework#9363\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocs: Remove an unnecessary step from quickstart.md by \u003ca href=\"https://github.com/gogowitsch\"\u003e\u003ccode\u003e@​gogowitsch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9387\"\u003eencode/django-rest-framework#9387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation: Add Python 3.12 to the requirements by \u003ca href=\"https://github.com/Szaroslav\"\u003e\u003ccode\u003e@​Szaroslav\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9382\"\u003eencode/django-rest-framework#9382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTweak README.md links. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9375\"\u003eencode/django-rest-framework#9375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Ensure CursorPagination respects nulls in the ordering field\u0026quot; by \u003ca href=\"https://github.com/max-muoto\"\u003e\u003ccode\u003e@​max-muoto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9381\"\u003eencode/django-rest-framework#9381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse warnings rather than logging a warning for DecimalField warnings by \u003ca href=\"https://github.com/terencehonles\"\u003e\u003ccode\u003e@​terencehonles\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9367\"\u003eencode/django-rest-framework#9367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e20240426 docs by \u003ca href=\"https://github.com/peterthomassen\"\u003e\u003ccode\u003e@​peterthomassen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9392\"\u003eencode/django-rest-framework#9392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCleanup by \u003ca href=\"https://github.com/peterthomassen\"\u003e\u003ccode\u003e@​peterthomassen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9393\"\u003eencode/django-rest-framework#9393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etests: Check urlpatterns after cleanups by \u003ca href=\"https://github.com/stanislavlevin\"\u003e\u003ccode\u003e@​stanislavlevin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9400\"\u003eencode/django-rest-framework#9400\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Correct some evaluation results and a httpie option in Tutorial1 by \u003ca href=\"https://github.com/wkwkhautbois\"\u003e\u003ccode\u003e@​wkwkhautbois\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9421\"\u003eencode/django-rest-framework#9421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e__hash__\u003c/code\u003e method for \u003ccode\u003epermissions.OperandHolder\u003c/code\u003e class by \u003ca href=\"https://github.com/vanya909\"\u003e\u003ccode\u003e@​vanya909\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9417\"\u003eencode/django-rest-framework#9417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix potential XSS vulnerability in break_long_headers template filter by \u003ca href=\"https://github.com/ch4n3-yoon\"\u003e\u003ccode\u003e@​ch4n3-yoon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9435\"\u003eencode/django-rest-framework#9435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVersion 3.15.2. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9439\"\u003eencode/django-rest-framework#9439\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BradWells\"\u003e\u003ccode\u003e@​BradWells\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9131\"\u003eencode/django-rest-framework#9131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9340\"\u003eencode/django-rest-framework#9340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gogowitsch\"\u003e\u003ccode\u003e@​gogowitsch\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9387\"\u003eencode/django-rest-framework#9387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Szaroslav\"\u003e\u003ccode\u003e@​Szaroslav\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9382\"\u003eencode/django-rest-framework#9382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wkwkhautbois\"\u003e\u003ccode\u003e@​wkwkhautbois\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9421\"\u003eencode/django-rest-framework#9421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ch4n3-yoon\"\u003e\u003ccode\u003e@​ch4n3-yoon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9435\"\u003eencode/django-rest-framework#9435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/django-rest-framework/compare/3.15.1...3.15.2\"\u003ehttps://github.com/encode/django-rest-framework/compare/3.15.1...3.15.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 3.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the message to be consistent with the Django `HttpResponseBa… by \u003ca href=\"https://github.com/maycuatroi\"\u003e\u003ccode\u003e@​maycuatroi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9287\"\u003eencode/django-rest-framework#9287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003einflection\u003c/code\u003e package truly optional by \u003ca href=\"https://github.com/browniebroke\"\u003e\u003ccode\u003e@​browniebroke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9303\"\u003eencode/django-rest-framework#9303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix broken links in release notes for 3.15 by \u003ca href=\"https://github.com/browniebroke\"\u003e\u003ccode\u003e@​browniebroke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9305\"\u003eencode/django-rest-framework#9305\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTokenAdmin.autocomplete_fields Breaks Some Use Cases, Revert by \u003ca href=\"https://github.com/alexdlaird\"\u003e\u003ccode\u003e@​alexdlaird\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9301\"\u003eencode/django-rest-framework#9301\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd drf-sendables to third-party-packages.md by \u003ca href=\"https://github.com/amikrop\"\u003e\u003ccode\u003e@​amikrop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9261\"\u003eencode/django-rest-framework#9261\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Add some changes to ValidationError to support django style vad…\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9326\"\u003eencode/django-rest-framework#9326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Re-prefetch related objects after updating\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9327\"\u003eencode/django-rest-framework#9327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/8863\"\u003e#8863\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9330\"\u003eencode/django-rest-framework#9330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/8009\"\u003e#8009\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9332\"\u003eencode/django-rest-framework#9332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9030\"\u003e#9030\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9333\"\u003eencode/django-rest-framework#9333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespaces\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9335\"\u003eencode/django-rest-framework#9335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSearchFilter.get_search_terms\u003c/code\u003e returns list. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9338\"\u003eencode/django-rest-framework#9338\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVersion 3.15.1 by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9339\"\u003eencode/django-rest-framework#9339\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maycuatroi\"\u003e\u003ccode\u003e@​maycuatroi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9287\"\u003eencode/django-rest-framework#9287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alexdlaird\"\u003e\u003ccode\u003e@​alexdlaird\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9301\"\u003eencode/django-rest-framework#9301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/c7a7eae551528b6887614df816c8a26df70272d6\"\u003e\u003ccode\u003ec7a7eae\u003c/code\u003e\u003c/a\u003e Version 3.15.2 (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9439\"\u003e#9439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/3b41f0124194430da957b119712978fa2266b642\"\u003e\u003ccode\u003e3b41f01\u003c/code\u003e\u003c/a\u003e Fix potential XSS vulnerability in break_long_headers template filter (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9435\"\u003e#9435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/fe92f0dd0d4c587eed000c7de611ddbff241bd6a\"\u003e\u003ccode\u003efe92f0d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003e__hash__\u003c/code\u003e method for \u003ccode\u003epermissions.OperandHolder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9417\"\u003e#9417\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/fbdab09c776d5ceef041793a7acd1c9e91695e5d\"\u003e\u003ccode\u003efbdab09\u003c/code\u003e\u003c/a\u003e docs: Correct some evaluation results and a httpie option in Tutorial1 (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9421\"\u003e#9421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/36d5c0e74f562cbe3055f0d20818bd48d3c32359\"\u003e\u003ccode\u003e36d5c0e\u003c/code\u003e\u003c/a\u003e tests: Check urlpatterns after cleanups (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9400\"\u003e#9400\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/9d4ed054bf8acfac6209b7e7f837fc97517affcc\"\u003e\u003ccode\u003e9d4ed05\u003c/code\u003e\u003c/a\u003e Don't use Windows line endings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/b34bde47d7fff403df4143a35c71975d7c2e7763\"\u003e\u003ccode\u003eb34bde4\u003c/code\u003e\u003c/a\u003e Fix typo in setup.cfg setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/ab681f2d5e4a9645aa68eabf1ff18e41d0d5f642\"\u003e\u003ccode\u003eab681f2\u003c/code\u003e\u003c/a\u003e Update requirements in docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/22377241a89c8233b45441b5adde5b858edef371\"\u003e\u003ccode\u003e2237724\u003c/code\u003e\u003c/a\u003e bump pygments (security hygiene)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/d58b8da591120abedc94c1b71576cb9afb2d7868\"\u003e\u003ccode\u003ed58b8da\u003c/code\u003e\u003c/a\u003e Update deprecation hints\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/encode/django-rest-framework/compare/3.14.0...3.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 10.0.1 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDeprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate eval(), replacing it with lambda_eval() and unsafe_eval() \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDeprecate ImageCms constants and versions() function \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7702\"\u003e#7702\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-28219: Use strncpy to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003efunctools.lru_cache\u003c/code\u003e for \u003ccode\u003ehopper()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7912\"\u003e#7912\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImprove speed of loading QOI images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7925\"\u003e#7925\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd --report argument to \u003cstrong\u003emain\u003c/strong\u003e.py to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16, I;16L and I;16B conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e [\u003ca href=\"https://github.com/Yay295\"\u003e\u003ccode\u003e@​Yay295\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e [\u003ca href=\"https://github.com/scaramallion\"\u003e\u003ccode\u003e@​scaramallion\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7881\"\u003e#7881\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemoved Python and NumPy pinning on Cygwin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7880\"\u003e#7880\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate UnidentifiedImageError and \u003cstrong\u003eversion\u003c/strong\u003e imports \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7644\"\u003e#7644\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eStop reading EPS image at EOF marker \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7753\"\u003e#7753\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePSD layer co-ordinates may be negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7706\"\u003e#7706\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7791\"\u003e#7791\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eWhen saving GIF frame that restores to background color, do not fill identical pixels \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7788\"\u003e#7788\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed reading PNG iCCP compression method \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7823\"\u003e#7823\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAllow writing IFDRational to UNDEFINED tag \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7840\"\u003e#7840\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix logged tag name when loading Exif data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7842\"\u003e#7842\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse maximum frame size in IHDR chunk when saving APNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7821\"\u003e#7821\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePrevent opening P TGA images without a palette \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7797\"\u003e#7797\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse palette when loading ICO images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7798\"\u003e#7798\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse consistent arguments for load_read and load_seek \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7713\"\u003e#7713\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eTurn off nullability warnings for macOS SDK \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7827\"\u003e#7827\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix shift-sign issue in Convert.c \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7838\"\u003e#7838\u003c/a\u003e [\u003ca href=\"https://github.com/r-barnes\"\u003e\u003ccode\u003e@​r-barnes\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ewinbuild: Refactor dependency versions into constants \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7843\"\u003e#7843\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eBuild macOS arm64 wheels natively \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7852\"\u003e#7852\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed typo \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7855\"\u003e#7855\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eOpen 16-bit grayscale PNGs as I;16 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7849\"\u003e#7849\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle truncated chunks at the end of PNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7709\"\u003e#7709\u003c/a\u003e [\u003ca href=\"https://github.com/lajiyuan\"\u003e\u003ccode\u003e@​lajiyuan\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMatch mask size to pasted image size in GifImagePlugin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7779\"\u003e#7779\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst\"\u003epillow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0 (2024-04-01)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eCVE-2024-28219: Use \u003ccode\u003estrncpy\u003c/code\u003e to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate \u003ccode\u003eeval()\u003c/code\u003e, replacing it with \u003ccode\u003elambda_eval()\u003c/code\u003e and \u003ccode\u003eunsafe_eval()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise \u003ccode\u003eValueError\u003c/code\u003e if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003e--report\u003c/code\u003e argument to \u003ccode\u003e__main__.py\u003c/code\u003e to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e\n[nulano, radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded RGB to I;16, I;16L, I;16B and I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e\n[nulano, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e\n[Yay295, hugovk, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e\n[scaramallion, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5c89d88eee199ba53f64581ea39b6a1bc52feb1a\"\u003e\u003ccode\u003e5c89d88\u003c/code\u003e\u003c/a\u003e 10.3.0 version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/63cbfcfdea2d163ec93bae8d283fcfe4b73b5dc7\"\u003e\u003ccode\u003e63cbfcf\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2776126aa9af322b416eaca247f4f8ebefd08128\"\u003e\u003ccode\u003e2776126\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e from python-pillow/lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/aeb51cbb169eb3285818ba1390ddf2771d897e6e\"\u003e\u003ccode\u003eaeb51cb\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5beb0b66648db8b542bb5260eed79b25e33d643b\"\u003e\u003ccode\u003e5beb0b6\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cac6ffa7b399ea79b6239984d1307056a0b19af2\"\u003e\u003ccode\u003ecac6ffa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e from python-pillow/imagemath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/f5eeeacf7539eaa0d93a677d7666bc7c142c8d1c\"\u003e\u003ccode\u003ef5eeeac\u003c/code\u003e\u003c/a\u003e Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/facf3af93dabcbdd8cdbda8c3b50eefafa3bb04c\"\u003e\u003ccode\u003efacf3af\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061\"\u003e\u003ccode\u003e2a93aba\u003c/code\u003e\u003c/a\u003e Use strncpy to avoid buffer overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/a670597bc30e9d489656fc9d807170b8f3d7ca57\"\u003e\u003ccode\u003ea670597\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-pillow/Pillow/compare/10.0.1...10.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eventlet` from 0.33.3 to 0.40.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eventlet/eventlet/blob/master/NEWS\"\u003eeventlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.40.3\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[SECURITY] Fix request smuggling vulnerability by discarding trailers (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1062\"\u003e#1062\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.2\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility issues identified with Python 3.14 on Linux (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1058\"\u003e#1058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake database removal safer with IF EXISTS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1056\"\u003e#1056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare jobs and CI/CD for python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1055\"\u003e#1055\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] \u0026quot;Fix\u0026quot; fork() so it \u0026quot;works\u0026quot; on Python 3.13, and \u0026quot;works\u0026quot; better on older Python versions (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1047\"\u003e#1047\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eBehavior change: threads created by eventlet.green.threading.Thread and threading.Thead will be visible across both modules if monkey patching was used. Previously each module would only list threads created in that module.\u003c/li\u003e\n\u003cli\u003eBug fix: after fork(), greenlet threads are correctly listed in threading.enumerate() if monkey patching was used. You should not use fork()-without-execve().\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e[fix] Fix patching of removed URLopener class in Python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1053\"\u003e#1053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] ReferenceError except while count rlock (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1042\"\u003e#1042\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Replace deprecated datetime.utcfromtimestamp (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1050\"\u003e#1050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix][env] Remove duplicate steps (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1049\"\u003e#1049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Replace deprecated datetime.datetime.utcnow (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1046\"\u003e#1046\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Fix ssl test when linking against openssl 3.5 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1034\"\u003e#1034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop support Python 3.8 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1021\"\u003e#1021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[doc] Various doc updates (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/981\"\u003e#981\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1033\"\u003e#1033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[env] Drop PyPy support (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1035\"\u003e#1035\u003c/a\u003e \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1037\"\u003e#1037\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.39.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Make LightQueue and derivatives subscriptable (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1027\"\u003e#1027\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.39.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Remove monotonic from requirements (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1018\"\u003e#1018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] wsgi: Clean up some override logic (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/999\"\u003e#999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Correct line lookup from inspect.getsourcelines() (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/990\"\u003e#990\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop support of Python 3.7 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/967\"\u003e#967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Calling eventlet.sleep(0) isn't really blocking, so don't blow up (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1015\"\u003e#1015\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.38.2\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/b0d913362108941a3e71cba2b94a647ed3307a44\"\u003e\u003ccode\u003eb0d9133\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.40.3 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1064\"\u003e#1064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/0bfebd1117d392559e25b4bfbfcc941754de88fb\"\u003e\u003ccode\u003e0bfebd1\u003c/code\u003e\u003c/a\u003e [SECURITY] Fix request smuggling vulnerability by discarding trailers (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1062\"\u003e#1062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/e073b83f4569c07bc71d8f2176b557e75fba1f38\"\u003e\u003ccode\u003ee073b83\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.40.2 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1060\"\u003e#1060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/06d9572b9b92178a0d4accbc9d6b40b1d02add6f\"\u003e\u003ccode\u003e06d9572\u003c/code\u003e\u003c/a\u003e Fix tests on Python 3.14 on Linux (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1058\"\u003e#1058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/d4d5b8f9ee3429c844bbebf41a74a1d3f7caa185\"\u003e\u003ccode\u003ed4d5b8f\u003c/code\u003e\u003c/a\u003e Make database removal safer with IF EXISTS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1056\"\u003e#1056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/2f217ca6c120c91bed0964d0d9b55ec7c1538193\"\u003e\u003ccode\u003e2f217ca\u003c/code\u003e\u003c/a\u003e Prepare jobs and CI/CD for python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1055\"\u003e#1055\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/d1e7a94643663225...\n\n_Description has been truncated_","html_url":"https://github.com/offsoc/jumpserver/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsoc%2Fjumpserver/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"3.19.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2025-08-29T00:06:36.000Z","version_change":"3.19.0 → 3.23.0","issue":{"uuid":"2783270147","node_id":"PR_kwDOAxHU6M6l5VUD","number":8888,"state":"closed","title":"Bump pycryptodomex from 3.19.0 to 3.23.0","user":"dependabot[bot]","labels":["dependency update"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-21T07:08:03.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-29T00:06:36.000Z","updated_at":"2025-09-21T07:08:03.000Z","time_to_close":2012487,"merged_at":"2025-09-21T07:08:03.000Z","merged_by":"Harmon758","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"pycryptodomex","old_version":"3.19.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.19.0 to 3.23.0.\r\n\u003cdetails\u003e\r\n\u003csummary\u003eRelease notes\u003c/summary\u003e\r\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\r\n\u003cblockquote\u003e\r\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\r\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\r\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\r\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\r\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\r\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eOther changes\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003ev3.21.0 - Bourdeaux\u003c/h2\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\r\nthe GMP library will not be used even if detected.\u003c/li\u003e\r\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\r\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\r\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\r\nwith the canonical name of the curve.\u003c/li\u003e\r\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\r\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\r\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\r\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\r\ncontain any of the optional elements\r\n(parameters [0] and publicKey[1]).\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eOther changes\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eRemove support for Python 3.5.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003c!-- raw HTML omitted --\u003e\r\n\u003c/blockquote\u003e\r\n\u003cp\u003e... (truncated)\u003c/p\u003e\r\n\u003c/details\u003e\r\n\u003cdetails\u003e\r\n\u003csummary\u003eChangelog\u003c/summary\u003e\r\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\r\n\u003cblockquote\u003e\r\n\u003cp\u003e3.23.0 (17 May 2025)\r\n++++++++++++++++++++++++++\u003c/p\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\r\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\r\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003cp\u003e3.22.0 (16 March 2025)\r\n++++++++++++++++++++++++++\u003c/p\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\r\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\r\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\r\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eOther changes\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003cp\u003e3.21.0 (30 September 2024)\r\n++++++++++++++++++++++++++\u003c/p\u003e\r\n\u003ch2\u003eNew features\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eBy setting the PYCRYPTODOME_DISABLE_GMP environment variable,\r\nthe GMP library will not be used even if detected.\u003c/li\u003e\r\n\u003cli\u003eAdd support for Curve25519 / X25519.\u003c/li\u003e\r\n\u003cli\u003eAdd support for Curve448 / X448.\u003c/li\u003e\r\n\u003cli\u003eAdd attribute \u003ccode\u003ecurve\u003c/code\u003e to EccPoint and EccXPoint classes,\r\nwith the canonical name of the curve.\u003c/li\u003e\r\n\u003cli\u003eGH#781: the label for the SP800_108_Counter KDF may now\r\ncontain zero bytes. Thanks to Julien Rische.\u003c/li\u003e\r\n\u003cli\u003eGH#814: RSA keys for PSS can be imported.\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003ch2\u003eResolved issues\u003c/h2\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eGH#810: fixed negation of Ed25519 points.\u003c/li\u003e\r\n\u003cli\u003eGH#819: accept an RFC5916 ECPrivateKey even if it doesn't\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003c!-- raw HTML omitted --\u003e\r\n\u003c/blockquote\u003e\r\n\u003cp\u003e... (truncated)\u003c/p\u003e\r\n\u003c/details\u003e\r\n\u003cdetails\u003e\r\n\u003csummary\u003eCommits\u003c/summary\u003e\r\n\u003cul\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\r\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\r\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.19.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003c/details\u003e\r\n\u003cbr /\u003e\r\n\r\n\r\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.19.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n\u003cdetails\u003e\r\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\r\n\u003cbr /\u003e\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\r\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\r\n\r\n\r\n\u003c/details\u003e\r\n\r\nResolves #8554 ","html_url":"https://github.com/Harmon758/Harmonbot/pull/8888","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Harmon758%2FHarmonbot/issues/8888","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8888/packages"}},{"old_version":"3.11.0","new_version":"3.19.1","update_type":"minor","path":"/images/hub","pr_created_at":"2025-08-22T23:56:47.000Z","version_change":"3.11.0 → 3.19.1","issue":{"uuid":"2767795310","node_id":"PR_kwDOGeCA4s6k-TRu","number":3,"state":"open","title":"build(deps): bump pycryptodomex from 3.11.0 to 3.19.1 in /images/hub","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-22T23:56:47.000Z","updated_at":"2025-08-22T23:56:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"pycryptodomex","old_version":"3.11.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":"/images/hub","ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.11.0 to 3.19.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.18.0 - Trier\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for DER BOOLEAN encodings.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/p\u003e\n\u003cp\u003eResolved issues\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.17.0 - Stuttgart\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.16.0 - Ravensburg\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBuild wheels for musl Linux. Thanks to Ben Raz.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#639: ARC4 now also works with 'keys' as short as 8 bits.\u003c/li\u003e\n\u003cli\u003eGH#669: fix segfaults when running in a manylinux2010 i686 image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.18.0 (18 May 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for DER BOOLEAN encodings.\u003c/li\u003e\n\u003cli\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.17.0 (29 January 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the Counter Mode KDF defined in SP 800-108 Rev 1.\u003c/li\u003e\n\u003cli\u003eReduce the minimum tag length for the EAX cipher to 2 bytes.\u003c/li\u003e\n\u003cli\u003eAn RSA object has 4 new properties for the CRT coefficients:\n\u003ccode\u003edp\u003c/code\u003e, \u003ccode\u003edq\u003c/code\u003e, \u003ccode\u003einvq\u003c/code\u003e and \u003ccode\u003einvq\u003c/code\u003e (\u003ccode\u003einvp\u003c/code\u003e is the same value\nas the existing \u003ccode\u003eu\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.11.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.11.0\u0026new-version=3.19.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/etamong/zero-to-jupyterhub-k8s/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/etamong/zero-to-jupyterhub-k8s/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/etamong%2Fzero-to-jupyterhub-k8s/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"3.14.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2025-08-22T23:45:01.000Z","version_change":"3.14.0 → 3.19.1","issue":{"uuid":"2767781254","node_id":"PR_kwDOMFk6Zc6k-P2G","number":5,"state":"open","title":"Bump the pip group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-22T23:45:01.000Z","updated_at":"2025-08-22T23:45:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":5,"packages":[{"name":"dnspython","old_version":"2.2.0","new_version":"2.6.1","repository_url":"https://github.com/rthalley/dnspython"},{"name":"future","old_version":"0.18.2","new_version":"1.0.0","repository_url":"https://github.com/PythonCharmers/python-future"},{"name":"jinja2","old_version":"3.0.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"pycryptodomex","old_version":"3.14.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"setuptools","old_version":"65.6.3","new_version":"78.1.1","repository_url":"https://github.com/pypa/setuptools"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.2.0` | `2.6.1` |\n| [future](https://github.com/PythonCharmers/python-future) | `0.18.2` | `1.0.0` |\n| [jinja2](https://github.com/pallets/jinja) | `3.0.3` | `3.1.6` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.14.0` | `3.19.1` |\n| [setuptools](https://github.com/pypa/setuptools) | `65.6.3` | `78.1.1` |\n\n\nUpdates `dnspython` from 2.2.0 to 2.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rthalley/dnspython/releases\"\u003ednspython's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ednspython 2.6.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://dnspython.readthedocs.io/en/latest/whatsnew.html\"\u003eWhat's New\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003eThis is a bug fix release for 2.6.0 where the \u0026quot;TuDoor\u0026quot; fix erroneously\nsuppressed legitimate Truncated exceptions.  This caused the stub\nresolver to timeout instead of failing over to TCP when a legitimate\ntruncated response was received over UDP.\u003c/p\u003e\n\u003cp\u003eThis release addresses the potential DoS issue discussed in the\n\u0026quot;TuDoor\u0026quot; paper (CVE-2023-29483).  The dnspython stub resolver is\nvulnerable to a potential DoS if a bad-in-some-way response from the\nright address and port forged by an attacker arrives before a\nlegitimate one on the UDP port dnspython is using for that query.  In\nthis situation, dnspython might switch to querying another resolver or\ngive up entirely, possibly denying service for that resolution.  This\nrelease addresses the issue by adopting the recommended mitigation,\nwhich is ignoring the bad packets and continuing to listen for a\nlegitimate response until the timeout for the query has expired.\u003c/p\u003e\n\u003cp\u003eThank you to all the contributors to this release, and, as usual,\nthanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian\nWellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.6.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://dnspython.readthedocs.io/en/latest/whatsnew.html\"\u003eWhat's New\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003eThis release addresses the potential DoS issue discussed in the \u0026quot;TuDoor\u0026quot; paper (CVE-2023-29483).  The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query.  In this situation, dnspython might switch to querying another resolver or give up entirely, possibly denying service for that resolution.  This release addresses the issue by adopting the recommended mitigation, which is ignoring the bad packets and continuing to listen for a legitimate response until the timeout for the query has expired.\u003c/p\u003e\n\u003cp\u003eThank you to all the contributors to this release, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.5.0\u003c/h2\u003e\n\u003cp\u003eSee the \u003ca href=\"https://dnspython.readthedocs.io/en/stable/whatsnew.html\"\u003eWhat's New\u003c/a\u003e page for a summary of this release.\u003c/p\u003e\n\u003cp\u003eThanks to all the contributors, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.4.2\u003c/h2\u003e\n\u003cp\u003eThis is a bug fix release, see the \u003ca href=\"https://dnspython.readthedocs.io/en/stable/whatsnew.html\"\u003eWhat's New\u003c/a\u003e page in the documentation for a summary.\u003c/p\u003e\n\u003cp\u003eThanks to the people who reported the bugs and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rthalley/dnspython/blob/main/doc/whatsnew.rst\"\u003ednspython's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe Tudoor fix ate legitimate Truncated exceptions, preventing the resolver from\nfailing over to TCP and causing the query to timeout \u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1053\"\u003e#1053\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAs mentioned in the \u0026quot;TuDoor\u0026quot; paper and the associated CVE-2023-29483, the dnspython\nstub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the\nright address and port forged by an attacker arrives before a legitimate one on the\nUDP port dnspython is using for that query.\u003c/p\u003e\n\u003cp\u003eThis release addresses the issue by adopting the recommended mitigation, which is\nignoring the bad packets and continuing to listen for a legitimate response until\nthe timeout for the query has expired.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for the NSID EDNS option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now looks for version metadata for optional packages and will not\nuse them if they are too old.  This prevents possible exceptions when a\nfeature like DoH is not desired in dnspython, but an old httpx is installed\nalong with dnspython for some other purpose.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe DoHNameserver class now allows GET to be used instead of the default POST,\nand also passes source and source_port correctly to the underlying query\nmethods.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now uses hatchling for builds.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAsynchronous destinationless sockets now work on Windows.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCython is no longer supported due to various typing issues.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now explicitly canonicalizes IPv4 and IPv6 addresses.\nPreviously it was possible for non-canonical IPv6 forms to be stored\nin a AAAA address, which would work correctly but possibly cause\nproblmes if the address were used as a key in a dictionary.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe number of messages in a section can be retrieved with\nsection_count().\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eTruncation preferences for messages can be specified.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe length of a message can be automatically prepended when\nrendering.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/0a742b9658977175663dc30da902342a8c2bacac\"\u003e\u003ccode\u003e0a742b9\u003c/code\u003e\u003c/a\u003e update CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2\"\u003e\u003ccode\u003e0ea5ad0\u003c/code\u003e\u003c/a\u003e The Tudoor fix should not eat valid Truncated exceptions \u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1053\"\u003e#1053\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1054\"\u003e#1054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/f12d398a6991dfaad94d7fefaf7e2f55d1fda3cb\"\u003e\u003ccode\u003ef12d398\u003c/code\u003e\u003c/a\u003e 2.6.1 version prep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/cecb8534f61de16aaa1a1a84eaaeb14dfdf67448\"\u003e\u003ccode\u003ececb853\u003c/code\u003e\u003c/a\u003e Further improve CVE fix coverage to 100% for sync and async.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/7952e311d47f6b34f5dc050681001fd34ab60d01\"\u003e\u003ccode\u003e7952e31\u003c/code\u003e\u003c/a\u003e test IgnoreErrors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/e093299a49967696b1c58b68e4767de5031a3e46\"\u003e\u003ccode\u003ee093299\u003c/code\u003e\u003c/a\u003e For the Tudoor fix, we also need the UDP nameserver to ignore_unexpected.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/3af9f78142084fff8523bc96b5f8cfd2b909dc18\"\u003e\u003ccode\u003e3af9f78\u003c/code\u003e\u003c/a\u003e 2.6.0 versioning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/ca63d95143e81975fc3fff4dff87b366dc661371\"\u003e\u003ccode\u003eca63d95\u003c/code\u003e\u003c/a\u003e Require cryptography \u0026gt;=41 instead of 42.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/902cbf3fcb11ddfd8625b4a071fe9f592f6fc753\"\u003e\u003ccode\u003e902cbf3\u003c/code\u003e\u003c/a\u003e Create CODE_OF_CONDUCT.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/ed9795fa9b39c4a12f5a1a9e0eeea4240d1efb07\"\u003e\u003ccode\u003eed9795f\u003c/code\u003e\u003c/a\u003e github contributing and pull request template\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rthalley/dnspython/compare/v2.2.0...v2.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `future` from 0.18.2 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/releases\"\u003efuture's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eThe new version number of 1.0.0 indicates that the python-future project, like\nPython 2, is now done.\u003c/p\u003e\n\u003cp\u003eThe most important change in this release is adding support for Python 3.12\n(ba1cc50 and a6222d2 and bcced95).\u003c/p\u003e\n\u003cp\u003eThis release also includes these fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSmall updates to the docs\u003c/li\u003e\n\u003cli\u003eAdd SECURITY.md describing security policy (0598d1b)\u003c/li\u003e\n\u003cli\u003eFix pasteurize: NameError: name 'unicode' is not defined (de68c10)\u003c/li\u003e\n\u003cli\u003eMove CI to GitHub Actions (8cd11e8)\u003c/li\u003e\n\u003cli\u003eAdd setuptools to requirements for building docs (0c347ff)\u003c/li\u003e\n\u003cli\u003eFix typos in docs (350e87a)\u003c/li\u003e\n\u003cli\u003eMake the fix_unpacking fixer more robust (de68c10)\u003c/li\u003e\n\u003cli\u003eSmall improvements to shell scripts according to shellcheck (6153844)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.18.3\u003c/h2\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/blob/master/docs/changelog.rst\"\u003efuture's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e.. _whats-old:\u003c/p\u003e\n\u003cp\u003eChanges in previous versions\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eChanges in the most recent major version are here: :ref:\u003ccode\u003ewhats-new\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eChanges in version 0.18.3 (2023-01-13)\u003c/h1\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003cli\u003eFix various py26 unit test failures (9ca5a14)\u003c/li\u003e\n\u003cli\u003eAdd initial contributing guide with docs build instruction (e55f915)\u003c/li\u003e\n\u003cli\u003eAdd docs building to tox.ini (3ee9e7f)\u003c/li\u003e\n\u003cli\u003eSupport NumPy's specialized int types in builtins.round (b4b54f0)\u003c/li\u003e\n\u003cli\u003eAdded r\u0026quot;\u0026quot;\u0026quot; to the docstring to avoid warnings in python3 (5f94572)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003esubclasscheck\u003c/strong\u003e for past.types.basestring (c9bc0ff)\u003c/li\u003e\n\u003cli\u003eCorrect example in README (681e78c)\u003c/li\u003e\n\u003cli\u003eAdd simple documentation (6c6e3ae)\u003c/li\u003e\n\u003cli\u003eAdd pre-commit hooks (a9c6a37)\u003c/li\u003e\n\u003cli\u003eHandling of \u003cstrong\u003enext\u003c/strong\u003e and next by future.utils.get_next was reversed (52b0ff9)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/2bdbfa5664241fee622b23590abd3492f973afc9\"\u003e\u003ccode\u003e2bdbfa5\u003c/code\u003e\u003c/a\u003e Tidy up README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a7097f804cd83fe1fd6a50ab088ae1d4ab303246\"\u003e\u003ccode\u003ea7097f8\u003c/code\u003e\u003c/a\u003e Update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/e32250e67423aaf4fbccd332be8a40fdcdba2711\"\u003e\u003ccode\u003ee32250e\u003c/code\u003e\u003c/a\u003e Update docs pointing to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/dde60ad4c9857a11b9f54e8ae671aacde703e71a\"\u003e\u003ccode\u003edde60ad\u003c/code\u003e\u003c/a\u003e Move old \u0026quot;What's New\u0026quot; entries to the change log\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/b2ea4204fc269ede619526c7753c0fa6579d5d0d\"\u003e\u003ccode\u003eb2ea420\u003c/code\u003e\u003c/a\u003e Remove hacky logo from docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a10a78bbd2921a4deaa423bdf5712acf9eb8d5a4\"\u003e\u003ccode\u003ea10a78b\u003c/code\u003e\u003c/a\u003e Update \u0026quot;What's New\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/9f8763032b4ac1dbe043db363feae26fe6d0bacc\"\u003e\u003ccode\u003e9f87630\u003c/code\u003e\u003c/a\u003e Update the FAQ entries on compatibility and contributing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/f4a1f0406b47e8ef91838fcff9d679ee6fe186d9\"\u003e\u003ccode\u003ef4a1f04\u003c/code\u003e\u003c/a\u003e Docs: replace http links with https\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/30c525e1aa6aa5a5a2b5d2ec4769feb00aa7a726\"\u003e\u003ccode\u003e30c525e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/PythonCharmers/python-future\"\u003ehttps://github.com/PythonCharmers/python-future\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/70b36a8a514e45a2582589991be4a2c1fd1944b7\"\u003e\u003ccode\u003e70b36a8\u003c/code\u003e\u003c/a\u003e Disable Python 2.6 CI tests for now\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PythonCharmers/python-future/compare/v0.18.2...v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.0.3 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.0.3...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.14.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.18.0 - Trier\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for DER BOOLEAN encodings.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/p\u003e\n\u003cp\u003eResolved issues\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.17.0 - Stuttgart\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.16.0 - Ravensburg\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBuild wheels for musl Linux. Thanks to Ben Raz.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#639: ARC4 now also works with 'keys' as short as 8 bits.\u003c/li\u003e\n\u003cli\u003eGH#669: fix segfaults when running in a manylinux2010 i686 image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.18.0 (18 May 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for DER BOOLEAN encodings.\u003c/li\u003e\n\u003cli\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.17.0 (29 January 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the Counter Mode KDF defined in SP 800-108 Rev 1.\u003c/li\u003e\n\u003cli\u003eReduce the minimum tag length for the EAX cipher to 2 bytes.\u003c/li\u003e\n\u003cli\u003eAn RSA object has 4 new properties for the CRT coefficients:\n\u003ccode\u003edp\u003c/code\u003e, \u003ccode\u003edq\u003c/code\u003e, \u003ccode\u003einvq\u003c/code\u003e and \u003ccode\u003einvq\u003c/code\u003e (\u003ccode\u003einvp\u003c/code\u003e is the same value\nas the existing \u003ccode\u003eu\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.14.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `setuptools` from 65.6.3 to 78.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/setuptools/blob/main/NEWS.rst\"\u003esetuptools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev78.1.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMore fully sanitized the filename in PackageIndex._download. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4946\"\u003e#4946\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore access to _get_vc_env with a warning. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4874\"\u003e#4874\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.2\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePostponed removals of deprecated dash-separated and uppercase fields in \u003ccode\u003esetup.cfg\u003c/code\u003e.\nAll packages with deprecated configurations are advised to move before 2026. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4911\"\u003e#4911\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.1\u003c/h1\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4909\"\u003e#4909\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.0\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReverted distutils changes that broke the monkey patching of command classes. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4902\"\u003e#4902\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSetuptools no longer accepts options containing uppercase or dash characters in \u003ccode\u003esetup.cfg\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8e4868a036b7fae3208d16cb4e5fe6d63c3752df\"\u003e\u003ccode\u003e8e4868a\u003c/code\u003e\u003c/a\u003e Bump version: 78.1.0 → 78.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/100e9a61ad24d5a147ada57357425a8d40626d09\"\u003e\u003ccode\u003e100e9a6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4951\"\u003e#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8faf1d7e0ca309983252e4f21837b73ee12e960f\"\u003e\u003ccode\u003e8faf1d7\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/2ca4a9fe4758fcd39d771d3d3a5b4840aacebdf7\"\u003e\u003ccode\u003e2ca4a9f\u003c/code\u003e\u003c/a\u003e Rely on re.sub to perform the decision in one expression.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/e409e8002932f2b86aae7b1abc8f8c2ebf96df2c\"\u003e\u003ccode\u003ee409e80\u003c/code\u003e\u003c/a\u003e Extract _sanitize method for sanitizing the filename.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b\"\u003e\u003ccode\u003e250a6d1\u003c/code\u003e\u003c/a\u003e Add a check to ensure the name resolves relative to the tmpdir.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a\"\u003e\u003ccode\u003ed8390fe\u003c/code\u003e\u003c/a\u003e Extract _resolve_download_filename with test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/4e1e89392de5cb405e7844cdc8b20fc2755dbaba\"\u003e\u003ccode\u003e4e1e893\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/3a3144f0d2887fa37c06550f42a101e9eebd953a\"\u003e\u003ccode\u003e3a3144f\u003c/code\u003e\u003c/a\u003e Fix typo: \u003ccode\u003epyproject.license\u003c/code\u003e -\u0026gt; \u003ccode\u003eproject.license\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4931\"\u003e#4931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d751068fd2627d6d8f1729e39cbcd8119049998f\"\u003e\u003ccode\u003ed751068\u003c/code\u003e\u003c/a\u003e Fix typo: pyproject.license -\u0026gt; project.license\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/setuptools/compare/v65.6.3...v78.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/offsoc/bofhound/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/offsoc/bofhound/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsoc%2Fbofhound/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"3.9.8","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2025-08-22T23:44:14.000Z","version_change":"3.9.8 → 3.19.1","issue":{"uuid":"2767780101","node_id":"PR_kwDOEdIfM86k-PkF","number":6,"state":"open","title":"Bump the pip group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-22T23:44:14.000Z","updated_at":"2025-08-22T23:44:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":7,"packages":[{"name":"cryptography","old_version":"3.3.2","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"dnspython","old_version":"2.0.0","new_version":"2.6.1","repository_url":"https://github.com/rthalley/dnspython"},{"name":"flask","old_version":"1.1.2","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"future","old_version":"0.18.2","new_version":"1.0.0","repository_url":"https://github.com/PythonCharmers/python-future"},{"name":"jinja2","old_version":"2.11.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"pycryptodomex","old_version":"3.9.8","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"},{"name":"werkzeug","old_version":"1.0.1","new_version":"3.0.6","repository_url":"https://github.com/pallets/werkzeug"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [cryptography](https://github.com/pyca/cryptography) | `3.3.2` | `44.0.1` |\n| [dnspython](https://github.com/rthalley/dnspython) | `2.0.0` | `2.6.1` |\n| [flask](https://github.com/pallets/flask) | `1.1.2` | `2.2.5` |\n| [future](https://github.com/PythonCharmers/python-future) | `0.18.2` | `1.0.0` |\n| [jinja2](https://github.com/pallets/jinja) | `2.11.3` | `3.1.6` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.9.8` | `3.19.1` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `1.0.1` | `3.0.6` |\n\n\nUpdates `cryptography` from 3.3.2 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/3.3.2...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dnspython` from 2.0.0 to 2.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rthalley/dnspython/releases\"\u003ednspython's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ednspython 2.6.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://dnspython.readthedocs.io/en/latest/whatsnew.html\"\u003eWhat's New\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003eThis is a bug fix release for 2.6.0 where the \u0026quot;TuDoor\u0026quot; fix erroneously\nsuppressed legitimate Truncated exceptions.  This caused the stub\nresolver to timeout instead of failing over to TCP when a legitimate\ntruncated response was received over UDP.\u003c/p\u003e\n\u003cp\u003eThis release addresses the potential DoS issue discussed in the\n\u0026quot;TuDoor\u0026quot; paper (CVE-2023-29483).  The dnspython stub resolver is\nvulnerable to a potential DoS if a bad-in-some-way response from the\nright address and port forged by an attacker arrives before a\nlegitimate one on the UDP port dnspython is using for that query.  In\nthis situation, dnspython might switch to querying another resolver or\ngive up entirely, possibly denying service for that resolution.  This\nrelease addresses the issue by adopting the recommended mitigation,\nwhich is ignoring the bad packets and continuing to listen for a\nlegitimate response until the timeout for the query has expired.\u003c/p\u003e\n\u003cp\u003eThank you to all the contributors to this release, and, as usual,\nthanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian\nWellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.6.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://dnspython.readthedocs.io/en/latest/whatsnew.html\"\u003eWhat's New\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003eThis release addresses the potential DoS issue discussed in the \u0026quot;TuDoor\u0026quot; paper (CVE-2023-29483).  The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query.  In this situation, dnspython might switch to querying another resolver or give up entirely, possibly denying service for that resolution.  This release addresses the issue by adopting the recommended mitigation, which is ignoring the bad packets and continuing to listen for a legitimate response until the timeout for the query has expired.\u003c/p\u003e\n\u003cp\u003eThank you to all the contributors to this release, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.5.0\u003c/h2\u003e\n\u003cp\u003eSee the \u003ca href=\"https://dnspython.readthedocs.io/en/stable/whatsnew.html\"\u003eWhat's New\u003c/a\u003e page for a summary of this release.\u003c/p\u003e\n\u003cp\u003eThanks to all the contributors, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003ch2\u003ednspython 2.4.2\u003c/h2\u003e\n\u003cp\u003eThis is a bug fix release, see the \u003ca href=\"https://dnspython.readthedocs.io/en/stable/whatsnew.html\"\u003eWhat's New\u003c/a\u003e page in the documentation for a summary.\u003c/p\u003e\n\u003cp\u003eThanks to the people who reported the bugs and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rthalley/dnspython/blob/main/doc/whatsnew.rst\"\u003ednspython's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe Tudoor fix ate legitimate Truncated exceptions, preventing the resolver from\nfailing over to TCP and causing the query to timeout \u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1053\"\u003e#1053\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAs mentioned in the \u0026quot;TuDoor\u0026quot; paper and the associated CVE-2023-29483, the dnspython\nstub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the\nright address and port forged by an attacker arrives before a legitimate one on the\nUDP port dnspython is using for that query.\u003c/p\u003e\n\u003cp\u003eThis release addresses the issue by adopting the recommended mitigation, which is\nignoring the bad packets and continuing to listen for a legitimate response until\nthe timeout for the query has expired.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for the NSID EDNS option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now looks for version metadata for optional packages and will not\nuse them if they are too old.  This prevents possible exceptions when a\nfeature like DoH is not desired in dnspython, but an old httpx is installed\nalong with dnspython for some other purpose.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe DoHNameserver class now allows GET to be used instead of the default POST,\nand also passes source and source_port correctly to the underlying query\nmethods.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now uses hatchling for builds.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAsynchronous destinationless sockets now work on Windows.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCython is no longer supported due to various typing issues.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDnspython now explicitly canonicalizes IPv4 and IPv6 addresses.\nPreviously it was possible for non-canonical IPv6 forms to be stored\nin a AAAA address, which would work correctly but possibly cause\nproblmes if the address were used as a key in a dictionary.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe number of messages in a section can be retrieved with\nsection_count().\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eTruncation preferences for messages can be specified.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe length of a message can be automatically prepended when\nrendering.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/0a742b9658977175663dc30da902342a8c2bacac\"\u003e\u003ccode\u003e0a742b9\u003c/code\u003e\u003c/a\u003e update CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2\"\u003e\u003ccode\u003e0ea5ad0\u003c/code\u003e\u003c/a\u003e The Tudoor fix should not eat valid Truncated exceptions \u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1053\"\u003e#1053\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/rthalley/dnspython/issues/1054\"\u003e#1054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/f12d398a6991dfaad94d7fefaf7e2f55d1fda3cb\"\u003e\u003ccode\u003ef12d398\u003c/code\u003e\u003c/a\u003e 2.6.1 version prep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/cecb8534f61de16aaa1a1a84eaaeb14dfdf67448\"\u003e\u003ccode\u003ececb853\u003c/code\u003e\u003c/a\u003e Further improve CVE fix coverage to 100% for sync and async.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/7952e311d47f6b34f5dc050681001fd34ab60d01\"\u003e\u003ccode\u003e7952e31\u003c/code\u003e\u003c/a\u003e test IgnoreErrors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/e093299a49967696b1c58b68e4767de5031a3e46\"\u003e\u003ccode\u003ee093299\u003c/code\u003e\u003c/a\u003e For the Tudoor fix, we also need the UDP nameserver to ignore_unexpected.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/3af9f78142084fff8523bc96b5f8cfd2b909dc18\"\u003e\u003ccode\u003e3af9f78\u003c/code\u003e\u003c/a\u003e 2.6.0 versioning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/ca63d95143e81975fc3fff4dff87b366dc661371\"\u003e\u003ccode\u003eca63d95\u003c/code\u003e\u003c/a\u003e Require cryptography \u0026gt;=41 instead of 42.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/902cbf3fcb11ddfd8625b4a071fe9f592f6fc753\"\u003e\u003ccode\u003e902cbf3\u003c/code\u003e\u003c/a\u003e Create CODE_OF_CONDUCT.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rthalley/dnspython/commit/ed9795fa9b39c4a12f5a1a9e0eeea4240d1efb07\"\u003e\u003ccode\u003eed9795f\u003c/code\u003e\u003c/a\u003e github contributing and pull request template\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rthalley/dnspython/compare/v2.0.0...v2.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 1.1.2 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/1.1.2...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `future` from 0.18.2 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/releases\"\u003efuture's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eThe new version number of 1.0.0 indicates that the python-future project, like\nPython 2, is now done.\u003c/p\u003e\n\u003cp\u003eThe most important change in this release is adding support for Python 3.12\n(ba1cc50 and a6222d2 and bcced95).\u003c/p\u003e\n\u003cp\u003eThis release also includes these fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSmall updates to the docs\u003c/li\u003e\n\u003cli\u003eAdd SECURITY.md describing security policy (0598d1b)\u003c/li\u003e\n\u003cli\u003eFix pasteurize: NameError: name 'unicode' is not defined (de68c10)\u003c/li\u003e\n\u003cli\u003eMove CI to GitHub Actions (8cd11e8)\u003c/li\u003e\n\u003cli\u003eAdd setuptools to requirements for building docs (0c347ff)\u003c/li\u003e\n\u003cli\u003eFix typos in docs (350e87a)\u003c/li\u003e\n\u003cli\u003eMake the fix_unpacking fixer more robust (de68c10)\u003c/li\u003e\n\u003cli\u003eSmall improvements to shell scripts according to shellcheck (6153844)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.18.3\u003c/h2\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/blob/master/docs/changelog.rst\"\u003efuture's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e.. _whats-old:\u003c/p\u003e\n\u003cp\u003eChanges in previous versions\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eChanges in the most recent major version are here: :ref:\u003ccode\u003ewhats-new\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eChanges in version 0.18.3 (2023-01-13)\u003c/h1\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003cli\u003eFix various py26 unit test failures (9ca5a14)\u003c/li\u003e\n\u003cli\u003eAdd initial contributing guide with docs build instruction (e55f915)\u003c/li\u003e\n\u003cli\u003eAdd docs building to tox.ini (3ee9e7f)\u003c/li\u003e\n\u003cli\u003eSupport NumPy's specialized int types in builtins.round (b4b54f0)\u003c/li\u003e\n\u003cli\u003eAdded r\u0026quot;\u0026quot;\u0026quot; to the docstring to avoid warnings in python3 (5f94572)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003esubclasscheck\u003c/strong\u003e for past.types.basestring (c9bc0ff)\u003c/li\u003e\n\u003cli\u003eCorrect example in README (681e78c)\u003c/li\u003e\n\u003cli\u003eAdd simple documentation (6c6e3ae)\u003c/li\u003e\n\u003cli\u003eAdd pre-commit hooks (a9c6a37)\u003c/li\u003e\n\u003cli\u003eHandling of \u003cstrong\u003enext\u003c/strong\u003e and next by future.utils.get_next was reversed (52b0ff9)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/2bdbfa5664241fee622b23590abd3492f973afc9\"\u003e\u003ccode\u003e2bdbfa5\u003c/code\u003e\u003c/a\u003e Tidy up README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a7097f804cd83fe1fd6a50ab088ae1d4ab303246\"\u003e\u003ccode\u003ea7097f8\u003c/code\u003e\u003c/a\u003e Update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/e32250e67423aaf4fbccd332be8a40fdcdba2711\"\u003e\u003ccode\u003ee32250e\u003c/code\u003e\u003c/a\u003e Update docs pointing to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/dde60ad4c9857a11b9f54e8ae671aacde703e71a\"\u003e\u003ccode\u003edde60ad\u003c/code\u003e\u003c/a\u003e Move old \u0026quot;What's New\u0026quot; entries to the change log\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/b2ea4204fc269ede619526c7753c0fa6579d5d0d\"\u003e\u003ccode\u003eb2ea420\u003c/code\u003e\u003c/a\u003e Remove hacky logo from docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a10a78bbd2921a4deaa423bdf5712acf9eb8d5a4\"\u003e\u003ccode\u003ea10a78b\u003c/code\u003e\u003c/a\u003e Update \u0026quot;What's New\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/9f8763032b4ac1dbe043db363feae26fe6d0bacc\"\u003e\u003ccode\u003e9f87630\u003c/code\u003e\u003c/a\u003e Update the FAQ entries on compatibility and contributing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/f4a1f0406b47e8ef91838fcff9d679ee6fe186d9\"\u003e\u003ccode\u003ef4a1f04\u003c/code\u003e\u003c/a\u003e Docs: replace http links with https\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/30c525e1aa6aa5a5a2b5d2ec4769feb00aa7a726\"\u003e\u003ccode\u003e30c525e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/PythonCharmers/python-future\"\u003ehttps://github.com/PythonCharmers/python-future\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/70b36a8a514e45a2582589991be4a2c1fd1944b7\"\u003e\u003ccode\u003e70b36a8\u003c/code\u003e\u003c/a\u003e Disable Python 2.6 CI tests for now\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PythonCharmers/python-future/compare/v0.18.2...v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.11.3 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.11.3...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pycryptodomex` from 3.9.8 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.19.1 - Zeil\u003c/h2\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack. Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19.0 - Ulm\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.18.0 - Trier\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for DER BOOLEAN encodings.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/p\u003e\n\u003cp\u003eResolved issues\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.17.0 - Stuttgart\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.16.0 - Ravensburg\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBuild wheels for musl Linux. Thanks to Ben Raz.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#639: ARC4 now also works with 'keys' as short as 8 bits.\u003c/li\u003e\n\u003cli\u003eGH#669: fix segfaults when running in a manylinux2010 i686 image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.19.1 (28 December 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a side-channel leakage with OAEP decryption that could be\nexploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.19.0 (16 September 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eupdate()\u003c/code\u003e methods of TupleHash128 and TupleHash256 objects\ncan now hash multiple items (byte strings) at once.\nThanks to Sylvain Pelissier.\u003c/li\u003e\n\u003cli\u003eAdded support for ECDH, with \u003ccode\u003eCrypto.Protocol.DH\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#754: due to a bug in \u003ccode\u003ecffi\u003c/code\u003e, do not use it on Windows with Python 3.12+.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.18.0 (18 May 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for DER BOOLEAN encodings.\u003c/li\u003e\n\u003cli\u003eThe library now compiles on Windows ARM64. Thanks to Niyas Sait.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#722: \u003ccode\u003enonce\u003c/code\u003e attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.\u003c/li\u003e\n\u003cli\u003eGH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.\u003c/li\u003e\n\u003cli\u003eGH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.\u003c/li\u003e\n\u003cli\u003eCorrectly check that the scalar matches the point when importing an ECC private key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.17.0 (29 January 2023)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the Counter Mode KDF defined in SP 800-108 Rev 1.\u003c/li\u003e\n\u003cli\u003eReduce the minimum tag length for the EAX cipher to 2 bytes.\u003c/li\u003e\n\u003cli\u003eAn RSA object has 4 new properties for the CRT coefficients:\n\u003ccode\u003edp\u003c/code\u003e, \u003ccode\u003edq\u003c/code\u003e, \u003ccode\u003einvq\u003c/code\u003e and \u003ccode\u003einvq\u003c/code\u003e (\u003ccode\u003einvp\u003c/code\u003e is the same value\nas the existing \u003ccode\u003eu\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ef270ab436bddb437f8de122085bcf26dc9ad904\"\u003e\u003ccode\u003eef270ab\u003c/code\u003e\u003c/a\u003e Update wheels action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/3278edd0e99d1a45231de4b4b2a77b50963431e9\"\u003e\u003ccode\u003e3278edd\u003c/code\u003e\u003c/a\u003e Update changelog and version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/10e8216079e6965eddac4bf293c3049a8b76b5d7\"\u003e\u003ccode\u003e10e8216\u003c/code\u003e\u003c/a\u003e Update PSS verify signature code example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/4ec4b85c65210a2809974b2fd1e6677cf2b0fc57\"\u003e\u003ccode\u003e4ec4b85\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8c80d2053bbb06a1aa0b181ebd\"\u003e\u003ccode\u003e0deea1b\u003c/code\u003e\u003c/a\u003e Use constant-time (faster) padding decoding also for OAEP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/519e7aea6de4e8f03b62c6e1dba724aca738882e\"\u003e\u003ccode\u003e519e7ae\u003c/code\u003e\u003c/a\u003e Avoid changing signature of RSA._decrypt() method if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1aa9dca20cd9485c8bcef2ecfdd05d407ae9edb7\"\u003e\u003ccode\u003e1aa9dca\u003c/code\u003e\u003c/a\u003e Update changelog and bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/afb5e27a15efe59e33c2825d40ef44995c13b8bc\"\u003e\u003ccode\u003eafb5e27\u003c/code\u003e\u003c/a\u003e Fix side-channel leakage in RSA decryption\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee91c677a0862914aa7c0bf5829dc59306a93630\"\u003e\u003ccode\u003eee91c67\u003c/code\u003e\u003c/a\u003e Update CMAC.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/43a466d170a5e28187732b90b2a7594ab06b6c6d\"\u003e\u003ccode\u003e43a466d\u003c/code\u003e\u003c/a\u003e Fix small \u0026quot;passes\u0026quot; typo.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.9.8...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `werkzeug` from 1.0.1 to 3.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/releases\"\u003ewerkzeug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.6\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.6 security fix release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.6/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix how \u003ccode\u003emax_form_memory_size\u003c/code\u003e is applied when parsing large non-file fields. \u003ca href=\"https://github.com/advisories/GHSA-q34m-jh98-gwm2\"\u003eGHSA-q34m-jh98-gwm2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e catches certain paths on Windows that were not caught by \u003ccode\u003entpath.isabs\u003c/code\u003e on Python \u0026lt; 3.11. \u003ca href=\"https://github.com/advisories/GHSA-f9vj-2wh5-fj8j\"\u003eGHSA-f9vj-2wh5-fj8j\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.5\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.5 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.5/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/37?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/37?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Watchdog reloader ignores file closed no write events. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2945\"\u003e#2945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLogging works with client addresses containing an IPv6 scope. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2952\"\u003e#2952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore invalid authorization parameters. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2955\"\u003e#2955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove type annotation fore \u003ccode\u003eSharedDataMiddleware\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2958\"\u003e#2958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCompatibility with Python 3.13 when generating debugger pin and the current UID does not have an associated name. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2957\"\u003e#2957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.4\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.4/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4\"\u003ehttps://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/36?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore behavior where parsing \u003ccode\u003emultipart/x-www-form-urlencoded\u003c/code\u003e data with\ninvalid UTF-8 bytes in the body results in no form data parsed rather than a\n413 error. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2930\"\u003e#2930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove \u003ccode\u003eparse_options_header\u003c/code\u003e performance when parsing unterminated\nquoted string values. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2904\"\u003e#2904\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth is synchronized across threads/processes when tracking\nfailed entries. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2916\"\u003e#2916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDev server handles unexpected \u003ccode\u003eSSLEOFError\u003c/code\u003e due to issue in Python \u0026lt; 3.13.\n\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2926\"\u003e#2926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth works when the URL already contains a query string.\n\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2918\"\u003e#2918\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.3 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.3/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3\"\u003ehttps://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/35?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/35?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOnly allow \u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. GHSA-2g68-c3qc-8985\u003c/li\u003e\n\u003cli\u003eMake reloader more robust when \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e is in \u003ccode\u003esys.path\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2823\"\u003e#2823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/blob/main/CHANGES.rst\"\u003ewerkzeug's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.0.6\u003c/h2\u003e\n\u003cp\u003eReleased 2024-10-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix how \u003ccode\u003emax_form_memory_size\u003c/code\u003e is applied when parsing large non-file\nfields. :ghsa:\u003ccode\u003eq34m-jh98-gwm2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e catches certain paths on Windows that were not caught by\n\u003ccode\u003entpath.isabs\u003c/code\u003e on Python \u0026lt; 3.11. :ghsa:\u003ccode\u003ef9vj-2wh5-fj8j\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-10-24\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Watchdog reloader ignores file closed no write events. :issue:\u003ccode\u003e2945\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eLogging works with client addresses containing an IPv6 scope :issue:\u003ccode\u003e2952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eIgnore invalid authorization parameters. :issue:\u003ccode\u003e2955\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove type annotation fore \u003ccode\u003eSharedDataMiddleware\u003c/code\u003e. :issue:\u003ccode\u003e2958\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCompatibility with Python 3.13 when generating debugger pin and the current\nUID does not have an associated name. :issue:\u003ccode\u003e2957\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.4\u003c/h2\u003e\n\u003cp\u003eReleased 2024-08-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore behavior where parsing \u003ccode\u003emultipart/x-www-form-urlencoded\u003c/code\u003e data with\ninvalid UTF-8 bytes in the body results in no form data parsed rather than a\n413 error. :issue:\u003ccode\u003e2930\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove \u003ccode\u003eparse_options_header\u003c/code\u003e performance when parsing unterminated\nquoted string values. :issue:\u003ccode\u003e2904\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth is synchronized across threads/processes when tracking\nfailed entries. :issue:\u003ccode\u003e2916\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDev server handles unexpected \u003ccode\u003eSSLEOFError\u003c/code\u003e due to issue in Python \u0026lt; 3.13.\n:issue:\u003ccode\u003e2926\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth works when the URL already contains a query string.\n:issue:\u003ccode\u003e2918\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.3\u003c/h2\u003e\n\u003cp\u003eReleased 2024-05-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOnly allow \u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, or the specified\nhostname when running the dev server, to make debugger requests. Additional\nhosts can be added by using the debugger middleware directly. The debugger\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/5eaefc3996aa5cc8c5237d8b82f1b89eed6ea624\"\u003e\u003ccode\u003e5eaefc3\u003c/code\u003e\u003c/a\u003e release version 3.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092\"\u003e\u003ccode\u003e2767bcb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/87cc78a25f782f8c59fbde786840a00cf0d09b3d\"\u003e\u003ccode\u003e87cc78a\u003c/code\u003e\u003c/a\u003e catch special absolute path on Windows Python \u0026lt; 3.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/50cfeebcb0727e18cc52ffbeb125f4a66551179b\"\u003e\u003ccode\u003e50cfeeb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8760275afb72bd10b57d92cb4d52abf759b2f3a7\"\u003e\u003ccode\u003e8760275\u003c/code\u003e\u003c/a\u003e apply max_form_memory_size another level up in the parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8d6a12e2af542a553853c870d106884a3cd1f73b\"\u003e\u003ccode\u003e8d6a12e\u003c/code\u003e\u003c/a\u003e start version 3.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/a7b121abc781b9a6557ca204f23247db654d0253\"\u003e\u003ccode\u003ea7b121a\u003c/code\u003e\u003c/a\u003e release version 3.0.5 (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2961\"\u003e#2961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/9caf72ac060181a3171d91fd12279e071df430ca\"\u003e\u003ccode\u003e9caf72a\u003c/code\u003e\u003c/a\u003e release version 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/e28a2451e99457ce71e460af276a02f27a3bdba1\"\u003e\u003ccode\u003ee28a245\u003c/code\u003e\u003c/a\u003e catch OSError from getpass.getuser (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2960\"\u003e#2960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/e6b4cce97eef17716004625bcf6754fa930f2618\"\u003e\u003ccode\u003ee6b4cce\u003c/code\u003e\u003c/a\u003e catch OSError from getpass.getuser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/werkzeug/compare/1.0.1...3.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/H1d3r/CVE-2020-1473/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/H1d3r/CVE-2020-1473/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/H1d3r%2FCVE-2020-1473/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"3.22.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2025-08-04T08:27:29.000Z","version_change":"3.22.0 → 3.23.0","issue":{"uuid":"2717153662","node_id":"PR_kwDOPX3G1c6h9Hl-","number":5,"state":"open","title":"Bump pycryptodomex from 3.22.0 to 3.23.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-04T08:27:29.000Z","updated_at":"2025-08-04T08:27:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"pycryptodomex","old_version":"3.22.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.22.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.22.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.22.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/eva57gr/Som-AI/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/eva57gr%2FSom-AI/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"3.21.0","new_version":"3.23.0","update_type":"minor","path":null,"pr_created_at":"2025-07-31T23:15:18.000Z","version_change":"3.21.0 → 3.23.0","issue":{"uuid":"3281971580","node_id":"PR_kwDOBn3TTM6hnePl","number":7185,"state":"open","title":"Bump pycryptodomex from 3.21.0 to 3.23.0","user":"dependabot[bot]","labels":["stale","dependencies","python"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-31T23:15:18.000Z","updated_at":"2025-09-06T12:01:30.231Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"pycryptodomex","old_version":"3.21.0","new_version":"3.23.0","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.21.0 to 3.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/releases\"\u003epycryptodomex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.23.0 - Dunkerque\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.22.0 - Caen\u003c/h2\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst\"\u003epycryptodomex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.23.0 (17 May 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649).\nBoth are defined also in NIST SP 800-38F.\u003c/li\u003e\n\u003cli\u003eWheels for Windows ARM.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.22.0 (16 March 2025)\n++++++++++++++++++++++++++\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for HPKE (RFC 9180).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eResolved issues\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#812: CCM ciphers will now fail before encrypting (or decrypting)\ndata beyond the limit imposed by the nonce length.\u003c/li\u003e\n\u003cli\u003eGH#846: fix infinite loop with RC4 for data larger than 4GB.\u003c/li\u003e\n\u003cli\u003eGH#852: handle correctly invalid PEM files with less than 3 lines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python 3.6.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/cde63f8f9b64f1c8cd86249128cfd5986c2c43af\"\u003e\u003ccode\u003ecde63f8\u003c/code\u003e\u003c/a\u003e Undo license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/51ccbaccc4a37cc331a44d69e20377fbb10c0725\"\u003e\u003ccode\u003e51ccbac\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/8d4e536029914c510432de8e2924a0566b94b515\"\u003e\u003ccode\u003e8d4e536\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/865287411c18671b14266bbaa6a5a639cc2e199c\"\u003e\u003ccode\u003e8652874\u003c/code\u003e\u003c/a\u003e Add license information in pyproject.toml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/1006d4ffa495e27dbd0ff9181357d661b7e1f0ba\"\u003e\u003ccode\u003e1006d4f\u003c/code\u003e\u003c/a\u003e Build cpython-freethreading wheel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0a056c063e67799db081a9451af25c36578e0584\"\u003e\u003ccode\u003e0a056c0\u003c/code\u003e\u003c/a\u003e Update FAQ for HPKE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/0785df83f639fc25c807dbba9dfa5e00c9d05382\"\u003e\u003ccode\u003e0785df8\u003c/code\u003e\u003c/a\u003e Update FAQ\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/ee15eee6d618d3f65582271317e567efa7c0248f\"\u003e\u003ccode\u003eee15eee\u003c/code\u003e\u003c/a\u003e Update Changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/876573ec600c0f10a4af6c995fa8dc2e4af6c673\"\u003e\u003ccode\u003e876573e\u003c/code\u003e\u003c/a\u003e Test and build wheels for Windows ARM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Legrandin/pycryptodome/commit/64506f73e9454f441cf2b6f8b2b45cf3c63a0cde\"\u003e\u003ccode\u003e64506f7\u003c/code\u003e\u003c/a\u003e Merge branch 'key_wrap'\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Legrandin/pycryptodome/compare/v3.21.0...v3.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex\u0026package-manager=pip\u0026previous-version=3.21.0\u0026new-version=3.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hypothesis/lms/pull/7185","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hypothesis%2Flms/issues/7185","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7185/packages"}},{"old_version":"3.18.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2025-07-29T16:54:22.000Z","version_change":"3.18.0 → 3.19.1","issue":{"uuid":"3274330835","node_id":"PR_kwDOFZ_7pM6hNx2Q","number":3578,"state":"open","title":"chore(deps): bump the pip group across 7 directories with 12 updates","user":"dependabot[bot]","labels":["python","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-29T16:54:22.000Z","updated_at":"2025-09-08T16:36:11.289Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":12,"packages":[{"name":"urllib3","old_version":"1.26.12","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"requests","old_version":"2.28.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"redshift-connector","old_version":"2.0.915","new_version":"2.1.7","repository_url":"https://github.com/aws/amazon-redshift-python-driver"},{"name":"snowflake-connector-python","old_version":"3.0.4","new_version":"3.13.1","repository_url":"https://github.com/snowflakedb/snowflake-connector-python"},{"name":"certifi","old_version":"2022.09.24","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"pycryptodomex","old_version":"3.18.0","new_version":"3.19.1","repository_url":"https://github.com/Legrandin/pycryptodome"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 3 updates in the /api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [pydantic](https://github.com/pydantic/pydantic).\nBumps the pip group with 3 updates in the /ee/api directory: [urllib3](https://github.com/urllib3/urllib3), [requests](https://github.com/psf/requests) and [pydantic](https://github.com/pydantic/pydantic).\nBumps the pip group with 7 updates in the /ee/connectors/deploy directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.12` | `2.5.0` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.4` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [redshift-connector](https://github.com/aws/amazon-redshift-python-driver) | `2.0.915` | `2.1.7` |\n| [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) | `3.0.4` | `3.13.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.09.24` | `2024.7.4` |\n| [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.18.0` | `3.19.1` |\n\nBumps the pip group with 3 updates in the /ee/intelligent_search directory: [requests](https://github.com/psf/requests), [pydantic](https://github.com/pydantic/pydantic) and [certifi](https://github.com/certifi/python-certifi).\nBumps the pip group with 1 update in the /ee/quickwit directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 7 updates in the /ee/recommendation directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.5.0` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.4` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.6.3` | `2.11.7` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.6` | `0.0.18` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` |\n| [mlflow](https://github.com/mlflow/mlflow) | `2.11.1` | `3.1.0` |\n| [apache-airflow](https://github.com/apache/airflow) | `2.8.2` | `2.10.3` |\n\nBumps the pip group with 1 update in the /ee/recommendation/ml_trainer directory: [apache-airflow](https://github.com/apache/airflow).\n\nUpdates `urllib3` from 2.3.0 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.10.6 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.10.6...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 2.3.0 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 2.10.6 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.10.6...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.12 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/2.3.0...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `redshift-connector` from 2.0.915 to 2.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/releases\"\u003eredshift-connector's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.7\u003c/p\u003e\n\u003ch2\u003ev2.1.6\u003c/h2\u003e\n\u003cp\u003echore: bump version to 2.1.6\u003c/p\u003e\n\u003ch2\u003ev2.1.5\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/timm4205\"\u003e\u003ccode\u003e@​timm4205\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.3\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/jamescaii\"\u003e\u003ccode\u003e@​jamescaii\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jamesdow21\"\u003e\u003ccode\u003e@​jamesdow21\u003c/code\u003e\u003c/a\u003e for their contributions to this release.\u003c/p\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.918\u003c/h2\u003e\n\u003cp\u003eThank you to \u003ca href=\"https://github.com/rmaxu\"\u003e\u003ccode\u003e@​rmaxu\u003c/code\u003e\u003c/a\u003e for their contribution in \u003ca href=\"https://redirect.github.com/aws/amazon-redshift-python-driver/issues/199\"\u003e#199\u003c/a\u003e .\u003c/p\u003e\n\u003ch2\u003ev2.0.917\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.0.916\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md\"\u003eredshift-connector's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.7 (2025-05-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eModified connection parameter ssl_insecure to be False by default.\u003c/li\u003e\n\u003cli\u003eAddressed security issue as detailed in CVE-2025-5279\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.6 (2025-05-06)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDirectly imports a package as a fallback mechanism for retrieving a package’s version number during identity provider authentication.\u003c/li\u003e\n\u003cli\u003eFixed stale prepared statement caching issue by clearing the cache upon execution of DROP or ROLLBACK commands.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.5 (2024-12-23)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the logic for retrieving database metadata through the\nget_catalogs, get_schemas, get_tables, and get_columns API methods.\u003c/li\u003e\n\u003cli\u003eAdded developer dependency on Selenium.\u003c/li\u003e\n\u003cli\u003eAddressed security issues as detailed in CVE-2024-12745.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.4 (2024-11-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThis driver version has been recalled. Python Driver v2.1.3 is recommended for use instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.3 (2024-07-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdded support for a new browser authentication plugin called\nBrowserIdcAuthPlugin to facilitate single-sign-on integration with AWS\nIAM Identity Center. [Brooke Wh...\n\n_Description has been truncated_","html_url":"https://github.com/openreplay/openreplay/pull/3578","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/openreplay%2Fopenreplay/issues/3578","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3578/packages"}}]}