)]}'
{
  "commit": "fc47e09dca24952385bfdd7acfd198bc380dc0d7",
  "tree": "2a2cd2225784f0b7e918861623bf2be31bf1d0bc",
  "parents": [
    "93bf122d220d2142ea938d61778e50943b7c34be"
  ],
  "author": {
    "name": "dependabot[bot]",
    "email": "49699333+dependabot[bot]@users.noreply.github.com",
    "time": "Thu Oct 19 08:39:07 2023 +0900"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Wed Oct 18 23:39:07 2023 +0000"
  },
  "message": "build(deps): bump urllib3 from 1.26.7 to 1.26.18 in /tests/pip_repository_entry_points (#1500)\n\nBumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.7 to\n1.26.18.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.26.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to\nGET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses.\n(GHSA-g4mx-q9vg-27p4)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip\nfrom requests when redirecting to a different host. As before, different\nheaders can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\n(GHSA-v845-jxx5-vc9f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e\nwith many distinct origins would cause connection pools to be closed\nwhile requests are in progress (\u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/2954\"\u003e#2954\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when HTTPConnection is reused (\u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/2645\"\u003eurllib3/urllib3#2645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in\nIPv6 Zone ID parsing (\u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/2899\"\u003eurllib3/urllib3#2899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of \u0027x80\u0027 byte (\u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/2901\"\u003eurllib3/urllib3#2901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0 (\u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/2850\"\u003e#2850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e calls in\n\u003ccode\u003eurllib3.contrib\u003c/code\u003e module.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port\nwould be rejected even when the port number after removing the zeroes\nwas valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e\npackaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the\n\u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module. Both will be removed in\nv2.x. See this \u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/2680\"\u003eGitHub\nissue\u003c/a\u003e for justification and info on how to migrate.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider\nsupporting us via \u003ca href\u003d\"https://github.com/sponsors/urllib3\"\u003eGitHub\nSponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eurllib3 v2.0 will drop support for Python\n2\u003c/strong\u003e: \u003ca\nhref\u003d\"https://urllib3.readthedocs.io/en/latest/v2-roadmap.html\"\u003eRead\nmore in the v2.0 Roadmap\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where reading more than 2 GiB in a call to\nHTTPResponse.read would raise an OverflowError on Python 3.9 and\nearlier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.10\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider\nsupporting us via \u003ca href\u003d\"https://github.com/sponsors/urllib3\"\u003eGitHub\nSponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eurllib3 v2.0 will drop support for Python\n2\u003c/strong\u003e: \u003ca\nhref\u003d\"https://urllib3.readthedocs.io/en/latest/v2-roadmap.html\"\u003eRead\nmore in the v2.0 Roadmap\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e:closed_lock_with_key: \u003cstrong\u003eThis is the first release to be signed\nwith Sigstore!\u003c/strong\u003e You can verify the distributables using the\n\u003ccode\u003e.sig\u003c/code\u003e and \u003ccode\u003e.crt\u003c/code\u003e files included on this\nrelease.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved support for Python 3.5\u003c/li\u003e\n\u003cli\u003eFixed an issue where a \u003ccode\u003eProxyError\u003c/code\u003e recommending\nconfiguring the proxy as HTTP instead of HTTPS could appear even when an\nHTTPS proxy wasn\u0027t configured.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.9\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider\nsupporting us via \u003ca href\u003d\"https://github.com/sponsors/urllib3\"\u003eGitHub\nSponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.26.18 (2023-10-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to\nGET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.17 (2023-10-02)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip\nfrom requests when redirecting to a different host. As before, different\nheaders can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\n(\u003ccode\u003e[#3139](https://github.com/urllib3/urllib3/issues/3139)\n\u0026lt;https://github.com/urllib3/urllib3/pull/3139\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.16 (2023-05-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e\nwith many distinct origins\nwould cause connection pools to be closed while requests are in progress\n(\u003ccode\u003e[#2954](https://github.com/urllib3/urllib3/issues/2954)\n\u0026lt;https://github.com/urllib3/urllib3/pull/2954\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.15 (2023-03-10)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when \u003ccode\u003eHTTPConnection\u003c/code\u003e is reused\n(\u003ccode\u003e[#2645](https://github.com/urllib3/urllib3/issues/2645)\n\u0026lt;https://github.com/urllib3/urllib3/issues/2645\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in\nIPv6 Zone ID parsing\n(\u003ccode\u003e[#2899](https://github.com/urllib3/urllib3/issues/2899)\n\u0026lt;https://github.com/urllib3/urllib3/issues/2899\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of \u0027\\x80\u0027 byte\n(\u003ccode\u003e[#2901](https://github.com/urllib3/urllib3/issues/2901)\n\u0026lt;https://github.com/urllib3/urllib3/issues/2901\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.14 (2023-01-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0.\n(\u003ccode\u003e[#2850](https://github.com/urllib3/urllib3/issues/2850)\n\u0026lt;https://github.com/urllib3/urllib3/issues/2850\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated getheaders() calls in contrib module. Fixed the\ntype hint of \u003ccode\u003ePoolKey.key_retries\u003c/code\u003e by adding\n\u003ccode\u003ebool\u003c/code\u003e to the union.\n(\u003ccode\u003e[#2865](https://github.com/urllib3/urllib3/issues/2865)\n\u0026lt;https://github.com/urllib3/urllib3/issues/2865\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.13 (2022-11-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and\n\u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port\nwould be rejected\neven when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e\npackaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.12 (2022-08-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the\n\u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module.\nBoth will be removed in v2.x. See this \u003ccode\u003eGitHub issue\n\u0026lt;https://github.com/urllib3/urllib3/issues/2680\u0026gt;\u003c/code\u003e_\nfor justification and info on how to migrate.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.11 (2022-07-25)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where reading more than 2 GiB in a call to\n\u003ccode\u003eHTTPResponse.read\u003c/code\u003e would\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b\"\u003e\u003ccode\u003e9c2c230\u003c/code\u003e\u003c/a\u003e\nRelease 1.26.18 (\u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/3159\"\u003e#3159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36\"\u003e\u003ccode\u003eb594c5c\u003c/code\u003e\u003c/a\u003e\nMerge pull request from GHSA-g4mx-q9vg-27p4\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73\"\u003e\u003ccode\u003e944f0eb\u003c/code\u003e\u003c/a\u003e\n[1.26] Use vendored six in urllib3.contrib.securetransport\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784\"\u003e\u003ccode\u003ec9016bf\u003c/code\u003e\u003c/a\u003e\nRelease 1.26.17\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb\"\u003e\u003ccode\u003e0122035\u003c/code\u003e\u003c/a\u003e\nBackport GHSA-v845-jxx5-vc9f (\u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/3139\"\u003e#3139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8\"\u003e\u003ccode\u003ee63989f\u003c/code\u003e\u003c/a\u003e\nFix installing \u003ccode\u003ebrotli\u003c/code\u003e extra on Python 2.7\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49\"\u003e\u003ccode\u003e2e7a24d\u003c/code\u003e\u003c/a\u003e\n[1.26] Configure OS for RTD to fix building docs\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0\"\u003e\u003ccode\u003e57181d6\u003c/code\u003e\u003c/a\u003e\n[1.26] Improve error message when calling urllib3.request() (\u003ca\nhref\u003d\"https://redirect.github.com/urllib3/urllib3/issues/3058\"\u003e#3058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa\"\u003e\u003ccode\u003e3c01480\u003c/code\u003e\u003c/a\u003e\n[1.26] Run coverage even with failed jobs\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/commit/d94029b7e2193ff47b627906a70e06377a09aae8\"\u003e\u003ccode\u003ed94029b\u003c/code\u003e\u003c/a\u003e\nRelease 1.26.16\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/urllib3/urllib3/compare/1.26.7...1.26.18\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003durllib3\u0026package-manager\u003dpip\u0026previous-version\u003d1.26.7\u0026new-version\u003d1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/bazelbuild/rules_python/network/alerts).\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "fc5779bebd15713a5eab13617f8ee28db05904d3",
      "old_mode": 33188,
      "old_path": "tests/pip_repository_entry_points/requirements_windows.txt",
      "new_id": "96614a206e2def3d7ec178742e0142eeab3befc6",
      "new_mode": 33188,
      "new_path": "tests/pip_repository_entry_points/requirements_windows.txt"
    }
  ]
}