Scheduled daily dependency update on Sunday

[pyup-bot]

Update urllib3[secure] from 1.25.2 to 2.2.3.

Changelog

2.2.3

==================

Features
--------

- Added support for Python 3.13. (`3473 <https://github.com/urllib3/urllib3/issues/3473>`__)

Bugfixes
--------

- Fixed the default encoding of chunked request bodies to be UTF-8 instead of ISO-8859-1.
All other methods of supplying a request body already use UTF-8 starting in urllib3 v2.0. (`3053 <https://github.com/urllib3/urllib3/issues/3053>`__)
- Fixed ResourceWarning on CONNECT with Python < 3.11.4 by backporting https://github.com/python/cpython/issues/103472. (`#3252 <https://github.com/urllib3/urllib3/issues/3252>`__)
- Adjust tolerance for floating-point comparison on Windows to avoid flakiness in CI (`3413 <https://github.com/urllib3/urllib3/issues/3413>`__)
- Fixed a crash where certain standard library hash functions were absent in restricted environments. (`3432 <https://github.com/urllib3/urllib3/issues/3432>`__)
- Fixed mypy error when adding to ``HTTPConnection.default_socket_options``. (`3448 <https://github.com/urllib3/urllib3/issues/3448>`__)

HTTP/2 (experimental)
---------------------

HTTP/2 support is still in early development.

- Excluded Transfer-Encoding: chunked from HTTP/2 request body (`3425 <https://github.com/urllib3/urllib3/issues/3425>`__)
- Added version checking for ``h2`` (https://pypi.org/project/h2/) usage.

Now only accepting supported h2 major version 4.x.x. (`3290 <https://github.com/urllib3/urllib3/issues/3290>`__)
- Added a probing mechanism for determining whether a given target origin
supports HTTP/2 via ALPN. (`3301 <https://github.com/urllib3/urllib3/issues/3301>`__)
- Add support for sending a request body with HTTP/2 (`3302 <https://github.com/urllib3/urllib3/issues/3302>`__)


Deprecations and Removals
-------------------------

- Note for downstream distributors: the ``_version.py`` file has been removed and is now created at build time by hatch-vcs. (`3412 <https://github.com/urllib3/urllib3/issues/3412>`__)
- Drop support for end-of-life PyPy3.8 and PyPy3.9. (`3475 <https://github.com/urllib3/urllib3/issues/3475>`__)

2.2.2

==================

- Added the ``Proxy-Authorization`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``.
- Allowed passing negative integers as ``amt`` to read methods of ``http.client.HTTPResponse`` as an alternative to ``None``. (`3122 <https://github.com/urllib3/urllib3/issues/3122>`__)
- Fixed return types representing copying actions to use ``typing.Self``. (`3363 <https://github.com/urllib3/urllib3/issues/3363>`__)

2.2.1

==================

- Fixed issue where ``InsecureRequestWarning`` was emitted for HTTPS connections when using Emscripten. (`3331 <https://github.com/urllib3/urllib3/issues/3331>`__)
- Fixed ``HTTPConnectionPool.urlopen`` to stop automatically casting non-proxy headers to ``HTTPHeaderDict``. This change was premature as it did not apply to proxy headers and ``HTTPHeaderDict`` does not handle byte header values correctly yet. (`3343 <https://github.com/urllib3/urllib3/issues/3343>`__)
- Changed ``InvalidChunkLength`` to ``ProtocolError`` when response terminates before the chunk length is sent. (`2860 <https://github.com/urllib3/urllib3/issues/2860>`__)
- Changed ``ProtocolError`` to be more verbose on incomplete reads with excess content. (`3261 <https://github.com/urllib3/urllib3/issues/3261>`__)

2.2.0

==================

- Added support for `Emscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html>`__, including streaming support in cross-origin isolated browser environments where threading is enabled. (`#2951 <https://github.com/urllib3/urllib3/issues/2951>`__)
- Added support for ``HTTPResponse.read1()`` method. (`3186 <https://github.com/urllib3/urllib3/issues/3186>`__)
- Added rudimentary support for HTTP/2. (`3284 <https://github.com/urllib3/urllib3/issues/3284>`__)
- Fixed issue where requests against urls with trailing dots were failing due to SSL errors
when using proxy. (`2244 <https://github.com/urllib3/urllib3/issues/2244>`__)
- Fixed ``HTTPConnection.proxy_is_verified`` and ``HTTPSConnection.proxy_is_verified``
to be always set to a boolean after connecting to a proxy. It could be
``None`` in some cases previously. (`3130 <https://github.com/urllib3/urllib3/issues/3130>`__)
- Fixed an issue where ``headers`` passed in a request with ``json=`` would be mutated (`3203 <https://github.com/urllib3/urllib3/issues/3203>`__)
- Fixed ``HTTPSConnection.is_verified`` to be set to ``False`` when connecting
from a HTTPS proxy to an HTTP target. It was set to ``True`` previously. (`3267 <https://github.com/urllib3/urllib3/issues/3267>`__)
- Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (`3268 <https://github.com/urllib3/urllib3/issues/3268>`__)
- Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (`3325 <https://github.com/urllib3/urllib3/issues/3325>`__)
- Note for downstream distributors: To run integration tests, you now need to run the tests a second
time with the ``--integration`` pytest flag. (`3181 <https://github.com/urllib3/urllib3/issues/3181>`__)

2.1.0

==================

- Removed support for the deprecated urllib3[secure] extra. (`2680 <https://github.com/urllib3/urllib3/issues/2680>`__)
- Removed support for the deprecated SecureTransport TLS implementation. (`2681 <https://github.com/urllib3/urllib3/issues/2681>`__)
- Removed support for the end-of-life Python 3.7. (`3143 <https://github.com/urllib3/urllib3/issues/3143>`__)
- Allowed loading CA certificates from memory for proxies. (`3065 <https://github.com/urllib3/urllib3/issues/3065>`__)
- Fixed decoding Gzip-encoded responses which specified ``x-gzip`` content-encoding. (`3174 <https://github.com/urllib3/urllib3/issues/3174>`__)

2.0.7

==================

* Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

2.0.6

==================

* Added the ``Cookie`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``.

2.0.5

==================

- Allowed pyOpenSSL third-party module without any deprecation warning. (`3126 <https://github.com/urllib3/urllib3/issues/3126>`__)
- Fixed default ``blocksize`` of ``HTTPConnection`` classes to match high-level classes. Previously was 8KiB, now 16KiB. (`3066 <https://github.com/urllib3/urllib3/issues/3066>`__)

2.0.4

==================

- Added support for union operators to ``HTTPHeaderDict`` (`2254 <https://github.com/urllib3/urllib3/issues/2254>`__)
- Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`3078 <https://github.com/urllib3/urllib3/issues/3078>`__)
- Fixed ``urllib3.connection.HTTPConnection`` to raise the ``http.client.connect`` audit event to have the same behavior as the standard library HTTP client (`2757 <https://github.com/urllib3/urllib3/issues/2757>`__)
- Relied on the standard library for checking hostnames in supported PyPy releases (`3087 <https://github.com/urllib3/urllib3/issues/3087>`__)

2.0.3

==================

- Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. (`3020 <https://github.com/urllib3/urllib3/issues/3020>`__)
- Deprecated URLs which don't have an explicit scheme (`2950 <https://github.com/urllib3/urllib3/pull/2950>`_)
- Fixed response decoding with Zstandard when compressed data is made of several frames. (`3008 <https://github.com/urllib3/urllib3/issues/3008>`__)
- Fixed ``assert_hostname=False`` to correctly skip hostname check. (`3051 <https://github.com/urllib3/urllib3/issues/3051>`__)

2.0.2

==================

- Fixed ``HTTPResponse.stream()`` to continue yielding bytes if buffered decompressed data
was still available to be read even if the underlying socket is closed. This prevents
a compressed response from being truncated. (`3009 <https://github.com/urllib3/urllib3/issues/3009>`__)

2.0.1

==================

- Fixed a socket leak when fingerprint or hostname verifications fail. (`2991 <https://github.com/urllib3/urllib3/issues/2991>`__)
- Fixed an error when ``HTTPResponse.read(0)`` was the first ``read`` call or when the internal response body buffer was otherwise empty. (`2998 <https://github.com/urllib3/urllib3/issues/2998>`__)

2.0.0

==================

Read the `v2.0 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html>`__ for help upgrading to the latest version of urllib3.

Removed
-------

* Removed support for Python 2.7, 3.5, and 3.6 (`883 <https://github.com/urllib3/urllib3/issues/883>`__, `#2336 <https://github.com/urllib3/urllib3/issues/2336>`__).
* Removed fallback on certificate ``commonName`` in ``match_hostname()`` function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only ``subjectAltName``
is used to verify the hostname by default. To enable verifying the hostname against
``commonName`` use ``SSLContext.hostname_checks_common_name = True`` (`2113 <https://github.com/urllib3/urllib3/issues/2113>`__).
* Removed support for Python with an ``ssl`` module compiled with LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support.
When an incompatible OpenSSL version is detected an ``ImportError`` is raised (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed the list of default ciphers for OpenSSL 1.1.1+ and SecureTransport as their own defaults are already secure (`2082 <https://github.com/urllib3/urllib3/issues/2082>`__).
* Removed ``urllib3.contrib.appengine.AppEngineManager`` and support for Google App Engine Standard Environment (`2044 <https://github.com/urllib3/urllib3/issues/2044>`__).
* Removed deprecated ``Retry`` options ``method_whitelist``, ``DEFAULT_REDIRECT_HEADERS_BLACKLIST`` (`2086 <https://github.com/urllib3/urllib3/issues/2086>`__).
* Removed ``urllib3.HTTPResponse.from_httplib`` (`2648 <https://github.com/urllib3/urllib3/issues/2648>`__).
* Removed default value of ``None`` for the ``request_context`` parameter of ``urllib3.PoolManager.connection_from_pool_key``. This change should have no effect on users as the default value of ``None`` was an invalid option and was never used (`1897 <https://github.com/urllib3/urllib3/issues/1897>`__).
* Removed the ``urllib3.request`` module. ``urllib3.request.RequestMethods`` has been made a private API.
This change was made to ensure that ``from urllib3 import request`` imported the top-level ``request()``
function instead of the ``urllib3.request`` module (`2269 <https://github.com/urllib3/urllib3/issues/2269>`__).
* Removed support for SSLv3.0 from the ``urllib3.contrib.pyopenssl`` even when support is available from the compiled OpenSSL library (`2233 <https://github.com/urllib3/urllib3/issues/2233>`__).
* Removed the deprecated ``urllib3.contrib.ntlmpool`` module (`2339 <https://github.com/urllib3/urllib3/issues/2339>`__).
* Removed ``DEFAULT_CIPHERS``, ``HAS_SNI``, ``USE_DEFAULT_SSLCONTEXT_CIPHERS``, from the private module ``urllib3.util.ssl_`` (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed ``urllib3.exceptions.SNIMissingWarning`` (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed the ``_prepare_conn`` method from ``HTTPConnectionPool``. Previously this was only used to call ``HTTPSConnection.set_cert()`` by ``HTTPSConnectionPool`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Removed ``tls_in_tls_required`` property from ``HTTPSConnection``. This is now determined from the ``scheme`` parameter in ``HTTPConnection.set_tunnel()`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Removed the ``strict`` parameter/attribute from ``HTTPConnection``, ``HTTPSConnection``, ``HTTPConnectionPool``, ``HTTPSConnectionPool``, and ``HTTPResponse`` (`2064 <https://github.com/urllib3/urllib3/issues/2064>`__).

Deprecated
----------

* Deprecated ``HTTPResponse.getheaders()`` and ``HTTPResponse.getheader()`` which will be removed in urllib3 v2.1.0. Instead use ``HTTPResponse.headers`` and ``HTTPResponse.headers.get(name, default)``. (`1543 <https://github.com/urllib3/urllib3/issues/1543>`__, `#2814 <https://github.com/urllib3/urllib3/issues/2814>`__).
* Deprecated ``urllib3.contrib.pyopenssl`` module which will be removed in urllib3 v2.1.0 (`2691 <https://github.com/urllib3/urllib3/issues/2691>`__).
* Deprecated ``urllib3.contrib.securetransport`` module which will be removed in urllib3 v2.1.0 (`2692 <https://github.com/urllib3/urllib3/issues/2692>`__).
* Deprecated ``ssl_version`` option in favor of ``ssl_minimum_version``. ``ssl_version`` will be removed in urllib3 v2.1.0 (`2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Deprecated the ``strict`` parameter of ``PoolManager.connection_from_context()`` as it's not longer needed in Python 3.x. It will be removed in urllib3 v2.1.0 (`2267 <https://github.com/urllib3/urllib3/issues/2267>`__)
* Deprecated the ``NewConnectionError.pool`` attribute which will be removed in urllib3 v2.1.0 (`2271 <https://github.com/urllib3/urllib3/issues/2271>`__).
* Deprecated ``format_header_param_html5`` and ``format_header_param`` in favor of ``format_multipart_header_param`` (`2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Deprecated ``RequestField.header_formatter`` parameter which will be removed in urllib3 v2.1.0 (`2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Deprecated ``HTTPSConnection.set_cert()`` method. Instead pass parameters to the ``HTTPSConnection`` constructor (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Deprecated ``HTTPConnection.request_chunked()`` method which will be removed in urllib3 v2.1.0. Instead pass ``chunked=True`` to ``HTTPConnection.request()`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).

Added
-----

* Added top-level ``urllib3.request`` function which uses a preconfigured module-global ``PoolManager`` instance (`2150 <https://github.com/urllib3/urllib3/issues/2150>`__).
* Added the ``json`` parameter to ``urllib3.request()``, ``PoolManager.request()``, and ``ConnectionPool.request()`` methods to send JSON bodies in requests. Using this parameter will set the header ``Content-Type: application/json`` if ``Content-Type`` isn't already defined.
Added support for parsing JSON response bodies with ``HTTPResponse.json()`` method (`2243 <https://github.com/urllib3/urllib3/issues/2243>`__).
* Added type hints to the ``urllib3`` module (`1897 <https://github.com/urllib3/urllib3/issues/1897>`__).
* Added ``ssl_minimum_version`` and ``ssl_maximum_version`` options which set
``SSLContext.minimum_version`` and ``SSLContext.maximum_version`` (`2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Added support for Zstandard (RFC 8878) when ``zstandard`` 1.18.0 or later is installed.
Added the ``zstd`` extra which installs the ``zstandard`` package (`1992 <https://github.com/urllib3/urllib3/issues/1992>`__).
* Added ``urllib3.response.BaseHTTPResponse`` class. All future response classes will be subclasses of ``BaseHTTPResponse`` (`2083 <https://github.com/urllib3/urllib3/issues/2083>`__).
* Added ``FullPoolError`` which is raised when ``PoolManager(block=True)`` and a connection is returned to a full pool (`2197 <https://github.com/urllib3/urllib3/issues/2197>`__).
* Added ``HTTPHeaderDict`` to the top-level ``urllib3`` namespace (`2216 <https://github.com/urllib3/urllib3/issues/2216>`__).
* Added support for configuring header merging behavior with HTTPHeaderDict
When using a ``HTTPHeaderDict`` to provide headers for a request, by default duplicate
header values will be repeated. But if ``combine=True`` is passed into a call to
``HTTPHeaderDict.add``, then the added header value will be merged in with an existing
value into a comma-separated list (``X-My-Header: foo, bar``) (`2242 <https://github.com/urllib3/urllib3/issues/2242>`__).
* Added ``NameResolutionError`` exception when a DNS error occurs (`2305 <https://github.com/urllib3/urllib3/issues/2305>`__).
* Added ``proxy_assert_hostname`` and ``proxy_assert_fingerprint`` kwargs to ``ProxyManager`` (`2409 <https://github.com/urllib3/urllib3/issues/2409>`__).
* Added a configurable ``backoff_max`` parameter to the ``Retry`` class.
If a custom ``backoff_max`` is provided to the ``Retry`` class, it
will replace the ``Retry.DEFAULT_BACKOFF_MAX`` (`2494 <https://github.com/urllib3/urllib3/issues/2494>`__).
* Added the ``authority`` property to the Url class as per RFC 3986 3.2. This property should be used in place of ``netloc`` for users who want to include the userinfo (auth) component of the URI (`2520 <https://github.com/urllib3/urllib3/issues/2520>`__).
* Added the ``scheme`` parameter to ``HTTPConnection.set_tunnel`` to configure the scheme of the origin being tunnelled to (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Added the ``is_closed``, ``is_connected`` and ``has_connected_to_proxy`` properties to ``HTTPConnection`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Added optional ``backoff_jitter`` parameter to ``Retry``. (`2952 <https://github.com/urllib3/urllib3/issues/2952>`__)

Changed
-------

* Changed ``urllib3.response.HTTPResponse.read`` to respect the semantics of ``io.BufferedIOBase`` regardless of compression. Specifically, this method:

* Only returns an empty bytes object to indicate EOF (that is, the response has been fully consumed).
* Never returns more bytes than requested.
* Can issue any number of system calls: zero, one or multiple.

If you want each ``urllib3.response.HTTPResponse.read`` call to issue a single system call, you need to disable decompression by setting ``decode_content=False`` (`2128 <https://github.com/urllib3/urllib3/issues/2128>`__).
* Changed ``urllib3.HTTPConnection.getresponse`` to return an instance of ``urllib3.HTTPResponse`` instead of ``http.client.HTTPResponse`` (`2648 <https://github.com/urllib3/urllib3/issues/2648>`__).
* Changed ``ssl_version`` to instead set the corresponding ``SSLContext.minimum_version``
and ``SSLContext.maximum_version`` values.  Regardless of ``ssl_version`` passed
``SSLContext`` objects are now constructed using ``ssl.PROTOCOL_TLS_CLIENT`` (`2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Changed default ``SSLContext.minimum_version`` to be ``TLSVersion.TLSv1_2`` in line with Python 3.10 (`2373 <https://github.com/urllib3/urllib3/issues/2373>`__).
* Changed ``ProxyError`` to wrap any connection error (timeout, TLS, DNS) that occurs when connecting to the proxy (`2482 <https://github.com/urllib3/urllib3/pull/2482>`__).
* Changed ``urllib3.util.create_urllib3_context`` to not override the system cipher suites with
a default value. The new default will be cipher suites configured by the operating system (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Changed ``multipart/form-data`` header parameter formatting matches the WHATWG HTML Standard as of 2021-06-10. Control characters in filenames are no longer percent encoded (`2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Changed the error raised when connecting via HTTPS when the ``ssl`` module isn't available from ``SSLError`` to ``ImportError`` (`2589 <https://github.com/urllib3/urllib3/issues/2589>`__).
* Changed ``HTTPConnection.request()`` to always use lowercase chunk boundaries when sending requests with ``Transfer-Encoding: chunked`` (`2515 <https://github.com/urllib3/urllib3/issues/2515>`__).
* Changed ``enforce_content_length`` default to True, preventing silent data loss when reading streamed responses (`2514 <https://github.com/urllib3/urllib3/issues/2514>`__).
* Changed internal implementation of ``HTTPHeaderDict`` to use ``dict`` instead of ``collections.OrderedDict`` for better performance (`2080 <https://github.com/urllib3/urllib3/issues/2080>`__).
* Changed the ``urllib3.contrib.pyopenssl`` module to wrap ``OpenSSL.SSL.Error`` with ``ssl.SSLError`` in ``PyOpenSSLContext.load_cert_chain`` (`2628 <https://github.com/urllib3/urllib3/issues/2628>`__).
* Changed usage of the deprecated ``socket.error`` to ``OSError`` (`2120 <https://github.com/urllib3/urllib3/issues/2120>`__).
* Changed all parameters in the ``HTTPConnection`` and ``HTTPSConnection`` constructors to be keyword-only except ``host`` and ``port`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed ``HTTPConnection.getresponse()`` to set the socket timeout from ``HTTPConnection.timeout`` value before reading
data from the socket. This previously was done manually by the ``HTTPConnectionPool`` calling ``HTTPConnection.sock.settimeout(...)`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed the ``_proxy_host`` property to ``_tunnel_host`` in ``HTTPConnectionPool`` to more closely match how the property is used (value in ``HTTPConnection.set_tunnel()``) (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed name of ``Retry.BACK0FF_MAX`` to be ``Retry.DEFAULT_BACKOFF_MAX``.
* Changed TLS handshakes to use ``SSLContext.check_hostname`` when possible (`2452 <https://github.com/urllib3/urllib3/pull/2452>`__).
* Changed ``server_hostname`` to behave like other parameters only used by ``HTTPSConnectionPool`` (`2537 <https://github.com/urllib3/urllib3/pull/2537>`__).
* Changed the default ``blocksize`` to 16KB to match OpenSSL's default read amounts (`2348 <https://github.com/urllib3/urllib3/pull/2348>`__).
* Changed ``HTTPResponse.read()`` to raise an error when calling with ``decode_content=False`` after using ``decode_content=True`` to prevent data loss (`2800 <https://github.com/urllib3/urllib3/issues/2800>`__).

Fixed
-----

* Fixed thread-safety issue where accessing a ``PoolManager`` with many distinct origins would cause connection pools to be closed while requests are in progress (`1252 <https://github.com/urllib3/urllib3/issues/1252>`__).
* Fixed an issue where an ``HTTPConnection`` instance would erroneously reuse the socket read timeout value from reading the previous response instead of a newly configured connect timeout.
Instead now if ``HTTPConnection.timeout`` is updated before sending the next request the new timeout value will be used (`2645 <https://github.com/urllib3/urllib3/issues/2645>`__).
* Fixed ``socket.error.errno`` when raised from pyOpenSSL's ``OpenSSL.SSL.SysCallError`` (`2118 <https://github.com/urllib3/urllib3/issues/2118>`__).
* Fixed the default value of ``HTTPSConnection.socket_options`` to match ``HTTPConnection`` (`2213 <https://github.com/urllib3/urllib3/issues/2213>`__).
* Fixed a bug where ``headers`` would be modified by the ``remove_headers_on_redirect`` feature (`2272 <https://github.com/urllib3/urllib3/issues/2272>`__).
* Fixed a reference cycle bug in ``urllib3.util.connection.create_connection()`` (`2277 <https://github.com/urllib3/urllib3/issues/2277>`__).
* Fixed a socket leak if ``HTTPConnection.connect()`` fails (`2571 <https://github.com/urllib3/urllib3/pull/2571>`__).
* Fixed ``urllib3.contrib.pyopenssl.WrappedSocket`` and ``urllib3.contrib.securetransport.WrappedSocket`` close methods (`2970 <https://github.com/urllib3/urllib3/issues/2970>`__)

1.26.20

====================

* Fixed a crash where certain standard library hash functions were absent in
FIPS-compliant environments.
(`3432 <https://github.com/urllib3/urllib3/issues/3432>`__)
* Replaced deprecated dash-separated setuptools entries in ``setup.cfg``.
(`3461 <https://github.com/urllib3/urllib3/pull/3461>`__)
* Took into account macOS setting ``ECONNRESET`` instead of ``EPROTOTYPE`` in
its newer versions.
(`3416 <https://github.com/urllib3/urllib3/pull/3416>`__)
* Backported changes to our tests and CI configuration from v2.x to support
testing with CPython 3.12 and 3.13.
(`3436 <https://github.com/urllib3/urllib3/pull/3436>`__)

1.26.19

====================

* Added the ``Proxy-Authorization`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``.
* Fixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (`3405 <https://github.com/urllib3/urllib3/issues/3405>`__)

1.26.18

====================

* Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

1.26.17

====================

* Added the ``Cookie`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``. (`3139 <https://github.com/urllib3/urllib3/pull/3139>`_)

1.26.16

====================

* Fixed thread-safety issue where accessing a ``PoolManager`` with many distinct origins
would cause connection pools to be closed while requests are in progress (`2954 <https://github.com/urllib3/urllib3/pull/2954>`_)

1.26.15

====================

* Fix socket timeout value when ``HTTPConnection`` is reused (`2645 <https://github.com/urllib3/urllib3/issues/2645>`__)
* Remove "!" character from the unreserved characters in IPv6 Zone ID parsing
(`2899 <https://github.com/urllib3/urllib3/issues/2899>`__)
* Fix IDNA handling of '\x80' byte (`2901 <https://github.com/urllib3/urllib3/issues/2901>`__)

1.26.14

====================

* Fixed parsing of port 0 (zero) returning None, instead of 0. (`2850 <https://github.com/urllib3/urllib3/issues/2850>`__)
* Removed deprecated getheaders() calls in contrib module. Fixed the type hint of ``PoolKey.key_retries`` by adding ``bool`` to the union. (`2865 <https://github.com/urllib3/urllib3/issues/2865>`__)

1.26.13

====================

* Deprecated the ``HTTPResponse.getheaders()`` and ``HTTPResponse.getheader()`` methods.
* Fixed an issue where parsing a URL with leading zeroes in the port would be rejected
even when the port number after removing the zeroes was valid.
* Fixed a deprecation warning when using cryptography v39.0.0.
* Removed the ``<4`` in the ``Requires-Python`` packaging metadata field.

1.26.12

====================

* Deprecated the `urllib3[secure]` extra and the `urllib3.contrib.pyopenssl` module.
Both will be removed in v2.x. See this `GitHub issue <https://github.com/urllib3/urllib3/issues/2680>`_
for justification and info on how to migrate.

1.26.11

====================

* Fixed an issue where reading more than 2 GiB in a call to ``HTTPResponse.read`` would
raise an ``OverflowError`` on Python 3.9 and earlier.

1.26.10

====================

* Removed support for Python 3.5
* Fixed an issue where a ``ProxyError`` recommending configuring the proxy as HTTP
instead of HTTPS could appear even when an HTTPS proxy wasn't configured.

1.26.9

===================

* Changed ``urllib3[brotli]`` extra to favor installing Brotli libraries that are still
receiving updates like ``brotli`` and ``brotlicffi`` instead of ``brotlipy``.
This change does not impact behavior of urllib3, only which dependencies are installed.
* Fixed a socket leaking when ``HTTPSConnection.connect()`` raises an exception.
* Fixed ``server_hostname`` being forwarded from ``PoolManager`` to ``HTTPConnectionPool``
when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.

1.26.8

===================

* Added extra message to ``urllib3.exceptions.ProxyError`` when urllib3 detects that
a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP.
* Added a mention of the size of the connection pool when discarding a connection due to the pool being full.
* Added explicit support for Python 3.11.
* Deprecated the ``Retry.MAX_BACKOFF`` class property in favor of ``Retry.DEFAULT_MAX_BACKOFF``
to better match the rest of the default parameter names. ``Retry.MAX_BACKOFF`` is removed in v2.0.
* Changed location of the vendored ``ssl.match_hostname`` function from ``urllib3.packages.ssl_match_hostname``
to ``urllib3.util.ssl_match_hostname`` to ensure Python 3.10+ compatibility after being repackaged
by downstream distributors.
* Fixed absolute imports, all imports are now relative.

1.26.7

===================

* Fixed a bug with HTTPS hostname verification involving IP addresses and lack
of SNI. (Issue 2400)
* Fixed a bug where IPv6 braces weren't stripped during certificate hostname
matching. (Issue 2240)

1.26.6

===================

* Deprecated the ``urllib3.contrib.ntlmpool`` module. urllib3 is not able to support
it properly due to `reasons listed in this issue <https://github.com/urllib3/urllib3/issues/2282>`_.
If you are a user of this module please leave a comment.
* Changed ``HTTPConnection.request_chunked()`` to not erroneously emit multiple
``Transfer-Encoding`` headers in the case that one is already specified.
* Fixed typo in deprecation message to recommend ``Retry.DEFAULT_ALLOWED_METHODS``.

1.26.5

===================

* Fixed deprecation warnings emitted in Python 3.10.
* Updated vendored ``six`` library to 1.16.0.
* Improved performance of URL parser when splitting
the authority component.

1.26.4

===================

* Changed behavior of the default ``SSLContext`` when connecting to HTTPS proxy
during HTTPS requests. The default ``SSLContext`` now sets ``check_hostname=True``.

1.26.3

===================

* Fixed bytes and string comparison issue with headers (Pull 2141)

* Changed ``ProxySchemeUnknown`` error message to be
more actionable if the user supplies a proxy URL without
a scheme. (Pull 2107)

1.26.2

===================

* Fixed an issue where ``wrap_socket`` and ``CERT_REQUIRED`` wouldn't
be imported properly on Python 2.7.8 and earlier (Pull 2052)

1.26.1

===================

* Fixed an issue where two ``User-Agent`` headers would be sent if a
``User-Agent`` header key is passed as ``bytes`` (Pull 2047)

1.26.0

===================

* **NOTE: urllib3 v2.0 will drop support for Python 2**.
`Read more in the v2.0 Roadmap <https://urllib3.readthedocs.io/en/latest/v2-roadmap.html>`_.

* Added support for HTTPS proxies contacting HTTPS servers (Pull 1923, Pull 1806)

* Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that
still wish to use TLS earlier than 1.2 without a deprecation warning
should opt-in explicitly by setting ``ssl_version=ssl.PROTOCOL_TLSv1_1`` (Pull 2002)
**Starting in urllib3 v2.0: Connections that receive a ``DeprecationWarning`` will fail**

* Deprecated ``Retry`` options ``Retry.DEFAULT_METHOD_WHITELIST``, ``Retry.DEFAULT_REDIRECT_HEADERS_BLACKLIST``
and ``Retry(method_whitelist=...)`` in favor of ``Retry.DEFAULT_ALLOWED_METHODS``,
``Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT``, and ``Retry(allowed_methods=...)``
(Pull 2000) **Starting in urllib3 v2.0: Deprecated options will be removed**

* Added default ``User-Agent`` header to every request (Pull 1750)

* Added ``urllib3.util.SKIP_HEADER`` for skipping ``User-Agent``, ``Accept-Encoding``,
and ``Host`` headers from being automatically emitted with requests (Pull 2018)

* Collapse ``transfer-encoding: chunked`` request data and framing into
the same ``socket.send()`` call (Pull 1906)

* Send ``http/1.1`` ALPN identifier with every TLS handshake by default (Pull 1894)

* Properly terminate SecureTransport connections when CA verification fails (Pull 1977)

* Don't emit an ``SNIMissingWarning`` when passing ``server_hostname=None``
to SecureTransport (Pull 1903)

* Disabled requesting TLSv1.2 session tickets as they weren't being used by urllib3 (Pull 1970)

* Suppress ``BrokenPipeError`` when writing request body after the server
has closed the socket (Pull 1524)

* Wrap ``ssl.SSLError`` that can be raised from reading a socket (e.g. "bad MAC")
into an ``urllib3.exceptions.SSLError`` (Pull 1939)

1.25.11

====================

* Fix retry backoff time parsed from ``Retry-After`` header when given
in the HTTP date format. The HTTP date was parsed as the local timezone
rather than accounting for the timezone in the HTTP date (typically
UTC) (Pull 1932, Pull 1935, Pull 1938, Pull 1949)

* Fix issue where an error would be raised when the ``SSLKEYLOGFILE``
environment variable was set to the empty string. Now ``SSLContext.keylog_file``
is not set in this situation (Pull 2016)

1.25.10

====================

* Added support for ``SSLKEYLOGFILE`` environment variable for
logging TLS session keys with use with programs like
Wireshark for decrypting captured web traffic (Pull 1867)

* Fixed loading of SecureTransport libraries on macOS Big Sur
due to the new dynamic linker cache (Pull 1905)

* Collapse chunked request bodies data and framing into one
call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull 1906)

* Don't insert ``None`` into ``ConnectionPool`` if the pool
was empty when requesting a connection (Pull 1866)

* Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull 1858)

1.25.9

===================

* Added ``InvalidProxyConfigurationWarning`` which is raised when
erroneously specifying an HTTPS proxy URL. urllib3 doesn't currently
support connecting to HTTPS proxies but will soon be able to
and we would like users to migrate properly without much breakage.

See `this GitHub issue <https://github.com/urllib3/urllib3/issues/1850>`_
for more information on how to fix your proxy config. (Pull 1851)

* Drain connection after ``PoolManager`` redirect (Pull 1817)

* Ensure ``load_verify_locations`` raises ``SSLError`` for all backends (Pull 1812)

* Rename ``VerifiedHTTPSConnection`` to ``HTTPSConnection`` (Pull 1805)

* Allow the CA certificate data to be passed as a string (Pull 1804)

* Raise ``ValueError`` if method contains control characters (Pull 1800)

* Add ``__repr__`` to ``Timeout`` (Pull 1795)

1.25.8

===================

* Drop support for EOL Python 3.4 (Pull 1774)

* Optimize _encode_invalid_chars (Pull 1787)

1.25.7

===================

* Preserve ``chunked`` parameter on retries (Pull 1715, Pull 1734)

* Allow unset ``SERVER_SOFTWARE`` in App Engine (Pull 1704, Issue 1470)

* Fix issue where URL fragment was sent within the request target. (Pull 1732)

* Fix issue where an empty query section in a URL would fail to parse. (Pull 1732)

* Remove TLS 1.3 support in SecureTransport due to Apple removing support (Pull 1703)

1.25.6

===================

* Fix issue where tilde (``~``) characters were incorrectly
percent-encoded in the path. (Pull 1692)

1.25.5

===================

* Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which
caused certificate verification to be enabled when using ``cert_reqs=CERT_NONE``.
(Issue 1682)

1.25.4

===================

* Propagate Retry-After header settings to subsequent retries. (Pull 1607)

* Fix edge case where Retry-After header was still respected even when
explicitly opted out of. (Pull 1607)

* Remove dependency on ``rfc3986`` for URL parsing.

* Fix issue where URLs containing invalid characters within ``Url.auth`` would
raise an exception instead of percent-encoding those characters.

* Add support for ``HTTPResponse.auto_close = False`` which makes HTTP responses
work well with BufferedReaders and other ``io`` module features. (Pull 1652)

* Percent-encode invalid characters in URL for ``HTTPConnectionPool.request()`` (Pull 1673)

1.25.3

===================

* Change ``HTTPSConnection`` to load system CA certificates
when ``ca_certs``, ``ca_cert_dir``, and ``ssl_context`` are
unspecified. (Pull 1608, Issue 1603)

* Upgrade bundled rfc3986 to v1.3.2. (Pull 1609, Issue 1605)

Links

• PyPI: https://pypi.org/project/urllib3
• Changelog: https://data.safetycli.com/changelogs/urllib3/

Update gevent from 1.4.0 to 24.11.1.

Changelog

24.11.1

====================


Bugfixes
--------

- Remove some legacy code that supported Python 2 for compatibility with
the upcoming releases of Cython 3.1.

Also, the ``PeriodicMonitorThreadStartedEvent`` now properly
implements the ``IPeriodicMonitorThreadStartedEvent`` interface.
The ``EventLoopBlocked`` event includes the hub which was blocked,
and it is notified before the report is printed so that event
listeners can modify the report.
See :issue:`2076`.

24.10.3

====================


Bugfixes
--------

- Fix clearing stack frames on Python 3.13. This is invoked when you
fork after having used the thread pool.
See :issue:`2067`.
- Distribute manylinux2014 wheels for x86_64.
See :issue:`2068`.
- Stop switching to the hub in the after fork hook in a child process. This could lead to strange behaviour, and is different than what all other versions of Python do.

24.10.2

====================


Bugfixes
--------

- Workaround a Cython bug compiling on GCC14.
See :issue:`2049`.

24.10.1

====================


Features
--------

- Update the bundled c-ares to 1.33.1.

- Add support for Python 3.13.

- The functions and classes in ``gevent.subprocess`` no longer accept
 ``stdout=STDOUT`` and raise a ``ValueError``.

Several additions and changes to the ``queue`` module, including:

- ``Queue.shutdown`` is available on all versions of Python.
- ``LifoQueue`` is now a joinable queue.

- gevent.monkey changed from a module to a package. The public API
remains the same.

For this release, private APIs (undocumented, marked internal, or
beginning with an underscore) are also preserved. However, these may
be changed or removed at any time in the future. If you are using one
of these APIs and cannot replace it, please contact the gevent team.



Bugfixes
--------

- For platforms that don't have ``socketpair``, upgrade our fallback
code to avoid a security issue.
See :issue:`2048`.


Deprecations and Removals
-------------------------

- Remove support for Python 3.8, which has reached the end of its
support lifecycle.
See :issue:`remove_py38`.

24.2.1

===================


Bugfixes
--------

- Add support for Python patch releases 3.11.8 and 3.12.2, which changed
internal details of threading.

As a result of these changes, note that it is no longer possible to
change the ``__class__`` of a ``gevent.threading._DummyThread``
object on those versions.

See :issue:`2020`.

Other
-----

Other updates for compatibility with the standard library include:

- Errors raised from ``subprocess.Popen`` may not have a filename set.
- ``SSLSocket.recv_into`` and ``SSLSocket.read`` no longer require the
 buffer to implement ``len`` and now work with buffers whose size is
 not 1.
- gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close
 flaw.

In addition:

- Drop ``setuptools`` to a soft test dependency.
- Drop support for very old versions of CFFI.
- Update bundled c-ares from 1.19.1 to 1.26.0.
- Locks created by gevent, but acquired from multiple different
 threads (not recommended), no longer spin to implement timeouts
 and interruptible blocking. Instead, they use the native
 functionality of the Python 3 lock. This may improve some scenarios.
 See :issue:`2013`.

23.9.1

===================


Bugfixes
--------

- Require greenlet 3.0 on Python 3.11 and Python 3.12; greenlet 3.0 is
recommended for all platforms. This fixes a number of obscure crashes
on all versions of Python, as well as fixing a fairly common problem
on Python 3.11+ that could manifest as either a crash or as a
``SystemError``.
See :issue:`1985`.


----

23.9.0.post1

=========================

- Fix Windows wheel builds.
- Fix macOS wheel builds.

23.9.0

===================


Bugfixes
--------

- Make ``gevent.select.select`` accept arbitrary iterables, not just
sequences. That is, you can now pass in a generator of file
descriptors instead of a realized list. Internally, arbitrary
iterables are copied into lists. This better matches what the standard
library does. Thanks to David Salvisberg.
See :issue:`1979`.
- On Python 3.11 and newer, opt out of Cython's fast exception
manipulation, which *may* be causing problems in certain circumstances
when combined with greenlets.

On all versions of Python, adjust some error handling in the default
C-based loop. This fixes several assertion failures on debug versions
of CPython. Hopefully it has a positive impact under real conditions.
See :issue:`1985`.
- Make ``gevent.pywsgi`` comply more closely with the HTTP specification
for chunked transfer encoding. In particular, we are much stricter
about trailers, and trailers that are invalid (too long or featuring
disallowed characters) forcibly close the connection to the client
*after* the results have been sent.

Trailers otherwise continue to be ignored and are not available to the
WSGI application.

Previously, carefully crafted invalid trailers in chunked requests on
keep-alive connections might appear as two requests to
``gevent.pywsgi``. Because this was handled exactly as a normal
keep-alive connection with two requests, the WSGI application should
handle it normally. However, if you were counting on some upstream
server to filter incoming requests based on paths or header fields,
and the upstream server simply passed trailers through without
validating them, then this embedded second request would bypass those
checks. (If the upstream server validated that the trailers meet the
HTTP specification, this could not occur, because characters that are
required in an HTTP request, like a space, are not allowed in
trailers.) CVE-2023-41419 was reserved for this.

Our thanks to the original reporters, Keran Mu
(mkr22mails.tsinghua.edu.cn) and Jianjun Chen
(jianjuntsinghua.edu.cn), from Tsinghua University and Zhongguancun
Laboratory.
See :issue:`1989`.


----

23.7.0

===================


Features
--------

- Add preliminary support for Python 3.12, using greenlet 3.0a1. This
is somewhat tricky to build from source at this time, and there is
one known issue: On Python 3.12b3, dumping tracebacks of greenlets
is not available.
:issue:`1969`.
- Update the bundled c-ares version to 1.19.1.
See :issue:`1947`.


Bugfixes
--------

- Fix an edge case connecting a non-blocking ``SSLSocket`` that could result
in an AttributeError. In a change to match the standard library,
calling ``sock.connect_ex()`` on a subclass of ``socket`` no longer
calls the subclass's ``connect`` method.

Initial fix by Priyankar Jain.
See :issue:`1932`.
- Make gevent's ``FileObjectThread`` (mostly used on Windows) implement
``readinto`` cooperatively. PR by Kirill Smelkov.
See :issue:`1948`.
- Work around an ``AttributeError`` during cyclic garbage collection
when Python finalizers (``__del__`` and the like) attempt to use
gevent APIs. This is not a recommended practice, and it is unclear if
catching this ``AttributeError`` will fix any problems or just shift
them. (If we could determine the root situation that results in this
cycle, we might be able to solve it.)
See :issue:`1961`.


Deprecations and Removals
-------------------------

- Remove support for obsolete Python versions. This is everything prior
to 3.8.

Related changes include:

- Stop using ``pkg_resources`` to find entry points (plugins).
 Instead, use ``importlib.metadata``.
- Honor ``sys.unraisablehook`` when a callback function produces an
 exception, and handling the exception in the hub *also* produces an
 exception. In older versions, these would be simply printed.
- ``setup.py`` no longer includes the ``setup_requires`` keyword.
 Installation with a tool that understands ``pyproject.toml`` is
 recommended.
- The bundled tblib has been updated to version 2.0.


----

22.10.2

====================


Bugfixes
--------

- Update to greenlet 2.0. This fixes a deallocation issue that required
a change in greenlet's ABI. The design of greenlet 2.0 is intended to
prevent future fixes and enhancements from requiring an ABI change,
making it easier to update gevent and greenlet independently.

.. caution::

  greenlet 2.0 requires a modern-ish C++ compiler. This may mean
  certain older platforms are no longer supported.
  See :issue:`1909`.


----

22.10.1

====================


Features
--------

- Update bundled libuv to 1.44.2.
See :issue:`1913`.


Misc
----

- See :issue:`1898`., See :issue:`1910`., See :issue:`1915`.


----

22.08.0

====================


Features
--------

- Windows: Test and provide binary wheels for PyPy3.7.

Note that there may be issues with subprocesses, signals, and it may
be slow.
See :issue:`1798`.
- Upgrade embedded c-ares to 1.18.1.
See :issue:`1847`.
- Upgrade bundled libuv to 1.42.0 from 1.40.0.
See :issue:`1851`.
- Added preliminary support for Python 3.11 (rc2 and later).

Some platforms may or may not have binary wheels at this time.

.. important:: Support for legacy versions of Python, including 2.7
              and 3.6, will be ending soon. The
              maintenance burden has become too great and the
              maintainer's time is too limited.

              Ideally, there will be a release of gevent compatible
              with a final release of greenlet 2.0 that still
              supports those legacy versions, but that may not be
              possible; this may be the final release to support them.

:class:`gevent.threadpool.ThreadPool` can now optionally expire idle
threads. This is used by default in the implicit thread pool used for
DNS requests and other user-submitted tasks; other uses of a
thread-pool need to opt-in to this.
See :issue:`1867`.


Bugfixes
--------

- Truly disable the effects of compiling with ``-ffast-math``.
See :issue:`1864`.


----

21.12.0

====================


Features
--------

- Update autoconf files for Apple Silicon Macs. Note that while there
are reports of compiling gevent on Apple Silicon Macs now, this is
*not* a tested configuration. There may be some remaining issues with
CFFI on some systems as well.
See :issue:`1721`.
- Build and upload CPython 3.10 binary manylinux wheels.

Unfortunately, this required us to stop building and uploading CPython
2.7 binary manylinux wheels. Binary wheels for 2.7 continue to be
available for Windows and macOS.
See :issue:`1822`.
- Test and distribute musllinux_1_1 wheels.
See :issue:`1837`.
- Update the tested versions of PyPy2 and PyPy3. For PyPy2, there should
be no user visible changes, but for PyPy3, support has moved from
Python 3.6 to Python 3.7.
See :issue:`1843`.


Bugfixes
--------

- Try to avoid linking to two different Python runtime DLLs on Windows.
See :issue:`1814`.
- Stop compiling manylinux wheels with ``-ffast-math.`` This was
implicit in ``-Ofast``, but could alter the global state of the
process. Analysis and fix thanks to Ilya Konstantinov.
See :issue:`1820`.
- Fix hanging the interpreter on shutdown if gevent monkey patching
occurred on a non-main thread in Python 3.9.8 and above. (Note that
this is not a recommended practice.)
See :issue:`1839`.


----

21.8.0

===================


Features
--------

- Update the embedded c-ares from 1.16.1 to 1.17.1.
See :issue:`1758`.
- Add support for Python 3.10rc1 and newer.

As part of this, the minimum required greenlet version was increased
to 1.1.0 (on CPython), and the minimum version of Cython needed to
build gevent from a source checkout is 3.0a9.

Note that the dnspython resolver is not available on Python 3.10.
See :issue:`1790`.
- Update from Cython 3.0a6 to 3.0a9.
See :issue:`1801`.


Misc
----

- See :issue:`1789`.


----

21.1.2

===================


Features
--------

- Update the embedded libev from 4.31 to 4.33.
See :issue:`1754`.
- Update the embedded libuv from 1.38.0 to 1.40.0.
See :issue:`1755`.


Misc
----

- See :issue:`1753`.


----

21.1.1

===================

Bugfixes
--------

Fix a ``TypeError`` on startup on Python 2 with ``zope.schema``
installed. Reported by Josh Zuech.

21.1.0

===================

Bugfixes
--------

- Make gevent ``FileObjects`` more closely match the semantics of native
file objects for the ``name`` attribute:

- Objects opened from a file descriptor integer have that integer as
 their ``name.`` (Note that this is the Python 3 semantics; Python 2
 native file objects returned from ``os.fdopen()`` have the string
 "<fdopen>" as their name , but here gevent always follows Python 3.)
- The ``name`` remains accessible after the file object is closed.

Thanks to Dan Milon.
See :issue:`1745`.


Misc
----

Make ``gevent.event.AsyncResult`` print a warning when it detects improper
cross-thread usage instead of hanging.

``AsyncResult`` has *never* been safe to use from multiple threads.
It, like most gevent objects, is intended to work with greenlets from
a single thread. Using ``AsyncResult`` from multiple threads has
undefined semantics. The safest way to communicate between threads is
using an event loop async watcher.

Those undefined semantics changed in recent gevent versions, making it
more likely that an abused ``AsyncResult`` would misbehave in ways
that could cause the program to hang.

Now, when ``AsyncResult`` detects a situation that would hang, it
prints a warning to stderr. Note that this is best-effort, and hangs
are still possible, especially under PyPy 7.3.3.

At the same time, ``AsyncResult`` is tuned to behave more like it did
in older versions, meaning that the hang is once again much less
likely. If you were getting lucky and using ``AsyncResult``
successfully across threads, this may restore your luck. In addition,
cross-thread wakeups are faster. Note that the gevent hub now uses an
extra file descriptor to implement this.

Similar changes apply to ``gevent.event.Event`` (see :issue:`1735`).

See :issue:`1739`.


----

20.12.1

====================


Features
--------

- Make :class:`gevent.Greenlet` objects function as context managers.
When the ``with`` suite finishes, execution doesn't continue until the
greenlet is finished. This can be a simpler alternative to a
:class:`gevent.pool.Group` when the lifetime of greenlets can be
lexically scoped.

Suggested by André Caron.
See :issue:`1324`.


Bugfixes
--------

- Make gevent's ``Semaphore`` objects properly handle native thread
identifiers larger than can be stored in a C ``long`` on Python 3,
instead of raising an ``OverflowError``.

Reported by TheYOSH.
See :issue:`1733`.


----

20.12.0

====================


Features
--------

- Make worker threads created by :class:`gevent.threadpool.ThreadPool` install
the :func:`threading.setprofile` and :func:`threading.settrace` hooks
while tasks are running. This provides visibility to profiling and
tracing tools like yappi.

Reported by Suhail Muhammed.
See :issue:`1678`.

- Drop support for Python 3.5.

Bugfixes
--------

- Incorrectly passing an exception *instance* instead of an exception
*type* to `gevent.Greenlet.kill` or `gevent.killall` no longer prints
an exception to stderr.
See :issue:`1663`.
- Make destroying a hub try harder to more forcibly stop loop processing
when there are outstanding callbacks or IO operations scheduled.

Thanks to Josh Snyder (:issue:`1686`) and Jan-Philip Gehrcke
(:issue:`1669`).
See :issue:`1686`.
- Improve the ability to use monkey-patched locks, and
`gevent.lock.BoundedSemaphore`, across threads, especially when the
various threads might not have a gevent hub or any other active
greenlets. In particular, this handles some cases that previously
raised ``LoopExit`` or would hang. Note that this may not be reliable
on PyPy on Windows; such an environment is not currently recommended.

The semaphore tries to avoid creating a hub if it seems unnecessary,
automatically creating one in the single-threaded case when it would
block, but not in the multi-threaded case. While the differences
should be correctly detected, it's possible there are corner cases
where they might not be.

If your application appears to hang acquiring semaphores, but adding a
call to ``gevent.get_hub()`` in the thread attempting to acquire the
semaphore before doing so fixes it, please file an issue.
See :issue:`1698`.
- Make error reporting when a greenlet suffers a `RecursionError` more
reliable.

Reported by Dan Milon.
See :issue:`1704`.
- gevent.pywsgi: Avoid printing an extra traceback ("TypeError: not
enough arguments for format string") to standard error on certain
invalid client requests.

Reported by Steven Grimm.
See :issue:`1708`.
- Add support for PyPy2 7.3.3.
See :issue:`1709`.
- Python 2: Make ``gevent.subprocess.Popen.stdin`` objects have a
``write`` method that guarantees to write the entire argument in
binary, unbuffered mode. This may require multiple trips around the
event loop, but more closely matches the behaviour of the Python 2
standard library (and gevent prior to 1.5). The number of bytes
written is still returned (instead of ``None``).
See :issue:`1711`.
- Make `gevent.pywsgi` stop trying to enforce the rules for reading chunked input or
``Content-Length`` terminated input when the connection is being
upgraded, for example to a websocket connection. Likewise, if the
protocol was switched by returning a ``101`` status, stop trying to
automatically chunk the responses.

Reported by Kavindu Santhusa.
See :issue:`1712`.
- Remove the ``__dict__`` attribute from `gevent.socket.socket` objects. The
standard library socket do not have a ``__dict__``.

Noticed by Carson Ip.

As part of this refactoring, share more common socket code between Python 2
and Python 3.
See :issue:`1724`.

----

20.9.0

===================


Features
--------

- The embedded libev is now asked to detect the availability of
``clock_gettime`` and use the realtime and/or monotonic clocks, if
they are available.

On Linux, this can reduce the number of system calls libev makes.
Originally provided by Josh Snyder.
See :issue:`1648`.


Bugfixes
--------

- On CPython, depend on greenlet >= 0.4.17. This version is binary
incompatible with earlier releases on CPython 3.7 and later.

On Python 3.7 and above, the module ``gevent.contextvars`` is no
longer monkey-patched into the standard library. contextvars are now
both greenlet and asyncio task local. See :issue:`1656`.
See :issue:`1674`.
- The ``DummyThread`` objects created automatically by certain
operations when the standard library threading module is
monkey-patched now match the naming convention the standard library
uses ("Dummy-12345"). Previously (since gevent 1.2a2) they used
"DummyThread-12345".
See :issue:`1659`.
- Fix compatibility with dnspython 2.

.. caution:: This currently means that it can be imported. But it
            cannot yet be used. gevent has a pinned dependency on
            dnspython < 2 for now.

See :issue:`1661`.


----

20.6.2

===================


Features
--------

- It is now possible to build and use the embedded libuv on a Cygwin
platform.

Note that Cygwin is not an officially supported platform of upstream
libuv and is not tested by gevent, so the actual working status is
unknown, and this may bitrot in future releases.

Thanks to berkakinci for the patch.
See :issue:`1645`.


Bugfixes
--------

- Relax the version constraint for psutil on PyPy.

Previously it was pinned to 5.6.3 for PyPy2, except for on Windows,
where it was excluded. It is now treated the same as CPython again.
See :issue:`1643`.


----

20.6.1

===================


Features
--------

- gevent's CI is now tested on Ubuntu 18.04 (Bionic), an upgrade from
16.04 (Xenial).
See :issue:`1623`.


Bugfixes
--------

- On Python 2, the dnspython resolver can be used without having
selectors2 installed. Previously, an ImportError would be raised.
See :issue:`1641`.
- Python 3 ``gevent.ssl.SSLSocket`` objects no longer attempt to catch
``ConnectionResetError`` and treat it the same as an ``SSLError`` with
``SSL_ERROR_EOF`` (typically by suppressing it).

This was a difference from the way the standard library behaved (which
is to raise the exception). It was added to gevent during early
testing of OpenSSL 1.1 and TLS 1.3.
See :issue:`1637`.


----

20.6.0

===================


Features
--------

- Add ``gevent.selectors`` containing ``GeventSelector``. This selector
implementation uses gevent details to attempt to reduce overhead when
polling many file descriptors, only some of which become ready at any
given time.

This is monkey-patched as ``selectors.DefaultSelector`` by default.

This is available on Python 2 if the ``selectors2`` backport is
installed. (This backport is installed automatically using the
``recommended`` extra.) When monkey-patching, ``selectors`` is made
available as an alias to this module.
See :issue:`1532`.
- Depend on greenlet >= 0.4.16. This is required for CPython 3.9 and 3.10a0.
See :issue:`1627`.
- Add support for Python 3.9.

No binary wheels are available yet, however.
See :issue:`1628`.


Bugfixes
--------

- ``gevent.socket.create_connection`` and
``gevent.socket.socket.connect`` no longer ignore IPv6 scope IDs.

Any IP address (IPv4 or IPv6) is no longer subject to an extra call to
``getaddrinfo``. Depending on the resolver in use, this is likely to
change the number and order of greenlet switches. (On Windows, in
particular test cases when there are no other greenlets running, it has
been observed to lead to ``LoopExit`` in scenarios that didn't produce
that before.)
See :issue:`1634`.


----

20.5.2

===================


Bugfixes
--------

- Forking a process that had use the threadpool to run tasks that
created their own hub would fail to clean up the threadpool by raising
``greenlet.error``.
See :issue:`1631`.


----

20.5.1

===================


Features
--------

- Waiters on Event and Semaphore objects that call ``wait()`` or
``acquire()``, respectively, that find the Event already set, or the
Semaphore available, no longer "cut in line" and run before any
previously scheduled greenlets. They now run in the order in which
they arrived, just as waiters that had to block in those methods do.
See :issue:`1520`.
- Update tested PyPy version from 7.3.0 to 7.3.1 on Linux.
See :issue:`1569`.
- Make ``zope.interface``, ``zope.event`` and (by extension)
``setuptools`` required dependencies. The ``events`` install extra now
does nothing and will be removed in 2021.
See :issue:`1619`.
- Update bundled libuv from 1.36.0 to 1.38.0.
See :issue:`1621`.
- Update bundled c-ares from 1.16.0 to 1.16.1.

On macOS, stop trying to adjust c-ares headers to make them
universal.
See :issue:`1624`.


Bugfixes
--------

- Make gevent locks that are monkey-patched usually work across native
threads as well as across greenlets within a single thread. Locks that
are only used in a single thread do not take a performance hit. While
cross-thread locking is relatively expensive, and not a recommended
programming pattern, it can happen unwittingly, for example when
using the threadpool and ``logging``.

Before, cross-thread lock uses might succeed, or, if the lock was
contended, raise ``greenlet.error``. Now, in the contended case, if
the lock has been acquired by the main thread at least once, it should
correctly block in any thread, cooperating with the event loop of both
threads. In certain (hopefully rare) cases, it might be possible for
contended case to raise ``LoopExit`` when previously it would have
raised ``greenlet.error``; if these cases are a practical concern,
please open an issue.

Also, the underlying Semaphore always behaves in an atomic fashion (as
if the GIL was not released) when PURE_PYTHON is set. Previously, it
only correctly did so on PyPy.
See :issue:`1437`.
- Rename gevent's C accelerator extension modules using a prefix to
avoid clashing with other C extensions.
See :issue:`1480`.
- Using ``gevent.wait`` on an ``Event`` more than once, when that Event
is already set, could previously raise an AssertionError.

As part of this, exceptions raised in the main greenlet will now
include a more complete traceback from the failing greenlet.
See :issue:`1540`.
- Avoid closing the same Python libuv watcher IO object twice. Under
some circumstances (only seen on Windows), that could lead to program
crashes.
See :issue:`1587`.
- gevent can now be built using Cython 3.0a5 and newer. The PyPI
distribution uses this version.

The libev extension was incompatible with this. As part of this,
certain internal, undocumented names have been changed.

(Technically, gevent can be built with Cython 3.0a2 and above.
However, up through 3.0a4 compiling with Cython 3 results in
gevent's test for memory leaks failing. See `this Cython issue
<https://github.com/cython/cython/issues/3578>`_.)
See :issue:`1599`.
- Destroying a hub after joining it didn't necessarily clean up all
resources associated with the hub, especially if the hub had been
created in a secondary thread that was exiting. The hub and its parent
greenlet could be kept alive.

Now, destroying a hub drops the reference to the hub and ensures it
cannot be switched to again. (Though using a new blocking API call may
still create a new hub.)

Joining a hub al