File python-requests.changes of Package python-requests
-------------------------------------------------------------------
Wed Oct 21 05:22:16 UTC 2015 - tbechtold@suse.com
- add 3bd8afbff29e50b38f889.patch (bsc#922448, CVE-2015-2296)
-------------------------------------------------------------------
Mon Jul 27 08:45:41 UTC 2015 - tbechtold@suse.com
- Update no-default-cacert.patch (bsc#935252)
Don't use the hardcoded path for certs
-------------------------------------------------------------------
Mon Dec 1 12:07:22 UTC 2014 - dmueller@suse.com
- fix license (Apache-2.0)
-------------------------------------------------------------------
Sat Jun 14 10:56:52 UTC 2014 - tchvatal@suse.com
- Update tarball to the one upstream is publishing.
-------------------------------------------------------------------
Thu Jun 5 19:40:21 UTC 2014 - rschweikert@suse.com
- Update to version 2.3.0
+ New ``Response`` property ``is_redirect``, which is true when the
library could have processed this response as a redirection (whether
or not it actually did).
+ The ``timeout`` parameter now affects requests with both ``stream=True``
and ``stream=False`` equally.
+ The change in v2.0.0 to mandate explicit proxy schemes has been reverted.
Proxy schemes now default to ``http://``.
+ The ``CaseInsensitiveDict`` used for HTTP headers now behaves like a normal
dictionary when references as string or viewd in the interpreter.
+ No longer expose Authorization or Proxy-Authorization headers on redirect.
Fix CVE-2014-1829 and CVE-2014-1830 respectively.
+ Authorization is re-evaluated each redirect.
+ On redirect, pass url as native strings.
+ Fall-back to autodetected encoding for JSON when Unicode detection fails.
+ Headers set to ``None`` on the ``Session`` are now correctly not sent.
+ Correctly honor ``decode_unicode`` even if it wasn't used earlier in the
same response.
+ Stop advertising ``compress`` as a supported Content-Encoding.
+ The ``Response.history`` parameter is now always a list.
+ Many, many ``urllib3`` bugfixes.- Fixes incorrect parsing of proxy
credentials that contain a literal or encoded '#' character.
+ Assorted urllib3 fixes.
+ New exception: ``ContentDecodingError``. Raised instead of ``urllib3``
``DecodeError`` exceptions.
+ Avoid many many exceptions from the buggy implementation of
``proxy_bypass`` on OS X in Python 2.6.
+ Avoid crashing when attempting to get authentication credentials
from ~/.netrc when running as a user without a home directory.
+ Use the correct pool size for pools of connections to proxies.
+ Fix iteration of ``CookieJar`` objects.
+ Ensure that cookies are persisted over redirect.
+ Switch back to using chardet, since it has merged with charade.
+ Cookies set on individual Requests through a ``Session``
(e.g. via ``Session.get()``) are no longer persisted to the ``Session``.
+ Clean up connections when we hit problems during chunked upload,
rather than leaking them.
+ Return connections to the pool when a chunked upload is successful,
rather than leaking it.
+ Match the HTTPbis recommendation for HTTP 301 redirects.
+ Prevent hanging when using streaming uploads and Digest Auth when a
401 is received.
+ Values of headers set by Requests are now always the native string type.
+ Fix previously broken SNI support.
+ Fix accessing HTTP proxies using proxy authentication.
+ Unencode HTTP Basic usernames and passwords extracted from URLs.
+ Support for IP address ranges for no_proxy environment variable
+ Parse headers correctly when users override the default ``Host:`` header.
+ Avoid munging the URL in case of case-sensitive servers.
+ Looser URL handling for non-HTTP/HTTPS urls.
+ Accept unicode methods in Python 2.6 and 2.7.
+ More resilient cookie handling.
+ Make ``Response`` objects pickleable.
+ Actually added MD5-sess to Digest Auth instead of pretending to like
last time.
+ Updated internal urllib3.
+ Fixed @Lukasa's lack of taste.
-------------------------------------------------------------------
Mon Dec 9 15:27:58 UTC 2013 - vuntz@suse.com
- Add no-default-cacert-sles.patch: use this patch when building
for SLES, since python in SLES and openSUSE behave differently
when it comes to SSL, and no-default-cacert.patch is wrong for
SLES.
-------------------------------------------------------------------
Thu Nov 7 10:07:58 UTC 2013 - mcihar@suse.cz
- update to 2.0.1
- changes in 2.0.1:
- Updated included CA Bundle with new mistrusts and automated process for the future
- Added MD5-sess to Digest Auth
- Accept per-file headers in multipart file POST messages.
- Fixed: Don't send the full URL on CONNECT messages.
- Fixed: Correctly lowercase a redirect scheme.
- Fixed: Cookies not persisted when set via functional API.
- Fixed: Translate urllib3 ProxyError into a requests ProxyError derived from ConnectionError.
- Updated internal urllib3 and chardet.
- changes in 2.0.0:
- Keys in the Headers dictionary are now native strings on all Python versions,
i.e. bytestrings on Python 2, unicode on Python 3.
- Proxy URLs now *must* have an explicit scheme. A ``MissingSchema`` exception
will be raised if they don't.
- Timeouts now apply to read time if ``Stream=False``.
- ``RequestException`` is now a subclass of ``IOError``, not ``RuntimeError``.
- Added new method to ``PreparedRequest`` objects: ``PreparedRequest.copy()``.
- Added new method to ``Session`` objects: ``Session.update_request()``. This
method updates a ``Request`` object with the data (e.g. cookies) stored on
the ``Session``.
- Added new method to ``Session`` objects: ``Session.prepare_request()``. This
method updates and prepares a ``Request`` object, and returns the
corresponding ``PreparedRequest`` object.
- Added new method to ``HTTPAdapter`` objects: ``HTTPAdapter.proxy_headers()``.
This should not be called directly, but improves the subclass interface.
- ``httplib.IncompleteRead`` exceptions caused by incorrect chunked encoding
will now raise a Requests ``ChunkedEncodingError`` instead.
- Invalid percent-escape sequences now cause a Requests ``InvalidURL``
exception to be raised.
- HTTP 208 no longer uses reason phrase ``"im_used"``. Correctly uses
``"already_reported"``.
- HTTP 226 reason added (``"im_used"``).
- Vastly improved proxy support, including the CONNECT verb. Special thanks to
the many contributors who worked towards this improvement.
- Cookies are now properly managed when 401 authentication responses are
received.
- Chunked encoding fixes.
- Support for mixed case schemes.
- Better handling of streaming downloads.
- Retrieve environment proxies from more locations.
-------------------------------------------------------------------
Thu Oct 24 11:13:26 UTC 2013 - speilicke@suse.com
- Require python-setuptools instead of distribute (upstreams merged)
-------------------------------------------------------------------
Thu Jul 25 11:40:02 UTC 2013 - vuntz@suse.com
- Add no-default-cacert.patch: completely ignore the internal CA
bundle and point to /etc/ssl/certs/. This works because we
patched python to do the right thing when a directory is used
there instead of a file.
- Manually remove requests/cacert.pem (better than doing that in
the patch, since it's big) too.
-------------------------------------------------------------------
Mon May 27 10:36:36 UTC 2013 - dmueller@suse.com
- update to 1.2.3:
* Python 3.3.2 compatibility
* Always percent-encode location headers
* Fix connection adapter matching to be most-specific first
* new argument to the default connection adapter for passing a block argument
* prevent a KeyError when there's no link headers
-------------------------------------------------------------------
Mon May 13 08:57:09 UTC 2013 - dmueller@suse.com
- update to 1.2.0:
* Fixed cookies on sessions and on requests
* Significantly change how hooks are dispatched - hooks now receive all the
arguments specified by the user when making a request so hooks can make a
secondary request with the same parameters. This is especially necessary for
authentication handler authors
* certifi support was removed
* Fixed bug where using OAuth 1 with body ``signature_type`` sent no data
* Major proxy work thanks to @Lukasa including parsing of proxy authentication
from the proxy url
* Fix DigestAuth handling too many 401s
* Update vendored urllib3 to include SSL bug fixes
* Allow keyword arguments to be passed to ``json.loads()`` via the
``Response.json()`` method
* Don't send ``Content-Length`` header by default on ``GET`` or ``HEAD``
requests
* Add ``elapsed`` attribute to ``Response`` objects to time how long a request
took.
* Fix ``RequestsCookieJar``
* Sessions and Adapters are now picklable, i.e., can be used with the
mutiprocessing library
Update charade to version 1.0.3
-------------------------------------------------------------------
Fri Jan 18 08:31:22 UTC 2013 - saschpe@suse.de
- Set license to "Apache-2.0 and LGPL-2.1+ and MIT", according to
https://github.com/kennethreitz/requests/issues/1111, the base
license is Apache-2.0 but requests ships two libraries (bnc#799119):
+ charade: LGPL-2.1+
+ urllib3: MIT
-------------------------------------------------------------------
Tue Jan 15 19:37:18 UTC 2013 - p.drouand@gmail.com
- Initial python3 support
-------------------------------------------------------------------
Tue Jan 15 19:34:53 UTC 2013 - p.drouand@gmail.com
- Update to version 1.1.0:
* CHUNKED REQUESTS
* Support for iterable response bodies
* Assume servers persist redirect params
* Allow explicit content types to be specified for file data
* Make merge_kwargs case-insensitive when looking up keys
-------------------------------------------------------------------
Tue Nov 13 22:04:33 UTC 2012 - jfunk@funktronics.ca
- Update to 0.14.2:
* Improved mime-compatible JSON handling
* Proxy fixes
* Path hack fixes
* Case-Insensistive Content-Encoding headers
* Support for CJK parameters in form posts
-------------------------------------------------------------------
Tue Oct 16 18:55:20 UTC 2012 - jfunk@funktronics.ca
- Update to 0.14.1:
* Python 3.3 Compatibility
* Simply default accept-encoding
* Bugfixes
- 0.14.0 (2012-09-02)
* No more iter_content errors if already downloaded.
- 0.13.9 (2012-08-25)
* Fix for OAuth + POSTs
* Remove exception eating from dispatch_hook
* General bugfixes
- 0.13.8 (2012-08-21)
* Incredible Link header support :)
- 0.13.7 (2012-08-19)
* Support for (key, value) lists everywhere.
* Digest Authentication improvements.
* Ensure proxy exclusions work properly.
* Clearer UnicodeError exceptions.
* Automatic casting of URLs to tsrings (fURL and such)
* Bugfixes.
- 0.13.6 (2012-08-06)
* Long awaited fix for hanging connections!
- 0.13.5 (2012-07-27)
* Packaging fix
- 0.13.4 (2012-07-27)
* GSSAPI/Kerberos authentication!
* App Engine 2.7 Fixes!
* Fix leaking connections (from urllib3 update)
* OAuthlib path hack fix
* OAuthlib URL parameters fix.
- 0.13.3 (2012-07-12)
* Use simplejson if available.
* Do not hide SSLErrors behind Timeouts.
* Fixed param handling with urls containing fragments.
* Significantly improved information in User Agent.
* client certificates are ignored when verify=False
- 0.13.2 (2012-06-28)
* Zero dependencies (once again)!
* New: Response.reason
* Sign querystring parameters in OAuth 1.0
* Client certificates no longer ignored when verify=False
* Add openSUSE certificate support
- Removed certificate patch since it's now upstream
- Removed dependencies that are no longer needed
-------------------------------------------------------------------
Wed May 30 09:11:50 UTC 2012 - saschpe@suse.de
- Update to 0.13.1:
+ Removal of Requests.async in favor of grequests
+ Allow disabling of cookie persistiance.
+ New implimentation of safe_mode
+ cookies.get now supports default argument
+ Session cookies not saved when Session.request is called with return_response=False
+ Env: no_proxy support.
+ RequestsCookieJar improvements.
+ Various bug fixes.
- Rebased patches
-------------------------------------------------------------------
Wed May 23 12:09:35 UTC 2012 - saschpe@suse.de
- Use a slightly different approach for bnc#761500, try to use /etc/ssl/certs
but use /etc/ssl/ca-bundle.pem as a fallback. The previous fix didn't work
for me as (my) Python ssl module doesn't support cert directories...
- No need to check SUSE versions for python-certifi, it only is/was
part of openSUSE:Factory for a brief period of time
-------------------------------------------------------------------
Sun May 20 17:44:57 UTC 2012 - jfunk@funktronics.ca
- Load directory-based cert store in openSUSE >= 12.2
-------------------------------------------------------------------
Fri May 18 00:41:52 UTC 2012 - jfunk@funktronics.ca
- Update to 0.12.1
* New Response.json property
* Ability to add string file uploads
* Fix out-of-range issue with iter_lines
* Fix iter_content default size
* Fix POST redirects containing files
- 0.12.0 (2012-05-02)
* EXPERIMENTAL OAUTH SUPPORT!
* Proper CookieJar-backed cookies interface with awesome dict-like interface.
* Speed fix for non-iterated content chunks.
* Move pre_request to a more usable place.
* New pre_send hook.
* Lazily encode data, params, files
* Load system Certificate Bundle if certify isn't available.
* Cleanups, fixes.
- Add python-chardet and python-oauthlib requirements
- Run test suite (added python-distribute build requirement to enable)
-------------------------------------------------------------------
Fri Apr 27 22:57:43 UTC 2012 - jfunk@funktronics.ca
- Update to 0.11.2
* Attempt to use the OS's certificate bundle if certifi isn't available.
* Infinite digest auth redirect fix
* Multi-part file upload improvements
* Fix decoding of invalid %encodings in URLs
* If there is no content in a response don't throw an error the second time
that content is attempted to be read.
* Upload data on redirects.
-------------------------------------------------------------------
Fri Apr 6 19:08:40 UTC 2012 - jfunk@funktronics.ca
- Update to 0.11.1:
* POST redirects now break RFC to do what browsers do: Follow up with a GET.
* New strict_mode configuration to disable new redirect behavior.
- 0.11.0 (2012-03-14)
* Private SSL Certificate support
* Remove select.poll from Gevent monkeypatching
* Remove redundant generator for chunked transfer encoding
* Fix: Response.ok raises Timeout Exception in safe_mode
-------------------------------------------------------------------
Sat Mar 10 14:11:23 UTC 2012 - saschpe@gmx.de
- Update to version 0.10.8:
* Generate chunked ValueError fix
* Proxy configuration by environment variables
* Simplification of iter_lines.
* New trust_env configuration for disabling system/environment hints.
* Suppress cookie errors.
- Changes from version 0.10.7:
* encode_uri = False
-------------------------------------------------------------------
Tue Feb 28 18:06:45 UTC 2012 - jfunk@funktronics.ca
- Update to 0.10.6
* Allow '=' in cookies.
- 0.10.5 (2012-02-25)
* Response body with 0 content-length fix.
* New async.imap.
* Don't fail on netrc.
-------------------------------------------------------------------
Tue Feb 21 19:52:04 UTC 2012 - jfunk@funktronics.ca
- Update to 0.10.4
* Honor netrc.
- 0.10.3 (2012-02-20)
* HEAD requests don't follow redirects anymore.
* raise_for_status() doesn't raise for 3xx anymore.
* Make Session objects picklable.
* ValueError for invalid schema URLs.
- 0.10.2 (2012-01-15)
* Vastly improved URL quoting.
* Additional allowed cookie key values.
* Attempted fix for "Too many open files" Error
* Replace unicode errors on first pass, no need for second pass.
* Append '/' to bare-domain urls before query insertion.
* Exceptions now inherit from RuntimeError.
* Binary uploads + auth fix.
* Bugfixes.
-------------------------------------------------------------------
Mon Feb 6 13:41:55 UTC 2012 - saschpe@suse.de
- Add dependency on python-certifi
-------------------------------------------------------------------
Tue Jan 24 21:31:14 UTC 2012 - jfunk@funktronics.ca
- Update to 0.10.1:
* PYTHON 3 SUPPORT!
* Dropped 2.5 Support. (Backwards Incompatible)
- 0.10.0 (2012-01-21)
* Response.content is now bytes-only. (Backwards Incompatible)
* New Response.text is unicode-only.
* If no Response.encoding is specified and chardet is available,
Respoonse.text will guess an encoding.
* Default to ISO-8859-1 (Western) encoding for "text" subtypes.
* Removal of decode_unicode. (Backwards Incompatible)
* New multiple-hooks system.
* New Response.register_hook for registering hooks within the pipeline.
* Response.url is now Unicode.
-------------------------------------------------------------------
Thu Jan 19 19:33:21 UTC 2012 - jfunk@funktronics.ca
- Update to 0.9.3:
* SSL verify=False bugfix (apparent on windows machines).
- 0.9.2 (2012-01-18)
* Asyncronous async.send method.
* Support for proper chunk streams with boundaries.
* session argument for Session classes.
* Print entire hook tracebacks, not just exception instance.
* Fix response.iter_lines from pending next line.
* Fix but in HTTP-digest auth w/ URI having query strings.
* Fix in Event Hooks section.
* Urllib3 update.
-------------------------------------------------------------------
Thu Jan 12 22:05:35 UTC 2012 - jfunk@funktronics.ca
- Update to 0.9.1:
* danger_mode for automatic Response.raise_for_status()
* Response.iter_lines refator
- 0.9.0 (2011-12-28)
* verify ssl is default.
- 0.8.9 (2011-12-28)
* Packaging fix.
- 0.8.8 (2011-12-28)
* SSL CERT VERIFICATION!
* Release of Cerifi: Mozilla's cert list.
* New 'verify' argument for SSL requests.
* Urllib3 update.
- 0.8.7 (2011-12-24)
* iter_lines last-line truncation fix
* Force safe_mode for async requests
* Handle safe_mode exceptions more consistently
* Fix iteration on null responses in safe_mode
- 0.8.6 (2011-12-18)
* Socket timeout fixes.
* Proxy Authorization support.
- 0.8.5 (2011-12-14)
* Response.iter_lines!
-------------------------------------------------------------------
Sun Dec 11 20:45:14 UTC 2011 - jfunk@funktronics.ca
- Update to 0.8.4:
* Prefetch bugfix.
* Added license to installed version.
-------------------------------------------------------------------
Sun Nov 27 20:38:47 UTC 2011 - jfunk@funktronics.ca
- Update to 0.8.3
* Converted auth system to use simpler callable objects.
* New session parameter to API methods.
* Display full URL while logging.
-------------------------------------------------------------------
Sun Nov 27 08:54:32 UTC 2011 - jfunk@funktronics.ca
- Update to 0.8.2
* New unicode decoding system, based on overridable Response.encoding.
* Proper URL slash-quote handling.
* Cookies with [, ], and _ allowed.
- 0.8.1 (2011-11-15)
* URL Request path fix
* Proxy fix.
* Timeouts fix.
- 0.8.0 (2011-11-13)
* Keep-alive support!
* Complete removal of Urllib2
* Complete removal of Poster
* Complete removal of CookieJars
* New ConnectionError raising
* Safe_mode for error catching
* prefetch parameter for request methods
* OPTION method
* Async pool size throttling
* File uploads send real names
- 0.7.6 (2011-11-07)
* Digest authentication bugfix (attach query data to path)
- 0.7.5 (2011-11-04)
* Response.content = None if there was an invalid repsonse.
* Redirection auth handling.
- 0.7.4 (2011-10-26)
* Sesion Hooks fix.
- 0.7.3 (2011-10-23)
* Digest Auth fix.
- 0.7.2 (2011-10-23)
* PATCH Fix.
- 0.7.1 (2011-10-23)
* Move away from urllib2 authentication handling.
* Fully Remove AuthManager, AuthObject, &c.
* New tuple-based auth system with handler callbacks.
- 0.7.0 (2011-10-22)
* Sessions are now the primary interface.
* Deprecated InvalidMethodException.
* PATCH fix.
* New config system (no more global settings).
- 0.6.6 (2011-10-19)
* Session parameter bugfix (params merging).
- 0.6.5 (2011-10-18)
* Offline (fast) test suite.
* Session dictionary argument merging.
- 0.6.4 (2011-10-13)
* Automatic decoding of unicode, based on HTTP Headers.
* New decode_unicode setting.
* Removal of r.read/close methods.
* New r.faw interface for advanced response usage.*
* Automatic expansion of parameterized headers.
- 0.6.3 (2011-10-13)
* Beautiful requests.async module, for making async requests w/ gevent.
- 0.6.2 (2011-10-09)
* GET/HEAD obeys allow_redirects=False.
-------------------------------------------------------------------
Fri Sep 23 12:08:32 UTC 2011 - saschpe@suse.de
- Update to version 0.6.1:
* Enhanced status codes experience ``\o/``
* Set a maximum number of redirects (``settings.max_redirects``)
* Full Unicode URL support
* Support for protocol-less redirects.
* Allow for arbitrary request types.
* Bugfixes
- Changes from version 0.6.0:
* New callback hook system
* New persistient sessions object and context manager
* Transparent Dict-cookie handling
* Status code reference object
* Removed Response.cached
* Added Response.request
* All args are kwargs
* Relative redirect support
* HTTPError handling improvements
* Improved https testing
* Bugfixes
-------------------------------------------------------------------
Wed Jun 22 17:18:17 UTC 2011 - jfunk@funktronics.ca
- Update to 0.5.0
- PATCH Support
- Support for Proxies
- HTTPBin Test Suite
- Redirect Fixes
- settings.verbose stream writing
- Querystrings for all methods
- URLErrors (Connection Refused, Timeout, Invalid URLs) are treated as
explicity raised r.requests.get('hwe://blah'); r.raise_for_status()
- 0.4.1 (2011-05-22)
- Improved Redirection Handling
- New 'allow_redirects' param for following non-GET/HEAD Redirects
- Settings module refactoring
-------------------------------------------------------------------
Fri May 20 19:11:29 UTC 2011 - jfunk@funktronics.ca
- Initial release
