Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
2.32.0 (2024-05-20)
Security
verify=False
on the first request from aSession will cause subsequent requests to the same origin to also ignore
cert verification, regardless of the value of
verify
.(GHSA-9wx4-h78v-vm56)
Improvements
verify=True
now reuses a global SSLContext which should improverequest time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (Avoid reloading root certificates to improve concurrent performance #6667)
(
chardet
orcharset_normalizer
) when repackaged or vendored.This enables
pip
and other projects to minimize their vendoringsurface area. The
Response.text()
andapparent_encoding
APIswill default to
utf-8
if neither library is present. (Allow optional char detection dependencies in post-packaging #6702)Bugfixes
calculated in the request content-length. (Enhance
super_len
to count encoded bytes for str #6589)/
(path separator) could leadurllib3 to unnecessarily reparse the request URI. (Trim excess leading path separators #6644)
Deprecations
Documentation
Packaging
The source files for the projects (formerly
requests
) is now locatedin
src/requests
in the Requests sdist. (Move to src directory #6506)using
hatchling
. This should not impact the average user, but extremely oldversions of packaging utilities may have issues with the new packaging format.