Closed Bug 1760436 Opened 2 years ago Closed 2 years ago

[wpt-sync] Sync PR 33218 - Bump urllib3[secure] from 1.26.8 to 1.26.9 in /tools

Categories

(Testing :: web-platform-tests, task, P4)

Product:
Testing
Component:
web-platform-tests
Type:
task

Tracking

(firefox100 fixed)

Status:
RESOLVED FIXED
Milestone:
100 Branch
Tracking Flags:
Tracking Status
firefox100 --- fixed

People

(Reporter: mozilla.org, Unassigned)

References

(
URL
)

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 33218 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/33218
Details from upstream follow.

dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> wrote:

Bump urllib3[secure] from 1.26.8 to 1.26.9 in /tools

Bumps urllib3[secure] from 1.26.8 to 1.26.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3[secure]'s releases</a>.</em></p>
<blockquote>
<h2>1.26.9</h2>
<p><strong>If you or your organization rely on urllib3 consider supporting us via <a href="https://github.com/sponsors/urllib3">GitHub Sponsors</a>.</strong></p>
<p>:warning: <strong>urllib3 v2.0 will drop support for Python 2</strong>: <a href="https://urllib3.readthedocs.io/en/latest/v2-roadmap.html">Read more in the v2.0 Roadmap</a></p>
<p>:warning: <strong>This release will be the last release supporting Python 3.5. Please upgrade to a non-EOL Python version.</strong></p>
<ul>
<li>Changed <code>urllib3[brotli]</code> extra to favor installing Brotli libraries that are still receiving updates like <code>brotli</code> and <code>brotlicffi</code> instead of <code>brotlipy</code>. This change does not impact behavior of urllib3, only which dependencies are installed.</li>
<li>Fixed a socket leaking when <code>HTTPSConnection.connect()</code> raises an exception.</li>
<li>Fixed <code>server_hostname</code> being forwarded from <code>PoolManager</code> to <code>HTTPConnectionPool</code>
when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/1.26.9/CHANGES.rst">urllib3[secure]'s changelog</a>.</em></p>
<blockquote>
<h2>1.26.9 (2022-03-16)</h2>
<ul>
<li>Changed <code>urllib3[brotli]</code> extra to favor installing Brotli libraries that are still
receiving updates like <code>brotli</code> and <code>brotlicffi</code> instead of <code>brotlipy</code>.
This change does not impact behavior of urllib3, only which dependencies are installed.</li>
<li>Fixed a socket leaking when <code>HTTPSConnection.connect()</code> raises an exception.</li>
<li>Fixed <code>server_hostname</code> being forwarded from <code>PoolManager</code> to <code>HTTPConnectionPool</code>
when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/urllib3/urllib3/commit/6de3330eb54f73a57c7860f75123bde8b043dbd2"><code>6de3330</code></a> Release 1.26.9</li>
<li><a href="https://github.com/urllib3/urllib3/commit/5ea33e159ef9f11282240da5f6af1e3a5563b334"><code>5ea33e1</code></a> [1.26] Switch to Brotli C bindings for CPython, brotlicffi for non-CPython</li>
<li><a href="https://github.com/urllib3/urllib3/commit/c0a182c6300a34cba58b5e80749584d7b621c7dd"><code>c0a182c</code></a> [1.26] Avoid socket leak if HTTPSConnection.connect() fails</li>
<li><a href="https://github.com/urllib3/urllib3/commit/5cf6d03a85b28c76a5a05ccddebdeda064f0936f"><code>5cf6d03</code></a> [1.26] Fix formatting in changelog</li>
<li><a href="https://github.com/urllib3/urllib3/commit/834dd1edba7b020cb20462862c114bb3def30a0b"><code>834dd1e</code></a> [1.26] Complete test coverage of urllib3.util.ssl_match_hostname.match_hostname</li>
<li><a href="https://github.com/urllib3/urllib3/commit/048c0ba15cec8c7dd787670bcafd243a54590982"><code>048c0ba</code></a> [1.26] Combine UnicodeError and ValueError branches in ssl_match_hostname for...</li>
<li><a href="https://github.com/urllib3/urllib3/commit/a4539fb48c9d827739a77a6323093434bd11ba63"><code>a4539fb</code></a> [1.26] Add test to complete the coverage of urllib3.util.ssl_match_hostname.m...</li>
<li><a href="https://github.com/urllib3/urllib3/commit/d662fcd9301b94a413a0d21c6c287268cd082da1"><code>d662fcd</code></a> [1.26] Stop advertising python setup.py install</li>
<li><a href="https://github.com/urllib3/urllib3/commit/778e585d9b5c86de22c9fb736ed7a80982622334"><code>778e585</code></a> [1.26] Show missing lines in coverage report</li>
<li><a href="https://github.com/urllib3/urllib3/commit/f1d40fd07f7b5d9cf846a18fb5a920b4be07dfc5"><code>f1d40fd</code></a> [1.26] Add server_hostname to SSL_KEYWORDS</li>
<li>See full diff in <a href="https://github.com/urllib3/urllib3/compare/1.26.8...1.26.9">compare view</a></li>
</ul>
</details>
<br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/a12c5dfb1279
[wpt PR 33218] - Bump urllib3[secure] from 1.26.8 to 1.26.9 in /tools, a=testonly
Test result changes from PR not available.
Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/c1b517719702
[wpt PR 33218] - Bump urllib3[secure] from 1.26.8 to 1.26.9 in /tools, a=testonly

https://hg.mozilla.org/mozilla-central/rev/c1b517719702

Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox100: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 100 Branch
You need to log in before you can comment on or make changes to this bug.