Recent Commits to requests

Merge pull request #7042 from psf/dependabot/github_actions/github/codeql-action-4.30.8

Bump github/codeql-action from 3.30.0 to 4.30.8

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.0 to 4.30.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d...f443b600d91635bebf5b0d9ebc620189c0d6fba5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.30.8
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Merge pull request #7026 from psf/dependabot/github_actions/actions/setup-python-6.0.0

Bump actions/setup-python from 5.6.0 to 6.0.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.6.0 to 6.0.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...e797f83bcb11b83ae66e0230d6156d7c80228e7c)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Merge pull request #7025 from psf/dependabot/github_actions/pypa/gh-action-pypi-publish-1.13.0

Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0

Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.12.4 to 1.13.0.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/76f52bc884231f62b9a034ebfe128415bbaabdfc...ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-version: 1.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Bump github/codeql-action from 3.29.0 to 3.30.0

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.0 to 3.30.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858...2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

v2.32.5

Merge pull request #7010 from psf/dependabot/github_actions/actions/checkout-5.0.0

Bump actions/checkout from 4.2.0 to 5.0.0

Bump actions/checkout from 4.2.0 to 5.0.0

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4.2.0...08c6903cd8c0fde910a37f88322edcfb5dd907a8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Update publish workflow to use `artifact-id` instead of `name`

Added artifact-id output to publish workflow and updated download-artifact action version to `v5.0.0`. Also hardens the workflow a bit by adding `persist-credentials: false` to the checkout step

Merge pull request #6999 from psf/dependabot/github_actions/step-security/harden-runner-2.13.0

Bump step-security/harden-runner from 2.12.0 to 2.13.0

Bump step-security/harden-runner from 2.12.0 to 2.13.0

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.13.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...ec9f2d5744a09debf3a187a3f4f675c53b671911)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Add support for Python 3.14 and drop support for Python 3.8 (#6993)

* Add testing for Python 3.14 preview build

* Add trove classifier for Python 3.14

* Remove support for Python 3.8

Update Makefile rules (#6996)

docs: clarify timeout parameter uses seconds in Session.request (#6994)

Bump github/codeql-action from 3.28.5 to 3.29.0

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.5 to 3.29.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4...ce28f5bb42b7a9f2c824e633a3f6ee835bab6858)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Revert caching a default SSLContext (#6767)

Clarify error description in cloning instructions

This clarifies the error description in the 'Cloning the repository' section of the README. The current wording mentions 'an error about a bad commit', which is somewhat vague. I've updated it to 'an error about a bad commit timestamp', which more accurately describes the nature of the error referenced in issue #2690.
This small change improves the clarity of the documentation, helping users better understand the potential issue they might encounter when cloning the repository and why they need to use the specified Git flag.

Fix typo in documentation for verify

Add Trusted Publishing Release Workflow

Rather than rely on manual releases from a developer laptop, let's use
tag pushes to trigger a workflow to publish artifacts to PyPI. This will
leverage trusted publishing and upload attestations as well.

Bump version and add release notes for v2.32.4

Polish up release tooling for last manual release

Add netrc file search information to authentication documentation (#6876)

Add more tests to prevent regression of CVE 2024 47081

Remove workaround not needed since py38 for os.path.expanduser.

Add new test to check netrc auth leak (#6962)

This patch adds a new test that reproduces the security issue reported
here:
https://seclists.org/oss-sec/2025/q2/204

Doing a request to a malicious url with a prefix like "domain.com:@"
will use the "domain.com" netrc credentials in the request to other
domain.

Only use hostname to do netrc lookup instead of netloc

Merge pull request #6951 from tswast/patch-1

remove links

Update docs/conf.py

Co-authored-by: Nate Prewitt <nate.prewitt@gmail.com>

docs: fix dead links to kenreitz.org

Add two more tests exercising the adapter (#6936)

Closes #6935

Drop pypy 3.9 and add pypy 3.11 support

Merge pull request #6939 from psf/dependabot/github_actions/actions/setup-python-5.6.0

Bump actions/setup-python from 5.5.0 to 5.6.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.5.0 to 5.6.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/8d9ed9ac5c53483de85588cdf95a591a75ab9f55...a26af69be951a213d495a4c3e4e4022e16d87065)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Update lint workflow to ubuntu-24.04

Ubuntu 20.04 was the old default and is no longer supported by GitHub Actions

Merge pull request #6924 from RichieB2B/rfc5280

Add key usage extension to test ca.crt

Merge pull request #6925 from psf/dependabot/github_actions/actions/setup-python-5.5.0

Bump actions/setup-python from 5.4.0 to 5.5.0

Bump actions/setup-python from 5.4.0 to 5.5.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/42375524e23c412d93fb67b49958b491fce71c38...8d9ed9ac5c53483de85588cdf95a591a75ab9f55)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Add key usage extension to test ca.crt

Merge pull request #6899 from duzhuoshanwai/main

Docs: Add quotes to prevent Zsh wildcard interpretation.

Update advanced.rst

Add quotes to prevent Zsh wildcard interpretation.

Merge pull request #6897 from cjwatson/fix-test-certificates

Add CA constraint to test CA

Regenerate test certificates

Created using the following command with OpenSSL 3.4.0:

    for cert in expired mtls valid/server; do
        make -C tests/certs/$cert clean all
    done

Add CA constraint to test CA

Otherwise recent versions of OpenSSL reject it as an invalid CA
certificate (at least once the test certificates are regenerated).

Fixes: #6896

Merge pull request #6529 from anupam-arista/patch-1

Update src/requests/models.py

Co-authored-by: Ian Stapleton Cordasco <graffatcolmingov@gmail.com>

Update models.py

Update src/requests/models.py

Co-authored-by: Ian Stapleton Cordasco <graffatcolmingov@gmail.com>

Merge branch 'psf:main' into patch-1

Merge pull request #6880 from jakobheine/td/remove-urlrequired-from-docs

docs(exceptions): Remove unused exception URLRequired from documentation

Merge pull request #6883 from psf/dependabot/github_actions/actions/setup-python-5.4.0

Bump actions/setup-python from 5.3.0 to 5.4.0

Bump actions/setup-python from 5.3.0 to 5.4.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/0b93645e9fea7318ecaed2b359559ac225c90a2b...42375524e23c412d93fb67b49958b491fce71c38)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

docs(exceptions): Remove unused exception URLRequired from documentation

The documentation previously listed `requests.URLRequired` as a valid
exception, suggesting it would be raised for invalid URLs. However,
this exception has been dead code since commit ab27027 (2012) and is
never actually raised.

Instead, invalid URLs raise `MissingSchema`, `InvalidSchema`, or
`InvalidURL`, none of which were documented. This commit removes
`URLRequired` from the documentation to reflect the actual behavior
and prevent confusion.

Signed-off-by: jakobheine <me@jakobheine.de>

Merge pull request #6875 from psf/dependabot/github_actions/github/codeql-action-3.28.5

Bump github/codeql-action from 3.27.0 to 3.28.5

Bump github/codeql-action from 3.27.0 to 3.28.5

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.0 to 3.28.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/662472033e021d55d94146f66f6058822b0b39fd...f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Merge branch 'psf:main' into patch-1

Merge pull request #6824 from psf/nateprewitt-patch-1

Remove old macOS runners

Remove old macOS runners

Update vulnerability disclosure process (#6820)

* Update contact point for Vulnerability disclosures

* Fix RedHat Contact

* Point vulnerabilities.rst to our .SECURITY file