Recent Commits to requests · June 2025

16/06/2025 16:10

Bump github/codeql-action from 3.28.5 to 3.29.0

Bump github/codeql-action from 3.28.5 to 3.29.0

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.5 to 3.29.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4...ce28f5bb42b7a9f2c824e633a3f6ee835bab6858)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

13/06/2025 13:42

Revert caching a default SSLContext (#6767)

nateprewitt

Revert caching a default SSLContext (#6767)

10/06/2025 9:40

Clarify error description in cloning instructions

anodo123

Clarify error description in cloning instructions

This clarifies the error description in the 'Cloning the repository' section of the README. The current wording mentions 'an error about a bad commit', which is somewhat vague. I've updated it to 'an error about a bad commit timestamp', which more accurately describes the nature of the error referenced in issue #2690.
This small change improves the clarity of the documentation, helping users better understand the potential issue they might encounter when cloning the repository and why they need to use the specified Git flag.

09/06/2025 23:54

Fix typo in documentation for verify

jonas

Fix typo in documentation for verify

09/06/2025 23:32

Add Trusted Publishing Release Workflow

sigmavirus24

Add Trusted Publishing Release Workflow

Rather than rely on manual releases from a developer laptop, let's use
tag pushes to trigger a workflow to publish artifacts to PyPI. This will
leverage trusted publishing and upload attestations as well.

09/06/2025 13:39

Polish up release tooling for last manual release

sigmavirus24

Polish up release tooling for last manual release

09/06/2025 13:39

Bump version and add release notes for v2.32.4

sigmavirus24

Bump version and add release notes for v2.32.4

08/06/2025 14:47

Add netrc file search information to authentication documentation (#6…

pszlazak

Add netrc file search information to authentication documentation (#6876)

05/06/2025 11:55

Add more tests to prevent regression of CVE 2024 47081

awoimbee

Add more tests to prevent regression of CVE 2024 47081

Remove workaround not needed since py38 for os.path.expanduser.

05/06/2025 8:21

Add new test to check netrc auth leak (#6962)

danigm

Add new test to check netrc auth leak (#6962)

This patch adds a new test that reproduces the security issue reported
here:
https://seclists.org/oss-sec/2025/q2/204

Doing a request to a malicious url with a prefix like "domain.com:@"
will use the "domain.com" netrc credentials in the request to other
domain.

04/06/2025 12:39

Only use hostname to do netrc lookup instead of netloc

nateprewitt

Only use hostname to do netrc lookup instead of netloc

01/06/2025 15:07

Merge pull request #6951 from tswast/patch-1

nateprewitt

Merge pull request #6951 from tswast/patch-1

01/06/2025 11:03

remove links

tswast

remove links