Skip to content

Bump requests from 2.32.5 to 2.33.0 in /content-cache#112

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/content-cache/requests-2.33.0
Open

Bump requests from 2.32.5 to 2.33.0 in /content-cache#112
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/content-cache/requests-2.33.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026

Bumps requests from 2.32.5 to 2.33.0.

Release notes

Sourced from requests's releases.

v2.33.0

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

Changelog

Sourced from requests's changelog.

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.
Commits
  • bc04dfd v2.33.0
  • 66d21cb Merge commit from fork
  • 8b9bc8f Move badges to top of README (#7293)
  • e331a28 Remove unused extraction call (#7292)
  • 753fd08 docs: fix FAQ grammar in httplib2 example
  • 774a0b8 docs(socks): same block as other sections
  • 9c72a41 Bump github/codeql-action from 4.33.0 to 4.34.1
  • ebf7190 Bump github/codeql-action from 4.32.0 to 4.33.0
  • 0e4ae38 docs: exclude Response.is_permanent_redirect from API docs (#7244)
  • d568f47 docs: clarify Quickstart POST example (#6960)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump requests from 2.32.5 to 2.33.0 in /content-cache
d4bca3d 
Bumps [requests](https://github.com/psf/requests) from 2.32.5 to 2.33.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.5...v2.33.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.33.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner March 26, 2026 14:26
@dependabot dependabot bot requested review from florentianayuwono and javierdelapuente and removed request for a team March 26, 2026 14:26
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 26, 2026

Test results for commit d4bca3d

Test coverage for d4bca3d

Name            Stmts   Miss Branch BrPart  Cover   Missing
-----------------------------------------------------------
src/charm.py       47      0      6      0   100%
src/errors.py       1      0      0      0   100%
src/state.py      139      0     32      0   100%
-----------------------------------------------------------
TOTAL             187      0     38      0   100%

Static code analysis report

Run started:2026-03-26 14:30:21.281904+00:00

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 986
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 26, 2026

Test results for commit d4bca3d

Test coverage for d4bca3d

Name                   Stmts   Miss Branch BrPart  Cover   Missing
------------------------------------------------------------------
src/certificates.py       21      2      6      2    85%   65-68
src/charm.py             106     12      8      0    89%   64-65, 120, 149, 153-156, 211-213, 223-225
src/errors.py             16      0      0      0   100%
src/nginx_manager.py     199     36     16      4    81%   207, 213-219, 224-226, 229, 277-279, 295-297, 337-342, 417-419, 438-442, 461->463, 543-548
src/state.py             163     13     34      1    92%   154-159, 429-439
src/utilities.py          13      0      0      0   100%
------------------------------------------------------------------
TOTAL                    518     63     64      7    88%

Static code analysis report

Run started:2026-03-26 14:33:48.936615+00:00

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 1208
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 2

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@javierdelapuente javierdelapuente Awaiting requested review from javierdelapuente javierdelapuente is a code owner automatically assigned from canonical/platform-engineering

@florentianayuwono florentianayuwono Awaiting requested review from florentianayuwono florentianayuwono is a code owner automatically assigned from canonical/platform-engineering

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@is-devops-bot