Skip to content

Update requests to 2.33.0#334

Open
pyup-bot wants to merge 1 commit intomainfrom
pyup-update-requests-2.32.5-to-2.33.0
Open

Update requests to 2.33.0#334
pyup-bot wants to merge 1 commit intomainfrom
pyup-update-requests-2.32.5-to-2.33.0

Conversation

@pyup-bot
Copy link
Copy Markdown
Collaborator

@pyup-bot pyup-bot commented Mar 26, 2026

This PR updates requests from 2.32.5 to 2.33.0.

Changelog

2.33.0

--------------------

**Announcements**
- 📣 Requests is adding inline types. If you have a typed code base that
uses Requests, please take a look at 7271. Give it a try, and report
any gaps or feedback you may have in the issue. 📣

**Security**
- CVE-2026-25645 ``requests.utils.extract_zipped_paths`` now extracts
contents to a non-deterministic location to prevent malicious file
replacement. This does not affect default usage of Requests, only
applications calling the utility function directly.

**Improvements**
- Migrated to a PEP 517 build system using setuptools. (7012)

**Bugfixes**
- Fixed an issue where an empty netrc entry could cause
malformed authentication to be applied to Requests on
Python 3.11+. (7205)

**Deprecations**
- Dropped support for Python 3.9 following its end of support. (7196)

**Documentation**
- Various typo fixes and doc improvements.
Links

@pyup-bot pyup-bot added the dependencies Pull requests that update a dependency file label Mar 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pyup-bot