Skip to content

Bump requests from 2.32.5 to 2.33.0 in /doc/UserGuide#1478

Merged
WenMeng-NOAA merged 1 commit intodevelopfrom
dependabot/pip/doc/UserGuide/requests-2.33.0
Mar 27, 2026
Merged

Bump requests from 2.32.5 to 2.33.0 in /doc/UserGuide#1478
WenMeng-NOAA merged 1 commit intodevelopfrom
dependabot/pip/doc/UserGuide/requests-2.33.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026
edited
Loading

Bumps requests from 2.32.5 to 2.33.0.

Release notes

Sourced from requests's releases.

v2.33.0

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

Changelog

Sourced from requests's changelog.

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.
Commits
  • bc04dfd v2.33.0
  • 66d21cb Merge commit from fork
  • 8b9bc8f Move badges to top of README (#7293)
  • e331a28 Remove unused extraction call (#7292)
  • 753fd08 docs: fix FAQ grammar in httplib2 example
  • 774a0b8 docs(socks): same block as other sections
  • 9c72a41 Bump github/codeql-action from 4.33.0 to 4.34.1
  • ebf7190 Bump github/codeql-action from 4.32.0 to 4.33.0
  • 0e4ae38 docs: exclude Response.is_permanent_redirect from API docs (#7244)
  • d568f47 docs: clarify Quickstart POST example (#6960)
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 26, 2026
@WenMeng-NOAA
Copy link
Copy Markdown
Collaborator

WenMeng-NOAA commented Mar 26, 2026

@clyden-noaa @gspetro-NOAA @jdkublnick Do you have any clues about CI failure in docs?

@jdkublnick
Copy link
Copy Markdown
Collaborator

jdkublnick commented Mar 26, 2026

@clyden-noaa @gspetro-NOAA @jdkublnick Do you have any clues about CI failure in docs?

Looking into this now, think I figured out the issue. PR coming soon :).

@jdkublnick
Copy link
Copy Markdown
Collaborator

jdkublnick commented Mar 26, 2026

@clyden-noaa @gspetro-NOAA @jdkublnick Do you have any clues about CI failure in docs?

I opened PR #1479 for the docs CI issue, the docs build now succeeds, and it is ready for review.

@dependabot dependabot bot changed the title Bump requests from 2.32.4 to 2.33.0 in /doc/UserGuide Bump requests from 2.32.5 to 2.33.0 in /doc/UserGuide Mar 27, 2026
@dependabot
Bump requests from 2.32.4 to 2.33.0 in /doc/UserGuide
bdd373d 
Bumps [requests](https://github.com/psf/requests) from 2.32.4 to 2.33.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.4...v2.33.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.33.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/doc/UserGuide/requests-2.33.0 branch from 4313b17 to bdd373d Compare March 27, 2026 17:33
@BenjaminBlake-NOAA
Copy link
Copy Markdown
Collaborator

BenjaminBlake-NOAA commented Mar 27, 2026

Looks like the docs CI issue was resolved thanks to @jdkublnick , so this PR should be good to go.

@BenjaminBlake-NOAA BenjaminBlake-NOAA added the Ready for Review This PR is ready for code review. label Mar 27, 2026
@WenMeng-NOAA
Copy link
Copy Markdown
Collaborator

WenMeng-NOAA commented Mar 27, 2026

There is no need to run the UPP RTs for updates related only to documentation. All CIs have passed. This PR is ready for merging.

@WenMeng-NOAA WenMeng-NOAA merged commit 0d383c0 into develop Mar 27, 2026
6 checks passed
@dependabot dependabot bot deleted the dependabot/pip/doc/UserGuide/requests-2.33.0 branch March 27, 2026 18:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@WenMeng-NOAA WenMeng-NOAA WenMeng-NOAA approved these changes

@BenjaminBlake-NOAA BenjaminBlake-NOAA BenjaminBlake-NOAA approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code Ready for Review This PR is ready for code review.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@WenMeng-NOAA @jdkublnick @BenjaminBlake-NOAA