fix(deps): vuln minor upgrades — 15 packages (minor: 7 · patch: 8) [src/loadgenerator]

[gh-worker-campaigns-3e9aa4]

Summary: High-severity security update — 15 packages upgraded (MINOR changes included)

Manifests changed:

• src/loadgenerator (pip)

---

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.

---

Updates

Package	From	To	Type	Dep Type	Vulnerabilities Fixed
urllib3	2.0.7	2.6.3	minor	Direct	6 HIGH, 4 MODERATE
flask-cors	4.0.0	4.0.2	patch	Direct	3 HIGH, 7 MODERATE
werkzeug	3.0.1	3.0.6	patch	Direct	2 HIGH, 10 MODERATE
idna	3.4	3.11	minor	Direct	2 HIGH, 1 MODERATE
brotli	1.1.0	1.2.0	minor	Direct	1 HIGH
jinja2	3.1.2	3.1.6	patch	Direct	10 MODERATE
requests	2.31.0	2.33.1	minor	Direct	6 MODERATE
googleapis-common-protos	1.61.0	1.74.0	minor	Direct	-
six	1.16.0	1.17.0	minor	Direct	-
typing-extensions	4.8.0	4.15.0	minor	Direct	-
click	8.1.7	8.1.8	patch	Direct	-
configargparse	1.7	1.7.5	patch	Direct	-
deprecated	1.2.14	1.2.18	patch	Direct	-
flask	3.0.0	3.0.3	patch	Direct	2 LOW
markupsafe	2.1.3	2.1.5	patch	Direct	-

Packages marked with "-" are updated due to dependency constraints.

---

Security Details

🚨 Critical & High Severity (14 fixed)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
brotli	GHSA-2qfp-q593-8484	HIGH	Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation	1.1.0	1.2.0
flask-cors	GHSA-hxwh-jpp2-84pm	HIGH	Flask-CORS allows the Access-Control-Allow-Private-Network CORS header to be set to true by default	4.0.0	4.0.2
flask-cors	CVE-2024-6221	HIGH	-	4.0.0	-
flask-cors	PYSEC-2024-71	HIGH	-	4.0.0	4.0.2
idna	PYSEC-2024-60	high	-	3.4	1d365e17e10d72d0b7876316fc7b9ca0eebdd38d
idna	CVE-2024-3651	high	-	3.4	-
urllib3	CVE-2025-66418	HIGH	urllib3 allows an unbounded number of links in the decompression chain	2.0.7	-
urllib3	GHSA-gm62-xv2j-4w53	HIGH	urllib3 allows an unbounded number of links in the decompression chain	2.0.7	2.6.0
urllib3	CVE-2025-66471	HIGH	urllib3 Streaming API improperly handles highly compressed data	2.0.7	-
urllib3	GHSA-2xpw-w6gg-jr37	HIGH	urllib3 streaming API improperly handles highly compressed data	2.0.7	2.6.0
urllib3	GHSA-38jv-5279-wg99	HIGH	Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)	2.0.7	2.6.3
urllib3	CVE-2026-21441	HIGH	urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)	2.0.7	-
werkzeug	GHSA-2g68-c3qc-8985	HIGH	Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain	3.0.1	3.0.3
werkzeug	CVE-2024-34069	HIGH	Werkzeug's improper usage of a pathname and improper CSRF protection results in the remote command execution	3.0.1	-

ℹ️ Other Vulnerabilities (40)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
flask-cors	GHSA-8vgw-p6qm-5gr7	MODERATE	Flask-CORS allows for inconsistent CORS matching	4.0.0	6.0.0
flask-cors	CVE-2024-6844	MODERATE	-	4.0.0	-
flask-cors	GHSA-43qf-4rqw-9q2g	MODERATE	Flask-CORS vulnerable to Improper Handling of Case Sensitivity	4.0.0	6.0.0
flask-cors	CVE-2024-6839	MODERATE	-	4.0.0	-
flask-cors	GHSA-84pr-m4jr-85g5	MODERATE	flask-cors vulnerable to log injection when the log level is set to debug	4.0.0	4.0.1
flask-cors	GHSA-7rxf-gvfg-47g4	MODERATE	Flask-CORS improper regex path matching vulnerability	4.0.0	6.0.0
flask-cors	CVE-2024-6866	MODERATE	-	4.0.0	-
idna	GHSA-jjg7-2v4v-x38h	MODERATE	Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode	3.4	3.7
jinja2	CVE-2024-56326	MODERATE	Jinja has a sandbox breakout through indirect reference to format method	3.1.2	-
jinja2	GHSA-h5c8-rqwp-cp95	MODERATE	Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter	3.1.2	3.1.3
jinja2	CVE-2024-56201	MODERATE	Jinja has a sandbox breakout through malicious filenames	3.1.2	-
jinja2	GHSA-gmj6-6f8f-6699	MODERATE	Jinja has a sandbox breakout through malicious filenames	3.1.2	3.1.5
jinja2	GHSA-q2x7-8rv6-6q7h	MODERATE	Jinja has a sandbox breakout through indirect reference to format method	3.1.2	3.1.5
jinja2	CVE-2024-34064	MODERATE	Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter	3.1.2	-
jinja2	GHSA-h75v-3vvj-5mfj	MODERATE	Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter	3.1.2	3.1.4
jinja2	CVE-2025-27516	MODERATE	Jinja sandbox breakout through attr filter selecting format method	3.1.2	-
jinja2	GHSA-cpwx-vrp4-4pq7	MODERATE	Jinja2 vulnerable to sandbox breakout through attr filter selecting format method	3.1.2	3.1.6
jinja2	CVE-2024-22195	MODERATE	Jinja vulnerable to Cross-Site Scripting (XSS)	3.1.2	-
requests	GHSA-gc5v-m9x4-r6x2	MODERATE	Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function	2.31.0	2.33.0
requests	CVE-2024-47081	MODERATE	Requests vulnerable to .netrc credentials leak via malicious URLs	2.31.0	-
requests	GHSA-9wx4-h78v-vm56	MODERATE	Requests Session object does not verify requests after making first request with verify=False	2.31.0	2.32.0
requests	CVE-2026-25645	MODERATE	Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function	2.31.0	-
requests	GHSA-9hjg-9r4m-mvj7	MODERATE	Requests vulnerable to .netrc credentials leak via malicious URLs	2.31.0	2.32.4
requests	CVE-2024-35195	MODERATE	Requests Session object does not verify requests after making first request with verify=False	2.31.0	-
urllib3	GHSA-pq67-6m6q-mj2v	MODERATE	urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation	2.0.7	2.5.0
urllib3	CVE-2025-50181	MODERATE	urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation	2.0.7	-
urllib3	GHSA-34jh-p97f-mpxf	MODERATE	urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects	2.0.7	1.26.19
urllib3	CVE-2024-37891	MODERATE	Proxy-Authorization request header isn't stripped during cross-origin redirects in urllib3	2.0.7	-
werkzeug	CVE-2026-21860	MODERATE	Werkzeug safe_join() allows Windows special device names with compound extensions	3.0.1	-
werkzeug	GHSA-87hc-h4r5-73f7	MODERATE	Werkzeug safe_join() allows Windows special device names with compound extensions	3.0.1	3.1.5
werkzeug	GHSA-29vq-49wr-vm6x	MODERATE	Werkzeug safe_join() allows Windows special device names	3.0.1	3.1.6
werkzeug	CVE-2026-27199	MODERATE	Werkzeug safe_join() allows Windows special device names	3.0.1	-
werkzeug	GHSA-q34m-jh98-gwm2	MODERATE	Werkzeug possible resource exhaustion when parsing file data in forms	3.0.1	3.0.6
werkzeug	CVE-2024-49767	MODERATE	Werkzeug possible resource exhaustion when parsing file data in forms	3.0.1	-
werkzeug	GHSA-f9vj-2wh5-fj8j	MODERATE	Werkzeug safe_join not safe on Windows	3.0.1	3.0.6
werkzeug	CVE-2024-49766	MODERATE	Werkzeug safe_join not safe on Windows	3.0.1	-
werkzeug	GHSA-hgf8-39gv-g3f2	MODERATE	Werkzeug safe_join() allows Windows special device names	3.0.1	3.1.4
werkzeug	CVE-2025-66221	MODERATE	Werkzeug safe_join() allows Windows special device names	3.0.1	-
flask	GHSA-68rp-wp8r-4726	LOW	Flask session does not add Vary: Cookie header when accessed in some ways	3.0.0	3.1.3
flask	CVE-2026-27205	LOW	Flask session does not add Vary: Cookie header when accessed in some ways	3.0.0	-

⚠️ Dependencies that have Reached EOL (7)

Dependency	Unsafe Version	EOL Date	New Version	Path
click	8.1.7	-	8.1.8	src/loadgenerator/requirements.txt
configargparse	1.7	-	1.7.5	src/loadgenerator/requirements.txt
googleapis-common-protos	1.61.0	-	1.74.0	src/loadgenerator/requirements.txt
idna	3.4	-	3.11	src/loadgenerator/requirements.txt
markupsafe	2.1.3	-	2.1.5	src/loadgenerator/requirements.txt
requests	2.31.0	-	2.33.1	src/loadgenerator/requirements.txt
typing-extensions	4.8.0	-	4.15.0	src/loadgenerator/requirements.txt

📅 Dependencies Nearing EOL (1)

Dependency	Unsafe Version	EOL Date	New Version	Path
six	1.16.0	May 5, 2026	1.17.0	src/loadgenerator/requirements.txt

---

Review Checklist

Standard review:

• Review changes for compatibility with your code
• Check for breaking changes in release notes
• Run tests locally or wait for CI
• Approve and merge this PR

---

Update Mode: Vulnerability Remediation (High)

🤖 Generated by DataDog Automated Dependency Management System

[campaigner-prod]

Release Notes

urllib3 (2.0.7 → 2.6.3) — GitHub Release

2.6.3

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Fixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by @D47A, 8.9 High, GHSA-38jv-5279-wg99)
• Started treating Retry-After times greater than 6 hours as 6 hours by default. (Handle massive values in Retry-After when calculating time to sleep for urllib3/urllib3#3743)
• Fixed urllib3.connection.VerifiedHTTPSConnection on Emscripten. (Patch VerifiedHTTPSConnection for emscripten urllib3/urllib3#3752)

2.6.2

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Fixed HTTPResponse.read_chunked() to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (Brotli DecodeError with chunked transfer encoding: "can_accept_more_data() is False" urllib3/urllib3#3734)

2.6.1

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Restore previously removed HTTPResponse.getheaders() and HTTPResponse.getheader() methods. (Removal of getheaders changes api, possibly breaking others urllib3/urllib3#3731)

2.6.0

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Security

• Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by @Cycloctane, 8.9 High, GHSA-2xpw-w6gg-jr37)

(truncated — see source for full notes)

flask-cors (4.0.0 → 4.0.2) — GitHub Release

4.0.2

What's Changed

• Bump requests from 2.31.0 to 2.32.0 in /docs by @dependabot in Bump requests from 2.31.0 to 2.32.0 in /docs corydolphin/flask-cors#358
• Backwards Compatible Fix for CVE-2024-6221 by @adrianosela in Backwards Compatible Fix for CVE-2024-6221 corydolphin/flask-cors#363
• Add unit tests for Private-Network by @corydolphin in Add unit tests for Private-Network corydolphin/flask-cors#367

New Contributors

• @dependabot made their first contribution in Bump requests from 2.31.0 to 2.32.0 in /docs corydolphin/flask-cors#358
• @adrianosela made their first contribution in Backwards Compatible Fix for CVE-2024-6221 corydolphin/flask-cors#363

Full Changelog: corydolphin/flask-cors@4.0.1...4.0.2

4.0.1

What's Changed

• Fix Read the Docs builds by @kurtmckee in Fix Read the Docs builds corydolphin/flask-cors#345
• Update extension.py to clean request.path before logging it by @aneshujevic in Update extension.py to clean request.path before logging it corydolphin/flask-cors#351
• Update CI to include Python 3.12 and flask 3.0.3 by @corydolphin in Update CI to include Python 3.12 and flask 3.0.3 corydolphin/flask-cors#354
• Release 4.0.1 by @corydolphin in Release 4.0.1 corydolphin/flask-cors#353

New Contributors

• @kurtmckee made their first contribution in Fix Read the Docs builds corydolphin/flask-cors#345
• @aneshujevic made their first contribution in Update extension.py to clean request.path before logging it corydolphin/flask-cors#351

Full Changelog: corydolphin/flask-cors@4.0.0...4.0.1

werkzeug (3.0.1 → 3.0.6) — GitHub Release

3.0.6

This is the Werkzeug 3.0.6 security fix release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Werkzeug/3.0.6/
Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6

• Fix how max_form_memory_size is applied when parsing large non-file fields. GHSA-q34m-jh98-gwm2
• safe_join catches certain paths on Windows that were not caught by ntpath.isabs on Python < 3.11. GHSA-f9vj-2wh5-fj8j

3.0.5

This is the Werkzeug 3.0.5 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Werkzeug/3.0.5/
Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5
Milestone: https://github.com/pallets/werkzeug/milestone/37?closed=1

• The Watchdog reloader ignores file closed no write events. watchdog: Prevent reload if a file gets closed without any changes pallets/werkzeug#2945
• Logging works with client addresses containing an IPv6 scope. Logging breaks with clients having IPv6 addresses with a scope component pallets/werkzeug#2952
• Ignore invalid authorization parameters. Authorization parameter parsing fails on invalid value pallets/werkzeug#2955
• Improve type annotation fore SharedDataMiddleware. Type annotations for SharedDataMiddleware produce mypy errors in common circumstances pallets/werkzeug#2958
• Compatibility with Python 3.13 when generating debugger pin and the current UID does not have an associated name. Debugger fails to start under Python 3.13 when user has no name pallets/werkzeug#2957

3.0.4

This is the Werkzeug 3.0.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Werkzeug/3.0.4/
Changes: https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4
Milestone: https://github.com/pallets/werkzeug/milestone/36?closed=1

• Restore behavior where parsing multipart/x-www-form-urlencoded data with
  invalid UTF-8 bytes in the body results in no form data parsed rather than a
  413 error. Unexpected 413 - RequestEntityTooLarge response pallets/werkzeug#2930
• Improve parse_options_header performance when parsing unterminated
  quoted string values. Slow performance parsing certain Content-Type: application/x-www-form-urlencoded headers pallets/werkzeug#2904
• Debugger pin auth is synchronized across threads/processes when tracking
  failed entries. Race condition in debugger PIN authentication pallets/werkzeug#2916
• Dev server handles unexpected SSLEOFError due to issue in Python < 3.13.
  SSLEOFError when serving static MP4 video files greater than a certain size in Webkit browsers using Python >= 3.10.0 with SSL enabled pallets/werkzeug#2926
• Debugger pin auth works when the URL already contains a query string.
  Built-in debugger malfunctions when url parameters are present pallets/werkzeug#2918

3.0.3

This is the Werkzeug 3.0.3 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Werkzeug/3.0.3/
Changes: https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3
Milestone: https://github.com/pallets/werkzeug/milestone/35?closed=1

• Only allow localhost, .localhost, 127.0.0.1, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. GHSA-2g68-c3qc-8985
• Make reloader more robust when "" is in sys.path. Update _reloader.py pallets/werkzeug#2823
• Better TLS cert format with adhoc dev certs. TLS validation in local dev does not work pallets/werkzeug#2891
• Inform Python < 3.12 how to handle itms-services URIs correctly, rather than using an overly-broad workaround in Werkzeug that caused some redirect URIs to be passed on without encoding. Some relative redirect strings incorrectly bypass iri_to_uri normalization.  pallets/werkzeug#2828
• Type annotation for Rule.endpoint and other uses of endpoint is Any. Rule.endpoint type annotation doesn't comply with the documentation pallets/werkzeug#2836

3.0.2

(truncated — see source for full notes)

idna (3.4 → 3.11) — GitHub Release

v3.8

What's Changed

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Full Changelog: kjd/idna@v3.7...v3.8

v3.7

What's Changed

• Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: kjd/idna@v3.6...v3.7

(and 3 more releases — view all)

brotli (1.1.0 → 1.2.0) — GitHub Release

v1.2.0

SECURITY

• python: added Decompressor::can_accept_more_data method and optional
  output_buffer_limit argument Decompressor::process;
  that allows mitigation of unexpectedly large output;
  reported by Charles Chan (https://github.com/charleswhchan)

Added

• decoder / encoder: added static initialization to reduce binary size
• python: allow limiting decoder output (see SECURITY section)
• CLI: brcat alias; allow decoding concatenated brotli streams
• kt: pure Kotlin decoder
• cgo: support "raw" dictionaries
• build: Bazel modules

Removed

• java: dropped finalize() for native entities

Fixed

• java: in compress pass correct length to native encoder

Improved

• build: install man pages
• build: updated / fixed / refined Bazel buildfiles
• encoder: faster encoding
• cgo: link via pkg-config
• python: modernize extension / allow multi-phase module initialization

Changed

• decoder / encoder: static tables use "small" model (allows 2GiB+ binaries)

jinja2 (3.1.2 → 3.1.6) — GitHub Release

3.1.6

This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.6/
Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. GHSA-cpwx-vrp4-4pq7

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/
Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5
Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. f-string sytax error when importing macro in a template which filename is also a template pallets/jinja#1792, GHSA-gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. MutableSequence coverage in ImmutableSandboxedEnvironment pallets/jinja#2032
• Calling sync render for an async template uses asyncio.run. use asyncio.run in Template.render pallets/jinja#1952
• Avoid unclosed auto_aiter warnings. test on trio, fix all missing aclose related warnings pallets/jinja#1960
• Return an aclose-able AsyncGenerator from Template.generate_async. test on trio, fix all missing aclose related warnings pallets/jinja#1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. test on trio, fix all missing aclose related warnings pallets/jinja#1960
• Avoid leaving async generators unclosed in blocks, includes and extends. test on trio, fix all missing aclose related warnings pallets/jinja#1960
• The runtime uses the correct concat function for the current environment when calling block references. TypeError: sequence item 0: expected str instance, int found pallets/jinja#1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. unique filter does not work when chain with a filter that returns async generator pallets/jinja#1781
• |int filter handles OverflowError from scientific notation. The int filter throws OverflowError when the incoming string looks like scientific notation pallets/jinja#1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. non-deterministic output from compile templates when using tuple unpacking pallets/jinja#2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. Undefined objects can't be copied or pickled by Python > 3.5 pallets/jinja#2025
• Fix copy/pickle support for the internal missing object. Cannot pickle jinja2.utils.missing pallets/jinja#2027
• Environment.overlay(enable_async) is applied correctly. fix default for Environment.overlay(enable_async) pallets/jinja#2061
• The error message from FileSystemLoader includes the paths that were searched. Add searchpath to TemplateNotFound exception message pallets/jinja#1661
• `Package

(truncated)

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/
Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

3.1.3

This is a fix release for the 3.1.x feature branch.

• Fix for GHSA-h5c8-rqwp-cp95. You are affected if you are using xmlattr and passing user input as attribute keys.

(truncated — see source for full notes)

requests (2.31.0 → 2.33.1) — GitHub Release

v2.33.1

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary
  files in the tmp directory. (Cleanup extracted file after extract_zipped_path test psf/requests#7305)
• Fixed Content-Type header parsing for malformed values. (Fix malformed value parsing for Content-Type psf/requests#7309)
• Improved error consistency for malformed header values. (Fix cosmetic header validity parsing regex psf/requests#7308)

New Contributors

• @ferdnyc made their first contribution in Packaging: DRY out extras definition psf/requests#7277

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30

v2.33.0

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at RFC: Adding inline type annotations to Requests psf/requests#7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (Migrate build system to PEP 517 psf/requests#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (Fix empty netrc entry usage psf/requests#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (Drop support for Python 3.9 psf/requests#7196)

Documentation

• Various typo fixes and doc improvements.

New Contributors

• @M0d3v1 made their first contribution in Update docstring for Session.verify to include string support (#6859) psf/requests#6865
• @aminvakil made their first contribution in Increase chardet upper limit to 7 psf/requests#7220
• @E8Price made their first contribution in docs: clarify Quickstart POST example (fixes #6949) psf/requests#6960
• @mitre88 made their first contribution in docs: hide Response.is_permanent_redirect from API reference psf/requests#7244
• @magsen made their first contribution in docs(socks): same block as other sections psf/requests#6553
• @Rohan5commit made their first contribution in docs: fix FAQ grammar in httplib2 example psf/requests#7227

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created
  a new class of issues in Requests that have had negative impact across a number
  of use cases. The Requests team has decided to revert this feature as long term
  maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

v2.32.4

2.32.4 (2025-06-10)

Security

• CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted
  environment will retrieve credentials for the wrong hostname/machine from a
  netrc file. (Only use hostname to do netrc lookup instead of netloc psf/requests#6965)

Improvements

• Numerous documentation improvements

Deprecations

• Added support for pypy 3.11 for Linux and macOS. (Drop pypy 3.9 and add pypy 3.11 support psf/requests#6926)
• Dropped support for pypy 3.9 following its end of support. (Drop pypy 3.9 and add pypy 3.11 support psf/requests#6926)

v2.32.3

2.32.3 (2024-05-29)

Bugfixes

• Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
  HTTPAdapter. (Allow for overriding of specific pool key params psf/requests#6716)
• Fixed issue where Requests started failing to run on Python versions compiled
  without the ssl module. (Don't create default SSLContext if ssl module isn't present psf/requests#6724)

v2.32.2

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted

(truncated — see source for full notes)

googleapis-common-protos (1.61.0 → 1.74.0) — Changelog

https://github.com/googleapis/google-cloud-python/blob/main/CHANGELOG.md

six (1.16.0 → 1.17.0) — Commit comparison

• ebd9b3a six 1.17.0
• 40d248e Expunge travis.
• dd7940e Add PyPI publication workflow. (Add PyPI publication workflow. benjaminp/six#390)
• 8cb688f Update copyright years.
• 86f89c5 Add a GitHub actions CI workflow. (Add a GitHub actions CI workflow. benjaminp/six#389)
• 06430b9 Make test_getoutput work on Windows.
• ceddaf2 Add a changelog for Drop support for EOL Python 2.6 and 3.2 benjaminp/six#314.
• 9a05aab Python 3.14 removed the URLopener and FancyURLopener classes from urllib.request (Python 3.14 removed the URLopener and FancyURLopener classes from urllib.request benjaminp/six#388)
• c1b416f Fix deprecation warning from setuptools (Fix deprecation warning from setuptools benjaminp/six#382)
• 02c3bca tkinter.tix was removed from Python 3.13, skip the test (tkinter.tix was removed from Python 3.13, skip the test benjaminp/six#377)
• 3b7efbc Delete pep8ignore and flakes-ignore.
• 45f1a23 Changelog for six.moves.UserDict should alias to UserDict.IterableUserDict on Python 2 benjaminp/six#281.
• 7783c9e Fix UserDict move in Python2 (Fix UserDict move in Python2 benjaminp/six#365)
• ee03e4a Add empty file to add workflow directory (Add empty file to add workflow directory benjaminp/six#363)
• 3974f0c Switch dist to focal. (Switch dist to focal. benjaminp/six#356)

... and 1 more commits

typing-extensions (4.8.0 → 4.15.0) — GitHub Release

4.15.0

No user-facing changes since 4.15.0rc1.

New features since 4.14.1:

• Add the @typing_extensions.disjoint_base decorator, as specified
  in PEP 800. Patch by Jelle Zijlstra.
• Add typing_extensions.type_repr, a backport of
  annotationlib.type_repr,
  introduced in Python 3.14 (CPython PR https://github.com/python/typing_extensions/issues/124551,
  originally by Jelle Zijlstra). Patch by Semyon Moroz.
• Fix behavior of type params in typing_extensions.evaluate_forward_ref. Backport of
  CPython PR https://github.com/python/typing_extensions/issues/137227 by Jelle Zijlstra.

4.14.1

Release 4.14.1 (July 4, 2025)

• Fix usage of typing_extensions.TypedDict nested inside other types
  (e.g., typing.Type[typing_extensions.TypedDict]). This is not allowed by the
  type system but worked on older versions, so we maintain support.

4.14.0

This release adds several new features, including experimental support for inline typed dictionaries (PEP 764) and sentinels (PEP 661), and support for changes in Python 3.14. In addition, Python 3.8 is no longer supported.

Changes since 4.14.0rc1:

• Remove __or__ and __ror__ methods from typing_extensions.Sentinel
  on Python versions <3.10. PEP 604 was introduced in Python 3.10, and
  typing_extensions does not generally attempt to backport PEP-604 methods
  to prior versions.
• Further update typing_extensions.evaluate_forward_ref with changes in Python 3.14.

Changes included in 4.14.0rc1:

• Drop support for Python 3.8 (including PyPy-3.8). Patch by Victorien Plot.
• Do not attempt to re-export names that have been removed from typing,
  anticipating the removal of typing.no_type_check_decorator in Python 3.15.
  Patch by Jelle Zijlstra.
• Update typing_extensions.Format, typing_extensions.evaluate_forward_ref, and
  typing_extensions.TypedDict to align
  with changes in Python 3.14. Patches by Jelle Zijlstra.
• Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.

New features:

• Add support for inline typed dictionaries (PEP 764).
  Patch by Victorien Plot.
• Add typing_extensions.Reader and typing_extensions.Writer. Patch by
  Sebastian Rittau.
• Add support for sentinels (PEP 661). Patch by
  Victorien Plot.

4.13.2

• Fix TypeError when taking the union of typing_extensions.TypeAliasType and a
  typing.TypeAliasType on Python 3.12 and 3.13.
  Patch by Joren Hammudoglu.
• Backport from CPython PR https://github.com/python/typing_extensions/issues/132160
  to avoid having user arguments shadowed in generated __new__ by
  @typing_extensions.deprecated.
  Patch by Victorien Plot.

4.13.1

This is a bugfix release fixing two edge cases that appear on old bugfix releases of CPython.

Bugfixes:

• Fix regression in 4.13.0 on Python 3.10.2 causing a TypeError when using Concatenate.
  Patch by Daraan.
• Fix TypeError when using evaluate_forward_ref on Python 3.10.1-2 and 3.9.8-10.
  Patch by Daraan.

4.13.0

New features:

• Add typing_extensions.TypeForm from PEP 747. Patch by
  Jelle Zijlstra.
• Add typing_extensions.get_annotations, a backport of
  inspect.get_annotations that adds features specified
  by PEP 649. Patches by Jelle Zijlstra and Alex Waygood.
• Backport evaluate_forward_ref from CPython PR

(truncated — see source for full notes)

click (8.1.7 → 8.1.8) — GitHub Release

This is the Click 8.1.8 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.1.8/
Changes: https://click.palletsprojects.com/en/stable/changes/#version-8-1-8
Milestone https://github.com/pallets/click/milestones/23?closed=1

• Fix an issue with type hints for click.open_file(). The type hint for the filename parameter to open_file is incomplete pallets/click#2717
• Fix issue where error message for invalid click.Path displays on
  multiple lines. Broken message about invalid argument value for template "File ... is a directory" pallets/click#2697
• Fixed issue that prevented a default value of "" from being displayed in
  the help for an option. Empty string default values are not displayed pallets/click#2500
• The test runner handles stripping color consistently on Windows. Setting color=True in runner.invoke on windows strips ansi codes pallets/click#2705
• Show correct value for flag default when using default_map. Flag option with secondary opts: show_default=True does not show value from default_map in "help" output pallets/click#2632
• Fix click.echo(color=...) passing color to coloroma so it can be
  forced on Windows. click.echo does not force colors on Windows with color=True pallets/click#2606.
• More robust bash version check, fixing problem on Windows with git-bash. Shell completion bash version check fail in git-bash on windows pallets/click#2638
• Cache the help option generated by the help_option_names setting to
  respect its eagerness. Fix eagerness of help option generated by help_option_names pallets/click#2811
• Replace uses of os.system with subprocess.Popen. Use subprocess instead of os.system pallets/click#1476
• Exceptions generated during a command will use the context's color
  setting when being displayed. ctx.color is ignored in ClickException.show() pallets/click#2193
• Error message when defining option with invalid name is more descriptive. Error message "Could not determine name for option" is not descriptive pallets/click#2452
• Refactor code generating default --help option to deduplicate code. Deduplicate --help option definition pallets/click#2563
• Test CLIRunner resets patched _compat.should_strip_ansi. Missing reset on should_strip_ansi causing cascading issues during other tests pallets/click#2732

configargparse (1.7 → 1.7.5) — GitHub Release

Slightly simplified PyPI deployment workflow via setuptools-scm

deprecated (1.2.14 → 1.2.18) — GitHub Release

v1.2.18

What's Changed

• v1.2.18 by @laurent-laporte-pro in v1.2.18 laurent-laporte-pro/deprecated#84

Full Changelog: laurent-laporte-pro/deprecated@v1.2.17...v1.2.18

v1.2.17

What's Changed

• fix: enhance documentation and build configuration: update versioning, fixes, and ReadTheDocs setup by @laurent-laporte-pro in fix: enhance documentation and build configuration: update versioning, fixes, and ReadTheDocs setup laurent-laporte-pro/deprecated#81
• v1.2.17 by @laurent-laporte-pro in v1.2.17 laurent-laporte-pro/deprecated#82

Full Changelog: laurent-laporte-pro/deprecated@v1.2.16...v1.2.17

v1.2.16

What's Changed

• Update Packit configuration by @packit-public-repos-bot in Update Packit configuration laurent-laporte-pro/deprecated#78
• docs: fix compat with sphinx8 by @mweinelt in docs: fix compat with sphinx8 laurent-laporte-pro/deprecated#79
• v1.2.16 by @laurent-laporte-pro in v1.2.16 laurent-laporte-pro/deprecated#80

New Contributors

• @packit-public-repos-bot made their first contribution in Update Packit configuration laurent-laporte-pro/deprecated#78
• @mweinelt made their first contribution in docs: fix compat with sphinx8 laurent-laporte-pro/deprecated#79

Full Changelog: laurent-laporte-pro/deprecated@v1.2.15...v1.2.16

v1.2.15

What's Changed

• build: drop deprecated CI tools by @12rambau in build: drop deprecated CI tools laurent-laporte-pro/deprecated#67
• fix: add extra_stacklevel argument to better control deprecated function call references by @coroa in fix: add extra_stacklevel argument to better control deprecated function call references laurent-laporte-pro/deprecated#69
• Update class method deprecation warnings for Python 3.13 by @mgorny in Update class method deprecation warnings for Python 3.13 laurent-laporte-pro/deprecated#73
• Add support for Python 3.12 by @hugovk in Add support for Python 3.12 laurent-laporte-pro/deprecated#75
• v1.2.15 by @laurent-laporte-pro in v1.2.15 laurent-laporte-pro/deprecated#76

New Contributors

• @coroa made their first contribution in fix: add extra_stacklevel argument to better control deprecated function call references laurent-laporte-pro/deprecated#69
• @laurent-laporte-pro made their first contribution in v1.2.15 laurent-laporte-pro/deprecated#76

Full Changelog: laurent-laporte-pro/deprecated@v1.2.14...v1.2.15

flask (3.0.0 → 3.0.3) — GitHub Release

3.0.3

This is a fix release for the 3.0.x feature branch.

PyPI: https://pypi.org/project/Flask/3.0.3/
Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-3
Milestone: https://github.com/pallets/flask/milestone/35?closed=1

• The default hashlib.sha1 may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. Use of hashlib.sha1 causes issue in FIPS build pallets/flask#5448
• Don't initialize the cli attribute in the sansio scaffold, but rather in the Flask concrete class. Don't set the cli attribute in the sansio scaffold pallets/flask#5270

3.0.2

This is a fix release for the 3.0.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3.0.2
• Milestone: https://github.com/pallets/flask/milestone/34?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.2/

3.0.1

This is a fix release for the 3.0.x feature release branch.

Fixes an issue where using other JSON providers, such as flask-orjson, previously caused loaded session data to have an incorrect format in some cases.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1
• Milestone: https://github.com/pallets/flask/milestone/32?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.1/

markupsafe (2.1.3 → 2.1.5) — GitHub Release

2.1.5

This is a fix release for the 2.1.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

Fixes a regression in striptags behavior from 2.14. Spaces are now collapsed correctly.

• Changes: https://markupsafe.palletsprojects.com/en/stable/changes/#version-2-1-5
• Milestone: https://github.com/pallets/markupsafe/milestone/12?closed=1
• PyPI: https://pypi.org/project/MarkupSafe/2.1.5/

2.1.4

This is a fix release for the 2.1.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

• Improves performance of the Markup.striptags method for large input.

• Changes: https://markupsafe.palletsprojects.com/en/stable/changes/#version-2-1-4

• Milestone: https://github.com/pallets/markupsafe/milestone/11?closed=1

• PyPI: https://pypi.org/project/MarkupSafe/2.1.4/

---

Generated by ADMS Sources: 13 GitHub Releases, 1 Changelog, 1 Commit comparison.

[hugovk]

• Add support for Python 3.12 by @hugovk in Add support for Python 3.12 laurent-laporte-pro/deprecated#75

Please could you fix your bot not to mention me in your automated updates? Thank you!

[moezein0]

@hugovk Changelogs feature is tagging people which is not expected. The feature flag is off now should not be the case anymore

[seberm-6]

Hey, sorry for the noise. This was caused by a bug in our automated dependency update system that incorrectly included upstream changelog content in PR comments, triggering notifications to external contributors. The feature flag has been turned off and we're working on a fix. Sorry about that again.

[hugovk]

Thanks, appreciated :)