V2.31.1

.github/CODEOWNERS

@@ -0,0 +1,8 @@
+# Restrict all files related to deploying to
+# require lead maintainer approval.
+
+.github/workflows/            @nateprewitt @sigmavirus24
+.github/CODEOWNERS            @nateprewitt @sigmavirus24
+src/requests/__version__.py   @nateprewitt @sigmavirus24
+HISTORY.md                    @nateprewitt @sigmavirus24
+pyproject.toml                @nateprewitt @sigmavirus24

.github/ISSUE_TEMPLATE/Custom.md

@@ -1,6 +1,9 @@
 ---
 name: Request for Help
 about: Guidance on using Requests.
+labels:
+- "Question/Not a bug"
+- "actions/autoclose-qa"
 
 ---
 

.github/ISSUE_TEMPLATE/Feature_request.md

@@ -1,6 +1,9 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
+labels:
+- "Feature Request"
+- "actions/autoclose-feat"
 
 ---
 

.github/SECURITY.md

@@ -1,18 +1,9 @@
 # Vulnerability Disclosure
 
 If you think you have found a potential security vulnerability in
-requests, please email [Nate](mailto:nate.prewitt@gmail.com)
-and [Seth](mailto:sethmichaellarson@gmail.com) directly.
-**Do not file a public issue.**
-
-Our PGP Key fingerprints are:
-
-- 8722 7E29 AD9C FF5C FAC3  EA6A 44D3 FF97 B80D C864 ([@nateprewitt](https://keybase.io/nateprewitt))
-
-- EDD5 6765 A9D8 4653 CBC8  A134 51B0 6736 1740 F5FC ([@sethmlarson](https://keybase.io/sethmlarson))
-
-You can also contact us on [Keybase](https://keybase.io) with the
-profiles above if desired.
+requests, please open a [draft Security Advisory](https://github.com/psf/requests/security/advisories/new)
+via GitHub. We will coordinate verification and next steps through
+that secure medium.
 
 If English is not your first language, please try to describe the
 problem and its impact to the best of your ability. For greater detail,
@@ -72,7 +63,7 @@ intended patch ahead of time, to ensure that they are able to promptly
 release their downstream packages. Currently the list of people we
 actively contact *ahead of a public release* is:
 
--   Jeremy Cline, Red Hat (@jeremycline)
+-   Python Maintenance Team, Red Hat (python-maint@redhat.com)
 -   Daniele Tricoli, Debian (@eriol)
 
 We will notify these individuals at least a week ahead of our planned

.github/dependabot.yml

@@ -0,0 +1,11 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+    ignore:
+      # Ignore all patch releases as we can manually
+      # upgrade if we run into a bug and need a fix.
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]

.github/workflows/close-issues.yml

@@ -0,0 +1,35 @@
+name: 'Autoclose Issues'
+
+on:
+  issues:
+    types:
+      - labeled
+
+permissions:
+  issues: write
+
+jobs:
+  close_qa:
+    if: github.event.label.name == 'actions/autoclose-qa'
+    runs-on: ubuntu-latest
+    steps:
+      - env:
+          ISSUE_URL: ${{ github.event.issue.html_url }}
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          gh issue close $ISSUE_URL \
+            --comment "As described in the template, we won't be able to answer questions on this issue tracker. Please use [Stack Overflow](https://stackoverflow.com/)" \
+            --reason completed
+          gh issue lock $ISSUE_URL --reason off_topic
+  close_feature_request:
+    if: github.event.label.name == 'actions/autoclose-feat'
+    runs-on: ubuntu-latest
+    steps:
+      - env:
+          ISSUE_URL: ${{ github.event.issue.html_url }}
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          gh issue close $ISSUE_URL \
+            --comment "As described in the template, Requests is not accepting feature requests" \
+            --reason "not planned"
+          gh issue lock $ISSUE_URL --reason off_topic

.github/workflows/codeql-analysis.yml

@@ -32,7 +32,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         # We must fetch at least the immediate parents so that if this is
         # a pull request then we can checkout the head.
@@ -45,7 +45,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
       with:
         languages: "python"
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -56,7 +56,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -70,4 +70,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0

.github/workflows/lint.yml

@@ -7,14 +7,14 @@ permissions:
 
 jobs:
   lint:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-24.04
     timeout-minutes: 10
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
     - name: Set up Python
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
       with:
         python-version: "3.x"
     - name: Run pre-commit
-      uses: pre-commit/action@v3.0.0
+      uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # v3.0.0

.github/workflows/lock-issues.yml

@@ -13,7 +13,7 @@ jobs:
     if: github.repository_owner == 'psf'
     runs-on: ubuntu-latest
     steps:
-      - uses: dessant/lock-threads@v3
+      - uses: dessant/lock-threads@7266a7ce5c1df01b1c6db85bf8cd86c737dadbe7 # v6.0.0
         with:
             issue-lock-inactive-days: 90
             pr-lock-inactive-days: 90

.github/workflows/publish.yml

@@ -0,0 +1,95 @@
+name: Publish to PyPI
+
+on:
+  push:
+    tags:
+      - "v*"
+  workflow_dispatch:
+    inputs:
+      test-pypi-only:
+        description: "Publish to Test PyPI only"
+        type: boolean
+        default: true
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    name: "Build dists"
+    runs-on: "ubuntu-latest"
+    outputs:
+      artifact-id: ${{ steps.upload-artifact.outputs.artifact-id }}
+
+    steps:
+      - name: "Checkout repository"
+        uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
+        with:
+          persist-credentials: false
+
+      - name: "Setup Python"
+        uses: "actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405" # v6.2.0
+        with:
+          python-version: "3.x"
+
+      - name: "Install dependencies"
+        run: python -m pip install build==1.4.0
+
+      - name: "Build dists"
+        run: |
+          SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) \
+          python -m build
+
+      - name: "Upload dists"
+        uses: "actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f"
+        id: upload-artifact
+        with:
+          name: "dist"
+          path: "dist/"
+          if-no-files-found: error
+          retention-days: 5
+
+  publish:
+    name: "Publish"
+    if: startsWith(github.ref, 'refs/tags/')
+    needs: ["build"]
+    permissions:
+      id-token: write
+    runs-on: "ubuntu-latest"
+    environment:
+      name: "publish"
+
+    steps:
+    - name: "Download dists"
+      uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" # v8.0.0
+      with:
+        artifact-ids: ${{ needs.build.outputs.artifact-id }}
+        path: "dist/"
+
+    - name: "Publish dists to PyPI"
+      uses: "pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e" # v1.13.0
+      with:
+        attestations: true
+
+  publish-test-pypi:
+    name: "Publish to Test PyPI"
+    if: github.event_name == 'workflow_dispatch'
+    needs: ["build"]
+    permissions:
+      id-token: write
+    runs-on: "ubuntu-latest"
+    environment:
+      name: "testpypi"
+
+    steps:
+    - name: "Download dists"
+      uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" # v8.0.0
+      with:
+        artifact-ids: ${{ needs.build.outputs.artifact-id }}
+        path: "dist/"
+
+    - name: "Publish dists to Test PyPI"
+      uses: "pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e" # v1.13.0
+      with:
+        repository-url: https://test.pypi.org/legacy/
+        attestations: true

.pre-commit-config.yaml

@@ -2,27 +2,15 @@ exclude: 'docs/|ext/'
 
 repos:
 - repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v4.0.1
+  rev: v4.4.0
   hooks:
   - id: check-yaml
-  - id: debug-statements
   - id: end-of-file-fixer
   - id: trailing-whitespace
-- repo: https://github.com/PyCQA/isort
-  rev: 5.12.0
+- repo: https://github.com/astral-sh/ruff-pre-commit
+  rev: v0.9.3
   hooks:
-    - id: isort
-- repo: https://github.com/psf/black
-  rev: 22.3.0
-  hooks:
-    - id: black
+    - id: ruff
+      args: [--fix]
+    - id: ruff-format
       exclude: tests/test_lowlevel.py
-- repo: https://github.com/asottile/pyupgrade
-  rev: v2.31.1
-  hooks:
-    - id: pyupgrade
-      args: [--py37-plus]
-- repo: https://github.com/PyCQA/flake8
-  rev: 6.0.0
-  hooks:
-    - id: flake8

.readthedocs.yaml

@@ -0,0 +1,29 @@
+# Read the Docs configuration file for Sphinx projects
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Set the OS, Python version and other tools you might need
+build:
+  os: ubuntu-22.04
+  tools:
+    python: "3.12"
+
+# Build documentation in the "docs/" directory with Sphinx
+sphinx:
+  configuration: docs/conf.py
+  builder: "dirhtml"
+
+# Optionally build your docs in additional formats such as PDF and ePub
+formats:
+  - pdf
+  - epub
+
+# Optional but recommended, declare the Python requirements required
+# to build your documentation
+# See https://docs.readthedocs.io/en/stable/guides/reproducible-builds.html
+python:
+  install:
+    - path: .
+    - requirements: docs/requirements.txt

AUTHORS.rst

@@ -1,17 +1,17 @@
 Requests was lovingly created by Kenneth Reitz.
 
-Keepers of the Crystals
-```````````````````````
+Requests Maintainers
+````````````````````
 
+- Ian Stapleton Cordasco <graffatcolmingov@gmail.com> `@sigmavirus24 <https://github.com/sigmavirus24>`_.
 - Nate Prewitt `@nateprewitt <https://github.com/nateprewitt>`_.
-- Seth M. Larson `@sethmlarson <https://github.com/sethmlarson>`_.
 
-Previous Keepers of Crystals
-````````````````````````````
-- Kenneth Reitz <me@kennethreitz.org> `@ken-reitz <https://github.com/ken-reitz>`_, reluctant Keeper of the Master Crystal.
-- Cory Benfield <cory@lukasa.co.uk> `@lukasa <https://github.com/lukasa>`_
-- Ian Cordasco <graffatcolmingov@gmail.com> `@sigmavirus24 <https://github.com/sigmavirus24>`_.
+Previous Maintainers
+````````````````````
 
+- Kenneth Reitz <me@kennethreitz.org> `@kennethreitz <https://github.com/kennethreitz>`_, reluctant Keeper of the Master Crystal.
+- Cory Benfield <cory@lukasa.co.uk> `@lukasa <https://github.com/lukasa>`_
+- Seth M. Larson `@sethmlarson <https://github.com/sethmlarson>`_.
 
 Patches and Suggestions
 ```````````````````````
@@ -192,3 +192,4 @@ Patches and Suggestions
 - Alessio Izzo (`@aless10 <https://github.com/aless10>`_)
 - Sylvain Marié (`@smarie <https://github.com/smarie>`_)
 - Hod Bin Noon (`@hodbn <https://github.com/hodbn>`_)
+- Mike Fiedler (`@miketheman <https://github.com/miketheman>`_)

MANIFEST.in

@@ -1,2 +1,3 @@
-include README.md LICENSE NOTICE HISTORY.md pytest.ini requirements-dev.txt
+include README.md LICENSE NOTICE HISTORY.md requirements-dev.txt
 recursive-include tests *.py
+recursive-include tests/certs *