)]}'
{
  "commit": "6a105019dc0e9595a300281175a410ba23408b0c",
  "tree": "99f108d16709a57c410d9d8888baf2f1c9924609",
  "parents": [
    "ecd395f47d44d6d72d67929007296f5214b178f8"
  ],
  "author": {
    "name": "dependabot[bot]",
    "email": "49699333+dependabot[bot]@users.noreply.github.com",
    "time": "Wed Aug 13 22:28:34 2025 +0900"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Wed Aug 13 13:28:34 2025 +0000"
  },
  "message": "build(deps): bump requests from 2.32.3 to 2.32.4 in /tools/publish in the pip group across 1 directory (#3169)\n\nBumps the pip group with 1 update in the /tools/publish directory:\n[requests](https://github.com/psf/requests).\n\nUpdates `requests` from 2.32.3 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/psf/requests/releases\"\u003erequests\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and\ntrusted\nenvironment will retrieve credentials for the wrong hostname/machine\nfrom a\nnetrc file. (\u003ca\nhref\u003d\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca\nhref\u003d\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca\nhref\u003d\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and\ntrusted\nenvironment will retrieve credentials for the wrong hostname/machine\nfrom a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e\nPolish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e\nBump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e\nAdd netrc file search information to authentication documentation (\u003ca\nhref\u003d\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e\nAdd more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e\nAdd new test to check netrc auth leak (\u003ca\nhref\u003d\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e\nOnly use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e\nfrom tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e\nremove links\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e\nUpdate docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e\ndocs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/psf/requests/compare/v2.32.3...v2.32.4\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003drequests\u0026package-manager\u003dpip\u0026previous-version\u003d2.32.3\u0026new-version\u003d2.32.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this\ngroup update PR and stop Dependabot creating any more for the specific\ndependency\u0027s major version (unless you unignore this specific\ndependency\u0027s major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this\ngroup update PR and stop Dependabot creating any more for the specific\ndependency\u0027s minor version (unless you unignore this specific\ndependency\u0027s minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR\nand stop Dependabot creating any more for the specific dependency\n(unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore\nconditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will\nremove the ignore condition of the specified dependency and ignore\nconditions\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/bazel-contrib/rules_python/network/alerts).\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "11b1ddbea5326c7ea2eff61c99e58d553885ce9a",
      "old_mode": 33188,
      "old_path": "tools/publish/requirements_darwin.txt",
      "new_id": "90cbd89793d3945ab68dd0d97bf690a3f813e725",
      "new_mode": 33188,
      "new_path": "tools/publish/requirements_darwin.txt"
    },
    {
      "type": "modify",
      "old_id": "eee98b98e777e3b68fa9c84fc4d57fe6a83d7ec0",
      "old_mode": 33188,
      "old_path": "tools/publish/requirements_linux.txt",
      "new_id": "448bbdf37ab13ce9257051339998aa32ce40228d",
      "new_mode": 33188,
      "new_path": "tools/publish/requirements_linux.txt"
    },
    {
      "type": "modify",
      "old_id": "85648b24e942efff9b783f37809c0c80e10d8603",
      "old_mode": 33188,
      "old_path": "tools/publish/requirements_universal.txt",
      "new_id": "9c8d017300d909e7118c436895f81d72a988df1e",
      "new_mode": 33188,
      "new_path": "tools/publish/requirements_universal.txt"
    },
    {
      "type": "modify",
      "old_id": "b2a01f474f86bc859a085e95ec4df8ad6be8e12b",
      "old_mode": 33188,
      "old_path": "tools/publish/requirements_windows.txt",
      "new_id": "94e49628425f3bf9371461bae8f01680fa3d702e",
      "new_mode": 33188,
      "new_path": "tools/publish/requirements_windows.txt"
    }
  ]
}