Workflow

H2

Latest version: v4.2.0

Safety actively analyzes 723177 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 6 of 8

2.2.2

------------------

Bugfixes
~~~~~~~~

- Fixed issue where informational responses were erroneously not allowed to be
sent in the ``HALF_CLOSED_REMOTE`` state.
- Fixed issue where informational responses were erroneously not allowed to be
received in the ``HALF_CLOSED_LOCAL`` state.
- Fixed issue where we allowed information responses to be sent or received
after final responses.

2.2.1

------------------

Bugfixes
~~~~~~~~

- Fixed issue where users using locales that did not default to UTF-8 were
unable to install source distributions of the package.

2.2.0

------------------

API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

- Added support for sending informational responses (responses with 1XX status)
codes as part of the standard flow. HTTP/2 allows zero or more informational
responses with no upper limit: hyper-h2 does too.
- Added support for receiving informational responses (responses with 1XX
status) codes as part of the standard flow. HTTP/2 allows zero or more
informational responses with no upper limit: hyper-h2 does too.
- Added a new event: ``ReceivedInformationalResponse``. This response is fired
when informational responses (those with 1XX status codes).
- Added an ``additional_data`` field to the ``ConnectionTerminated`` event that
carries any additional data sent on the GOAWAY frame. May be ``None`` if no
such data was sent.
- Added the ``initial_values`` optional argument to the ``Settings`` object.

Bugfixes
~~~~~~~~

- Correctly reject all of the connection-specific headers mentioned in RFC 7540
§ 8.1.2.2, not just the ``Connection:`` header.
- Defaulted the value of ``SETTINGS_MAX_CONCURRENT_STREAMS`` to 100, unless
explicitly overridden. This is a safe defensive initial value for this
setting.

2.1.5

------------------

*Final 2.1.X release*

Bugfixes
~~~~~~~~

- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.

2.1.4

------------------

Bugfixes
~~~~~~~~

- Allowed the 4.X series of hyperframe releases as dependencies.

2.1.3

------------------

Deprecations
~~~~~~~~~~~~

- Passing dictionaries to ``send_headers`` as the header block is deprecated,
and will be removed in 3.0.

Page 6 of 8

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.