Workflow

Httpx

Latest version: v0.28.1

Safety actively analyzes 706267 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 12 of 13

0.7.2

Not secure
- Enforce using `httpx.AsyncioBackend` for the synchronous client. (Pull 232)
- `httpx.ConnectionPool` will properly release a dropped connection. (Pull 230)
- Remove the `raise_app_exceptions` argument from `Client`. (Pull 238)
- `DecodeError` will no longer be raised for an empty body encoded with Brotli. (Pull 237)
- Added `http_versions` parameter to `Client`. (Pull 250)
- Only use HTTP/1.1 on short-lived connections like `httpx.get()`. (Pull 284)
- Convert `Client.cookies` and `Client.headers` when set as a property. (Pull 274)
- Setting `HTTPX_DEBUG=1` enables debug logging on all requests. (Pull 277)

0.7.1

Not secure
- Include files with source distribution to be installable. (Pull 233)

0.7.0

Not secure
- Add the `trust_env` property to `BaseClient`. (Pull 187)
- Add the `links` property to `BaseResponse`. (Pull 211)
- Accept `ssl.SSLContext` instances into `SSLConfig(verify=...)`. (Pull 215)
- Add `Response.stream_text()` with incremental encoding detection. (Pull 183)
- Properly updated the `Host` header when a redirect changes the origin. (Pull 199)
- Ignore invalid `Content-Encoding` headers. (Pull 196)
- Use `~/.netrc` and `~/_netrc` files by default when `trust_env=True`. (Pull 189)
- Create exception base class `HTTPError` with `request` and `response` properties. (Pull 162)
- Add HSTS preload list checking within `BaseClient` to upgrade HTTP URLs to HTTPS. (Pull 184)
- Switch IDNA encoding from IDNA 2003 to IDNA 2008. (Pull 161)
- Expose base classes for alternate concurrency backends. (Pull 178)
- Improve Multipart parameter encoding. (Pull 167)
- Add the `headers` property to `BaseClient`. (Pull 159)
- Add support for Google's `brotli` library. (Pull 156)
- Remove deprecated TLS versions (TLSv1 and TLSv1.1) from default `SSLConfig`. (Pull 155)
- Fix `URL.join(...)` to work similarly to RFC 3986 URL joining. (Pull 144)

---

0.6.8

Not secure
- Check for disconnections when searching for an available
connection in `ConnectionPool.keepalive_connections` (Pull 145)
- Allow string comparison for `URL` objects (Pull 139)
- Add HTTP status codes 418 and 451 (Pull 135)
- Add support for client certificate passwords (Pull 118)
- Enable post-handshake client cert authentication for TLSv1.3 (Pull 118)
- Disable using `commonName` for hostname checking for OpenSSL 1.1.0+ (Pull 118)
- Detect encoding for `Response.json()` (Pull 116)

0.6.7

Not secure
- Check for connection aliveness on re-acquisition (Pull 111)

0.6.6

- Improve `USER_AGENT` (Pull 110)
- Add `Connection: keep-alive` by default to HTTP/1.1 connections. (Pull 110)

Page 12 of 13

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.