Requests-cache

Latest version: v1.2.1

Safety actively analyzes 710445 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 9

1.3.0

⚠️ **Deprecations & removals:**
* See changes to BSON and JSON serializers below:

💾 **Serialization:**
* ⚠️ Drop support for standalone `bson` codec; please install `pymongo` to use BSON serialization
* Remove `[bson]` package extra to prevent accidentally installing it in the same environment as `pymongo`
* When using BSON serialization with the filesystem backend, add a `.bson` file extension by default
* ⚠️ `serializer='json'` will no longer automatically use `ultrajson` if installed; it must be specified explicitly
* Add support for `orjson` as a JSON serializer
* However, see https://github.com/ijl/orjson/issues/483 for potential memory issues
* Add the following serializer objects to specify a JSON library: `json_serializer`, `ujson_serializer`, and `orjson_serializer`
* Remove `[json]` package extra due to multiple supported JSON libraries
* Allow `decode_content` to be set to different values across multiple sessions in use at the same time

💾 **Backends:**
* **SQLite:**
* Use exclusive transaction locks to prevent write contention; replaces retry behavior
* ***FileSystem:**
* Add {py:class}`requests_cache.backends.filesystem.LimitedFileDict` class to optionally limit the `filesystem` cache:
* Add `maximum_total_bytes` parameter to limit the total size of the cache
* Add `maximum_file_bytes` parameter to limit the size of each file
* Add `block_bytes` parameter to set the block size
* Add `lock` parameter to specify a custom lock object
* **Redis:**
* For maintenance/inspection methods that iterate over the cache, use `SCAN` and `HSCAN` instead of `KEYS`, `HKEYS`, and `HGETALL`

⚙️ **Session settings:**
* Add `autoclose` option to close backend connections when the session is closed

ℹ️ **Cache convenience methods:**
* Add `verify` parameter to `BaseCache.contains()` and `delete()` to handle requests made with SSL verification disabled

🧩 **Compatibility and packaging:**
* Add support for Python 3.13
* Packaging and project config are now managed by uv
* This has no impact for users; installation from PyPI still works the same
* For developers, see [Contributing Guide](https://requests-cache.readthedocs.io/en/stable/project_info/contributing.html) for details

🪲 **Bugfixes:**
* Ignore and log timezone errors when attempting to reuse responses cached in `requests-cache <= 1.1`
* Fix error handling with `stale_if_error` during revalidation requests
* By default, do not automatically close backend connections when using `install_cache()`
* Fix request headers sent when `expire_after` is set to `DO_NOT_CACHE`
* When updating response headers after revalidating a cached response, don't set both `Content-Length` and `Transfer-Encoding`

1.2.1

🪲 **Bugfixes:**
* Fix `normalize_headers` not accepting header values in bytes
* Fix inconsistency due to rounding in `CachedResponse.expires_unix` property
* Fix form boundary used for cached multipart requests to _fully_ comply with RFC 2046
* Fix loading cached JSON content with `decode_content=True` when the root element is an empty list or object
* Fix usage example with `responses` library to be compatible with `requests` 2.32

1.2.0

⚠️ **Deprecations & removals:**
* Drop support for python 3.7
* Remove methods [deprecated in 1.0](deprecations-1-0) from `CachedSession` and `BaseCache`

🕗 **Expiration & headers:**
* Add support for `X-HTTP-Method-Override` and other headers that can override request method

⚙️ **Session methods:**
* Add `CachedSession.wrap()` classmethod to add caching to an existing `requests.Session` object

💾 **SQLite Backend:**
* Add `vacuum` parameter to `SQLiteCache.delete()` to optionally skip vacuuming after deletion (enabled by default to free up disk space)
* Optimize `SQLiteCache.delete()` when deleting a single key

🧩 **Compatibility:**
* Add support for RFC 7159 JSON body with `decode_content=True` (root element with any type)
* Use timezone-aware UTC datetimes for all internal expiration values
* Add support for python 3.12
* Note: There is a known bug with multiprocess/multithreaded usage of the SQLite backend on python 3.12.
* Add support for cattrs 23.2

🪲 **Bugfixes:**
* Fix `IncompleteRead` error that could sometimes occur with streaming requests due to mismatch with `Content-Length` header
* Handle a corner case with streaming requests, conditional requests, and redirects
* When redacting ignored parameters from a cached response, keep the rest of the original URL and headers without normalizing
* Add `CachedHTTPResponse._request_url` property for compatibility with urllib3
* Fix form boundary used for cached multipart requests to comply with RFC 2046
* If an explicit CA bundle path is passed via `verify` param, cache the response under the same key as `verify=True`
* Handle JSON Content-Type charsets and MIME type variations (such as `application/vnd.api+json`) during request normalization and serialization

1.1.1

* Backport fix from 1.2: Add compatibility with cattrs 23.2

1.1.0

⚙️ **Session settings:**
* Add support for regular expressions with `urls_expire_after`

💾 **SQLite Backend:**
* Add `busy_timeout` argument (see [SQLite docs](https://www.sqlite.org/pragma.html#pragma_busy_timeout) for details)
* In WAL journaling mode (`wal=True`), default to 'normal' synchronous mode instead of 'full'
* Fix potential `OperationalError: database is locked` in multithreaded SQLite usage during bulk delete operations
* Fix deadlock in multithreaded SQLite usage if a thread encounters an error during COMMIT

🪲 **Bugfixes:**
* Fix loading cached JSON content with `decode_content=True` when the root element is a list
* Fix `BaseCache.recreate_keys()` to normalize response bodies with `b'None'`
* Fix `BaseCache.contains()` for multipart POST requests
* Fix `CachedResponse.history` not being fully deserialized on python<=3.8
* Fix request matching with `Vary` and redirects
* Skip normalizing `CachedResponse.url` so it always matches the original request URL
* Avoid unnecessary cache writes for revalidation requests if headers and expiration are unchanged
* Add compatibility with urllib3 2.0

1.0.1

* Ignore `Cache-Control: must-revalidate` and `no-cache` response headers with `cache_control=False`

Page 1 of 9

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.