Urllib3-future

====================

- Removed ``BaseHTTPConnection``, and ``BaseHTTPSConnection``.
Rationale: The initial idea, as far as I understand it, was to create a ``HTTPSConnection`` per protocols, e.g.
HTTP/2, and HTTP/3. From the point of view of ``urllib3.future`` it was taken care of in ``contrib.hface``
where the protocols state-machines are handled. We plan to always have a unified ``Connection`` class that
regroup all protocols for convenience. The private module ``urllib3._base_connection`` is renamed to ``urllib3._typing``.
It brings a lot of simplification, which is welcomed.
- Reduced ``BaseHTTPResponse`` to a mere alias of ``HTTPResponse`` for the same reasoning as before. There is absolutely
no need whatsoever in the foreseeable future to ship urllib3.future with an alternative implementation of ``HTTPResponse``.
It will be removed in a future major.
- Removed ``RECENT_DATE`` and linked logic as it does not make sense to (i) maintain it (ii) the certificate verification
failure won't be avoided anyway, so it is a warning prior to an unavoidable error. The warning class ``SystemTimeWarning``
will be removed in a future major.
- Added support for stopping sending body if the server responded early in HTTP/2, or HTTP/3.
This can happen when a server says that you exhausted the size limit or if previously sent
headers were rejected for example. This should save a lot of time to users in given cases.
- Refactored scattered typing aliases across the sources. ``urllib3._typing`` now contain all of our definitions.
- Avoid installation of ``qh3`` in PyPy 3.11+ while pre-built wheels are unavailable.

====================

- Fixed an issue where streaming response did not yield data until the stream was closed.
- Unified peercert/issuercert dict output in ConnectionInfo output format when HTTP/3.
- Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
Headers ``content-encoding, content-language, content-location, content-type, content-length, digest, last-modified`` are
also stripped in the said case.
Port of the security fix GHSA-g4mx-q9vg-27p4
- ``_TYPE_BODY`` now accept `Iterable[str]` in addition to `Iterable[bytes]`.

====================

- Set ``DEFAULT`` (as OpenSSL default list) for ciphers in SSLContext if none is provided instead of Python default.
- Fixed an edge case where chosen state machine would be indicated to not end stream where it should.
- Fixed a rare case where ``ProtocolError`` was raised instead of ``SSLError`` in the underlying QUIC layer state-machine.
- Small performance improvement in sending a body by removing an obsolete logic made for a removed constraint.
- Changed default ``User-Agent`` to ``urllib3.future/x.y.z``.
- Removed a compatibility operation that added a ``Content-Length`` header on request with unknown body length.
This was present due to a bug in Traefik server. A investigation will be conducted and a relevant issue will be
addressed.

====================

- Added ``cipher`` in ``ConnectionInfo`` when using HTTP/3 over QUIC.
- Added ``issuer_certificate_der``, ``issuer_certificate_dict`` into ``ConnectionInfo``.

By default, it is set to ``None``. This property is filled automatically on a QUIC connection.
It cannot be done automatically when using native Python capabilities.

- Removed support for SecureTransport.
- Removed support for PyOpenSSL.

This module is not delete but rendered ineffective. An explicit warning still appear.

- Improved automated exchange between the socket and the HTTP state machines.
- Removed all dependencies in the ``secure`` extra.
- Fixed disabling HTTP/3 over QUIC if specified settings were incompatible with TLS over QUIC.

Previously if ``ssl_context`` was set and specifying a list of ciphers it was discarded on upgrade.
Also, if ``ssl_maximum_version`` was set to TLS v1.2.
Now those parameters are correctly forwarded to the custom QUIC/TLS layer.

- Fixed ``ConnectionInfo`` repr that did not shown the ``http_version`` property.
- Undeprecated 'ssl_version' option in create_urllib3_context.
- Undeprecated 'format_header_param_rfc2231'.
- Removed warning about the 'strict' parameter.
- Removed constant ``IS_PYOPENSSL`` and ``IS_SECURETRANSPORT`` from ``urllib3.utils``.
- Added raise warning when using environment variables ``SSLKEYLOGFILE``, and ``QUICLOGDIR``.
- Added the ``Cookie`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``.
- Removed warning about ssl not being the ``OpenSSL`` backend. You are free to choose.

Users are simply encouraged to report issues if any to the jawah/urllib3.future repository.
Support will be provided by the best of our abilities.

====================

- Added support for event ``StreamReset`` to raise a ``ProtocolError`` when received from either h2 or h3. (`28 <https://github.com/jawah/urllib3.future/issues/28>`__)

====================

- Fixed a violation in our QUIC transmission due to sending multiple datagram at once. (`26 <https://github.com/jawah/urllib3.future/issues/26>`__)