Urllib3

===================

* Fixed bytes and string comparison issue with headers (Pull 2141)

* Changed ``ProxySchemeUnknown`` error message to be
more actionable if the user supplies a proxy URL without
a scheme. (Pull 2107)

===================

* Fixed an issue where ``wrap_socket`` and ``CERT_REQUIRED`` wouldn't
be imported properly on Python 2.7.8 and earlier (Pull 2052)

===================

* Fixed an issue where two ``User-Agent`` headers would be sent if a
``User-Agent`` header key is passed as ``bytes`` (Pull 2047)

===================

* **NOTE: urllib3 v2.0 will drop support for Python 2**.
`Read more in the v2.0 Roadmap <https://urllib3.readthedocs.io/en/latest/v2-roadmap.html>`_.

* Added support for HTTPS proxies contacting HTTPS servers (Pull 1923, Pull 1806)

* Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that
still wish to use TLS earlier than 1.2 without a deprecation warning
should opt-in explicitly by setting ``ssl_version=ssl.PROTOCOL_TLSv1_1`` (Pull 2002)
**Starting in urllib3 v2.0: Connections that receive a ``DeprecationWarning`` will fail**

* Deprecated ``Retry`` options ``Retry.DEFAULT_METHOD_WHITELIST``, ``Retry.DEFAULT_REDIRECT_HEADERS_BLACKLIST``
and ``Retry(method_whitelist=...)`` in favor of ``Retry.DEFAULT_ALLOWED_METHODS``,
``Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT``, and ``Retry(allowed_methods=...)``
(Pull 2000) **Starting in urllib3 v2.0: Deprecated options will be removed**

* Added default ``User-Agent`` header to every request (Pull 1750)

* Added ``urllib3.util.SKIP_HEADER`` for skipping ``User-Agent``, ``Accept-Encoding``,
and ``Host`` headers from being automatically emitted with requests (Pull 2018)

* Collapse ``transfer-encoding: chunked`` request data and framing into
the same ``socket.send()`` call (Pull 1906)

* Send ``http/1.1`` ALPN identifier with every TLS handshake by default (Pull 1894)

* Properly terminate SecureTransport connections when CA verification fails (Pull 1977)

* Don't emit an ``SNIMissingWarning`` when passing ``server_hostname=None``
to SecureTransport (Pull 1903)

* Disabled requesting TLSv1.2 session tickets as they weren't being used by urllib3 (Pull 1970)

* Suppress ``BrokenPipeError`` when writing request body after the server
has closed the socket (Pull 1524)

* Wrap ``ssl.SSLError`` that can be raised from reading a socket (e.g. "bad MAC")
into an ``urllib3.exceptions.SSLError`` (Pull 1939)

====================

* Fix retry backoff time parsed from ``Retry-After`` header when given
in the HTTP date format. The HTTP date was parsed as the local timezone
rather than accounting for the timezone in the HTTP date (typically
UTC) (Pull 1932, Pull 1935, Pull 1938, Pull 1949)

* Fix issue where an error would be raised when the ``SSLKEYLOGFILE``
environment variable was set to the empty string. Now ``SSLContext.keylog_file``
is not set in this situation (Pull 2016)

====================

* Added support for ``SSLKEYLOGFILE`` environment variable for
logging TLS session keys with use with programs like
Wireshark for decrypting captured web traffic (Pull 1867)

* Fixed loading of SecureTransport libraries on macOS Big Sur
due to the new dynamic linker cache (Pull 1905)

* Collapse chunked request bodies data and framing into one
call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull 1906)

* Don't insert ``None`` into ``ConnectionPool`` if the pool
was empty when requesting a connection (Pull 1866)

* Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull 1858)