Requests

-------------------

**Improvements**

- Remove defunct reference to `prefetch` in Session `__attrs__` (5110)

**Bugfixes**

- Requests no longer outputs password in basic auth usage warning. (5099)

**Dependencies**

- Pinning for `chardet` and `idna` now uses major version instead of minor.
This hopefully reduces the need for releases every time a dependency is updated.

-------------------

**Dependencies**

- Requests now supports urllib3 v1.25.2.
(note: 1.25.0 and 1.25.1 are incompatible)

**Deprecations**

- Requests has officially stopped support for Python 3.4.

-------------------

**Dependencies**

- Requests now supports idna v2.8.

-------------------

**Bugfixes**

- Fixed bug with unintended Authorization header stripping for
redirects using default ports (http/80, https/443).

-------------------

**Bugfixes**

- Content-Type header parsing is now case-insensitive (e.g.
charset=utf8 v Charset=utf8).
- Fixed exception leak where certain redirect urls would raise
uncaught urllib3 exceptions.
- Requests removes Authorization header from requests redirected
from https to http on the same hostname. (CVE-2018-18074)
- `should_bypass_proxies` now handles URIs without hostnames (e.g.
files).

**Dependencies**

- Requests now supports urllib3 v1.24.

**Deprecations**

- Requests has officially stopped support for Python 2.6.

-------------------

**Bugfixes**

- Fixed issue where status\_codes.py's `init` function failed trying
to append to a `__doc__` value of `None`.