v0.8.0

Changes

• Add http-parser and llhttp licenses into the wheels (#135)
  (by @justeph in c398a15)

• Mark cython module as free-threading compatible (#139)
  (by @kumaraditya303 in 28d1db1)

• Fix all typing issues (#134)
  (by @Kludex in a9bda0e)

• Bump llhttp to 9.4.1 (#145)
  (by @fantix in e3e8d71)

• Security: fix URL truncation issue (#144)
  (by @fantix in a0283f0 for #142)

• Allow building with latest setuptools (#138)
  (by @OldManYellsAtCloud in c403ad1)

v0.7.1

This is identical to 0.7.0 whose CI failed uploading

v0.7.0

Changes

• Modernize packaging and fix CI (#130)
  Drop Python 3.8, add Python 3.14
  Use Cython 3.1.0
  Bump llhttp to 9.3.0
  (by @ngoldbaum @Carreau @fantix in 59bf94f for #129)

• Static Type-checking for httptools (#100)
  (by @Vizonex @KRRT7 in b55f5fe for #100)

v0.6.4

Fixes

• Include Cython source files in sdist
  (by @mgorny in 2287a95 for #115)

v0.6.3

Fixes

• Fix missing CR is some tests
  (by @mgorny in 21a199d for #112)

• Bump bundled llhttp to 9.2.1
  Fixes CVE-2024-27982
  (by @elprans in 560bd9e for #113)

v0.6.2

Fixes

• Fix build and run tests on Python 3.13 (#107)
  (by @jameshilliard @tacaswell @fafanoulele @fantix in ad9765b for #98 #104)

v0.6.1

Changes

• Explicit Python 3.12 support and build wheels, change min version to 3.8 (#95)
  (by @tiptenbrink in 25f412b for #95)

• Do not install the *.c sources in wheels (#73)
  (by @hroncok in b2fc5bd for #73)

v0.6.0

Changes

• Bump bundled llhttp to 8.1.1
  Fixes CVE-2023-30589
  (by @fantix in 6c6812a for #91)

v0.5.0

UPDATE: The bundled copy of llhttp in this release is vulnerable to CVE-2023-30589, please update to use 0.6.0 instead.

Changes

• Bump bundled llhttp to 6.0.9
  fixes CVE-2022-32213, CVE-2022-32214, CVE-2022-32215
  (by @nlsj1985 in 56d6a16 for #83)

• Test and build against Python 3.11
  (by @elprans in 509cd14 for #84)

v0.4.0

Changes

• Bump bundled http-parser to 2.9.4 and llhttp to 6.0.6
  fixes CVE-2021-22959 & CVE-2021-22960
  (by @elprans in 4d5dddd for #77)