aio-libs/yarl - CodSpeed

yarl

Blog Docs Changelog

Performance History

Latest Results

Merge branch 'maintenance/funding-sync'

master

14 hours ago

Reject text after closing bracket in IP-literal authorities Per RFC 3986 §3.2.2, after the closing ']' of an IP-literal only ':' <port> or end-of-authority is valid. Previously yarl silently accepted and normalized URLs like 'http://[::1]allowed.example:1/' to 'http://[::1]:1/', dropping the trailing suffix and changing the effective host identity. The fix adds validation in split_url() (primary gate) and defense-in-depth in split_netloc() for direct callers.

rodrigobnogueira:fix/reject-text-after-ipv6-bracket

1 day ago

Merge branch 'maintenance/funding-sync'

master

2 days ago

Merge branch 'maintenance/funding-sync'

master

3 days ago

Merge branch 'maintenance/funding-sync'

master

4 days ago

Bump test-summary/action from 2.4 to 2.6 Bumps [test-summary/action](https://github.com/test-summary/action) from 2.4 to 2.6. - [Release notes](https://github.com/test-summary/action/releases) - [Commits](https://github.com/test-summary/action/compare/v2.4...v2.6) --- updated-dependencies: - dependency-name: test-summary/action dependency-version: '2.6' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot/github_actions/test-summary/action-2.6

4 days ago

Merge branch 'maintenance/funding-sync'

master

5 days ago

💰 Add Tidelift to the FUNDING config

webknjaz:maintenance/funding-sync

5 days ago

Latest Branches

0%

Reject URLs with text after closing bracket in IP-literal host#1672

1 day ago

b5e7103

rodrigobnogueira:fix/reject-text-after-ipv6-bracket

0%

Bump test-summary/action from 2.4 to 2.6#1671

4 days ago

f1df0b1

dependabot/github_actions/test-summary/action-2.6

0%

💅 Add ending marker to FUNDING config#1670

5 days ago

6efe6f6

webknjaz:maintenance/funding-sync

© 2026 CodSpeed Technology

Home Terms Privacy Docs