Back to Explore

rthalley/dnspython

GitHub
1 watchersOpen source

Last release: 8 months ago

dnspython is a DNS toolkit for Python that supports most DNS record types. It is useful for making DNS queries, performing zone transfers, and sending dynamic updates, with support for TSIG-authenticated messages and EDNS0, plus high- and low-level APIs. The project also offers optional integrations such as DNS-over-HTTPS, DNS-over-TLS, DNS-over-QUIC, DNSSEC, IDNA, and async support (asyncio and Trio).

Project status

  • Actively maintained (evolving): The repo shows recent activity (last upstream push on 2026-05-16), and recent updates include new functionality, CI/type-check improvements, and ongoing dependency and compatibility adjustments.
  • Update cadence: Updates have appeared on the order of several months apart (for example, v2.7.0 in 2024-10, v2.8.0 in 2025-09), with some shorter intervals during 2024 (v2.5.0 and v2.6.x).

AI summary generated 2 weeks ago

AI-generated from public sources. May be inaccurate. Report

Recent updates

  • v2.8.0

    8 months ago

    dnspython 2.8.0 updates the project to require Python 3.10+, and the repository changes suggest improved type checking and CI coverage for newer Python versions. The library diff also bumps several optional feature dependency minimum versions (DNSSEC, DoH, DoQ, IDNA, Trio) and introduces new TLS-related plumbing, including a no-ssl stub implementation.

    Features

  • v2.7.0

    10/5/2024

    dnspython 2.7.0 is a minor release that, according to the release notes, increases the minimum supported Python version to 3.9. The release notes provided here are otherwise minimal, while the code diff shows several functional additions and some internal behavior changes.

    BreakingFeatures

  • v2.6.1

    2/18/2024

    dnspython 2.6.1 is a bug fix release focused on correcting how the stub resolver handled UDP truncated (TC) responses. It includes a mitigation for a potential DoS condition (CVE-2023-29483) related to accepting forged responses before legitimate ones, ensuring the resolver ignores bad packets and continues listening until timeout.

    Security

  • v2.6.0

    2/16/2024

    dnspython 2.6.0 is presented as a security-focused release for the TuDoor DoS scenario (CVE-2023-29483), where dnspython stub resolver behavior could be disrupted by forged UDP responses. The release notes claim the mitigation works by ignoring bad packets and continuing to wait for a legitimate response until the query timeout expires.

    Security

  • v2.5.0

    1/20/2024

    dnspython 2.5.0 is presented with essentially no inline release-note details (the notes defer to the “What’s New” page). The code diff shows multiple internal and async/networking changes, plus some wire-encoding refactors in rdtypes, and at least one public-ish API signature change (dns.asyncquery.tls).

    Features

  • v2.4.2

    8/12/2023

    dnspython 2.4.2 is a bug fix release. The release notes do not list specific changes, so developers should review the documentation "What's New" page for the detailed fixes and any potential behavior changes.