release: v2.44.1

[github-actions]

Release urllib v2.44.1.

Merging this PR updates the version on 2.x and triggers the release workflow, which publishes to npm (dist-tag latest-2) and creates the GitHub Release after manual approval.

What's Changed

Security

• Do not forward credential headers (Authorization, Cookie, Proxy-Authorization) on cross-origin redirect, and clear auth/digestAuth before following. Same-origin redirects are unchanged and the caller's headers object is never mutated (fix: do not forward credential headers on cross-origin redirect #813).

Internal

• Two-stage release workflow with manual approval, publishing the 2.x line to the latest-2 npm dist-tag (ci: two-stage release with manual approval (2.x) #815).
• Use Node 24 in the release workflow for npm 11 OIDC trusted publishing.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.82%. Comparing base (7c86c46) to head (79fc12c).
⚠️ Report is 1 commits behind head on 2.x.

Additional details and impacted files

@@           Coverage Diff           @@
##              2.x     #819   +/-   ##
=======================================
  Coverage   89.82%   89.82%           
=======================================
  Files           6        6           
  Lines         875      875           
  Branches      243      243           
=======================================
  Hits          786      786           
  Misses         89       89           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.