Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Latest types-requests breaks deps build, surfaces urllib3 chain issue #14671

Closed
2 tasks done
miketheman opened this issue Oct 2, 2023 · 2 comments · Fixed by #16181
Closed
2 tasks done

Latest types-requests breaks deps build, surfaces urllib3 chain issue #14671

miketheman opened this issue Oct 2, 2023 · 2 comments · Fixed by #16181
Labels
dependencies Pull requests that update a dependency file

Comments

@miketheman
Copy link
Member

miketheman commented Oct 2, 2023
edited
Loading

The latest types-requests package removes a dependency on types-urllib3, and the typeshed has completely removed urllib3 types from the shed, since they are available in 2.0.x series.
python/typeshed#10812

We are unable to upgrade to urllib3 yet, as some other tools pin to lower than 2.x

I'll pin urllib3 to <2 to resolve a lot of these chains until we can resolve the above.
@miketheman miketheman added the dependencies Pull requests that update a dependency file label Oct 2, 2023
miketheman added a commit to miketheman/warehouse that referenced this issue Oct 2, 2023
@miketheman
chore(deps): pin back urllib3 and types-requests
c346f0d 
Pinning `urllib3` changes nothing, since we're already there, but
prevents future breakage until we can upgrade.

Pinning `types-requests` prevents us from losing `types-urllib3` until
we can upgrade `urllib3` past 2.0.

Refs: pypi#14671

Signed-off-by: Mike Fiedler <[email protected]>
@miketheman miketheman mentioned this issue Oct 2, 2023
Merged
miketheman added a commit to miketheman/warehouse that referenced this issue Oct 13, 2023
@miketheman
chore(deps): update boto3 and botocore
eb680ef 
And associated stubs.

We exclude boto from dependabot due to frequency of updates.

This upgrade includes the ability to use urllib3.
Refs: boto/botocore#3034

We will still need to handle the elasticsearch dependency on its own.
Refs: pypi#14671

Signed-off-by: Mike Fiedler <[email protected]>
@miketheman miketheman mentioned this issue Oct 13, 2023
Merged
@di
Copy link
Member

di commented Mar 13, 2024

Looks like elasticsearch==8.x.x supports urllib3<3: elastic/elasticsearch-py#2216

But we're pinned back:

warehouse/requirements/main.in

Line 16 in 56f0f6c

elasticsearch>=7.0.0,<7.11.0

@di
Copy link
Member

di commented Mar 13, 2024

Ah, this is because our Elasticsearch provider doesn't work with newer versions of elasticsearch: #10312

Might be time to replace our search backend...

This was referenced Jun 27, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

upgrade urllib3! pypi/warehouse
3 participants
@di @miketheman and others