Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

{Packaging} Bump requests and urllib3 and loosen dependencies in setup.py #19801

Merged
merged 1 commit into from
Nov 17, 2021
Merged

{Packaging} Bump requests and urllib3 and loosen dependencies in setup.py #19801

merged 1 commit into from
Nov 17, 2021

Conversation

jiasli
Copy link
Member

@jiasli jiasli commented Oct 8, 2021
edited
Loading

Description

Fix #18499, #19682

Bump requests and urllib3 and loosen dependencies in setup.py.

Being too strict on versions can frequently leads to endless backtracking in latest pip (#18324, #18518) .

Now we don't want to be too specific on versions. Instead, the user should be responsible for security vulnerabilities in older versions of dependencies, same as #19639.

@jiasli jiasli marked this pull request as draft October 8, 2021 05:15
jiasli
jiasli commented Oct 8, 2021
View reviewed changes
src/azure-cli/setup.py
@@ -146,6 +146,7 @@
'scp~=0.13.2',
'semver==2.13.0',
'sshtunnel~=0.1.4',
'urllib3[secure]',
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Core doesn't directly depend on urllib3.

@jiasli jiasli changed the title {Packaging} Bump requests and loosen urllib3 dependency {Packaging} Bump requests and urllib3 and loosen dependencies in setup.py Oct 8, 2021
@yonzhan yonzhan added this to the Oct 2021 (2021-11-02) milestone Oct 8, 2021
@yonzhan
Copy link
Collaborator

yonzhan commented Oct 8, 2021

Packaging

@jiasli jiasli marked this pull request as ready for review November 16, 2021 06:05
@jiasli jiasli merged commit 9a0d516 into Azure:dev Nov 17, 2021
@jiasli jiasli deleted the requests branch November 17, 2021 08:27
@zhoxing-ms zhoxing-ms mentioned this pull request Nov 19, 2021
Closed
@ziegenberg ziegenberg mentioned this pull request Mar 9, 2022
Merged
@jiasli jiasli mentioned this pull request May 31, 2023
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@evelyn-ys evelyn-ys evelyn-ys approved these changes

@jsntcy jsntcy Awaiting requested review from jsntcy jsntcy is a code owner

@kairu-ms kairu-ms Awaiting requested review from kairu-ms kairu-ms is a code owner

@zhoxing-ms zhoxing-ms Awaiting requested review from zhoxing-ms zhoxing-ms is a code owner

Assignees

@jiasli jiasli

Labels
None yet
Projects
None yet
Milestone
Nov 2021 (2021-12-07)
Development

Successfully merging this pull request may close these issues.

inconsistent version metadata in python package azure-cli==2.25.0
3 participants
@jiasli @yonzhan @evelyn-ys