New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Notify packages using urllib3[secure] about it's deprecation #2700
Comments
Created a Pull Request to https://github.com/scoutapp/scout_apm_python |
Created a Pull Request to Selenium |
Created a Pull Request to cpp-coveralls |
@umarfarouk98 Make sure to only remove |
Yes i only removed secure and other modules aren't tampered with |
The current diff for cpp-coveralls looks like this: idna>=2.5,<3
requests>=2.25.1
- urllib3[secure]
future This means urllib3 will not be installed at all. Instead it should be like this: idna>=2.5,<3
requests>=2.25.1
- urllib3[secure]
+ urllib3
future |
@umarfarouk98 When you're making changes you should start with Example: Also if urllib3 1.25.x or earlier is being installed you can leave the [secure] for those cases like scout_apm. Can you fix your earlier PRs? |
noted, currently on it |
Created a Pull Request to mastercard-oauth1-signer |
Created a Pull Request to cloud-files |
Created a Pull Request to minet |
Created a Pull Request to cloud-volume |
Hi @sethmlarson the runway-python repo is in archive already. |
Created a Pull Request to azure-cli |
Created a Pull Request to lyricsmaster |
@umarfarouk98 FYI, you need to also be checking for https://github.com/Azure/azure-cli/search?q=inject_into_urllib3 |
ok i'll work on that now @sethmlarson |
modified inject_into_urllib3() |
Created Pull Request to pyramid-oereb |
Created Pull Request to flexmeasures |
Created Pull Request to optimove |
Created Pull Request to awscurl |
Hi @sethmlarson |
Created Pull Request to google-assistant-sdk |
Created Pull Request to mastercard-api-core |
Hi @sethmlarson please could you point me to the comet-git-pure repo. |
@umarfarouk98 If you can't locate the repo that's fine, I also can't find it so we tried our best :) For the PRs that require a CLA like azure-cli and the Google Assistant one can you sign the CLA so the PR can be accepted? Thanks! |
@sethmlarson think this might be it, not sure but i created a PR to it |
Also i've signed the CLA for both azure and the google assistant-sdk |
https://pypi.org/project/sentry/ on PyPI is the Sentry server, whose repo is https://github.com/getsentry/sentry. They don't require
This is only a fork, I think upstream is https://github.com/jelmer/dulwich. It has active pull requests. Can you please open a pull request there instead? |
ok will create the pull request to https://github.com/jelmer/dulwich. now |
created pull request to jelmer/dulwich |
Hi @sethmlarson @pquentin is there anything left for me to do ? |
@umarfarouk98 Let me run one more query to make sure we've got all the packages in the list. I'll let you know by the end of the day if there's any more work to do. Thanks for all your work so far! |
@umarfarouk98 Okay I checked the list again and it looks like every package is covered, thank you for doing this. You can submit the invoice to the Open Collective for $300. I just ask that you don't close the PRs you've opened so the maintainers of those repositories can see them and if you have any time to get them across the finish line it'd be appreciated but not necessary to be paid for the work you've already done. Thanks much! |
OK @sethmlarson thanks to you too, I'll try to do a follow up on the PRs also. |
馃挼 You can get paid to complete this issue! Please read the docs for more information.
Packages to notify
What to do for each package
Mentions that pyOpenSSL and urllib3[secure] are deprecated in the upcoming release (1.26.12)
Links to Deprecate [secure] extra聽#2680
Removes
[secure]
extra from theurllib3
dependenciesIf needed, add
pyOpenSSL>=0.14
,cryptography>=1.3.4
,idna>=2
, andcertifi
to their dependencies. These dependencies should only be added back if they're actually used within the project. If they're not used (includingpyopenssl.inject_into_urllib3
) then they can likely be omitted.If
urllib3.contrib.pyopenssl.inject_into_urllib3
is used anywhere in the project (search forinject_into_urllib3
) then make the change to the following:This is the logic that is used in Requests to only use pyOpenSSL if SNI isn't available (which is very rare).
PRs don't need to be merged to complete this issue, we only want to create the PRs so that maintainers of these projects are aware of the upcoming changes.
Part of #2680
The text was updated successfully, but these errors were encountered: