Closed johnnyknoebel closed 11 months ago
aabmass
commented
1 year ago However, I also have
opentelemetry-exporter-gcp-traceinstalled on the latest version, 1.5.0, which depends onopentelemetry-sdkversion 1.18.0
This should not be the case:
You should be able to upgrade without any issue from the GCP exporter. Please share a repro if you're still having issues
johnnyknoebel
commented
1 year ago @aabmass Sorry I missed your initial response. Here's the error I'm getting:
docker-compose run --service-ports --rm app pip-compile requirements.in
[+] Building 0.0s (0/0) docker:desktop-linux
[+] Creating 1/0
✔ Container os-billing-mediator-redis-1 Runnin... 0.0s
[+] Building 0.0s (0/0) docker:desktop-linux
WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. The default resolver will be changed to 'backtracking' in pip-tools 7.0.0. Specify --resolver=backtracking to silence this warning.
Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`.
Could not find a version that matches opentelemetry-semantic-conventions==0.39b0,==0.41b0 (from opentelemetry-instrumentation-flask==0.41b0->-r requirements.in (line 27))
Skipped pre-versions: 0.20b0, 0.20b0, 0.21b0, 0.21b0, 0.22b0, 0.22b0, 0.23b0, 0.23b0, 0.23b2, 0.23b2, 0.24b0, 0.24b0, 0.25b0, 0.25b0, 0.25b1, 0.25b1, 0.25b2, 0.25b2, 0.26b0, 0.26b1, 0.26b1, 0.27b0, 0.27b0, 0.28b0, 0.28b0, 0.28b1, 0.28b1, 0.29b0, 0.29b0, 0.30b0, 0.30b0, 0.30b1, 0.30b1, 0.31b0, 0.31b0, 0.32b0, 0.32b0, 0.33b0, 0.33b0, 0.34b0, 0.34b0, 0.35b0, 0.35b0, 0.36b0, 0.36b0, 0.37b0, 0.37b0, 0.38b0, 0.38b0, 0.39b0, 0.39b0, 0.40b0, 0.40b0, 0.41b0, 0.41b0
There are incompatible versions in the resolved dependencies:
opentelemetry-semantic-conventions==0.41b0 (from opentelemetry-instrumentation-flask==0.41b0->-r requirements.in (line 27))
opentelemetry-semantic-conventions==0.39b0 (from opentelemetry-sdk==1.18.0->opentelemetry-exporter-gcp-trace==1.5.0->-r requirements.in (line 26))
opentelemetry-semantic-conventions==0.41b0 (from opentelemetry-instrumentation-wsgi==0.41b0->opentelemetry-instrumentation-flask==0.41b0->-r requirements.in (line 27))and here is my requirements.in file:
coverage
celery[redis]
celery-redbeat
flask
Flask-Caching
Flask-Testing
freezegun
google-auth
google-cloud-logging
google-cloud-secret-manager
grpcio-status<=1.51.1
grpcio<=1.53.0
gunicorn
httpx
JayDeBeApi
json_log_formatter
marshmallow
netsuite_restlets_client==1.38
opentelemetry-api
opentelemetry-exporter-gcp-trace
opentelemetry-instrumentation-flask>=0.41b0
opentelemetry-propagator-gcp
opentelemetry-instrumentation>=0.41b0
pip-tools>=6.13.0
pytest
python-dateutil
pytz
redis
requests>=2.31.0
requests_oauthlib
schemathesis>=3.19.5
system-mapper-client==1.1.1Let me know if there's any more info you need to investigate this. I'll try to keep a better eye on replies
(Edited to use the correct requirements.in) Furthermore, when I remove opentelemetry-exporter-gcp-trace and make no other changes to the file, I am able to generate a requirements.text with no conflicts:
~/r/os-billing-mediator PROCAT-4041 *17 !1 ?1 ❯ make add-requirements 52s
docker-compose run --service-ports --rm app pip-compile requirements.in
[+] Building 0.0s (0/0) docker:desktop-linux
[+] Creating 1/0
✔ Container os-billing-mediator-redis-1 Runnin... 0.0s
[+] Building 0.0s (0/0) docker:desktop-linux
WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. The default resolver will be changed to 'backtracking' in pip-tools 7.0.0. Specify --resolver=backtracking to silence this warning.
#
# This file is autogenerated by pip-compile with Python 3.8
# by the following command:
#
# pip-compile requirements.in
#
amqp==5.1.1
# via kombu
anyio==3.7.1
# via
# httpcore
# starlette
async-timeout==4.0.3
# via redis
attrs==23.1.0
# via
# hypothesis
# jsonschema
backoff==2.2.1
# via schemathesis
backports-zoneinfo[tzdata]==0.2.1
# via
# celery
# celery-redbeat
# kombu
billiard==4.1.0
# via celery
blinker==1.6.2
# via flask
build==0.10.0
# via pip-tools
cachelib==0.9.0
# via flask-caching
cachetools==5.3.1
# via google-auth
celery[redis]==5.3.4
# via
# -r requirements.in
# celery-redbeat
celery-redbeat==2.1.1
# via -r requirements.in
certifi==2023.7.22
# via
# httpcore
# httpx
# requests
charset-normalizer==3.1.0
# via requests
click==8.1.3
# via
# celery
# click-didyoumean
# click-plugins
# click-repl
# flask
# pip-tools
# schemathesis
click-didyoumean==0.3.0
# via celery
click-plugins==1.1.1
# via celery
click-repl==0.3.0
# via celery
colorama==0.4.6
# via schemathesis
coverage==7.2.7
# via -r requirements.in
curlify==2.2.1
# via schemathesis
deprecated==1.2.14
# via opentelemetry-api
exceptiongroup==1.1.3
# via
# anyio
# hypothesis
# pytest
flask==2.3.2
# via
# -r requirements.in
# flask-caching
# flask-testing
flask-caching==2.0.2
# via -r requirements.in
flask-testing==0.8.1
# via -r requirements.in
freezegun==1.2.2
# via -r requirements.in
google-api-core[grpc]==2.11.1
# via
# google-cloud-appengine-logging
# google-cloud-core
# google-cloud-logging
# google-cloud-secret-manager
google-auth==2.21.0
# via
# -r requirements.in
# google-api-core
# google-cloud-core
google-cloud-appengine-logging==1.3.1
# via google-cloud-logging
google-cloud-audit-log==0.2.5
# via google-cloud-logging
google-cloud-core==2.3.2
# via google-cloud-logging
google-cloud-logging==3.5.0
# via -r requirements.in
google-cloud-secret-manager==2.16.2
# via -r requirements.in
googleapis-common-protos[grpc]==1.59.1
# via
# google-api-core
# google-cloud-audit-log
# grpc-google-iam-v1
# grpcio-status
graphql-core==3.2.3
# via hypothesis-graphql
grpc-google-iam-v1==0.12.6
# via
# google-cloud-logging
# google-cloud-secret-manager
grpcio==1.53.0
# via
# -r requirements.in
# google-api-core
# googleapis-common-protos
# grpc-google-iam-v1
# grpcio-status
grpcio-status==1.51.1
# via
# -r requirements.in
# google-api-core
gunicorn==20.1.0
# via -r requirements.in
h11==0.14.0
# via httpcore
httpcore==0.17.3
# via httpx
httpx==0.24.1
# via
# -r requirements.in
# schemathesis
hypothesis==6.80.0
# via
# hypothesis-graphql
# hypothesis-jsonschema
# schemathesis
hypothesis-graphql==0.10.0
# via schemathesis
hypothesis-jsonschema==0.22.1
# via schemathesis
idna==3.4
# via
# anyio
# httpx
# requests
# yarl
importlib-metadata==6.0.1
# via
# flask
# opentelemetry-api
importlib-resources==6.1.0
# via jsonschema
iniconfig==2.0.0
# via pytest
itsdangerous==2.1.2
# via flask
jaydebeapi==1.2.3
# via -r requirements.in
jinja2==3.1.2
# via flask
jpype1==1.4.1
# via jaydebeapi
json-log-formatter==0.5.2
# via -r requirements.in
jsonschema==4.17.3
# via
# hypothesis-jsonschema
# schemathesis
junit-xml==1.9
# via schemathesis
kombu==5.3.2
# via celery
markupsafe==2.1.3
# via
# jinja2
# werkzeug
marshmallow==3.19.0
# via -r requirements.in
multidict==6.0.4
# via yarl
netsuite-restlets-client==1.38
# via -r requirements.in
oauthlib==3.2.2
# via requests-oauthlib
opentelemetry-api==1.18.0
# via
# -r requirements.in
# opentelemetry-instrumentation
# opentelemetry-instrumentation-flask
# opentelemetry-instrumentation-wsgi
# opentelemetry-propagator-gcp
opentelemetry-instrumentation==0.41b0
# via
# -r requirements.in
# opentelemetry-instrumentation-flask
# opentelemetry-instrumentation-wsgi
opentelemetry-instrumentation-flask==0.41b0
# via -r requirements.in
opentelemetry-instrumentation-wsgi==0.41b0
# via opentelemetry-instrumentation-flask
opentelemetry-propagator-gcp==1.5.0
# via -r requirements.in
opentelemetry-semantic-conventions==0.41b0
# via
# opentelemetry-instrumentation-flask
# opentelemetry-instrumentation-wsgi
opentelemetry-util-http==0.41b0
# via
# opentelemetry-instrumentation-flask
# opentelemetry-instrumentation-wsgi
packaging==23.1
# via
# build
# jpype1
# marshmallow
# opentelemetry-instrumentation-flask
# pytest
pip-tools==6.14.0
# via -r requirements.in
pkgutil-resolve-name==1.3.10
# via jsonschema
pluggy==1.2.0
# via pytest
prompt-toolkit==3.0.39
# via click-repl
proto-plus==1.22.3
# via
# google-cloud-appengine-logging
# google-cloud-logging
# google-cloud-secret-manager
protobuf==4.23.3
# via
# google-api-core
# google-cloud-appengine-logging
# google-cloud-audit-log
# google-cloud-logging
# google-cloud-secret-manager
# googleapis-common-protos
# grpc-google-iam-v1
# grpcio-status
# proto-plus
pyasn1==0.5.0
# via
# pyasn1-modules
# rsa
pyasn1-modules==0.3.0
# via google-auth
pyproject-hooks==1.0.0
# via build
pyrate-limiter==2.10.0
# via schemathesis
pyrsistent==0.19.3
# via jsonschema
pytest==7.4.0
# via
# -r requirements.in
# pytest-subtests
# schemathesis
pytest-subtests==0.7.0
# via schemathesis
python-dateutil==2.8.2
# via
# -r requirements.in
# celery
# celery-redbeat
# freezegun
# netsuite-restlets-client
# system-mapper-client
pytz==2023.3
# via -r requirements.in
pyyaml==6.0
# via schemathesis
redis==4.6.0
# via
# -r requirements.in
# celery
# celery-redbeat
requests==2.31.0
# via
# -r requirements.in
# curlify
# google-api-core
# requests-oauthlib
# schemathesis
# starlette-testclient
requests-oauthlib==1.3.1
# via -r requirements.in
rsa==4.9
# via google-auth
schemathesis==3.19.5
# via -r requirements.in
six==1.16.0
# via
# google-auth
# junit-xml
# python-dateutil
sniffio==1.3.0
# via
# anyio
# httpcore
# httpx
sortedcontainers==2.4.0
# via hypothesis
starlette==0.28.0
# via
# schemathesis
# starlette-testclient
starlette-testclient==0.2.0
# via schemathesis
system-mapper-client==1.1.1
# via -r requirements.in
tenacity==8.2.3
# via celery-redbeat
tomli==2.0.1
# via
# build
# pip-tools
# pyproject-hooks
# pytest
# schemathesis
tomli-w==1.0.0
# via schemathesis
typing-extensions==4.7.1
# via
# kombu
# schemathesis
# starlette
tzdata==2023.3
# via
# backports-zoneinfo
# celery
urllib3==1.26.17
# via
# google-auth
# netsuite-restlets-client
# requests
# system-mapper-client
vine==5.0.0
# via
# amqp
# celery
# kombu
wcwidth==0.2.8
# via prompt-toolkit
werkzeug==2.3.6
# via
# flask
# schemathesis
wheel==0.40.0
# via pip-tools
wrapt==1.15.0
# via
# deprecated
# opentelemetry-instrumentation
yarl==1.9.2
# via schemathesis
zipp==3.15.0
# via
# importlib-metadata
# importlib-resources
# The following packages are considered to be unsafe in a requirements file:
# pip
# setuptoolsI'm not able to reproduce this still. I'm guessing netsuite_restlets_client==1.38 and system-mapper-client==1.1.1 are your own personal deps since they aren't in PyPI? When I comment those two out and add opentelemetry-instrumentation-flask, pip-compile works fine:
requirements.in
coverage
celery[redis]
celery-redbeat
flask
Flask-Caching
Flask-Testing
freezegun
google-auth
google-cloud-logging
google-cloud-secret-manager
grpcio-status<=1.51.1
grpcio<=1.53.0
gunicorn
httpx
JayDeBeApi
json_log_formatter
marshmallow
# netsuite_restlets_client==1.38
opentelemetry-api
opentelemetry-exporter-gcp-trace
opentelemetry-instrumentation-flask>=0.41b0
opentelemetry-propagator-gcp
opentelemetry-instrumentation>=0.41b0
pip-tools>=6.13.0
pytest
python-dateutil
pytz
redis
requests>=2.31.0
requests_oauthlib
schemathesis>=3.19.5
opentelemetry-instrumentation-flask==0.41b0
# system-mapper-client==1.1.1@aabmass Correct, those are private packages that we install via a comapny index.
I copied the requirements.in file you used with our private packages commented out but received the same error:
❯ make add-requirements
docker-compose run --service-ports --rm app pip-compile requirements.in
[+] Building 0.0s (0/0) docker:desktop-linux
[+] Creating 1/1
✔ Container os-billing-mediator-redis-1 Running 0.0s
[+] Building 0.0s (0/0) docker:desktop-linux
WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. The default resolver will be changed to 'backtracking' in pip-tools 7.0.0. Specify --resolver=backtracking to silence this warning.
Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`.
Could not find a version that matches opentelemetry-semantic-conventions==0.39b0,==0.41b0 (from opentelemetry-instrumentation-flask==0.41b0->-r requirements.in (line 27))
Skipped pre-versions: 0.20b0, 0.20b0, 0.21b0, 0.21b0, 0.22b0, 0.22b0, 0.23b0, 0.23b0, 0.23b2, 0.23b2, 0.24b0, 0.24b0, 0.25b0, 0.25b0, 0.25b1, 0.25b1, 0.25b2, 0.25b2, 0.26b0, 0.26b1, 0.26b1, 0.27b0, 0.27b0, 0.28b0, 0.28b0, 0.28b1, 0.28b1, 0.29b0, 0.29b0, 0.30b0, 0.30b0, 0.30b1, 0.30b1, 0.31b0, 0.31b0, 0.32b0, 0.32b0, 0.33b0, 0.33b0, 0.34b0, 0.34b0, 0.35b0, 0.35b0, 0.36b0, 0.36b0, 0.37b0, 0.37b0, 0.38b0, 0.38b0, 0.39b0, 0.39b0, 0.40b0, 0.40b0, 0.41b0, 0.41b0, 0.42b0, 0.42b0
There are incompatible versions in the resolved dependencies:
opentelemetry-semantic-conventions==0.41b0 (from opentelemetry-instrumentation-wsgi==0.41b0->opentelemetry-instrumentation-flask==0.41b0->-r requirements.in (line 27))
opentelemetry-semantic-conventions==0.41b0 (from opentelemetry-instrumentation-flask==0.41b0->-r requirements.in (line 27))
opentelemetry-semantic-conventions==0.39b0 (from opentelemetry-sdk==1.18.0->opentelemetry-exporter-gcp-trace==1.5.0->-r requirements.in (line 26))
make: *** [add-requirements] Error 2I don't know why your pip-compile would work and mines would not. Could you share what command you ran and the resulting requirements.txt file it generated?
aabmass
commented
12 months ago requirements.in
coverage
celery[redis]
celery-redbeat
flask
Flask-Caching
Flask-Testing
freezegun
google-auth
google-cloud-logging
google-cloud-secret-manager
grpcio-status<=1.51.1
grpcio<=1.53.0
gunicorn
httpx
JayDeBeApi
json_log_formatter
marshmallow
# netsuite_restlets_client==1.38
opentelemetry-api
opentelemetry-exporter-gcp-trace
opentelemetry-instrumentation-flask>=0.41b0
opentelemetry-propagator-gcp
opentelemetry-instrumentation>=0.41b0
pip-tools>=6.13.0
pytest
python-dateutil
pytz
redis
requests>=2.31.0
requests_oauthlib
schemathesis>=3.19.5
opentelemetry-instrumentation-flask==0.41b0
# system-mapper-client==1.1.1$ pip freeze
build==1.0.3
click==8.1.7
packaging==23.2
pip-tools==7.3.0
pyproject_hooks==1.0.0
$ pip-compile requirements.in
WARNING: --strip-extras is becoming the default in version 8.0.0. To silence this warning, either use --strip-extras to opt into the new default or use --no-strip-extras to retain the existing behavior.
#
# This file is autogenerated by pip-compile with Python 3.11
# by the following command:
#
# pip-compile requirements.in
#
amqp==5.2.0
# via kombu
anyio==4.0.0
# via
# httpx
# starlette
attrs==23.1.0
# via
# hypothesis
# jsonschema
# referencing
backoff==2.2.1
# via schemathesis
billiard==4.2.0
# via celery
blinker==1.7.0
# via flask
build==1.0.3
# via pip-tools
cachelib==0.9.0
# via flask-caching
cachetools==5.3.2
# via google-auth
celery[redis]==5.3.5
# via
# -r requirements.in
# celery-redbeat
celery-redbeat==2.1.1
# via -r requirements.in
certifi==2023.7.22
# via
# httpcore
# httpx
# requests
charset-normalizer==3.3.2
# via requests
click==8.1.7
# via
# celery
# click-didyoumean
# click-plugins
# click-repl
# flask
# pip-tools
# schemathesis
click-didyoumean==0.3.0
# via celery
click-plugins==1.1.1
# via celery
click-repl==0.3.0
# via celery
colorama==0.4.6
# via schemathesis
coverage==7.3.2
# via -r requirements.in
deprecated==1.2.14
# via opentelemetry-api
flask==3.0.0
# via
# -r requirements.in
# flask-caching
# flask-testing
flask-caching==2.1.0
# via -r requirements.in
flask-testing==0.8.1
# via -r requirements.in
freezegun==1.2.2
# via -r requirements.in
google-api-core[grpc]==2.14.0
# via
# google-api-core
# google-cloud-appengine-logging
# google-cloud-core
# google-cloud-logging
# google-cloud-secret-manager
# google-cloud-trace
google-auth==2.23.4
# via
# -r requirements.in
# google-api-core
# google-cloud-core
google-cloud-appengine-logging==1.3.2
# via google-cloud-logging
google-cloud-audit-log==0.2.5
# via google-cloud-logging
google-cloud-core==2.3.3
# via google-cloud-logging
google-cloud-logging==3.8.0
# via -r requirements.in
google-cloud-secret-manager==2.16.4
# via -r requirements.in
google-cloud-trace==1.11.3
# via opentelemetry-exporter-gcp-trace
googleapis-common-protos[grpc]==1.61.0
# via
# google-api-core
# google-cloud-audit-log
# grpc-google-iam-v1
# grpcio-status
graphql-core==3.2.3
# via hypothesis-graphql
grpc-google-iam-v1==0.12.7
# via
# google-cloud-logging
# google-cloud-secret-manager
grpcio==1.53.0
# via
# -r requirements.in
# google-api-core
# googleapis-common-protos
# grpc-google-iam-v1
# grpcio-status
grpcio-status==1.51.1
# via
# -r requirements.in
# google-api-core
gunicorn==21.2.0
# via -r requirements.in
h11==0.14.0
# via httpcore
httpcore==1.0.2
# via httpx
httpx==0.25.1
# via
# -r requirements.in
# schemathesis
hypothesis==6.88.4
# via
# hypothesis-graphql
# hypothesis-jsonschema
# schemathesis
hypothesis-graphql==0.10.0
# via schemathesis
hypothesis-jsonschema==0.22.1
# via schemathesis
idna==3.4
# via
# anyio
# httpx
# requests
# yarl
importlib-metadata==6.8.0
# via opentelemetry-api
iniconfig==2.0.0
# via pytest
itsdangerous==2.1.2
# via flask
jaydebeapi==1.2.3
# via -r requirements.in
jinja2==3.1.2
# via flask
jpype1==1.4.1
# via jaydebeapi
json-log-formatter==0.5.2
# via -r requirements.in
jsonschema==4.19.2
# via
# hypothesis-jsonschema
# schemathesis
jsonschema-specifications==2023.7.1
# via jsonschema
junit-xml==1.9
# via schemathesis
kombu==5.3.3
# via celery
markupsafe==2.1.3
# via
# jinja2
# werkzeug
marshmallow==3.20.1
# via -r requirements.in
multidict==6.0.4
# via yarl
oauthlib==3.2.2
# via requests-oauthlib
opentelemetry-api==1.20.0
# via
# -r requirements.in
# opentelemetry-exporter-gcp-trace
# opentelemetry-instrumentation
# opentelemetry-instrumentation-flask
# opentelemetry-instrumentation-wsgi
# opentelemetry-propagator-gcp
# opentelemetry-resourcedetector-gcp
# opentelemetry-sdk
opentelemetry-exporter-gcp-trace==1.6.0
# via -r requirements.in
opentelemetry-instrumentation==0.41b0
# via
# -r requirements.in
# opentelemetry-instrumentation-flask
# opentelemetry-instrumentation-wsgi
opentelemetry-instrumentation-flask==0.41b0
# via -r requirements.in
opentelemetry-instrumentation-wsgi==0.41b0
# via opentelemetry-instrumentation-flask
opentelemetry-propagator-gcp==1.6.0
# via -r requirements.in
opentelemetry-resourcedetector-gcp==1.6.0a0
# via opentelemetry-exporter-gcp-trace
opentelemetry-sdk==1.20.0
# via
# opentelemetry-exporter-gcp-trace
# opentelemetry-resourcedetector-gcp
opentelemetry-semantic-conventions==0.41b0
# via
# opentelemetry-instrumentation-flask
# opentelemetry-instrumentation-wsgi
# opentelemetry-sdk
opentelemetry-util-http==0.41b0
# via
# opentelemetry-instrumentation-flask
# opentelemetry-instrumentation-wsgi
packaging==23.2
# via
# build
# gunicorn
# jpype1
# marshmallow
# opentelemetry-instrumentation-flask
# pytest
pip-tools==7.3.0
# via -r requirements.in
pluggy==1.3.0
# via pytest
prompt-toolkit==3.0.40
# via click-repl
proto-plus==1.22.3
# via
# google-cloud-appengine-logging
# google-cloud-logging
# google-cloud-secret-manager
# google-cloud-trace
protobuf==4.25.0
# via
# google-api-core
# google-cloud-appengine-logging
# google-cloud-audit-log
# google-cloud-logging
# google-cloud-secret-manager
# google-cloud-trace
# googleapis-common-protos
# grpc-google-iam-v1
# grpcio-status
# proto-plus
pyasn1==0.5.0
# via
# pyasn1-modules
# rsa
pyasn1-modules==0.3.0
# via google-auth
pyproject-hooks==1.0.0
# via build
pyrate-limiter==2.10.0
# via schemathesis
pytest==7.4.3
# via
# -r requirements.in
# pytest-subtests
# schemathesis
pytest-subtests==0.7.0
# via schemathesis
python-dateutil==2.8.2
# via
# -r requirements.in
# celery
# celery-redbeat
# freezegun
pytz==2023.3.post1
# via -r requirements.in
pyyaml==6.0.1
# via schemathesis
redis==5.0.1
# via
# -r requirements.in
# celery
# celery-redbeat
referencing==0.30.2
# via
# jsonschema
# jsonschema-specifications
requests==2.31.0
# via
# -r requirements.in
# google-api-core
# opentelemetry-resourcedetector-gcp
# requests-oauthlib
# schemathesis
# starlette-testclient
requests-oauthlib==1.3.1
# via -r requirements.in
rpds-py==0.12.0
# via
# jsonschema
# referencing
rsa==4.9
# via google-auth
schemathesis==3.21.0
# via -r requirements.in
six==1.16.0
# via
# junit-xml
# python-dateutil
sniffio==1.3.0
# via
# anyio
# httpx
sortedcontainers==2.4.0
# via hypothesis
starlette==0.32.0.post1
# via
# schemathesis
# starlette-testclient
starlette-testclient==0.2.0
# via schemathesis
tenacity==8.2.3
# via celery-redbeat
tomli==2.0.1
# via schemathesis
tomli-w==1.0.0
# via schemathesis
typing-extensions==4.8.0
# via
# opentelemetry-resourcedetector-gcp
# opentelemetry-sdk
# schemathesis
tzdata==2023.3
# via celery
urllib3==2.1.0
# via requests
vine==5.1.0
# via
# amqp
# celery
# kombu
wcwidth==0.2.9
# via prompt-toolkit
werkzeug==3.0.1
# via
# flask
# schemathesis
wheel==0.41.3
# via pip-tools
wrapt==1.16.0
# via
# deprecated
# opentelemetry-instrumentation
yarl==1.9.2
# via schemathesis
zipp==3.17.0
# via importlib-metadata
# The following packages are considered to be unsafe in a requirements file:
# pip
# setuptoolsThanks, it turns out I needed to upgrade my pip-tools version to 7.3.0 and blow away the requirements.txt to do a fresh install of the packages to their latest versions. Appreciate all the help! Wouldn't have gotten to it on my own, the error messages really didn't indicate that it was a problem on my end
Hi, I am trying to upgrade our version of
opentelemetry-instrumentation-flaskfrom 0.39b0 to 0.41b0 to resolve a CVE foropentelemetry-instrumentation(you can see the github vulnerability advisory here). To do so, I need to upgradeopentelemetry-semantic-conventionsfrom 0.39b0 to 0.41b0 as well sinceopentelemetry-instrumentation-flaskdepends on it.However, I also have
opentelemetry-exporter-gcp-traceinstalled on the latest version, 1.5.0, which depends onopentelemetry-sdkversion 1.18.0, which depends onopentelemetry-semantic-conventionsversion 0.39b0, so I'm unable to perform the upgrade.Can you upgrade your dependencies to resolve this security issue? I assume this means that
opentelemetry-exporter-gcp-traceis also affected by this CVE.