snowflake-connector-python version requirement

[sfc-gh-twhite]

schemachange version 3.5.2 is has the requirement snowflake-connector-python~=2.8. Since the 2.8 versions, a few upgrades have been documented in the release notes here.

I discovered this by running the following: pip install -U streamlit streamlit-option-menu streamlit-aggrid schemachange watchdog "snowflake-connector-python[secure-local-storage,pandas]". I encountered ERROR: schemachange 3.5.2 has requirement snowflake-connector-python~=2.8, but you'll have snowflake-connector-python 3.0.1 which is incompatible.

Attempting to correct, I ran pip install snowflake-connector-python~=2.8 and then received a new error: ERROR: pyopenssl 22.1.0 has requirement cryptography<39,>=38.0.0, but you'll have cryptography 39.0.2 which is incompatible.

I will test for compatibility with the newer version and propose that we add a larger requirement range for this package to ensure availability to more users.

[IndexSeek]

This creates an inconsistency between the README line.

• You will need to have the latest Snowflake Python driver installed

I will be PRing soon to adjust this.

[afeld]

Now more pressing to upgrade, given this security advisory.

[afeld]

Workaround in my requirements.txt:

# Using a fork (hopefully temporarily) to support v3.0.2 of the connector, in order to address this security issue:
# https://community.snowflake.com/s/article/Snowflake-Drivers-Security-Advisory
# https://github.com/Snowflake-Labs/schemachange/pull/166
schemachange @ git+https://github.com/IndexSeek/schemachange@a96689298b15ab992ccd463ae81050baad7413dc
snowflake-connector-python>=3.0.2

Using a fork from @IndexSeek's (changing the user/organization name in the GitHub URL) to be safe.

[sfc-gh-jhansen]

This should be resolved with version 3.5.3, which was just released.