search

box / box-python-sdk

Box SDK for Python
http://opensource.box.com/box-python-sdk/
Apache License 2.0
413 stars 214 forks source link

Upgrade urllib3 dependency #850

Closed anpr closed 8 months ago

anpr commented 9 months ago

Is your feature request related to a problem? Please describe.

I'm using box-python-sdk in a relatively large project, which also uses the requests and the types-requests library. That library depends on urllib3 (>=2) since a recent version. This is incompatible with the urllib3 (<2) requirement. So now we can't upgrade types-requests.

Describe the solution you'd like

I'd suggest that box-python-sdk relaxes the urllib3 dependency and also allows urllib3 >= 2.

Describe alternatives you've considered

An alternative would be to ask the types-requests and other maintainers to also allow urllib < 2. But even if that were successful, it's only a question of time until some other package introduces a dependency to a urllib >= 2.

Additional context

Here's the output of poetry lock --no-update:

$ poetry lock --no-update                                                                                           1 ↵
Resolving dependencies... Downloading 
Because types-requests (2.31.0.9) depends on urllib3 (>=2)
 and boxsdk (3.9.1) depends on urllib3 (<2), types-requests (2.31.0.9) is incompatible with boxsdk (3.9.1).
So, because xxx depends on both boxsdk (==3.9.1) and types-requests (==2.31.0.9), version solving failed.
arjankowski commented 8 months ago

Hi @anpr ,

Thanks for submitting this Issue! We've just merged the PR with the change you requested, and we'll soon release a new version of the SDK with the mentioned fix.

Regards, Artur

anpr commented 8 months ago

Thanks a lot!