Is your feature request related to a problem? Please describe.
I'm using box-python-sdk in a relatively large project, which also uses the requests and the types-requests library. That library depends on urllib3 (>=2) since a recent version. This is incompatible with the urllib3 (<2) requirement. So now we can't upgrade types-requests.
Describe the solution you'd like
I'd suggest that box-python-sdk relaxes the urllib3 dependency and also allows urllib3 >= 2.
Describe alternatives you've considered
An alternative would be to ask the types-requests and other maintainers to also allow urllib < 2. But even if that were successful, it's only a question of time until some other package introduces a dependency to a urllib >= 2.
Additional context
Here's the output of poetry lock --no-update:
$ poetry lock --no-update 1 ↵
Resolving dependencies... Downloading
Because types-requests (2.31.0.9) depends on urllib3 (>=2)
and boxsdk (3.9.1) depends on urllib3 (<2), types-requests (2.31.0.9) is incompatible with boxsdk (3.9.1).
So, because xxx depends on both boxsdk (==3.9.1) and types-requests (==2.31.0.9), version solving failed.
Thanks for submitting this Issue!
We've just merged the PR with the change you requested, and we'll soon release a new version of the SDK with the mentioned fix.
Is your feature request related to a problem? Please describe.
I'm using box-python-sdk in a relatively large project, which also uses the
requests
and thetypes-requests
library. That library depends on urllib3 (>=2) since a recent version. This is incompatible with the urllib3 (<2) requirement. So now we can't upgradetypes-requests
.Describe the solution you'd like
I'd suggest that box-python-sdk relaxes the urllib3 dependency and also allows urllib3 >= 2.
Describe alternatives you've considered
An alternative would be to ask the
types-requests
and other maintainers to also allow urllib < 2. But even if that were successful, it's only a question of time until some other package introduces a dependency to a urllib >= 2.Additional context
Here's the output of
poetry lock --no-update
: