search

crate / crate-python

Python DB API client library for CrateDB, using HTTP.
https://cratedb.com/docs/python/
Apache License 2.0
78 stars 31 forks source link

Update setuptools requirement from <57 to <68 #523

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Updates the requirements on setuptools to permit the latest version.

Changelog

Sourced from setuptools's changelog.

v67.2.0

Changes ^^^^^^^

  • #3809: Merge with distutils@8c3c3d29, including fix for sysconfig.get_python_inc()pypa/distutils#178has_functionpypa/distutils#195

v67.1.0

Changes ^^^^^^^

  • #3795: Ensured that __file__ is an absolute path when executing setup.py as part of setuptools.build_meta.

Misc ^^^^

  • #3798: Updated validations for pyproject.toml using validate-pyproject==0.12.1 to allow stub packages (:pep:561) to be listed in tool.setuptools.packages and tool.setuptools.package-dir.

v67.0.0

Breaking Changes ^^^^^^^^^^^^^^^^

  • #3741: Removed patching of distutils._msvccompiler.gen_lib_options for compatibility with Numpy < 1.11.2 -- by :user:mgorny
  • #3790: Bump vendored version of :pypi:packaging to 23.0 (:pypi:pyparsing is no longer required and was removed). As a consequence, users will experience a more strict parsing of requirements. Specifications that don't comply with :pep:440 and :pep:508 will result in build errors.

v66.1.1

Misc ^^^^

  • #3782: Fixed problem with file directive in tool.setuptools.dynamic (pyproject.toml) when value is a simple string instead of list.

... (truncated)

Commits


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
amotl commented 1 year ago

Observation

setuptools-58.1.0, being installed on Python 3.9 and higher, apparently lacks setuptools.ssl_support.

Traceback (most recent call last):
  File "/home/runner/work/crate-python/crate-python/src/crate/client/tests.py", line 46, in <module>
    from .test_http import (
  File "/home/runner/work/crate-python/crate-python/src/crate/client/test_http.py", line 41, in <module>
    from setuptools.ssl_support import find_ca_bundle
ModuleNotFoundError: No module named 'setuptools.ssl_support'

-- https://github.com/crate/crate-python/actions/runs/4164883229/jobs/7207124671#step:4:169

Analysis

Looking for it, I've discovered it has been removed starting with setuptools-57.1.0.

Proposal

Just vendor the find_ca_bundle function previously imported from setuptools.ssl_support?

def find_ca_bundle():
    """Return an existing CA bundle path, or None"""
    extant_cert_paths = filter(os.path.isfile, cert_paths)
    return (
        get_win_certfile()
        or next(extant_cert_paths, None)
        or _certifi_where()
    )
dependabot[bot] commented 1 year ago

Superseded by #558.