search

googleapis / google-auth-library-python

Google Auth Python Library
https://googleapis.dev/python/google-auth/latest/
Apache License 2.0
771 stars 305 forks source link

fix: update urllib3 to >= 2.0.5 #1389

Closed arithmetic1728 closed 11 months ago

arithmetic1728 commented 11 months ago

fixes #1365

urllib3 added back the pyopenssl support and removed the depreciation warning since 2.0.5, so we can upgrade the urllib3 dependency version now.

urllib3 made RequestMethods class private since 2.0.0 (changed from urllib3.request.RequestMethods to urllib3._request_methods.RequestMethods). We could copy the whole class and the related code into google-auth, but that would be a lot of code, so we let AuthorizedHttp inherit the private class instead, which seems to be the best solution so far.

danmoz commented 11 months ago

Just a heads up, this is going to cause a lot of pain -- some major packages (for example, botocore) in the python ecosystem require urllib3<2.0. By requiring a version >= 2.0.5, we'll create an unresolvable dependency conflict.

An example of this is botocore, which pins to <1.27

arithmetic1728 commented 11 months ago

@danmoz thank you for the heads up, I will fix it asap.

arithmetic1728 commented 11 months ago

problem is fixed in release 2.23.2, https://github.com/googleapis/google-auth-library-python/pull/1391