Is your feature request related to a problem?
The certifi library has a software licence that can be problematic. Similar to https://github.com/opensearch-project/opensearch-py/issues/111. It could also be preferable to maintain root certs at an operating system level rather than purely at a dependency level.
What solution would you like?
Allow certifi to be an optional dependency. When it's not installed, do what boto3 does.
try:
from certifi import where
except ImportError:
def where():
return DEFAULT_CA_BUNDLE
What alternatives have you considered?
We have written a script to remove the certifi library from our virtualenv and replaces it with a dummy package of the same name. This satisfies the packager's dependency requirements and allows us to ship a non-encumbered artifact.
Is your feature request related to a problem? The
certifi
library has a software licence that can be problematic. Similar to https://github.com/opensearch-project/opensearch-py/issues/111. It could also be preferable to maintain root certs at an operating system level rather than purely at a dependency level.What solution would you like? Allow
certifi
to be an optional dependency. When it's not installed, do whatboto3
does.https://github.com/boto/botocore/blob/740994514c0e1d010f17a060c1eb24c64346bbaf/botocore/httpsession.py#L47
What alternatives have you considered? We have written a script to remove the
certifi
library from our virtualenv and replaces it with a dummy package of the same name. This satisfies the packager's dependency requirements and allows us to ship a non-encumbered artifact.