Cannot install it with googleapis-common-protos and other related libs in python

[ankit-sapkota]

When trying to install it with googleapis-common-protos the following issue seems to be present.

Tink requires protobuf version 3.20.1 but it is not supported by the googleapis-common-protos and hence dependency resolving fails.

• Language: Python
• Version: 3.7
• Environment: (Ubuntu )

I am using poetry to manage deps

[qTipTip]

Hey! First of all, thanks for developing Tink!

I am having the same issue:

Because no versions of tink match >1.7.0,<2.0.0
 and tink (1.7.0) depends on protobuf (3.20.1), tink (>=1.7.0,<2.0.0) requires protobuf (3.20.1).
And because google-cloud-secret-manager (2.16.1) depends on protobuf (>=3.19.5,<3.20.0 || >3.20.0,<3.20.1 || >3.20.1,<4.21.0 || >4.21.0,<4.21.1 || >4.21.1,<4.21.2 || >4.21.2,<4.21.3 || >4.21.3,<4.21.4 || >4.21.4,<4.21.5 || >4.21.5,<5.0.0dev)
 and no versions of google-cloud-secret-manager match >2.16.1,<3.0.0, tink (>=1.7.0,<2.0.0) is incompatible with google-cloud-secret-manager (>=2.16.1,<3.0.0).
So, because ... depends on both google-cloud-secret-manager (^2.16.1) and tink (^1.7.0), version solving failed.

[tholenst]

It would be good if we followed https://packaging.python.org/en/latest/discussions/install-requires-vs-requirements/#install-requires :

"It is not considered best practice to use install_requires to pin dependencies to specific versions, or to specify sub-dependencies (i.e. dependencies of your dependencies). This is overly-restrictive, and prevents the user from gaining the benefit of dependency upgrades."

[dega2]

I was running into the same issue and was happy that this seems to be fixed already. But after building Tink with the new sources from Git it's only solving the dependency issue during the pip installation. But when using Tink it's raising an error and requesting to downgrade: TypeError: Descriptors cannot not be created directly. If this call came from a _pb2.py file, your generated code is out of date and must be regenerated with protoc >= 3.19.0. If you cannot immediately regenerate your protos, some other possible workarounds are:

1. Downgrade the protobuf package to 3.20.x or lower.
2. Set PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python (but this will use pure-Python parsing and will be much slower).

[morambro]

@dega2 thanks for testing this. Could you please provide some more details on your setup? E.g., which version of googleapis-common-protos are you using? What version of protoc did you use to build Tink's Python pb files? Note that setup.py uses the protoc that is available on the system (see here and a usage example here here).

[dega2]

@morambro thank you for your reply. I have setup a fresh Ubuntu 20.04, Python 3.10 and the coresponding Pip. I used the Ubuntu APT package protobuf-compiler. I checked the version with: protoc --version output: libprotoc 23.0 I followed the Bazel installation procedure from the Bazel Git. The tink package was build with: pip wheel .

[morambro]

I think the issue is the version of protoc; note that Tink Python at HEAD requires >=4.21.9. You may try with a more recent version (e.g., see here).

[morambro]

1.8.0 is out (notes, pypi), which includes a fix for this issue.