Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

responses==0.23.2 breaks pip resolution with popular packages #654

Closed
jmsanders opened this issue Jul 25, 2023 · 3 comments · Fixed by #659
Closed

responses==0.23.2 breaks pip resolution with popular packages #654

jmsanders opened this issue Jul 25, 2023 · 3 comments · Fixed by #659
Assignees
@beliaev-maksim
Labels
Waiting for: Product Owner

Comments

@jmsanders
Copy link

Describe the bug

This may ultimately end not being a responses issue (or a "just pin to the old version" answer), but I wanted to call to your attention that responses==0.23.2 substantially changes pip resolution results when installed alongside other popular packages.

Given:

psf/requests#6432
and boto/botocore#2926

Perhaps #652 is premature?

Additional context

No response

Version of responses

0.23.2

Steps to Reproduce

docker run -it python bash -c "pip install responses==0.23.1 boto3"

Results in:

Installing collected packages: types-PyYAML, urllib3, six, pyyaml, jmespath, idna, charset-normalizer, certifi, requests, python-dateutil, responses, botocore, s3transfer, boto3
Successfully installed boto3-1.28.10 botocore-1.31.10 certifi-2023.7.22 charset-normalizer-3.2.0 idna-3.4 jmespath-1.0.1 python-dateutil-2.8.2 pyyaml-6.0.1 requests-2.31.0 responses-0.23.1 s3transfer-0.6.1 six-1.16.0 types-PyYAML-6.0.12.11 urllib3-1.26.16

Whereas:

docker run -it python bash -c "pip install responses==0.23.2 boto3"

Will backtrack through many, many versions of boto3 and eventually land on:

Installing collected packages: types-PyYAML, urllib3, six, pyyaml, jmespath, idna, docutils, charset-normalizer, certifi, requests, python-dateutil, responses, botocore, s3transfer, boto3
Successfully installed boto3-1.7.84 botocore-1.10.84 certifi-2023.7.22 charset-normalizer-3.2.0 docutils-0.20.1 idna-3.4 jmespath-0.10.0 python-dateutil-2.8.2 pyyaml-6.0.1 requests-2.31.0 responses-0.23.2 s3transfer-0.1.13 six-1.16.0 types-PyYAML-6.0.12.11 urllib3-2.0.4

Expected Result

Pip resolution succeeds with recent versions of other packages.

Actual Result

Pip resolution takes a long time and installs very old versions of other packages.
@beliaev-maksim beliaev-maksim self-assigned this Jul 25, 2023
@beliaev-maksim
Copy link
Collaborator

@jmsanders responses pins requests >= 2.30, for the reason of compatibility between 2.29 and urllib 2.x

however, I think it is user issue if some lower boundaries are not pinned. In this case boto should be pinned to >=x
then pip resolver will either fail or install the right revision of responses for you.

@JohnVillalovos
Copy link
Contributor

JohnVillalovos commented Jul 25, 2023
edited
Loading

Not sure if have to pin urllib3>=2 though. As it is allowed to use requests>=2.30 with urllib3<2

Note 2.30.0 is the requests version that added support for urllib 2.0.

https://github.com/psf/requests/releases/tag/v2.30.0

From release notes: Users who wish to stay on urllib3 1.x can pin to urllib3<2.

@jmsanders jmsanders mentioned this issue Jul 25, 2023
Merged
jmsanders added a commit to dagster-io/dagster that referenced this issue Jul 25, 2023
@jmsanders
Temp pin responses==0.23.1 (#15513)
2a83082 
responses==0.23.2 forces us onto urllib>=2.0.0 which causes a whole new
pip resolution chain.

getsentry/responses#654

Pinning until all of these packages support urllib3>=2.0.0
@beliaev-maksim beliaev-maksim closed this as not planned Won't fix, can't repro, duplicate, stale Jul 25, 2023
prha pushed a commit to dagster-io/dagster that referenced this issue Jul 25, 2023
@jmsanders @prha
Temp pin responses==0.23.1 (#15513)
2829c2a 
responses==0.23.2 forces us onto urllib>=2.0.0 which causes a whole new
pip resolution chain.

getsentry/responses#654

Pinning until all of these packages support urllib3>=2.0.0
@JohnVillalovos
Copy link
Contributor

As a note there is issue #657 and PR #659 which are both related to this.

@markstory markstory linked a pull request Jul 31, 2023 that will close this issue
chore: allow urllib3>=1.25.10 #659
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@beliaev-maksim beliaev-maksim

Labels
Waiting for: Product Owner
Projects
GitHub Issues with 👀
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: allow urllib3>=1.25.10
3 participants
@JohnVillalovos @jmsanders @beliaev-maksim