Discussion:
Bug#945978: src:requests: FTBFS against python-urllib3 1.25 and newer
Add Reply
j***@gmail.com
2019-12-02 01:20:01 UTC
Reply
Permalink
Source: requests
Version: 2.21.0-1
Tags: upstream

debian/control in the requests package contains

Build-Depends:
python-chardet (>= 3.0.2), python-chardet (<< 3.1.0),
python-urllib3 (>= 1.21.1), python-urllib3 (<< 1.25),
python3-chardet (>= 3.0.2), python3-chardet (<< 3.1.0),
python3-urllib3 (>= 1.21.1), python3-urllib3 (<< 1.25),

This prevents running test builds against newer versions of these
libraries.

Are the newer versions known to break the package? Are there bugs or
other information available to help with upgrading? (I checked for a
README.source with this kind of information but wasn't able to find it.)

Upstream bumped its declared maximum version of urllib3 in
https://github.com/psf/requests/commit/aeda65bbe57ac5edbcc2d80db85d010befb7d419.
Do we know why upstream supplies these upper bounds on versions of
dependent packages to build against? Using < instead of != in
dependencies makes it harder to find a set of package versions that
works well together.

Thanks,
Jonathan

-- System Information:
Debian Release: bullseye/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.4.0-trunk-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Daniele Tricoli
2019-12-03 01:00:02 UTC
Reply
Permalink
Hello Jonathan,
thanks for this report.
Post by j***@gmail.com
Source: requests
Version: 2.21.0-1
Tags: upstream
debian/control in the requests package contains
python-chardet (>= 3.0.2), python-chardet (<< 3.1.0),
python-urllib3 (>= 1.21.1), python-urllib3 (<< 1.25),
python3-chardet (>= 3.0.2), python3-chardet (<< 3.1.0),
python3-urllib3 (>= 1.21.1), python3-urllib3 (<< 1.25),
This prevents running test builds against newer versions of these
libraries.
Are the newer versions known to break the package? Are there bugs or
other information available to help with upgrading? (I checked for a
README.source with this kind of information but wasn't able to find it.)
Upstream bumped its declared maximum version of urllib3 in
https://github.com/psf/requests/commit/aeda65bbe57ac5edbcc2d80db85d010befb7d419.
Do we know why upstream supplies these upper bounds on versions of
dependent packages to build against? Using < instead of != in
dependencies makes it harder to find a set of package versions that
works well together.
I used to not have strict version dependencies until something break (if you
are interested into this story I can search for the details), so I decided to
follow upstream and set the exact versions they are using. Yes, I know that
this make things harder, but I prefer to be cautious since a lot of packages
depends on requests.

I have just uploaded requests 2.22.0-1 into experimental: it bump the urllib3
dependency to << 1.26, as upstream.

My plan is to perform more testing during this week and move both urllib3 and
requests to unstable by the end of the week.
I plan, also, to close this bug with the upload of requests 2.22.0 to unstable
since it can be built using urllib3 1.25.

If something looks not good to you, please ping me.

Kind regards,
--
Daniele Tricoli 'eriol'
https://mornie.org
Loading...