feat: update cachecontrol to 0.13.0 #8055
Conversation
|
Initially I hoped that a new cachecontrol release will silently fix the issue described here (without having to update to a newer version of poetry OR to pin urllib3). However, because the toml file has Question for the maintainers: what will be the lucky poetry versions that will benefit from this? |
I don't think anyone will release a fix for older versions of Poetry due to the limited time that maintainers can invest. The issue has been closed since fixed in latest versions, please update to 1.5 |
|
recent versions of poetry all pin to urrlib3<2, therefore if correctly installed they are not exposed to that issue anyway. however this reminds me that this MR should allow that constraint to be relaxed, urllib3 version 3 is now out. |
|
Could you point me to the release? I can only see 2.0.2 |
|
yes sorry, I meant 2. but either way, this MR should allow that to be relaxed |
| @@ -60,7 +58,6 @@ tomlkit = ">=0.11.4,<1.0.0" | |||
| trove-classifiers = ">=2022.5.19" | |||
| virtualenv = "^20.22.0" | |||
| xattr = { version = "^0.10.0", markers = "sys_platform == 'darwin'" } | |||
| urllib3 = "^1.26.0" | |||
There was a problem hiding this comment.
poetry still has a direct dependency on urllib3 -
poetry/src/poetry/publishing/uploader.py
Line 20 in 50e61e6
There was a problem hiding this comment.
Seemed really minor for me to be kept but I understand the reasoning, better to be safe than sorry!
There was a problem hiding this comment.
Would you prefer to relax the constraint or pin it to ^2.0.2 to enforce the usage of a more recent version? I'd prefer the second but I also understand the Poetry direct dependency on urllib3 works ok with <2 too..
There was a problem hiding this comment.
so far as I can see that import is only used to set up a Retry, which is configured to retry only for GETs; and the uploader never does a GET, it only POSTs.
So if that's right then that little pile of code could be deleted anyway. But double-check, I only skimmed it..!
There was a problem hiding this comment.
I think you are totally right. Wouldn't it be better to then fix it to "POST" if the original goal was to retry uploads?
There was a problem hiding this comment.
meh, if the code has been there for this long without anyone feeling the need to have working retries - I'd just delete it.
There was a problem hiding this comment.
I was just writing that 😄 Makes sense
I've released v0.12.13 with the necessary fixes |
|
This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Pull Request Check List
Closes: #7997
@Secrus didn't want to step on your toes, just provide help :)