Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Version 5.5.0/5.5.1 have too strict urllib2 requirements #667

Closed
edmorley opened this Issue Nov 10, 2017 · 12 comments

Comments

Projects
None yet
7 participants
@edmorley
Copy link

commented Nov 10, 2017

Hi!

Upgrading from 5.4.0 to either 5.5.0 or 5.5.1 causes our Travis run to start failing with:

$ pip check
elasticsearch 5.5.1 has requirement urllib3<1.22,>=1.21.1, but you have urllib3 1.22.

It looks like perhaps there was a rebasing issue, since #636 loosened the requirements but this isn't present in 5.5.0/5.5.1, even though it's on master?

Compare 5.5.0/5.5.1:
https://github.com/elastic/elasticsearch-py/blob/5.5.0/setup.py#L15
https://github.com/elastic/elasticsearch-py/blob/5.5.1/setup.py#L15

...with master:

'urllib3<1.23,>=1.21.1',

Many thanks :-)

@edmorley edmorley changed the title Version 5.5.0.5.5.1 have too strict urllib2 requirements Version 5.5.0/5.5.1 have too strict urllib2 requirements Nov 10, 2017

@alex-oleshkevich

This comment has been minimized.

Copy link

commented Nov 10, 2017

+1, this also breaks Pipfile.lock (not possible to lock dependencies)

Adding elasticsearch-dsl>=5.0.0,<6.0.0 to Pipfile's [packages]…
Locking [dev-packages] dependencies…
Locking [packages] dependencies…
Warning: Your dependencies could not be resolved. You likely have a mismatch in your sub-dependencies.
  You can use $ pipenv install --skip-lock to bypass this mechanism, then run $ pipenv graph to inspect the situation.
Could not find a version that matches urllib3<1.22,<1.23,==1.22,>=1.21.1
Tried: 0.3, 1.0, 1.0.1, 1.0.2, 1.1, 1.2, 1.2.1, 1.2.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.7.1, 1.8, 1.8.2, 1.8.3, 1.9, 1.9.1, 1.10, 1.10.1, 1.10.2, 1.10.3, 1.10.4, 1.11, 1.11, 1.12, 1.12, 1.13, 1.13,1.13.1, 1.13.1, 1.14, 1.14, 1.15, 1.15, 1.15.1, 1.15.1, 1.16, 1.16, 1.17, 1.17, 1.18, 1.18, 1.18.1, 1.18.1, 1.19, 1.19, 1.19.1, 1.19.1, 1.20, 1.20, 1.21, 1.21, 1.21.1, 1.21.1, 1.22, 1.22
@edmorley

This comment has been minimized.

Copy link
Author

commented Nov 14, 2017

The 6.0.0 release is affected by this too
Bah read the wrong Travis log, 6.0.0 is fine.

@patrys

This comment has been minimized.

Copy link

commented Nov 23, 2017

FYI: https://requires.io/ currently marks urllib3==1.21.1 as "insecure".

EDIT: resolved this with Requires, it seems that was a false positive.

@edmorley

This comment has been minimized.

Copy link
Author

commented Jan 2, 2018

It looks like there was a backport of the #636 fix to the 5.5.x and 5.x branches:
ea5d5fd
b8b1c14

...I don't suppose it would be possible to spin a 5.5.2 release containing it? :-)

@reupen

This comment has been minimized.

Copy link

commented Jan 16, 2018

5.5.2 has been released as elasticsearch5: https://pypi.python.org/pypi/elasticsearch5

Unfortunately, it's not clear to me how to use elasticsearch5 with elasticsearch-dsl 5.x, as the latter still depends on elasticsearch (not elasticsearch5).

@HonzaKral

This comment has been minimized.

Copy link
Member

commented Jan 16, 2018

The dependency is still there but you can always just pass in your own client instance by instantiating elasticsearch5.Elasticsearch and passing it in to the connections object of elasticsearch_dsl:

from elasticsearch_dsl.connections import connections
from elasticsearch5 import Elasticsearch
connections.add_connection(Elasticsearch())

Note, however, that you don't have to use elasticsearch5 unless you have a requirement to use multiple versions next to each other in the same code base.

@reupen

This comment has been minimized.

Copy link

commented Jan 16, 2018

The problem with using elasticsearch5 is that it results in version conflicts when using elasticsearch-dsl 5.4.0 (when using pip check, pip-compile etc.)

For example:

10:08 $ pip install -U "elasticsearch-dsl<6" elasticsearch5
...
10:08 $ pip check
elasticsearch 5.5.1 has requirement urllib3<1.22,>=1.21.1, but you have urllib3 1.22.

Or when using pip-comile, you'll get:

Could not find a version that matches urllib3<1.22,<1.23,==1.22,>=1.21.1

So, it would probably be useful having elasticsearch 5.5.2 available under elasticsearch as well.

@RemiCardona

This comment has been minimized.

Copy link

commented Jan 16, 2018

The change of python module name and pypi package name is completely jaw-dropping for a patch release. A simple dependency bugs is turning into a maintenance nightmare for the entire ES/python ecosystem (and for my own work projects).

I'm stunned…

@HonzaKral

This comment has been minimized.

Copy link
Member

commented Jan 16, 2018

the rename is only for convenience for people that have need of running multiple versions in the same code base, same version will be released as elasticsearch, it was an oversight that it hasn't been already for which I apologize.

@fxdgear

This comment has been minimized.

Copy link
Member

commented Jan 16, 2018

@RemiCardona I'm sorry about the confusion here and it's my fault.

I'm trying to help @HonzaKral and relieve him of some responsibilities here wrt this code base. We talked about the release process and I didn't grok that there was 3 release artifacts. i thought there was just elasticsearch5 and elasticsearch (which is now 6). So I didn't release elalsticsearch==5.5.2 the other day. That is my fault i am sorry.

I did just release the 5.5.2 version of elasticsearch this morning. So please let me know if this alleviates the urllib3 version issue.

Thanks

edit typo

@edmorley

This comment has been minimized.

Copy link
Author

commented Jan 16, 2018

Many thanks for the elasticsearch==5.5.2 release - working great now :-)

@edmorley edmorley closed this Jan 16, 2018

@fxdgear

This comment has been minimized.

Copy link
Member

commented Jan 16, 2018

Fantastic. Thank you for closing. :)

uqs pushed a commit to freebsd/freebsd-ports that referenced this issue Apr 16, 2019

koobs
textproc/py-elasticsearch5: Remove pinned urllib3 version
elasticsearch5 (this port) unnecessarily pins its urllib dependency to
< 1.23, which blocks updating urllib3 to 1.24 [1]:

./textproc/py-elasticsearch5: setup.py: 'urllib3<1.23,>=1.21.1',

The package had a history of issues/conflicts/bugs with the urllib3
dependency, ultimately resulting in the maximum version pin being
removed [2]:

  elastic/elasticsearch-py#807
  elastic/elasticsearch-py#667
  elastic/elasticsearch-py#634

This commit backports that change, a functional noop and sweeping change
in advance required for a urllib3 update, and adds TEST_DEPENDS and
a test target to support rigorous and confident QA. Switching to GitHub
sources was required as the PyPI sdist does not package tests.

The packages tests all pass with/against urllib3 1.24 installed, with an
intermittent and non-deterministic off-by-one failure in one test:

FAIL: test_all_chunks_sent (test_elasticsearch.test_helpers.TestParallelBulk)

The issue exists independent of urllib3 version. The flaky test issue was
reported upstream [3], but was not resolved.

[2] elastic/elasticsearch-py@4352e56
[3] elastic/elasticsearch-py#701

PR:		229322 [1]
Approved by:	portmgr (blanket: framework compliance, runtime bugfix)


git-svn-id: svn+ssh://svn.freebsd.org/ports/head@499073 35697150-7ecd-e111-bb59-0022644237b5

uqs pushed a commit to freebsd/freebsd-ports that referenced this issue Apr 16, 2019

textproc/py-elasticsearch5: Remove pinned urllib3 version
elasticsearch5 (this port) unnecessarily pins its urllib dependency to
< 1.23, which blocks updating urllib3 to 1.24 [1]:

./textproc/py-elasticsearch5: setup.py: 'urllib3<1.23,>=1.21.1',

The package had a history of issues/conflicts/bugs with the urllib3
dependency, ultimately resulting in the maximum version pin being
removed [2]:

  elastic/elasticsearch-py#807
  elastic/elasticsearch-py#667
  elastic/elasticsearch-py#634

This commit backports that change, a functional noop and sweeping change
in advance required for a urllib3 update, and adds TEST_DEPENDS and
a test target to support rigorous and confident QA. Switching to GitHub
sources was required as the PyPI sdist does not package tests.

The packages tests all pass with/against urllib3 1.24 installed, with an
intermittent and non-deterministic off-by-one failure in one test:

FAIL: test_all_chunks_sent (test_elasticsearch.test_helpers.TestParallelBulk)

The issue exists independent of urllib3 version. The flaky test issue was
reported upstream [3], but was not resolved.

[2] elastic/elasticsearch-py@4352e56
[3] elastic/elasticsearch-py#701

PR:		229322 [1]
Approved by:	portmgr (blanket: framework compliance, runtime bugfix)

Jehops pushed a commit to Jehops/freebsd-ports that referenced this issue Apr 16, 2019

textproc/py-elasticsearch5: Remove pinned urllib3 version
elasticsearch5 (this port) unnecessarily pins its urllib dependency to
< 1.23, which blocks updating urllib3 to 1.24 [1]:

./textproc/py-elasticsearch5: setup.py: 'urllib3<1.23,>=1.21.1',

The package had a history of issues/conflicts/bugs with the urllib3
dependency, ultimately resulting in the maximum version pin being
removed [2]:

  elastic/elasticsearch-py#807
  elastic/elasticsearch-py#667
  elastic/elasticsearch-py#634

This commit backports that change, a functional noop and sweeping change
in advance required for a urllib3 update, and adds TEST_DEPENDS and
a test target to support rigorous and confident QA. Switching to GitHub
sources was required as the PyPI sdist does not package tests.

The packages tests all pass with/against urllib3 1.24 installed, with an
intermittent and non-deterministic off-by-one failure in one test:

FAIL: test_all_chunks_sent (test_elasticsearch.test_helpers.TestParallelBulk)

The issue exists independent of urllib3 version. The flaky test issue was
reported upstream [3], but was not resolved.

[2] elastic/elasticsearch-py@4352e56
[3] elastic/elasticsearch-py#701

PR:		229322 [1]
Approved by:	portmgr (blanket: framework compliance, runtime bugfix)


git-svn-id: svn+ssh://svn.freebsd.org/ports/head@499073 35697150-7ecd-e111-bb59-0022644237b5

mat813 pushed a commit to mat813/freebsd-ports that referenced this issue Apr 18, 2019

textproc/py-elasticsearch5: Remove pinned urllib3 version
elasticsearch5 (this port) unnecessarily pins its urllib dependency to
< 1.23, which blocks updating urllib3 to 1.24 [1]:

./textproc/py-elasticsearch5: setup.py: 'urllib3<1.23,>=1.21.1',

The package had a history of issues/conflicts/bugs with the urllib3
dependency, ultimately resulting in the maximum version pin being
removed [2]:

  elastic/elasticsearch-py#807
  elastic/elasticsearch-py#667
  elastic/elasticsearch-py#634

This commit backports that change, a functional noop and sweeping change
in advance required for a urllib3 update, and adds TEST_DEPENDS and
a test target to support rigorous and confident QA. Switching to GitHub
sources was required as the PyPI sdist does not package tests.

The packages tests all pass with/against urllib3 1.24 installed, with an
intermittent and non-deterministic off-by-one failure in one test:

FAIL: test_all_chunks_sent (test_elasticsearch.test_helpers.TestParallelBulk)

The issue exists independent of urllib3 version. The flaky test issue was
reported upstream [3], but was not resolved.

[2] elastic/elasticsearch-py@4352e56
[3] elastic/elasticsearch-py#701

PR:		229322 [1]
Approved by:	portmgr (blanket: framework compliance, runtime bugfix)


git-svn-id: https://svn.freebsd.org/ports/head@499073 35697150-7ecd-e111-bb59-0022644237b5

swills pushed a commit to swills/freebsd-ports that referenced this issue Apr 19, 2019

textproc/py-elasticsearch5: Remove pinned urllib3 version
elasticsearch5 (this port) unnecessarily pins its urllib dependency to
< 1.23, which blocks updating urllib3 to 1.24 [1]:

./textproc/py-elasticsearch5: setup.py: 'urllib3<1.23,>=1.21.1',

The package had a history of issues/conflicts/bugs with the urllib3
dependency, ultimately resulting in the maximum version pin being
removed [2]:

  elastic/elasticsearch-py#807
  elastic/elasticsearch-py#667
  elastic/elasticsearch-py#634

This commit backports that change, a functional noop and sweeping change
in advance required for a urllib3 update, and adds TEST_DEPENDS and
a test target to support rigorous and confident QA. Switching to GitHub
sources was required as the PyPI sdist does not package tests.

The packages tests all pass with/against urllib3 1.24 installed, with an
intermittent and non-deterministic off-by-one failure in one test:

FAIL: test_all_chunks_sent (test_elasticsearch.test_helpers.TestParallelBulk)

The issue exists independent of urllib3 version. The flaky test issue was
reported upstream [3], but was not resolved.

[2] elastic/elasticsearch-py@4352e56
[3] elastic/elasticsearch-py#701

PR:		229322 [1]
Approved by:	portmgr (blanket: framework compliance, runtime bugfix)


git-svn-id: svn+ssh://svn.freebsd.org/ports/head@499073 35697150-7ecd-e111-bb59-0022644237b5

kwm81 pushed a commit to freebsd/freebsd-ports-gnome that referenced this issue Apr 22, 2019

textproc/py-elasticsearch5: Remove pinned urllib3 version
elasticsearch5 (this port) unnecessarily pins its urllib dependency to
< 1.23, which blocks updating urllib3 to 1.24 [1]:

./textproc/py-elasticsearch5: setup.py: 'urllib3<1.23,>=1.21.1',

The package had a history of issues/conflicts/bugs with the urllib3
dependency, ultimately resulting in the maximum version pin being
removed [2]:

  elastic/elasticsearch-py#807
  elastic/elasticsearch-py#667
  elastic/elasticsearch-py#634

This commit backports that change, a functional noop and sweeping change
in advance required for a urllib3 update, and adds TEST_DEPENDS and
a test target to support rigorous and confident QA. Switching to GitHub
sources was required as the PyPI sdist does not package tests.

The packages tests all pass with/against urllib3 1.24 installed, with an
intermittent and non-deterministic off-by-one failure in one test:

FAIL: test_all_chunks_sent (test_elasticsearch.test_helpers.TestParallelBulk)

The issue exists independent of urllib3 version. The flaky test issue was
reported upstream [3], but was not resolved.

[2] elastic/elasticsearch-py@4352e56
[3] elastic/elasticsearch-py#701

PR:		229322 [1]
Approved by:	portmgr (blanket: framework compliance, runtime bugfix)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.