update urllib3 version #132
Conversation
![code-review-assist[bot]](https://avatars.githubusercontent.com/in/1008254?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hi @sharmaharisam and reviewers,
I'm currently reviewing this pull request and will post my full review in a few minutes. In the meantime, here's a quick summary to help everyone get up to speed:
This PR updates the urllib3 dependency to version 2 or higher. The change is localized to the setup.py file, specifically lines 25-29. The previous version constraint (urllib3>=1.26.2,<2) is replaced with urllib3>=2. This likely addresses compatibility issues or incorporates security patches included in newer versions of urllib3. The intent, based on the PR title and description, is to resolve an issue (although the issue number is missing). I haven't been able to verify the tests yet, but I will do so as part of my full review.
Small changes, big impact,
Code's journey, a grand act.
Version bumps, a steady hand,
Keeping the system, safe and grand.
Thanks!
There was a problem hiding this comment.
This pull request updates the urllib3 dependency to remove the upper bound. This change allows for more flexibility in urllib3 versions. It's crucial to thoroughly test this change with the intended environment and dependent libraries to ensure compatibility and avoid introducing vulnerabilities.
| @@ -25,7 +25,7 @@ | |||
| "requests>=2.25.1", | |||
| "ruamel.yaml>=0.17.7", | |||
| "six>=1.15.0", | |||
| "urllib3>=1.26.2,<2", | |||
| "urllib3>=2", | |||
There was a problem hiding this comment.
While removing the upper bound allows flexibility, it's generally recommended to specify a version range to avoid potential issues with future, possibly incompatible urllib3 releases. Consider specifying an upper bound or a more precise version based on testing. For example, you could specify a compatible release or a range like urllib3>=2,<3, assuming major version 3 introduces breaking changes.
| "urllib3>=2", | |
| "urllib3>=2,<3" |
Fixes #<issue_number_goes_here>