-
Notifications
You must be signed in to change notification settings - Fork 185
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FEATURE] Add support for urllib3 > v2 #628
Comments
Did you mean 2.4.2? If not, and you meant 2.3.2, would you be so kind to confirm that this still doesn't work in 2.4.2? I found a number of hits on Google for this, e.g. psf/requests#6443, so it sounds like this may be about versions of urllib3 or requests. Have you tried upgrading those? |
Yes from my test it failed with v2.3.2 through v2.4.2. In terms of the runtime I'm not installing any other packages other than |
Examining the base image, From Docker Scout (
And this PR pushed this package |
Can you compare the versions of |
Do you mean 2.3.1 and 2.3.2 of |
Yes, trying to narrow down where the actual problem is. |
When adding the additional constraint
Seems like that should be the way forward for me. |
To be clear, I don't mean to make any claims that this library is incompatible with urllib3 2.x. What I have found is that the Lambda base image contains at least If Alternatively, users can reference this issue and add the I defer to the maintainers as you know your installation base better and constraining urllib3 version may be something you don't want to do. |
But I am. I believe this is why we have this error. Because 2.x is installed, it gets picked (it satisfies >= 1.26....). However I think it also does work with 2.x for some scenarios. Either way we don't use that version in tests, so I would want to know for sure by having a test run with 2.x and seeing what breaks to begin with. I might get to it soon, but if you have time, don't hold back on helping ;) |
Reopening to add support for urllib3 >= 2. |
Hello there, Sorry to barge in. A bit off topic, but I wanted to recommend Niquests as a possible replacement for Requests+aiohttp. I am willing to help if this is something of potential interest. |
@Ousret yes would love some help. Generally we want all these libraries to be switchable. |
So the issue here is that the botocore packaged with the AWS Lambda Python 3.9 image (at least at the time this issue was created) requires urlllib3 < 2. The relevant versions of botocore actually specify this dependency in their requirements.txt. However because this is the version of botocore packaged with the image, when users install their own dependencies using The thing is, AWS Lambda best practices are to not use prepackaged libraries, to explicitly install all your dependencies:
From https://docs.aws.amazon.com/lambda/latest/dg/best-practices.html#function-code. Although the best practice here doesn't make it explicit, another reason to package all of your dependencies with your deployment package is that if you don't, the dependency graph your package manager is using is incomplete (missing packages included with your runtime), and you see issues like this. As such, I would argue opensearch-py should not be pinning on urllib3 < 2. Apart from anything else, if you're going to pin to urllib3 < 2 as long as the AWS Lambda Python 3.9 image does not support urllib3 >= 2, you will be keeping that pin for the lifetime of the AWS Lambda Python 3.9 runtime as the OpenSSL provided in that runtime is < 1.1.1 and will never be upgraded to 1.1.1 to the best of my knowledge. |
Perhaps a similar constraint can be applied to
|
Subjectively speaking, this feels like something relatively urgent. The longer the delay, the bigger the versioning dependency problem will get. I'm currently seeing:
|
@james-certn There's an open PR in #719 that needs some tests. Want to help? |
I faced this same problem today. Great that the PR supporting urllib3 > v2 has already been merged! As I'm new to the repository, I'm unsure of how the release process works. Is there any estimate of when the next release (with this code) will come out? |
Open an issue to "release v. next" and we can do it quickly. |
Should this issue be resolved, now version 2.6.0 has been released? |
What is the bug?
When using
opensearch-py
v2.3.2 and greater withboto3
provided by AWS Lambda , the following error occurs:cannot import name 'DEFAULT_CIPHERS' from 'urllib3.util.ssl_'
How can one reproduce the bug?
Dockerfile:
app.py:
What is the expected behavior?
Imports are successful and code runs.
What is your host/environment?
public.ecr.aws/lambda/python:3.9
Do you have any screenshots?
N/A
Do you have any additional context?
Downgrade to 2.3.1 successfully executes.
The text was updated successfully, but these errors were encountered: