-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
urllib3 version 2 incompatibility #636
Comments
It looks like this warning comes from the use of botocore: https://urllib3.readthedocs.io/en/stable/v2-migration-guide.html
botocore is required for the use of Amazon S3 or S3 emulating endpoints like the Cloudian Hyperstore ( botocore has the following pin on <2 to support Amazon Linux 2 and AWS Lambda. https://github.com/boto/botocore/blob/develop/setup.py#L25-L33 Does the latest CaveClient need urllib>=2? What kind of resolution would you like to see? There is significant use of S3 and S3 emulating endpoints by CloudVolume and CloudFiles users. |
Yup, that totally checks out. The most recent version of caveclient added some increased retry configuration that used on an import that does not work in urllib3 1.x.x. I'm honestly not sure what the right answer for us is — it feels pretty negligent of the botocore package to not support a well-telegraphed version change after well more than a year, but it's also critical functionality as you point out. |
Hmm have you considered using https://github.com/jd/tenacity for the retry function? That might get you out of the jam. |
@ceesem I’ve been getting test errors on Ubuntu for the last few weeks eg
Do you think this might be related? Do you have a workaround? Thanks! |
2.2.3 urllib3 is quite new (september).. https://github.com/urllib3/urllib3/tags , and is a major version bump from 1.26.20 that came before it on github. 1.26.20 had ssl in that file.. https://github.com/urllib3/urllib3/blob/6f2ad7ca0cdde53751bab29cbc10bcc965bb4387/src/urllib3/util/ssl_.py#L49 2.2.3 does not. I don't see any direct reference to this in cloud-volume, it must be coming from one of it's dependancies that isn't properly controlling its urllib3 compatability with v2. my workaround advice would be to add an explicit dependency on urllib3<2 on whatever your install route is, or pre-installing urllib3 with something <2 but >=1.25.7. cloud-volume installation should not cause it to be re-installed. Longer term we need a fuller traceback to figure out who is the depenancy that is at fault and they need to fix their compatability with urllib3>=2 |
Thanks @fcollman. I've looked into this some more and my github actions builds previously worked with urllib 2.2.3 (Sep 12 build) so unfortunately this seems to be a red herring. However, I have narrowed it down to one of the following and I'm steadily working through the options ...
|
It's one of these
|
So it seems to be:
just why is a bit beyond me ... but I guess it probably doesn't have anything to do with this issue. Although if anyone can enlighten me I would be v grateful. or in more detail
|
* after extensive testing 3.10.15 seems to have a problem right now * see seung-lab/cloud-volume#636 (comment)
so odd... https://www.python.org/downloads/release/python-31015/ "gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads." This seems to me to be the top candidate in that release set based on the ssl related error that came up.. |
We are starting to use some code in caveclient that requires urllib3 version 2, but with urllib3, e.g. version 2.2.3,
import cloudvolume
raises the error:cannot import name 'DEFAULT_CIPHERS' from 'urllib3.util.ssl_
This seems to be a breaking change in urllib3 between version 1.x.x and 2.x.x, but that version req is not enforced by requirements.txt from cloudvolume. It would be nice to be compatible with recent versions of urllib3.
The text was updated successfully, but these errors were encountered: