jenkins-bot has submitted this change and it was merged.
Change subject: [IMPROV] Don't limit cryptography module on 2.6 ......................................................................
[IMPROV] Don't limit cryptography module on 2.6
The cryptography module does complain on Python 2.6 that it's outdated. So it's using the newest version which doesn't issue that warning. But that could compromise the security as it won't include security patches.
This is now not limiting that version anymore and installing the newest version on Python 2.6 as well. By default the deprecation warning is hidden but if the user still wishes to suppress this warning they can install version 0.8.2 or before.
Bug: T108061 Change-Id: If5270a0b2214c2f3b124d50180a122bfeeadc3cb --- M requests-requirements.txt M requirements.txt M setup.py M tests/utils.py 4 files changed, 16 insertions(+), 13 deletions(-)
Approvals: John Vandenberg: Looks good to me, approved jenkins-bot: Verified
diff --git a/requests-requirements.txt b/requests-requirements.txt index 2923433..778c9f6 100644 --- a/requests-requirements.txt +++ b/requests-requirements.txt @@ -1,9 +1,5 @@ requests
-# Dependency of pyOpenSSL. Use specific version to avoid expected -# DeprecationWarning -cryptography<=0.8.2 ; python_version < '2.7' - # requests security extra # Bug T105767 on Python 2.7 release 9+ pyOpenSSL ; python_full_version < '2.7.9' or python_version >= '3' diff --git a/requirements.txt b/requirements.txt index c7db758..cad79bf 100644 --- a/requirements.txt +++ b/requirements.txt @@ -21,10 +21,6 @@ # mandatory; see README.conversion.txt requests
-# Dependency of pyOpenSSL. Use specific version to avoid expected -# DeprecationWarning -cryptography<=0.8.2 ; python_version < '2.7' - # requests security extra pyOpenSSL ; python_full_version < '2.7.9' ndg-httpsclient ; python_full_version < '2.7.9' diff --git a/setup.py b/setup.py index 2a2d63f..6a120b1 100644 --- a/setup.py +++ b/setup.py @@ -107,11 +107,6 @@
if sys.version_info[0] == 2: if PY26: - # requests security extra includes pyOpenSSL. cryptography is the - # dependency of pyOpenSSL. 0.8.2 is the newest and compatible version - # for Python 2.6, which won't raise unexpected DeprecationWarning. - extra_deps['security'].append('cryptography<=0.8.2') - script_deps['replicate_wiki.py'] = ['argparse'] dependencies.append('future>=0.15.0') # provides collections backports
diff --git a/tests/utils.py b/tests/utils.py index 654b91b..69f2fae 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -44,6 +44,9 @@
OSWIN32 = (sys.platform == 'win32')
+PYTHON_26_CRYPTO_WARN = ('Python 2.6 is no longer supported by the Python core ' + 'team, please upgrade your Python.') +
class DrySiteNote(RuntimeWarning):
@@ -231,6 +234,12 @@ if PYTHON_VERSION >= (3, 5, 0): if str(entry.message) == ('inspect.getargspec() is deprecated, ' 'use inspect.signature() instead'): + return + # Avoid failures because cryptography is mentioning Python 2.6 + # is outdated + if PYTHON_VERSION < (2, 7): + if (isinstance(entry, DeprecationWarning) and + str(entry.message) == PYTHON_26_CRYPTO_WARN): return
log.append(entry) @@ -557,9 +566,16 @@ """ Execute a command and capture outputs.
+ On Python 2.6 it adds an option to ignore the deprecation warning from + the cryptography package after the first entry of the command parameter. + @param command: executable to run and arguments to use @type command: list of unicode """ + if PYTHON_VERSION < (2, 7): + command.insert( + 1, '-W ignore:{0}:DeprecationWarning'.format(PYTHON_26_CRYPTO_WARN)) + # Any environment variables added on Windows must be of type # str() on Python 2. env = os.environ.copy()