jenkins-bot has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/470841 )
Change subject: [Security] use requests version 2.20.0 or later
......................................................................
[Security] use requests version 2.20.0 or later
setup requests to version 2.20.0 or later
but do not force updating (yet)
Bug: T208296
Change-Id: I15affdd115d00d00e196a3c3bc6dbde01b01f0aa
---
M pywikibot/comms/eventstreams.py
M requests-requirements.txt
M requirements.txt
M setup.py
4 files changed, 4 insertions(+), 4 deletions(-)
Approvals:
Legoktm: Looks good to me, approved
D3r1ck01: Looks good to me, but someone else must approve
jenkins-bot: Verified
diff --git a/pywikibot/comms/eventstreams.py b/pywikibot/comms/eventstreams.py
index e20c931..cb8aaee 100644
--- a/pywikibot/comms/eventstreams.py
+++ b/pywikibot/comms/eventstreams.py
@@ -36,7 +36,7 @@
if LooseVersion(requests.__version__) < LooseVersion('2.9'):
raise ImportError(
'requests >= 2.9 is required for EventStreams;\n'
- "install it with 'pip install
\"requests>=2.9,!=2.18.2\"'\n")
+ "install it with 'pip install
\"requests>=2.20.0\"'\n")
_logger = 'pywikibot.eventstreams'
diff --git a/requests-requirements.txt b/requests-requirements.txt
index 1e18a8d..36e99b6 100644
--- a/requests-requirements.txt
+++ b/requests-requirements.txt
@@ -1,6 +1,6 @@
# This file is DEPRECATED! Use `pip install pywikibot[security]` instead.
-requests>=2.9,!=2.18.2
+requests>=2.20.0
# requests security extra
requests[security] ; python_full_version > '2.7.6' and python_full_version
< '2.7.9'
diff --git a/requirements.txt b/requirements.txt
index 095a838..551d858 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -19,7 +19,7 @@
# $ awk -F '[#>=]' '{print $1}' requirements.txt | xargs apt-cache
search
# mandatory; see README.conversion.txt
-requests>=2.9,!=2.18.2
+requests>=2.20.0
# requests security extra
requests[security] ; python_full_version > '2.7.6' and python_full_version
< '2.7.9'
diff --git a/setup.py b/setup.py
index 0e21b86..a73a804 100644
--- a/setup.py
+++ b/setup.py
@@ -46,7 +46,7 @@
test_deps = ['bz2file', 'mock']
-dependencies = ['requests>=2.9,!=2.18.2']
+dependencies = ['requests>=2.20.0']
extra_deps = {
# Core library dependencies
--
To view, visit
https://gerrit.wikimedia.org/r/470841
To unsubscribe, or for help writing mail filters, visit
https://gerrit.wikimedia.org/r/settings
Gerrit-Project: pywikibot/core
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I15affdd115d00d00e196a3c3bc6dbde01b01f0aa
Gerrit-Change-Number: 470841
Gerrit-PatchSet: 2
Gerrit-Owner: Xqt <info(a)gno.de>
Gerrit-Reviewer: D3r1ck01 <alangiderick(a)gmail.com>
Gerrit-Reviewer: Dalba <dalba.wiki(a)gmail.com>
Gerrit-Reviewer: Hashar <hashar(a)free.fr>
Gerrit-Reviewer: John Vandenberg <jayvdb(a)gmail.com>
Gerrit-Reviewer: Legoktm <legoktm(a)member.fsf.org>
Gerrit-Reviewer: jenkins-bot (75)