jenkins-bot has submitted this change and it was merged.
Change subject: [FIX] InsecurePlatformWarning on Python <2.7.9
......................................................................
[FIX] InsecurePlatformWarning on Python <2.7.9
Install requests[security] on Python <2.7.9
For more details see:
https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwar…
Bug: T103769
Change-Id: I1d4a0d71bd1573584231823a7e27c87df12d47a8
---
M pywikibot/comms/http.py
M requirements.txt
M setup.py
3 files changed, 31 insertions(+), 1 deletion(-)
Approvals:
John Vandenberg: Looks good to me, approved
jenkins-bot: Verified
diff --git a/pywikibot/comms/http.py b/pywikibot/comms/http.py
index 9a9fdf3..4b8fcfc 100644
--- a/pywikibot/comms/http.py
+++ b/pywikibot/comms/http.py
@@ -43,7 +43,7 @@
FatalServerError, Server504Error, Server414Error
)
from pywikibot.comms import threadedhttp
-from pywikibot.tools import deprecate_arg
+from pywikibot.tools import deprecate_arg, PY2
import pywikibot.version
# The error message for failed SSL certificate verification
@@ -246,6 +246,8 @@
uri = http_request.uri
body = http_request.body
headers = http_request.headers
+ if PY2 and headers:
+ headers = dict((key, str(value)) for key, value in headers.items())
auth = config.authenticate.get(requests.utils.urlparse(uri).netloc, None)
timeout = config.socket_timeout
try:
diff --git a/requirements.txt b/requirements.txt
index e697427..e2b14dd 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -21,6 +21,15 @@
# mandatory; see README.conversion.txt
requests
+# Dependency of pyOpenSSL. Use specific version to avoid expected
+# DeprecationWarning
+cryptography<=0.8.2 ; python_version < '2.7'
+
+# requests security extra
+pyOpenSSL ; python_full_version < '2.7.9'
+ndg-httpsclient ; python_full_version < '2.7.9'
+pyasn1 ; python_full_version < '2.7.9'
+
future ; python_version < '2.7'
# core interwiki_graph.py:
git+https://github.com/nlhepler/pydot#egg=pydot-1.0.29
diff --git a/setup.py b/setup.py
index b6d7424..b65277b 100644
--- a/setup.py
+++ b/setup.py
@@ -27,6 +27,7 @@
'Tkinter': ['Pillow'],
# 0.6.1 supports socket.io 1.0, but WMF is using 0.9 (T91393 and T85716)
'rcstream': ['socketIO-client<0.6.1'],
+ 'security': ['requests[security]'],
}
if sys.version_info[0] == 2:
@@ -72,6 +73,10 @@
if sys.version_info < (2, 6, 5):
raise RuntimeError("ERROR: Pywikibot only runs under Python 2.6.5 or
higher")
elif sys.version_info[1] == 6:
+ # requests security extra includes pyOpenSSL. cryptography is the
+ # dependency of pyOpenSSL. 0.8.2 is the newest and compatible version
+ # for Python 2.6, which won't raise unexpected DeprecationWarning.
+ extra_deps['security'].append('cryptography<=0.8.2')
# work around distutils hardcoded unittest dependency
import unittest # noqa
if 'test' in sys.argv and sys.version_info < (2, 7):
@@ -89,6 +94,15 @@
#
https://pypi.python.org/pypi/ipaddr
# Other backports are likely broken.
dependencies.append('ipaddr')
+
+ if sys.version_info < (2, 7, 9):
+ # Python versions before 2.7.9 will cause urllib3 to trigger
+ # InsecurePlatformWarning warnings for all HTTPS requests. By
+ # installing with security extras, requests will automatically set
+ # them up and the warnings will stop. See
+ #
<https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning>
+ # for more details.
+ dependencies += extra_deps['security']
script_deps['data_ingestion.py'] = extra_deps['csv']
@@ -129,6 +143,11 @@
if 'oursql' in test_deps and os.name == 'nt':
test_deps.remove('oursql') # depends on Cython
+ if 'requests[security]' in test_deps:
+ # Bug T105767 on Python 2.7 release 9+
+ if sys.version_info[:2] == (2, 7) and sys.version_info[2] >= 9:
+ test_deps.remove('requests[security]')
+
# These extra dependencies are needed other unittest fails to load tests.
if sys.version_info[0] == 2:
test_deps += extra_deps['csv']
--
To view, visit
https://gerrit.wikimedia.org/r/220388
To unsubscribe, visit
https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I1d4a0d71bd1573584231823a7e27c87df12d47a8
Gerrit-PatchSet: 10
Gerrit-Project: pywikibot/core
Gerrit-Branch: master
Gerrit-Owner: Legoktm <legoktm.wikipedia(a)gmail.com>
Gerrit-Reviewer: John Vandenberg <jayvdb(a)gmail.com>
Gerrit-Reviewer: Ladsgroup <ladsgroup(a)gmail.com>
Gerrit-Reviewer: Legoktm <legoktm.wikipedia(a)gmail.com>
Gerrit-Reviewer: Merlijn van Deen <valhallasw(a)arctus.nl>
Gerrit-Reviewer: VcamX <vcamx3(a)gmail.com>
Gerrit-Reviewer: XZise <CommodoreFabianus(a)gmx.de>
Gerrit-Reviewer: Xqt <info(a)gno.de>
Gerrit-Reviewer: jenkins-bot <>