Upgrade requests dependency to 2.32.3 #3135

mbastian · 2024-09-16T12:39:06Z

Hi, and thank you for maintaining this great library!

Could you please upgrade the requests dependency? The 2.3.1 version is from May 22nd and has a vulnerability (CVE-2024-35195). The 2.32.3 is the latest version.

Thanks in advance!

The text was updated successfully, but these errors were encountered:

mdmintz · 2024-09-16T12:46:50Z

Duplicate of #3097 (comment)

There's an issue in requests 2.32.3 leading to "widespread breakage" as mentioned in psf/requests#6730 (comment), and psf/requests#6726. I already talked about this here: #2838 (comment), and here: #2951 (comment).

There's already a PR in place to fix that major issue with requests: psf/requests#6731. Until that fix is in, I'll need to keep requests pinned to 2.31.0. (The versions between 2.31.0 and 2.32.3 had other issues.)

If you absolutely need requests 2.32.3 now (even with that issue), then feel free to force install it.

mdmintz added the duplicate The answer/solution already exists somewhere label Sep 16, 2024

mdmintz closed this as completed Sep 16, 2024

mdmintz added question Someone is looking for answers requirements workaround exists You can reach your destination if you do this... labels Sep 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade requests dependency to 2.32.3 #3135

Upgrade requests dependency to 2.32.3 #3135

mbastian commented Sep 16, 2024

mdmintz commented Sep 16, 2024

Upgrade requests dependency to 2.32.3 #3135

Upgrade requests dependency to 2.32.3 #3135

Comments

mbastian commented Sep 16, 2024

mdmintz commented Sep 16, 2024