GitHub Actions workflow to create a release: will upload to PyPI
and create a GitHub release with the `sdist` and `bdist_wheel`
as well.
The version code is switched to `setuptools_scm` to work well
with this flow (e.g. avoid needing to write a script that does
a `sed` on the version file and commits as part of release).
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
The `requirements.txt` and `setup.py` had a lot of extra transitive
dependencies to try and address various SSL shortcomings from the
Python ecosystem.
Thankfully, between modern Python versions (3.6+) and corresponding
`requests` versions (2.26+), this is all unnecessary now!
As a result, a bunch of transitive dependencies have been removed
from `requirements.txt`, the minimum version of `requests` increased,
and the `tls` extra made into a no-op.
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
* Upgrade to latest Sphinx / recommonmark
* Small CSS fix for issue in new version of Alabaster theme
* Fix `Makefile` target for macOS
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Upgrade to latest pywin32, which has support for Python 3.10 and
resolves a CVE (related to ACL APIs, outside the scope of what
`docker-py` relies on, which is npipe support, but still gets
flagged by scanners).
The version constraint has also been relaxed in `setup.py` to allow
newer versions of pywin32. This is similar to how we handle the
other packages there, and should be safe from a compatibility
perspective.
Fixes#2902.
Closes#2972 and closes#2980.
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Dependabot opened a pull request
93bcc0497d to upgrade cryptography from
2.3 to 3.2.
However, only `requirements.txt` was updated.
The extra requirements were kept outdated.
This commit was made to update the library to the last version.
Fix#2791
Signed-off-by: Felipe Ruhland <felipe.ruhland@gmail.com>
pyOpenSSL, cryptography, idna
and installs cryptography's version of openssl in Mac OS (which by default has an
ancient version of openssl that doesn't support TLS 1.2).
Signed-off-by: cyli <cyli@twistedmatrix.com>
The 2.18.0 version of requests breaks compatibility with docker-py:
https://github.com/requests/requests/issues/4160
[This block](https://github.com/shazow/urllib3/blob/master/urllib3/connectionpool.py#L292) of code from urllib3 fails:
```python
def _get_timeout(self, timeout):
""" Helper that always returns a :class:`urllib3.util.Timeout` """
if timeout is _Default:
return self.timeout.clone()
if isinstance(timeout, Timeout):
return timeout.clone()
else:
# User passed us an int/float. This is for backwards compatibility,
# can be removed later
return Timeout.from_float(timeout)
```
In the case of requests version 2.18.0:
`timeout` was an instance of `urllib3.util.timeout.Timeout`
`Timeout` was an instance of `requests.packages.urllib3.util.timeout.Timeout`
When the `isinstance(timeout, Timeout)` check fails the `urllib3.util.timeout.Timeout` object is passed as the `connection` argument to `requests.packages.urllib3.util.timeout.Timeout.from_float`.
Signed-off-by: Matt Oberle <matt.r.oberle@gmail.com>
Aarni Koskela
Hugo van Kemenade
Milas Bowman
Francesco Casalegno
Milas Bowman
Anthony Sottile
Anca Iordache
Felipe Ruhland
Ulysses Souza
Christian Clauss
Ofek Lev
Joffrey F
timvisee
cyli
Matt Oberle
Joffrey F
Ben Firshman
Tomas Tomecek