Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update requests to 2.32.2 #10992

Merged
merged 5 commits into from
Jun 28, 2024
Merged

chore: update requests to 2.32.2 #10992

merged 5 commits into from
Jun 28, 2024

Conversation

JoeWang1127
Copy link
Contributor

@JoeWang1127 JoeWang1127 commented Jun 26, 2024
edited
Loading

@JoeWang1127 JoeWang1127 marked this pull request as ready for review June 26, 2024 18:18
@JoeWang1127 JoeWang1127 requested a review from a team as a code owner June 26, 2024 18:18
blakeli0
blakeli0 reviewed Jun 26, 2024
View reviewed changes
.github/requirements.txt Outdated
--hash=sha256:34b97092d7e0a3a8cf7cd10e386f401b3737364026c45e622aa02903dffe0f07 \
--hash=sha256:f8ecc1bba5667413457c529ab955bf8c67b45db799d159066261719e328580a0
# via requests
requests==2.32.2
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any scripts still use it? I think it was used by new-client.py, but now that we moved to hermetic build, we may not need it anymore?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Answered in #10992 (comment)

blakeli0
blakeli0 reviewed Jun 26, 2024
View reviewed changes
.github/requirements.in Outdated
Copy link
Contributor

@blakeli0 blakeli0 Jun 26, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we do still need requests, we should keep this requiremenst.in file. It was introduced to mitigate a security issue. @mpeddada1 probably has more info regarding why we need it as she implemented in originally.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, I'll let @mpeddada1 to review this pr.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks all, it was used replace python2 -m pip install requests in

google-cloud-java/.github/workflows/readme.yaml

Line 31 in c5d483e

- run: python3 -m pip install --require-hashes -r .github/requirements.txt

Original PR: a2bb85d. I believe it is still used for the generate-readme GA job so we may still need it (unless it's been replaced).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need two files (requirement.in and requirement.txt) to lock the dependency version?

@JoeWang1127 JoeWang1127 added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 26, 2024
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 26, 2024
JoeWang1127
JoeWang1127 commented Jun 28, 2024
View reviewed changes
.github/requirements.in
requests==2.32.2
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This version requires python 3.8 or above, so bumping python version in workflow.

@JoeWang1127 JoeWang1127 merged commit 93ffb0b into main Jun 28, 2024
31 checks passed
@JoeWang1127 JoeWang1127 deleted the chore/update-requirements branch June 28, 2024 22:17
This was referenced Jun 28, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blakeli0 blakeli0 blakeli0 approved these changes

@mpeddada1 mpeddada1 Awaiting requested review from mpeddada1

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@JoeWang1127 @blakeli0 @mpeddada1 @yoshi-kokoro