Installation fails due to conflicting urllib3 version

Question

Installation fails due to conflicting urllib3 version

NeolithEra opened this issue 5 years ago · 1 comments

Hi, users are unable to run twitterbots due to dependency conflict with urllib3 package.
As shown in the following full dependency graph of twitterbots, it directly requires urllib3>=1.24.2，while requests==2.21.0 requires urllib3>=1.21.1,<1.25.

According to pip’s “first found wins” installation strategy, urllib3 1.25.3 is the actually installed version. However, urllib3 1.25.3 does not satisfy urllib3>=1.21.1,<1.25.

Dependency tree

twitterbots-master
| +-asn1crypto(version range:==0.24.0)
| +-astroid(version range:==2.1.0)
| +-certifi(version range:==2018.11.29)
| +-cffi(version range:==1.11.5)
| +-chardet(version range:==3.0.4)
| +-cryptography(version range:==2.4.2)
| +-flake8(version range:==3.6.0)
| +-idna(version range:==2.8)
| +-ijson(version range:==2.3)
| +-isort(version range:==4.3.4)
| +-lazy-object-proxy(version range:==1.3.1)
| +-mccabe(version range:==0.6.1)
| +-numpy(version range:==1.15.4)
| +-oauthlib(version range:==2.1.0)
| +-pycodestyle(version range:==2.4.0)
| +-pycparser(version range:==2.19)
| +-pyflakes(version range:==2.0.0)
| +-pylint(version range:==2.2.2)
| +-pymysql(version range:==0.9.2)
| | +-cryptography(version range:*)
| +-pysocks(version range:==1.6.8)
| +-redis(version range:==3.0.1)
| +-requests(version range:==2.21.0)
| | +-certifi(version range:>=2017.4.17)
| | +-chardet(version range:<3.1.0,>=3.0.2)
| | +-idna(version range:>=2.5,<2.9)
| | +-urllib3(version range:>=1.21.1,<1.25)
| +-requests-oauthlib(version range:==1.0.0)
| +-six(version range:==1.12.0)
| +-sqlalchemy(version range:>=1.3.0)
| +-tweepy(version range:==3.7.0)
| | +-pysocks(version range:>=1.5.7)
| | +-requests(version range:>=2.11.1)
| | | +-certifi(version range:>=2017.4.17)
| | | +-chardet(version range:<3.1.0,>=3.0.2)
| | | +-idna(version range:>=2.5,<2.9)
| | | +-urllib3(version range:>=1.21.1,<1.25)
| | +-requests-oauthlib(version range:>=0.7.0)
| | +-six(version range:>=1.10.0)
| +-typed-ast(version range:==1.1.0)
| +-urllib3(version range:>=1.24.2)
| +-wrapt(version range:==1.10.11)
| +-yapf(version range:==0.25.0)

Thanks for your help.
Best,
Neolith

Answer 1 · 2019-08-06T03:40:48.000Z

Solution

Fix your direct dependency to be urllib3>=1.21.1,<1.25.
I have checked this revision will not affect your downstream projects now.
Remove your direct dependency urllib3, and use urllib3 transitively introduced by requests.

Which solution do you prefer, 1 or 2?

@jordan-wright Please let me know your choice. I can submit a PR to solve this issue.