grpc/tools/internal_ci/helper_scripts/requirements.macos.txt

cython<4.0.0rc1
cryptography==3.4.6
PyJWT==2.0.1
pyOpenSSL==20.0.1
PyYAML==6.0
requests==2.32.2
Add templating and support for Python 3.13 (#37643) This PR adds templating for Python versions and updates the maximum supported Python version to 3.13. The following major changes related to templating are added: - Minimum supported Python version and list of supported versions in `setup.py` are fetched using new template generated files called `python_version.py` - Dockerfiles for the different Python Linux builds are now template generated. - The "Supported Python Versions" section from READMEs of ancillary and main packages have been removed Note: All the `python_version.py` files and Linux build `Dockerfiles` except `tools/dockerfile/grpc_artifact_python_linux_armv7/Dockerfile` in the PR are generated from the respective templates. Further non-templated additions to add support for Python 3.13: - install scripts and artifacts for windows, macos and linux are added manually. Later, these can be templated as well. - updated cython bounds to 3.x - updated twine version to solve [cgi module import error](https://github.com/pypa/twine/issues/1046) - the twine update introduces a dependency on cryptography>=2.0. But the cryptography package doesn't support 32-bit Linux images and hence `twine check` has been disabled for x86 manylinux and x86 musllinux artifacts. Closes #37643 PiperOrigin-RevId: 678954495 2 months ago			`cython<4.0.0rc1`
[Deps] Revert "Bump cryptography from 3.4.6 to 42.0.4 in /tools/internal_ci/… (#36255) Rolling this (https://github.com/grpc/grpc/pull/36153) back as master branch is failing in mac with the following error ``` + python3 workspace_python_macos_opt_native/tools/run_tests/run_tests.py -t -j 4 -x run_tests/python_macos_opt_native/sponge_log.xml --report_suite_name python_macos_opt_native -l python -c opt --iomgr_platform native --max_time 3600 --report_multi_target Traceback (most recent call last): File "/Volumes/BuildData/tmpfs/altsrc/github/grpc/workspace_python_macos_opt_native/tools/run_tests/run_tests.py", line 50, in from python_utils.upload_test_results import upload_results_to_bq File "/Volumes/BuildData/tmpfs/altsrc/github/grpc/workspace_python_macos_opt_native/tools/run_tests/python_utils/upload_test_results.py", line 30, in import big_query_utils File "/Volumes/BuildData/tmpfs/altsrc/github/grpc/workspace_python_macos_opt_native/tools/gcp/utils/big_query_utils.py", line 21, in from apiclient import discovery File "/Users/kbuilder/.local/lib/python3.10/site-packages/apiclient/__init__.py", line 3, in from googleapiclient import channel, discovery, errors, http, mimeparse, model File "/Users/kbuilder/.local/lib/python3.10/site-packages/googleapiclient/discovery.py", line 64, in from googleapiclient import _auth, mimeparse File "/Users/kbuilder/.local/lib/python3.10/site-packages/googleapiclient/_auth.py", line 34, in import oauth2client.client File "/Users/kbuilder/.local/lib/python3.10/site-packages/oauth2client/client.py", line 45, in from oauth2client import crypt File "/Users/kbuilder/.local/lib/python3.10/site-packages/oauth2client/crypt.py", line 45, in from oauth2client import _openssl_crypt File "/Users/kbuilder/.local/lib/python3.10/site-packages/oauth2client/_openssl_crypt.py", line 16, in from OpenSSL import crypto File "/Users/kbuilder/.local/lib/python3.10/site-packages/OpenSSL/__init__.py", line 8, in from OpenSSL import crypto, SSL File "/Users/kbuilder/.local/lib/python3.10/site-packages/OpenSSL/crypto.py", line 1556, in class X509StoreFlags(object): File "/Users/kbuilder/.local/lib/python3.10/site-packages/OpenSSL/crypto.py", line 1575, in X509StoreFlags NOTIFY_POLICY = _lib.X509_V_FLAG_NOTIFY_POLICY AttributeError: module 'lib' has no attribute 'X509_V_FLAG_NOTIFY_POLICY'. Did you mean: 'X509_V_FLAG_EXPLICIT_POLICY'? ``` Closes #36255 COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36255 from veblush:rb-36153 79c86e160ebf473096730649eee91f7ea83ef129 PiperOrigin-RevId: 621886345 8 months ago			`cryptography==3.4.6`
Migrate the bm_diff benchmarks to python3 (#25619) * Migrate the bm_diff benchmarks to python3 Includes a requirements.txt pinned at ~2017 versions, when this script was first written. * Replace p2 with p3 scipy/numpy dependencies. * py2->3 for benchmark setup scripts * upgrade pip to resolve python3 cryptography/setuptools-rust problem * re-add jobset import (accidentally removed) * re-add six's urllib import. This file is still used in py2 tests * force py3 in run_if_c_cpp_modified.sh * Fix another instance of subprocess.check_output binary mode * Use the requirements.txt for CI perf environment setup * Try to upgrade PyJWT. (v2.0.0 was problematic, #25053) v2.x makes encode return strs from jwt.encode in both py2 and py3. Previously, py3 would return bytes, and py2 a str. * upgate cryptography lib version requirements for jwt. * Wrap pip requirements specifier in quotes '>=x,<y' * Decode subprocess output once instead of for every line * Revert "Decode subprocess output once instead of for every line" This reverts commit 28d14026431622ac7afd3535a8d7118e5be96628. py2 doesn't support the `text` argument to subprocess.check_output. * Address reviewer requests * Pin a valid scipy version * Remove scipy and tabulate dependencies from macos tests 4 years ago			`PyJWT==2.0.1`
			`pyOpenSSL==20.0.1`
[dependency] Restrict cython to less than 3.X (#33738) This should resolve breakage on master caused by the jump to Cython 3.0.0 this morning. 1 year ago			`PyYAML==6.0`
Bump requests from 2.31.0 to 2.32.2 in /tools/internal_ci/helper_scripts (#36681) Bumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/releases">requests's releases</a>.</em></p> <blockquote> <h2>v2.32.2</h2> <h2>2.32.2 (2024-05-21)</h2> <p><strong>Deprecations</strong></p> <ul> <li> <p>To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed <code>_get_connection</code> to a new public API, <code>get_connection_with_tls_context</code>. Existing custom HTTPAdapters will need to migrate their code to use this new API. <code>get_connection</code> is considered deprecated in all versions of Requests>=2.32.0.</p> <p>A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (<a href="https://redirect.github.com/psf/requests/issues/6710">#6710</a>)</p> </li> </ul> <h2>v2.32.1</h2> <h2>2.32.1 (2024-05-20)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Add missing test certs to the sdist distributed on PyPI.</li> </ul> <h2>v2.32.0</h2> <h2>2.32.0 (2024-05-20)</h2> <h2>🐍 PYCON US 2024 EDITION 🐍</h2> <p><strong>Security</strong></p> <ul> <li>Fixed an issue where setting <code>verify=False</code> on the first request from a Session will cause subsequent requests to the <em>same origin</em> to also ignore cert verification, regardless of the value of <code>verify</code>. (<a href="https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56">https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56</a>)</li> </ul> <p><strong>Improvements</strong></p> <ul> <li><code>verify=True</code> now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (<a href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li> <li>Requests now supports optional use of character detection (<code>chardet</code> or <code>charset_normalizer</code>) when repackaged or vendored. This enables <code>pip</code> and other projects to minimize their vendoring surface area. The <code>Response.text()</code> and <code>apparent_encoding</code> APIs will default to <code>utf-8</code> if neither library is present. (<a href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (<a href="https://redirect.github.com/psf/requests/issues/6589">#6589</a>)</li> <li>Fixed deserialization bug in JSONDecodeError. (<a href="https://redirect.github.com/psf/requests/issues/6629">#6629</a>)</li> <li>Fixed bug where an extra leading <code>/</code> (path separator) could lead urllib3 to unnecessarily reparse the request URI. (<a href="https://redirect.github.com/psf/requests/issues/6644">#6644</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.32.2 (2024-05-21)</h2> <p><strong>Deprecations</strong></p> <ul> <li> <p>To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed <code>_get_connection</code> to a new public API, <code>get_connection_with_tls_context</code>. Existing custom HTTPAdapters will need to migrate their code to use this new API. <code>get_connection</code> is considered deprecated in all versions of Requests>=2.32.0.</p> <p>A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (<a href="https://redirect.github.com/psf/requests/issues/6710">#6710</a>)</p> </li> </ul> <h2>2.32.1 (2024-05-20)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Add missing test certs to the sdist distributed on PyPI.</li> </ul> <h2>2.32.0 (2024-05-20)</h2> <p><strong>Security</strong></p> <ul> <li>Fixed an issue where setting <code>verify=False</code> on the first request from a Session will cause subsequent requests to the <em>same origin</em> to also ignore cert verification, regardless of the value of <code>verify</code>. (<a href="https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56">https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56</a>)</li> </ul> <p><strong>Improvements</strong></p> <ul> <li><code>verify=True</code> now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (<a href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li> <li>Requests now supports optional use of character detection (<code>chardet</code> or <code>charset_normalizer</code>) when repackaged or vendored. This enables <code>pip</code> and other projects to minimize their vendoring surface area. The <code>Response.text()</code> and <code>apparent_encoding</code> APIs will default to <code>utf-8</code> if neither library is present. (<a href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (<a href="https://redirect.github.com/psf/requests/issues/6589">#6589</a>)</li> <li>Fixed deserialization bug in JSONDecodeError. (<a href="https://redirect.github.com/psf/requests/issues/6629">#6629</a>)</li> <li>Fixed bug where an extra leading <code>/</code> (path separator) could lead urllib3 to unnecessarily reparse the request URI. (<a href="https://redirect.github.com/psf/requests/issues/6644">#6644</a>)</li> </ul> <p><strong>Deprecations</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/psf/requests/commit/88dce9d854797c05d0ff296b70e0430535ef8aaf"><code>88dce9d</code></a> v2.32.2</li> <li><a href="https://github.com/psf/requests/commit/c98e4d133ef29c46a9b68cd783087218a8075e05"><code>c98e4d1</code></a> Merge pull request <a href="https://redirect.github.com/psf/requests/issues/6710">#6710</a> from nateprewitt/api_rename</li> <li><a href="https://github.com/psf/requests/commit/92075b330a30b9883f466a43d3f7566ab849f91b"><code>92075b3</code></a> Add deprecation warning</li> <li><a href="https://github.com/psf/requests/commit/aa1461b68aa73e2f6ec0e78c8853b635c76fd099"><code>aa1461b</code></a> Move _get_connection to get_connection_with_tls_context</li> <li><a href="https://github.com/psf/requests/commit/970e8cec988421bd43da57350723b05c8ce8dc7e"><code>970e8ce</code></a> v2.32.1</li> <li><a href="https://github.com/psf/requests/commit/d6ebc4a2f1f68b7e355fb7e4dd5ffc0845547f9f"><code>d6ebc4a</code></a> v2.32.0</li> <li><a href="https://github.com/psf/requests/commit/9a40d1277807f0a4f26c9a37eea8ec90faa8aadc"><code>9a40d12</code></a> Avoid reloading root certificates to improve concurrent performance (<a href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li> <li><a href="https://github.com/psf/requests/commit/0c030f78d24f29a459dbf39b28b4cc765e2153d7"><code>0c030f7</code></a> Merge pull request <a href="https://redirect.github.com/psf/requests/issues/6702">#6702</a> from nateprewitt/no_char_detection</li> <li><a href="https://github.com/psf/requests/commit/555b870eb19d497ddb67042645420083ec8efb02"><code>555b870</code></a> Allow character detection dependencies to be optional in post-packaging steps</li> <li><a href="https://github.com/psf/requests/commit/d6dded3f00afcf56a7e866cb0732799045301eb0"><code>d6dded3</code></a> Merge pull request <a href="https://redirect.github.com/psf/requests/issues/6700">#6700</a> from franekmagiera/update-redirect-to-invalid-uri-test</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.31.0...v2.32.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.31.0&new-version=2.32.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/grpc/grpc/network/alerts). </details> Closes #36681 COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36681 from grpc:dependabot/pip/tools/internal_ci/helper_scripts/requests-2.32.2 c7600bdbee5cd18d749a18dfca055e86ca7f0113 PiperOrigin-RevId: 638081350 6 months ago			`requests==2.32.2`