From 8175f3738fe4db3bc629d36bb72b927d4286d3f9 Mon Sep 17 00:00:00 2001 From: bashonly <88596187+bashonly@users.noreply.github.com> Date: Wed, 6 Aug 2025 14:00:53 -0500 Subject: [PATCH] [rh:requests] Bump minimum required version of urllib3 to 2.0.2 (#13939) - urllib3 1.26.x gives unexpected results with partial reads: https://github.com/urllib3/urllib3/issues/2128 - urllib3 2.0.0 and 2.0.1 were yanked from PyPI: https://github.com/urllib3/urllib3/issues/3009 Closes #13927 Authored by: bashonly --- .github/workflows/build.yml | 2 +- pyproject.toml | 2 +- yt_dlp/networking/_requests.py | 26 ++++---------------------- 3 files changed, 6 insertions(+), 24 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b3db8fec1b..810490f735 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -208,7 +208,7 @@ jobs: python3.9 -m pip install -U pip wheel 'setuptools>=71.0.2' # XXX: Keep this in sync with pyproject.toml (it can't be accessed at this stage) and exclude secretstorage python3.9 -m pip install -U Pyinstaller mutagen pycryptodomex brotli certifi cffi \ - 'requests>=2.32.2,<3' 'urllib3>=1.26.17,<3' 'websockets>=13.0' + 'requests>=2.32.2,<3' 'urllib3>=2.0.2,<3' 'websockets>=13.0' run: | cd repo diff --git a/pyproject.toml b/pyproject.toml index 41d5ec3b0f..52ff5a895c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -51,7 +51,7 @@ default = [ "mutagen", "pycryptodomex", "requests>=2.32.2,<3", - "urllib3>=1.26.17,<3", + "urllib3>=2.0.2,<3", "websockets>=13.0", ] curl-cffi = [ diff --git a/yt_dlp/networking/_requests.py b/yt_dlp/networking/_requests.py index 6582038fcb..1526d2a599 100644 --- a/yt_dlp/networking/_requests.py +++ b/yt_dlp/networking/_requests.py @@ -1,6 +1,5 @@ from __future__ import annotations -import contextlib import functools import http.client import logging @@ -20,9 +19,9 @@ urllib3_version = tuple(int_or_none(x, default=0) for x in urllib3.__version__.split('.')) -if urllib3_version < (1, 26, 17): +if urllib3_version < (2, 0, 2): urllib3._yt_dlp__version = f'{urllib3.__version__} (unsupported)' - raise ImportError('Only urllib3 >= 1.26.17 is supported') + raise ImportError('Only urllib3 >= 2.0.2 is supported') if requests.__build__ < 0x023202: requests._yt_dlp__version = f'{requests.__version__} (unsupported)' @@ -101,27 +100,10 @@ def subn(self, repl, string, *args, **kwargs): # https://github.com/urllib3/urllib3/commit/a2697e7c6b275f05879b60f593c5854a816489f0 import urllib3.util.url -if hasattr(urllib3.util.url, 'PERCENT_RE'): - urllib3.util.url.PERCENT_RE = Urllib3PercentREOverride(urllib3.util.url.PERCENT_RE) -elif hasattr(urllib3.util.url, '_PERCENT_RE'): # urllib3 >= 2.0.0 +if hasattr(urllib3.util.url, '_PERCENT_RE'): # was 'PERCENT_RE' in urllib3 < 2.0.0 urllib3.util.url._PERCENT_RE = Urllib3PercentREOverride(urllib3.util.url._PERCENT_RE) else: - warnings.warn('Failed to patch PERCENT_RE in urllib3 (does the attribute exist?)' + bug_reports_message()) - -''' -Workaround for issue in urllib.util.ssl_.py: ssl_wrap_context does not pass -server_hostname to SSLContext.wrap_socket if server_hostname is an IP, -however this is an issue because we set check_hostname to True in our SSLContext. - -Monkey-patching IS_SECURETRANSPORT forces ssl_wrap_context to pass server_hostname regardless. - -This has been fixed in urllib3 2.0+. -See: https://github.com/urllib3/urllib3/issues/517 -''' - -if urllib3_version < (2, 0, 0): - with contextlib.suppress(Exception): - urllib3.util.IS_SECURETRANSPORT = urllib3.util.ssl_.IS_SECURETRANSPORT = True + warnings.warn('Failed to patch _PERCENT_RE in urllib3 (does the attribute exist?)' + bug_reports_message()) # Requests will not automatically handle no_proxy by default