idna 2.6 has been released, so the constraint in setup.py is now blowing up:
pkg_resources.ContextualVersionConflict: (idna 2.6 (.../ve/lib/python2.7/site-packages), Requirement.parse('idna<2.6,>=2.5'), set(['requests']))
cjw296
All 8 comments
Hang on, why is that constraint exploding? 2.5 should satisfy the requirement.
Lukasa
on 8 Aug 2017
My guess something is installing it earlier in the build chain, and pip isn't clever enough to downgrade to 2.5 once 2.6 is installed.
Is there a problem with 2.6 that makes it backwards incompatible?
cjw296
on 8 Aug 2017
We don't know at this time: we began with very tight pins because we only unvendored the package a few months ago and so didn't want to run the risk of accidental breakage. We need to get a feel for what the actual compatibility structure is here.
In the short term, you can resolve your problem by using requirements.txt or similar to pin the idna version. In the longer term, we can aim to get a Requests patch that widens the pin.
Lukasa
on 8 Aug 2017
Thanks for the quick turnaround!
cjw296
on 8 Aug 2017
Is there any plan for releasing a new version with this fix? That would be really helpful.
amalakar
on 9 Aug 2017
Yes, next week.
Lukasa
on 9 Aug 2017
The same is starting to happen with idna 2.7 because cryptography requires idna 2.7
I still don't know why pip is resolving idna 2.7, cryptography is not requiring 2.7
lasote
on 11 Jun 2018
I have a similar issue but with version 2.10:
error: idna 2.10 is installed but idna<2.9,>=2.5 is required by {'requests'}
danielpza
on 8 Sep 2020
Related issues
ghtyrant
路
3Comments
eromoe
路
3Comments
xsren
路
3Comments
ReimarBauer
路
4Comments
8key
路
3Comments
Most helpful comment
The same is starting to happen with idna 2.7
because cryptography requires idna 2.7I still don't know why pip is resolving idna 2.7, cryptography is not requiring 2.7