fix(requirements): Increase minimum required urllib3 version (#349)

Ferenc- · web-flow · commit c7716d2269e0 · 2022-02-23T14:56:24.000+01:00
This commit increases the minimum required urllib3 version to 1.26.5, which is currently the lowes, without known CVE vulnerability. For further info on the particular vulnerability see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
diff --git a/setup.py b/setup.py
@@ -66,7 +66,7 @@ def check_setuptools():
                         'opentracing>=2.3.0',
                         'requests>=2.6.0',
                         'six>=1.12.0',
-                        'urllib3<1.27,>=1.21.1'],
+                        'urllib3<1.27,>=1.26.5'],
       entry_points={
                     'instana':  ['string = instana:load'],
                     'flask':    ['string = instana:load'],  # deprecated: use same as 'instana'
diff --git a/tests/requirements-27.txt b/tests/requirements-27.txt
@@ -32,4 +32,4 @@ spyne>=2.9,<=2.12.14
 suds-jurko>=0.6
 tornado>=4.5.3,<6.0
 uvicorn>=0.12.2;python_version>="3.6"
-urllib3[secure]!=1.25.0,!=1.25.1,<1.27,>=1.21.1
+urllib3[secure]<1.27,>=1.26.5
diff --git a/tests/requirements-310.txt b/tests/requirements-310.txt
@@ -41,4 +41,4 @@ spyne>=2.13.16
 suds-jurko>=0.6
 
 uvicorn>=0.13.4
-urllib3[secure]!=1.25.0,!=1.25.1,<1.27,>=1.21.1
+urllib3[secure]<1.27,>=1.26.5
diff --git a/tests/requirements-asynqp-legacy-flask-markupsafe.txt b/tests/requirements-asynqp-legacy-flask-markupsafe.txt
@@ -13,4 +13,4 @@ markupsafe==2.0.1
 mock>=2.0.0
 nose>=1.0
 pytest>=4.6
-urllib3[secure]!=1.25.0,!=1.25.1,<1.27,>=1.21.1
+urllib3[secure]<1.27,>=1.26.5
diff --git a/tests/requirements-asynqp.txt b/tests/requirements-asynqp.txt
@@ -4,4 +4,4 @@ flask>=2.0.0,<3.0.0
 mock>=2.0.0
 nose>=1.0
 pytest>=4.6
-urllib3[secure]!=1.25.0,!=1.25.1,<1.27,>=1.21.1
+urllib3[secure]<1.27,>=1.26.5
diff --git a/tests/requirements-cassandra.txt b/tests/requirements-cassandra.txt
@@ -2,4 +2,4 @@ cassandra-driver>=3.20.2
 mock>=2.0.0
 nose>=1.0
 pytest>=4.6
-urllib3[secure]!=1.25.0,!=1.25.1,<1.27,>=1.21.1
+urllib3[secure]<1.27,>=1.26.5
diff --git a/tests/requirements-gevent.txt b/tests/requirements-gevent.txt
@@ -4,4 +4,4 @@ mock>=2.0.0
 nose>=1.0
 pyramid>=1.2
 pytest>=4.6
-urllib3[secure]!=1.25.0,!=1.25.1,<1.27,>=1.21.1
+urllib3[secure]<1.27,>=1.26.5
diff --git a/tests/requirements.txt b/tests/requirements.txt
@@ -29,4 +29,4 @@ spyne>=2.13.16
 suds-jurko>=0.6
 tornado>=4.5.3,<6.0
 uvicorn>=0.13.4
-urllib3[secure]!=1.25.0,!=1.25.1,<1.27,>=1.21.1
+urllib3[secure]<1.27,>=1.26.5
