Open Stack

On 11/04/2015 06:30 PM, James E. Blair wrote:
> Hi,
>
> I'm pleased to announce the availability of a new micro-library named
> requestsexceptions.  Now the task of convincing the requests library
> not to fill up your filesystem with warnings about SSL requests has
> never been easier!
>
> Over in infra-land, we use the requests library a lot, whether it's
> gertty talking to Gerrit or shade talking to OpenStack, and we love
> using it.  It's a pleasure.  Except for two little things.
>
> Requests is in the middle of a number of unfortunate standoffs.  It is
> attempting to push the bar on SSL security by letting us all know when
> a request is substandard in some way -- whether that is because a
> certificate is missing a subject alternate name field, or the version
> of Python in use is missing the latest SSL features.
>
> This is great, but in many cases a user of requests is unable to
> address any of the underlying causes of these warnings.  For example,
> try as we might, public cloud providers are still using non-SAN
> certificates.  And upgrading python on a system (or even the
> underlying ssl module) is often out of the question.
>
> Requests has a solution to this -- a simple recipe to disable specific
> warnings when users know they are not necessary.
>
> This is when we run into another standoff.
>
> Requests is helpfully packaged in many GNU/Linux distributions.
> However, the standard version of requests bundles the urllib3 library.
> Some packagers have *unbundled* the urllib3 library from requests and
> cause it to use the packaged version of urllib3.  This would be a
> simple matter for the packagers and requests authors to argue about
> over beer at PyCon, except if you want to disable a specific warning
> rather than all warnings you need to import the specific urllib3
> exceptions that requests uses.  The import path for those exceptions
> will be different depending on whether urllib3 is bundled or not.
>
> This means that in order to find a specific exception in order to
> handle a requests warning, code like this must be used:
>
>    try:
>        from requests.packages.urllib3.exceptions import InsecurePlatformWarning
>    except ImportError:
>        try:
>            from urllib3.exceptions import InsecurePlatformWarning
>        except ImportError:
>            InsecurePlatformWarning = None
>
> The requestsexceptions library handles that for you so that you can
> simply type:
>
>    from requestsexepctions import InsecurePlatformWarning
>
> We have just released requestsexceptions to pypi at version 1.1.1, and
> proposed it to global requirements.  You can find it here:
>
>    https://pypi.python.org/pypi/requestsexceptions
>    https://git.openstack.org/cgit/openstack-infra/requestsexceptions

All hail the removal of non-actionable warnings from my logs!