fixup! Composer dependencies patch

Pin version of requests package until issue with Docker is fixed: docker/docker-py#3257 Change-Id: I59d4882f47f4288226aaabf27554a0b7f9dfe514 GitOrigin-RevId: b46622d7a9d99dfcad2e073e5b6c07887e80542c
GoogleCloudPlatform · Sep 16, 2024 · b41d74e · b41d74e
1 parent 518fec3
commit b41d74e
Showing 1 changed file with 10 additions and 8 deletions.
diff --git a/setup.py b/setup.py
@@ -378,6 +378,8 @@ def write_version(filename: str = str(AIRFLOW_SOURCES_ROOT / "airflow" / "git_ve
 ]
 composer_additional = [
     "aiodebug",
+    # aiohttp and pygments in lower versions contain security vulnerabilities.
+    "aiohttp>=3.8.5",
     # TODO: Internal bug - Remove after the issue is fixed in community
     # https://github.com/apache/airflow/issues/35434
     "connexion<=2.14.2",
@@ -386,13 +388,15 @@ def write_version(filename: str = str(AIRFLOW_SOURCES_ROOT / "airflow" / "git_ve
     "dbt-bigquery",
     "dbt-core",
     "firebase-admin",
+    # TODO: remove once https://github.com/apache/airflow/issues/36897 is closed
+    "Flask-Session<0.6.0",
     # Due to security vulnerability Flower version >= 2.0.0 required.
     "flower>=2.0.0",
     "gcsfs",
     "google-apitools",
     "google-cloud-aiplatform",
     "google-cloud-asset",
-    # remove once https://github.com/apache/airflow/issues/39541 is resolved
+    # TODO: remove once https://github.com/apache/airflow/issues/39541 is resolved
     "google-cloud-bigquery<3.21.0,>=3.0.1",
     "google-cloud-datacatalog-lineage-producer-client",
     "google-cloud-datastore",
@@ -405,18 +409,16 @@ def write_version(filename: str = str(AIRFLOW_SOURCES_ROOT / "airflow" / "git_ve
     "pip==23.2.1",
     "pyOpenSSL",
     "pipdeptree",
+    "pygments>2.15.0",
+    # TODO: remove once https://github.com/apache/airflow/issues/37156 closed
+    "pytest<8.0.0",
+    # TODO: remove once new version of Docker is released (https://github.com/docker/docker-py/pull/3257)
+    "requests>=2.24.0,<3.0.0,!=2.32.*",
     "sqllineage",
     "sqlparse",
     "tensorflow",
     # Versions < 2.2.3 contain security vulnerabilities.
     "werkzeug>=2.2.3",
-    # aiohttp and pygments in lower versions contain security vulnerabilities.
-    "aiohttp>=3.8.5",
-    "pygments>2.15.0",
-    # remove once https://github.com/apache/airflow/issues/36897 is closed
-    "Flask-Session<0.6.0",
-    # TODO: Remove once https://github.com/apache/airflow/issues/37156 closed
-    "pytest<8.0.0",
 ]
 composer = (
     PROVIDER_DEPENDENCIES["mysql"][DEPS]