+1 from me.
I actually bumped into this since I have a project with a fairly stringent warning filter, and using `distutils.version.StrictVersion` raises a warning with new versions of `setuptools`: https://github.com/pypa/setuptools/commit/1701579e0827317d8888c2254a17b5786b6b5246
That warning turned into an exception, and here we are...
I think it's somewhat irresponsible of `swiftclient` to quietly patch the requests package on import, especially since the patched version doesn't have the header injection mitigations that have been in requests proper since 2016 (https://github.com/psf/requests/commit/2669ab797ce769ecedf5493b04cb976f33e37210).
Maybe swiftclient shouldn't use requests if it needs to speak non-standard HTTP...
EDIT: I submitted a patch for this: https://review.opendev.org/c/openstack/python-swiftclient/+/828821
+1 from me.
I actually bumped into this since I have a project with a fairly stringent warning filter, and using `distutils. version. StrictVersion` raises a warning with new versions of `setuptools`: https:/ /github. com/pypa/ setuptools/ commit/ 1701579e0827317 d8888c2254a17b5 786b6b5246
That warning turned into an exception, and here we are...
I think it's somewhat irresponsible of `swiftclient` to quietly patch the requests package on import, especially since the patched version doesn't have the header injection mitigations that have been in requests proper since 2016 (https:/ /github. com/psf/ requests/ commit/ 2669ab797ce769e cedf5493b04cb97 6f33e37210).
Maybe swiftclient shouldn't use requests if it needs to speak non-standard HTTP...
EDIT: I submitted a patch for this: https:/ /review. opendev. org/c/openstack /python- swiftclient/ +/828821