Merge pull request pypa#254 from pypa/requests-version-restrictions

sigmavirus24 · web-flow · commit 43f15053f334 · 2017-05-27T07:51:14.000-05:00
Do not use broken dependencies
diff --git a/docs/changelog.rst b/docs/changelog.rst
@@ -4,6 +4,10 @@
 Changelog
 =========
 
+* :release:`1.9.1 <2017-05-27>`
+
+  * Blacklist known bad versions of Requests. See also :bug:`253`
+
 * :release:`1.9.0 <2017-05-22>`
 
   * Twine will now resolve passwords using the
diff --git a/setup.cfg b/setup.cfg
@@ -9,7 +9,7 @@ ignore =
 [metadata]
 requires-dist =
     tqdm >= 4.11
-    requests >= 2.5.0
+    requests >= 2.5.0, != 2.15, != 2.16
     requests-toolbelt >= 0.8.0
     pkginfo >= 1.0
     setuptools >= 0.7.0
diff --git a/setup.py b/setup.py
@@ -21,7 +21,7 @@
 install_requires = [
     "tqdm >= 4.11",
     "pkginfo >= 1.0",
-    "requests >= 2.5.0",
+    "requests >= 2.5.0, != 2.15, != 2.16",
     "requests-toolbelt >= 0.8.0",
     "setuptools >= 0.7.0",
 ]
diff --git a/twine/__init__.py b/twine/__init__.py
@@ -22,7 +22,7 @@
 __summary__ = "Collection of utilities for interacting with PyPI"
 __uri__ = "https://github.com/pypa/twine"
 
-__version__ = "1.9.0"
+__version__ = "1.9.1"
 
 __author__ = "Donald Stufft and individual contributors"
 __email__ = "donald@stufft.io"
