💵 You can get paid to complete this issue! Please read the docs for more information.

Packages to notify

• selenium
• scout-apm
• cpp-coveralls
• sentry
• awscurl
• mastercard-api-core
• mastercard-oauth1-signer
• cloud-files
• google-assistant-sdk
• minet
• cloud-volume
• azure-cli-appservice
• runway-python
• lyricsmaster
• pyramid-oereb
• flexmeasures
• optimove
• comet-git-pure

What to do for each package

• Find the source repository (GitHub/GitLab/BitBucket/etc)
• Create a PR which includes the following:

  • Mentions that pyOpenSSL and urllib3[secure] are deprecated in the upcoming release (1.26.12)

  • Links to Deprecate [secure] extra #2680

  • Removes [secure] extra from the urllib3 dependencies

  • If needed, add pyOpenSSL>=0.14, cryptography>=1.3.4, idna>=2, and certifi to their dependencies. These dependencies should only be added back if they're actually used within the project. If they're not used (including pyopenssl.inject_into_urllib3) then they can likely be omitted.

  • If urllib3.contrib.pyopenssl.inject_into_urllib3 is used anywhere in the project (search for inject_into_urllib3) then make the change to the following:

    try:
        import ssl
    except ImportError:
        ssl = None
    
    if not getattr(ssl, "HAS_SNI", False):
        from urllib3.contrib import pyopenssl
    
        pyopenssl.inject_into_urllib3()

    This is the logic that is used in Requests to only use pyOpenSSL if SNI isn't available (which is very rare).

• After creating each PR, add it as a comment to this issue.

PRs don't need to be merged to complete this issue, we only want to create the PRs so that maintainers of these projects are aware of the upcoming changes.

Part of #2680