oci-python-sdk 2.168.2 (2026-03-18, #850) un-vendored urllib3so security patches are more readily ported.
However, this didn't take into account that 2.38.4 (2021-05-25, #351) patches urllib3, which used to be OCI's vendored urllib3, but now is the installation-wide urllib3, to change the base HTTPS connection pool class to OCI's own, unless OCI_PYSDK_USING_EXPECT_HEADER=false (see oracle/oci-cli#428).
Tampering with a process-wide urllib3 is quite unfriendly (and I'm not sure I'm seeing the point?); for instance, in a production application we're now seeing the Azure SDK using OCIConnection:
WARNING:azure.identity._internal.get_token_mixin:ClientSecretCredential.get_token_info failed: Authentication failed: OCIConnection(host='login.microsoftonline.com', port=443): Failed to resolve 'login.microsoftonline.com' ([Errno -3] Temporary failure in name resolution)
(The warning itself is (hopefully) unrelated to OCI and just an infra fluke on our side, but shows the issue that unrelated components are now using the patched OCI connection.)
oci-python-sdk 2.168.2 (2026-03-18, #850) un-vendored
urllib3so security patches are more readily ported.However, this didn't take into account that 2.38.4 (2021-05-25, #351) patches
urllib3, which used to be OCI's vendored urllib3, but now is the installation-wideurllib3, to change the base HTTPS connection pool class to OCI's own, unlessOCI_PYSDK_USING_EXPECT_HEADER=false(see oracle/oci-cli#428).Tampering with a process-wide
urllib3is quite unfriendly (and I'm not sure I'm seeing the point?); for instance, in a production application we're now seeing the Azure SDK usingOCIConnection:(The warning itself is (hopefully) unrelated to OCI and just an infra fluke on our side, but shows the issue that unrelated components are now using the patched OCI connection.)