PR summary

Constrain requests

• >=2.32.0 for n CVE-2024-35195 fix.
• <2.32.3 to avoid default certificate loading regression.

Fixes: #658

Note: An existing issue is required before opening a PR.

PR Checklist

Please make sure that your PR fulfills the following requirements:

• The commit message follows the
  Angular Commit Message Guidelines.
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

PR Type

• Bugfix
• Feature
• Code style update (formatting, local variables)
• Refactoring (no functional changes, no api changes)
• New tests
• Build/CI related changes
• Documentation content changes
• Other (please describe)

Dependency change

What is the current behavior?

Regression loading default certificates with requests 2.32.3 prevents validating certifcate paths (and hence connecting).

What is the new behavior?

Constrain requests to working versions.

Does this PR introduce a breaking change?

• Yes
• No

Other information

This is temporary see also:

• build(deps): Bump ibm-cloud-sdk-core from 3.20.0 to 3.20.1 #659
• fix: specify the maximum version of requests to avoid regression python-sdk-core#194
• Certificate loading regression with HTTPAdapters in 2.32.3 psf/requests#6730