httpx Packaging dependancy tweaks (Fix)

The Fix

Tweaks the packaging dependencies for httpx, including changes to the rfc3986 dependency and adding brotli support.

Based on closed encode/httpx issue #1144 · PR/commit linked

Production note: Most teams hit this during upgrades or environment changes. Roll out with a canary and smoke critical endpoints (health, OpenAPI/docs) before 100%.

Open PR/Commit

@@ -119,8 +119,8 @@ The HTTPX project relies on these excellent libraries:
 * `certifi` - SSL certificates.
 * `chardet` - Fallback auto-detection for response encoding.
-* `idna` - Internationalized domain name support.
 * `rfc3986` - URL parsing & normalization.
+  * `idna` - Internationalized domain name support.

fix.md

Option A — Apply the official fix\nTweaks the packaging dependencies for httpx, including changes to the rfc3986 dependency and adding brotli support.\nWhen NOT to use: This fix should not be used if the application relies on the previous dependency structure.\n\n

Why This Fix Works in Production

Trigger: * `certifi` - SSL certificates.
Mechanism: The packaging dependencies for httpx were not correctly specified

Production impact:

If left unfixed, the same config can fail only in production (env differences), causing startup failures or partial feature outages.

Why This Breaks in Prod

The packaging dependencies for httpx were not correctly specified
Production symptom (often without a traceback): * `certifi` - SSL certificates.

Proof / Evidence

GitHub issue: #1144
Fix PR: https://github.com/encode/httpx/pull/1206
Reproduced locally: No (not executed)
Last verified: 2026-02-11
Confidence: 0.70
Did this fix it?: Yes (upstream fix exists)
Own content ratio: 0.78

Discussion

High-signal excerpts from the issue thread (symptoms, repros, edge-cases).

Jump to Sources Open on GitHub

“* Include rfc3986 as rfc3986[idna2008], and *don't* include the idna dependancy ourselves. * Add an extra_requires = {"brotli": "brotlipy==0.7.*"'} * Update our dependancy info in the docs/index.md and README.md --- Our 1.0 release deps oug”

Issue thread · issue description · source

Failure Signature (Search String)

* `certifi` - SSL certificates.

Copy-friendly signature

signature.txt

Failure Signature
-----------------
* `certifi` - SSL certificates.

Error Message

Signature-only (no traceback captured)

error.txt

Error Message
-------------
* `certifi` - SSL certificates.

What Broke

Users may experience issues with optional dependencies not being installed correctly.

Why It Broke

The packaging dependencies for httpx were not correctly specified

Fix Options (Details)

Option A — Apply the official fix

Tweaks the packaging dependencies for httpx, including changes to the rfc3986 dependency and adding brotli support.

When NOT to use: This fix should not be used if the application relies on the previous dependency structure.

Fix reference: https://github.com/encode/httpx/pull/1206

Last verified: 2026-02-11. Validate in your environment.

When NOT to Use This Fix

This fix should not be used if the application relies on the previous dependency structure.

Did This Fix Work in Your Case?

Quick signal helps us prioritize which fixes to verify and improve.

Prevention

Add a CI check that diffs key outputs after upgrades (OpenAPI schema snapshots, JSON payload shapes, CLI output).
Upgrade behind a canary and run integration tests against the canary before 100% rollout.
Add a TLS smoke test that performs a real handshake in CI (include CA bundle validation and hostname checks).
Alert on handshake failures by error string and endpoint to catch cert/CA changes quickly.

Related Issues

No related fixes found.

Cluster: httpx:configuration-error All hubs All clusters

Related clusters: Data consistency Other Timeout

Sources

We don’t republish the full GitHub discussion text. Use the links above for context.