From cc60f8b9697a3e1f0b70a722a21b01c32d048919 Mon Sep 17 00:00:00 2001 From: Kunal Mehta Date: Mon, 23 Sep 2024 16:08:18 -0400 Subject: [PATCH] Speed up `update-python3-dependencies` The `make update-python3-dependencies` step is slow for two main reasons: container image layering and pip-compile. Currently, each `pip-compile` step is run in a separate dev-shell, which means after each one, if anything changed in the requirements/ folder, it needs to rebuild the slim image and reinstall all the pip dependencies. Now I've moved the steps to a separate script that execute in a single dev-shell, so no image rebuilding happens during the updates, it'll just be needed once afterwards. For an additional boost, switch to the new uv tool, which reimplements pip-compile in a much faster way. The output is basically the same, except the sorting is smarter (e.g. pytest comes before pytest-cov) and package names are properly normalized. We can also drop the `--allow-unsafe` because uv is entirely independent of setuptools and pip-tools. uv is still quite new to the Python ecosystem, but this allows us to begin using it without any lock-in, it should be trivial to swap back to pip-tools if needed. Overall `make update-python3-dependencies` now takes seconds to run instead of minutes \o/ Refs . --- securedrop/bin/update-requirements | 19 +++ .../python3/bootstrap-requirements.txt | 30 ++-- .../python3/develop-requirements.in | 5 +- .../python3/develop-requirements.txt | 154 +++++++++--------- .../requirements/python3/requirements.txt | 34 ++-- .../requirements/python3/test-requirements.in | 2 +- .../python3/test-requirements.txt | 94 +++++------ .../python3/translation-requirements.txt | 8 +- 8 files changed, 172 insertions(+), 174 deletions(-) create mode 100755 securedrop/bin/update-requirements diff --git a/securedrop/bin/update-requirements b/securedrop/bin/update-requirements new file mode 100755 index 00000000000..e1a447db66a --- /dev/null +++ b/securedrop/bin/update-requirements @@ -0,0 +1,19 @@ +#!/bin/bash +set -euxo pipefail + +uv pip compile --generate-hashes \ + --output-file requirements/python3/develop-requirements.txt \ + requirements/python3/translation-requirements.in \ + requirements/python3/develop-requirements.in +uv pip compile --generate-hashes \ + --output-file requirements/python3/test-requirements.txt \ + requirements/python3/test-requirements.in +uv pip compile --generate-hashes \ + --output-file requirements/python3/requirements.txt \ + requirements/python3/requirements.in +uv pip compile --generate-hashes \ + --output-file requirements/python3/bootstrap-requirements.txt \ + requirements/python3/bootstrap-requirements.in +uv pip compile --generate-hashes \ + --output-file requirements/python3/translation-requirements.txt \ + requirements/python3/translation-requirements.in diff --git a/securedrop/requirements/python3/bootstrap-requirements.txt b/securedrop/requirements/python3/bootstrap-requirements.txt index 1c4fda08d8e..90cf0a0b85b 100644 --- a/securedrop/requirements/python3/bootstrap-requirements.txt +++ b/securedrop/requirements/python3/bootstrap-requirements.txt @@ -1,13 +1,19 @@ -# -# This file is autogenerated by pip-compile -# To update, run: -# -# pip-compile --allow-unsafe --generate-hashes --output-file=requirements/python3/bootstrap-requirements.txt requirements/python3/bootstrap-requirements.in -# +# This file was autogenerated by uv via the following command: +# uv pip compile --generate-hashes --output-file requirements/python3/bootstrap-requirements.txt requirements/python3/bootstrap-requirements.in packaging==24.1 \ --hash=sha256:026ed72c8ed3fcce5bf8950572258698927fd1dbda10a5e981cdf0ac37f4f002 \ --hash=sha256:5b8f2217dbdbd2f7f384c41c628544e6d52f2d0f53c6d0c3ea61aa5d1d7ff124 # via setuptools-scm +pip==21.3 \ + --hash=sha256:4a1de8f97884ecfc10b48fe61c234f7e7dcf4490a37217011ad9369d899ad5a6 \ + --hash=sha256:741a61baab1dbce2d8ca415effa48a2b6a964564f81a9f4f1fce4c433346c034 + # via -r requirements/python3/bootstrap-requirements.in +setuptools==70.3.0 \ + --hash=sha256:f171bab1dfbc86b132997f26a119f6056a57950d058587841a0082e8830f9dc5 \ + --hash=sha256:fe384da74336c398e0d956d1cae0669bc02eed936cdb1d49b57de1990dc11ffc + # via + # -r requirements/python3/bootstrap-requirements.in + # setuptools-scm setuptools-scm==8.1.0 \ --hash=sha256:42dea1b65771cba93b7a515d65a65d8246e560768a66b9106a592c8e7f26c8a7 \ --hash=sha256:897a3226a6fd4a6eb2f068745e49733261a21f70b1bb28fce0339feb978d9af3 @@ -24,15 +30,3 @@ wheel==0.38.4 \ --hash=sha256:965f5259b566725405b05e7cf774052044b1ed30119b5d586b2703aafe8719ac \ --hash=sha256:b60533f3f5d530e971d6737ca6d58681ee434818fab630c83a734bb10c083ce8 # via -r requirements/python3/bootstrap-requirements.in - -# The following packages are considered to be unsafe in a requirements file: -pip==21.3 \ - --hash=sha256:4a1de8f97884ecfc10b48fe61c234f7e7dcf4490a37217011ad9369d899ad5a6 \ - --hash=sha256:741a61baab1dbce2d8ca415effa48a2b6a964564f81a9f4f1fce4c433346c034 - # via -r requirements/python3/bootstrap-requirements.in -setuptools==70.3.0 \ - --hash=sha256:f171bab1dfbc86b132997f26a119f6056a57950d058587841a0082e8830f9dc5 \ - --hash=sha256:fe384da74336c398e0d956d1cae0669bc02eed936cdb1d49b57de1990dc11ffc - # via - # -r requirements/python3/bootstrap-requirements.in - # setuptools-scm diff --git a/securedrop/requirements/python3/develop-requirements.in b/securedrop/requirements/python3/develop-requirements.in index 9bba74d2dcf..d53d2beeffb 100644 --- a/securedrop/requirements/python3/develop-requirements.in +++ b/securedrop/requirements/python3/develop-requirements.in @@ -19,9 +19,7 @@ molecule-vagrant==0.3 # Needed for ansible network filter # http://docs.ansible.com/ansible/latest/playbooks_filters_ipaddr.html netaddr -# Now also pin pip due to https://github.com/jazzband/pip-tools/issues/853 -pip>=21.3 -pip-tools>=6.1.0 +pip polib prompt_toolkit==2.0.9 psutil>=5.6.6 @@ -44,4 +42,5 @@ six==1.15.0 testinfra>=5.3.1 translate-toolkit urllib3>=1.26.5 +uv yamllint diff --git a/securedrop/requirements/python3/develop-requirements.txt b/securedrop/requirements/python3/develop-requirements.txt index a33ef9ef02f..e32f071a087 100644 --- a/securedrop/requirements/python3/develop-requirements.txt +++ b/securedrop/requirements/python3/develop-requirements.txt @@ -1,9 +1,13 @@ -# -# This file is autogenerated by pip-compile -# To update, run: -# -# pip-compile --allow-unsafe --generate-hashes --output-file=requirements/python3/develop-requirements.txt requirements/python3/develop-requirements.in requirements/python3/translation-requirements.in -# +# This file was autogenerated by uv via the following command: +# uv pip compile --generate-hashes --output-file requirements/python3/develop-requirements.txt requirements/python3/translation-requirements.in requirements/python3/develop-requirements.in +ansible==6.7.0 \ + --hash=sha256:3cda6e67b1d42516f64ce376bb94c5186ff33d215d155432be5b3c2ec60bf112 \ + --hash=sha256:c188f3ac8a8583794aadcff0bea87895ead58c19d6f244cd0c342562706e176c + # via + # -r requirements/python3/develop-requirements.in + # ansible-lint + # molecule + # molecule-vagrant ansible-compat==2.2.7 \ --hash=sha256:08deddcd0a1dc6baabe674b07c6ff882118492c123d281f56f01905271a7ffc4 \ --hash=sha256:77fd80841279d8b0664df61faab65c32275d1a2b0079f60bf30c3d44251f6301 @@ -16,14 +20,6 @@ ansible-lint==4.2.0 \ --hash=sha256:b9fc9a6564f5d60a4284497f966f38ef78f0e2505edbe2bd1225f1ade31c2d8a \ --hash=sha256:eb925d8682d70563ccb80e2aca7b3edf84fb0b768cea3edc6846aac7abdc414a # via -r requirements/python3/develop-requirements.in -ansible==6.7.0 \ - --hash=sha256:3cda6e67b1d42516f64ce376bb94c5186ff33d215d155432be5b3c2ec60bf112 \ - --hash=sha256:c188f3ac8a8583794aadcff0bea87895ead58c19d6f244cd0c342562706e176c - # via - # -r requirements/python3/develop-requirements.in - # ansible-lint - # molecule - # molecule-vagrant apipkg==1.4 \ --hash=sha256:2e38399dbe842891fe85392601aab8f40a8f4cc5a9053c326de35a1cc0297ac6 \ --hash=sha256:65d2aa68b28e7d31233bb2ba8eb31cda40e4671f8ac2d6b241e358c9652a74b9 @@ -49,7 +45,7 @@ argon2-cffi==20.1.0 \ arrow==0.10.0 \ --hash=sha256:805906f09445afc1f0fc80187db8fe07670e3b25cdafa09b8d8ac264a8c0c722 # via cookiecutter -aspy.yaml==1.3.0 \ +aspy-yaml==1.3.0 \ --hash=sha256:463372c043f70160a9ec950c3f1e4c3a82db5fca01d334b6bc89c7164d744bdc \ --hash=sha256:e7c742382eff2caed61f87a39d13f99109088e5e93f04d76eb8d4b28aa143f45 # via pre-commit @@ -221,17 +217,6 @@ charset-normalizer==2.0.3 \ --hash=sha256:88fce3fa5b1a84fdcb3f603d889f723d1dd89b26059d0123ca435570e848d5e1 \ --hash=sha256:c46c3ace2d744cfbdebceaa3c19ae691f53ae621b39fd7570f59d14fb7f2fd12 # via requests -click-completion==0.5.2 \ - --hash=sha256:5bf816b81367e638a190b6e91b50779007d14301b3f9f3145d68e3cade7bce86 - # via molecule -click-help-colors==0.9.1 \ - --hash=sha256:25a6bd22d8abbc72c18a416a1cf21ab65b6120bee48e9637829666cbad22d51d \ - --hash=sha256:78cbcf30cfa81c5fc2a52f49220121e1a8190cd19197d9245997605d3405824d - # via molecule -click-option-group==0.5.3 \ - --hash=sha256:9653a2297357335d7325a1827e71ac1245d91c97d959346a7decabd4a52d5354 \ - --hash=sha256:a6e924f3c46b657feb5b72679f7e930f8e5b224b766ab35c91ae4019b4e0615e - # via semgrep click==8.1.2 \ --hash=sha256:24e1a4a9ec5bf6299411369b208c1df2188d9eb8d916302fe6bf03faed227f1e \ --hash=sha256:479707fe14d9ec9a0757618b7a100a0ae4c4e236fac5b7f80ca68028141a1a72 @@ -242,10 +227,20 @@ click==8.1.2 \ # click-option-group # cookiecutter # molecule - # pip-tools # python-gilt # safety # semgrep +click-completion==0.5.2 \ + --hash=sha256:5bf816b81367e638a190b6e91b50779007d14301b3f9f3145d68e3cade7bce86 + # via molecule +click-help-colors==0.9.1 \ + --hash=sha256:25a6bd22d8abbc72c18a416a1cf21ab65b6120bee48e9637829666cbad22d51d \ + --hash=sha256:78cbcf30cfa81c5fc2a52f49220121e1a8190cd19197d9245997605d3405824d + # via molecule +click-option-group==0.5.3 \ + --hash=sha256:9653a2297357335d7325a1827e71ac1245d91c97d959346a7decabd4a52d5354 \ + --hash=sha256:a6e924f3c46b657feb5b72679f7e930f8e5b224b766ab35c91ae4019b4e0615e + # via semgrep colorama==0.4.5 \ --hash=sha256:854bf444933e37f5824ae7bfc1e98d5bce2ebe4160d46b5edf346a89358e99da \ --hash=sha256:e6c6b4334fc50988a639d9b98aa429a0b57da6e17b9a44f0451f930b6967b7a4 @@ -378,16 +373,16 @@ jinja2==3.1.3 \ # click-completion # cookiecutter # molecule -jsonschema-specifications==2023.12.1 \ - --hash=sha256:48a76787b3e70f5ed53f1160d2b81f586e4ca6d1548c5de7085d1682674764cc \ - --hash=sha256:87e4fdf3a94858b8a2ba2778d9ba57d8a9cafca7c7489c46ba0d30a8bc6a9c3c - # via jsonschema jsonschema==4.21.0 \ --hash=sha256:3ba18e27f7491ea4a1b22edce00fb820eec968d397feb3f9cb61d5894bb38167 \ --hash=sha256:70a09719d375c0a2874571b363c8a24be7df8071b80c9aa76bc4551e7297c63c # via # ansible-compat # semgrep +jsonschema-specifications==2023.12.1 \ + --hash=sha256:48a76787b3e70f5ed53f1160d2b81f586e4ca6d1548c5de7085d1682674764cc \ + --hash=sha256:87e4fdf3a94858b8a2ba2778d9ba57d8a9cafca7c7489c46ba0d30a8bc6a9c3c + # via jsonschema lazy-object-proxy==1.6.0 \ --hash=sha256:17e0967ba374fc24141738c69736da90e94419338fd4c7c7bef01ee26b339653 \ --hash=sha256:1fee665d2638491f4d6e55bd483e15ef21f6c8c2095f235fef72601021e64f61 \ @@ -576,16 +571,16 @@ mdurl==0.1.2 \ --hash=sha256:84008a41e51615a49fc9966191ff91509e3c40b939176e643fd50a5c2196b8f8 \ --hash=sha256:bb413d29f5eea38f31dd4754dd7377d4465116fb207585f97bf925588687c1ba # via markdown-it-py -molecule-vagrant==0.3 \ - --hash=sha256:5fcacbb9544e2736ce206a01c72f25cf74cbfe147df1722930d0373d87499907 \ - --hash=sha256:94b9aec5b1c7b499f549539bdd8d73c74afcce0a20776efd82f3f4ebae40ca98 - # via -r requirements/python3/develop-requirements.in molecule==3.0.2.1 \ --hash=sha256:555514a06687cc798aa67581b6523701b40149a0ddcfd366f7c663904d700e84 \ --hash=sha256:906e6b1213c72877738a1b764ace722636b0bec5df1a311c27380b63f8d21bb6 # via # -r requirements/python3/develop-requirements.in # molecule-vagrant +molecule-vagrant==0.3 \ + --hash=sha256:5fcacbb9544e2736ce206a01c72f25cf74cbfe147df1722930d0373d87499907 \ + --hash=sha256:94b9aec5b1c7b499f549539bdd8d73c74afcce0a20776efd82f3f4ebae40ca98 + # via -r requirements/python3/develop-requirements.in mypy-extensions==0.4.3 \ --hash=sha256:090fedd75945a69ae91ce1303b5824f428daf5a028d2f6ab8a299250a846f15d \ --hash=sha256:2d82818f5bb3e369420cb3c4060a7970edba416647068eb4c5343488a6c604a8 @@ -622,17 +617,13 @@ pathspec==0.9.0 \ peewee==3.17.1 \ --hash=sha256:e009ac4227c4fdc0058a56e822ad5987684f0a1fbb20fed577200785102581c3 # via semgrep -pep517==0.10.0 \ - --hash=sha256:ac59f3f6b9726a49e15a649474539442cf76e0697e39df4869d25e68e880931b \ - --hash=sha256:eba39d201ef937584ad3343df3581069085bacc95454c80188291d5b3ac7a249 - # via pip-tools pexpect==4.9.0 \ --hash=sha256:7236d1e080e4936be2dc3e326cec0af72acf9212a7e1d060210e70a47e253523 \ --hash=sha256:ee7d41123f3c9911050ea2c2dac107568dc43b2d3b0c7557a33212c398ead30f # via molecule -pip-tools==6.1.0 \ - --hash=sha256:197e3f8839095ccec3ad1ef410e0804c07d9f17dff1c340fb417ca2b63feacc9 \ - --hash=sha256:400bf77e29cca48c31abc210042932bb52dcc138ef4ea4d52c5db429aa8ae6ee +pip==21.3 \ + --hash=sha256:4a1de8f97884ecfc10b48fe61c234f7e7dcf4490a37217011ad9369d899ad5a6 \ + --hash=sha256:741a61baab1dbce2d8ca415effa48a2b6a964564f81a9f4f1fce4c433346c034 # via -r requirements/python3/develop-requirements.in pkgutil-resolve-name==1.3.10 \ --hash=sha256:357d6c9e6a755653cfd78893817c0853af365dd51ec97f3d358a819373bbd174 \ @@ -658,7 +649,7 @@ pre-commit==1.21.0 \ --hash=sha256:8f48d8637bdae6fa70cc97db9c1dd5aa7c5c8bf71968932a380628c25978b850 \ --hash=sha256:f92a359477f3252452ae2e8d3029de77aec59415c16ae4189bcfba40b757e029 # via molecule -prompt_toolkit==2.0.9 \ +prompt-toolkit==2.0.9 \ --hash=sha256:11adf3389a996a6d45cc277580d0d53e8a5afd281d0c9ec71b28e6f121463780 \ --hash=sha256:2519ad1d8038fd5fc8e770362237ad0364d16a7650fb5724af6997ed5515e3c1 \ --hash=sha256:977c6583ae813a37dc1c2e1b715892461fcbdaa57f6fc62f33a528c4886c8f55 @@ -720,10 +711,6 @@ pynacl==1.4.0 \ # via # -r requirements/python3/develop-requirements.in # paramiko -pytest-xdist==3.0.2 \ - --hash=sha256:688da9b814370e891ba5de650c9327d1a9d861721a524eb917e620eec3e90291 \ - --hash=sha256:9feb9a18e1790696ea23e1434fa73b325ed4998b0e9fcb221f16fd1945e6df1b - # via -r requirements/python3/develop-requirements.in pytest==7.2.0 \ --hash=sha256:892f933d339f068883b6fd5a459f03d85bfcb355e4981e146d2c7616c21fef71 \ --hash=sha256:c4014eb40e10f11f355ad4e3c2fb2c6c6d1919c73f3b5a433de4708202cade59 @@ -731,6 +718,10 @@ pytest==7.2.0 \ # -r requirements/python3/develop-requirements.in # pytest-xdist # testinfra +pytest-xdist==3.0.2 \ + --hash=sha256:688da9b814370e891ba5de650c9327d1a9d861721a524eb917e620eec3e90291 \ + --hash=sha256:9feb9a18e1790696ea23e1434fa73b325ed4998b0e9fcb221f16fd1945e6df1b + # via -r requirements/python3/develop-requirements.in python-dateutil==2.6.1 \ --hash=sha256:891c38b2a02f5bb1be3e4793866c8df49c7d19baabf9c1bad62547e0b4866aca \ --hash=sha256:95511bae634d69bc7329ba55e646499a842bc4ec342ad54a8cdb65645a0aad3c @@ -790,7 +781,7 @@ pyyaml==5.4.1 \ # ansible-compat # ansible-core # ansible-lint - # aspy.yaml + # aspy-yaml # cookiecutter # molecule # molecule-vagrant @@ -925,7 +916,15 @@ rpds-py==0.17.1 \ # via # jsonschema # referencing -ruamel.yaml.clib==0.2.7 \ +ruamel-yaml==0.17.32 \ + --hash=sha256:23cd2ed620231677564646b0c6a89d138b6822a0d78656df7abda5879ec4f447 \ + --hash=sha256:ec939063761914e14542972a5cba6d33c23b0859ab6342f61cf070cfc600efc2 + # via + # -r requirements/python3/develop-requirements.in + # ansible-lint + # safety + # semgrep +ruamel-yaml-clib==0.2.7 \ --hash=sha256:045e0626baf1c52e5527bd5db361bc83180faaba2ff586e763d3d5982a876a9e \ --hash=sha256:15910ef4f3e537eea7fe45f8a5d19997479940d9196f357152a09031c5be59f3 \ --hash=sha256:184faeaec61dbaa3cace407cffc5819f7b977e75360e8d5ca19461cd851a5fc5 \ @@ -963,15 +962,7 @@ ruamel.yaml.clib==0.2.7 \ --hash=sha256:f01da5790e95815eb5a8a138508c01c758e5f5bc0ce4286c4f7028b8dd7ac3d0 \ --hash=sha256:f34019dced51047d6f70cb9383b2ae2853b7fc4dce65129a5acd49f4f9256646 \ --hash=sha256:f6d3d39611ac2e4f62c3128a9eed45f19a6608670c5a2f4f07f24e8de3441d38 - # via ruamel.yaml -ruamel.yaml==0.17.32 \ - --hash=sha256:23cd2ed620231677564646b0c6a89d138b6822a0d78656df7abda5879ec4f447 \ - --hash=sha256:ec939063761914e14542972a5cba6d33c23b0859ab6342f61cf070cfc600efc2 - # via - # -r requirements/python3/develop-requirements.in - # ansible-lint - # safety - # semgrep + # via ruamel-yaml ruff==0.0.277 \ --hash=sha256:14a7b2f00f149c5a295f188a643ac25226ff8a4d08f7a62b1d4b0a1dc9f9b85c \ --hash=sha256:2d4444c60f2e705c14cd802b55cd2b561d25bf4311702c463a002392d3116b22 \ @@ -1006,6 +997,15 @@ semgrep==1.57.0 \ --hash=sha256:c26fdf2e84a949b6131b3b31f246b60f9c22f321efea5bfdba21ad4329c8a89d \ --hash=sha256:f01567448c85ca08e4f3567e13e343a824dff3eaa1a156fa5e15b888d2ecb161 # via -r requirements/python3/develop-requirements.in +setuptools==70.3.0 \ + --hash=sha256:f171bab1dfbc86b132997f26a119f6056a57950d058587841a0082e8830f9dc5 \ + --hash=sha256:fe384da74336c398e0d956d1cae0669bc02eed936cdb1d49b57de1990dc11ffc + # via + # -r requirements/python3/develop-requirements.in + # nodeenv + # safety + # selinux + # yamllint sh==1.12.14 \ --hash=sha256:ae3258c5249493cebe73cb4e18253a41ed69262484bad36fdb3efcb8ad8870bb \ --hash=sha256:b52bf5833ed01c7b5c5fb73a7f71b3d98d48e9b9b8764236237bdc7ecae850fc @@ -1062,7 +1062,6 @@ toml==0.10.0 \ --hash=sha256:235682dd292d5899d361a811df37e04a8828a5b1da3115886b73cf81ebc9100e # via # dparse - # pep517 # pre-commit # pylint tomli==2.0.1 \ @@ -1094,6 +1093,26 @@ urllib3==2.1.0 \ # -r requirements/python3/develop-requirements.in # requests # semgrep +uv==0.4.15 \ + --hash=sha256:04858bfd551fabe1635127d9a0afe5c62e1e7d56cf309a9674840c90bfc1f21e \ + --hash=sha256:0e9b78f1a800a4cfdfbdc9ff4e5d4cce34af770f8a1f2b9416b161f294eb3703 \ + --hash=sha256:1401e73f0e8df62b4cfbf394e65a75f18b73bf8a94a6c5653a55bd6fdb8e1bc3 \ + --hash=sha256:1bb79cb06be9bb25a1bf8641bf34593f64a96b3ba66ebd8712954f647d9faa24 \ + --hash=sha256:21a3cedb2276d635543a10a11c61f75c6e387110e23e90cdb6c6dd2e1f3c9453 \ + --hash=sha256:27884429b7fed371fe1fcbe829659c4a259463d0ecacb7891d800e4754b5f24c \ + --hash=sha256:4e40deb2cf2cb403dbaf65209d49c45462ebbb1bff290d4c18b902b5b385cdc9 \ + --hash=sha256:6eef6881abf9b858020ffd23f4e5d77423329da2d4a1bc0af6613c2f698c369a \ + --hash=sha256:7fcf7f3812dd173d39273e99fb2abb0814be6133e7a721baa424cbcfd25b483b \ + --hash=sha256:8d45295757f66d1913e5917c06f1974745adad842403d419362491939be889a6 \ + --hash=sha256:8e36b8e07595fc6216d01e729c81a0b4ff029a93cc2ef987a73d3b650d6d559c \ + --hash=sha256:9822fa4db0d8d50abf5eebe081c01666a98120455090d0b71463d01d5d4153c1 \ + --hash=sha256:9e28141883c0aa8525ad5418e519d8791b7dd75f35020d3b1457db89346c5dc8 \ + --hash=sha256:a5920ff4d114025c51d3f925130ca3b0fad277631846b1109347c24948b29159 \ + --hash=sha256:be46b37b569e3c8ffb7d78022bcc0eadeb987109f709c1cec01b00c261ed9595 \ + --hash=sha256:cf7d554656bb8c5b7710300e04d86ab5137ebdd31fe309d66860a9d474b385f8 \ + --hash=sha256:d16ae6b97eb77f478dfe51d6eb3627048d3f47bd04282d3006e6a212e541dba0 \ + --hash=sha256:e32137ba8202b1291e879e8145113bfb543fcc992b5f043852a96d803788b83c + # via -r requirements/python3/develop-requirements.in virtualenv==20.25.1 \ --hash=sha256:961c026ac520bac5f69acb8ea063e8a4f071bcc9457b9c1f28f6b085c511583a \ --hash=sha256:e08e13ecdca7a0bd53798f356d5831434afa5b07b93f0abdf0797b7a06ffe197 @@ -1119,20 +1138,3 @@ yamllint==1.29.0 \ # via # -r requirements/python3/develop-requirements.in # molecule - -# The following packages are considered to be unsafe in a requirements file: -pip==21.3 \ - --hash=sha256:4a1de8f97884ecfc10b48fe61c234f7e7dcf4490a37217011ad9369d899ad5a6 \ - --hash=sha256:741a61baab1dbce2d8ca415effa48a2b6a964564f81a9f4f1fce4c433346c034 - # via - # -r requirements/python3/develop-requirements.in - # pip-tools -setuptools==70.3.0 \ - --hash=sha256:f171bab1dfbc86b132997f26a119f6056a57950d058587841a0082e8830f9dc5 \ - --hash=sha256:fe384da74336c398e0d956d1cae0669bc02eed936cdb1d49b57de1990dc11ffc - # via - # -r requirements/python3/develop-requirements.in - # nodeenv - # safety - # selinux - # yamllint diff --git a/securedrop/requirements/python3/requirements.txt b/securedrop/requirements/python3/requirements.txt index 6fc35e03128..5ee360cd8f2 100644 --- a/securedrop/requirements/python3/requirements.txt +++ b/securedrop/requirements/python3/requirements.txt @@ -1,9 +1,5 @@ -# -# This file is autogenerated by pip-compile -# To update, run: -# -# pip-compile --allow-unsafe --generate-hashes --output-file=requirements/python3/requirements.txt requirements/python3/requirements.in -# +# This file was autogenerated by uv via the following command: +# uv pip compile --generate-hashes --output-file requirements/python3/requirements.txt requirements/python3/requirements.in alembic==0.9.9 \ --hash=sha256:85bd3ea7633024e4930900bc64fb58f9742dedbc6ebb6ecf25be2ea9a3c1b32e # via -r requirements/python3/requirements.in @@ -120,6 +116,14 @@ cryptography==41.0.7 \ --hash=sha256:e3114da6d7f95d2dee7d3f4eec16dacff819740bbab931aff8648cb13c5ff5e7 \ --hash=sha256:f983596065a18a2183e7f79ab3fd4c475205b839e02cbc0efbbf9666c4b3083d # via -r requirements/python3/requirements.in +flask==2.0.3 \ + --hash=sha256:59da8a3170004800a2837844bfa84d49b022550616070f7cb1a659682b2e7c9f \ + --hash=sha256:e1120c228ca2f553b470df4a5fa927ab66258467526069981b3eb0a91902687d + # via + # -r requirements/python3/requirements.in + # flask-babel + # flask-sqlalchemy + # flask-wtf flask-babel==2.0.0 \ --hash=sha256:e6820a052a8d344e178cdd36dd4bb8aea09b4bda3d5f9fa9f008df2c7f2f5468 \ --hash=sha256:f9faf45cdb2e1a32ea2ec14403587d4295108f35017a7821a2b1acb8cfd9257d @@ -132,14 +136,6 @@ flask-wtf==1.0.0 \ --hash=sha256:01feccfc395405cea48a3f36c23f0d766e2cc6fd2a5a065ad50ad3e5827ec797 \ --hash=sha256:872fbb17b5888bfc734edbdcf45bc08fb365ca39f69d25dc752465a455517b28 # via -r requirements/python3/requirements.in -flask==2.0.3 \ - --hash=sha256:59da8a3170004800a2837844bfa84d49b022550616070f7cb1a659682b2e7c9f \ - --hash=sha256:e1120c228ca2f553b470df4a5fa927ab66258467526069981b3eb0a91902687d - # via - # -r requirements/python3/requirements.in - # flask-babel - # flask-sqlalchemy - # flask-wtf itsdangerous==2.0.1 \ --hash=sha256:5174094b9637652bdb841a3029700391451bd092ba3db90600dea710ba28e97c \ --hash=sha256:9e724d68fc22902a1435351f84c3fb8623f303fffcc566a4cb952df8c572cff0 @@ -261,6 +257,10 @@ rq==1.10.0 \ --hash=sha256:92950a3e60863de48dd1800882939bbaf089a37497ebf9f2ecf7c9fd0a4c4a95 \ --hash=sha256:be09ec43fae9a75a4d26ea3cd520e5fa3ea2ea8cf481be33e6ec9416f0369cac # via -r requirements/python3/requirements.in +setuptools==70.3.0 \ + --hash=sha256:f171bab1dfbc86b132997f26a119f6056a57950d058587841a0082e8830f9dc5 \ + --hash=sha256:fe384da74336c398e0d956d1cae0669bc02eed936cdb1d49b57de1990dc11ffc + # via -r requirements/python3/requirements.in six==1.11.0 \ --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \ --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb @@ -286,9 +286,3 @@ wtforms==3.0.0 \ # via # -r requirements/python3/requirements.in # flask-wtf - -# The following packages are considered to be unsafe in a requirements file: -setuptools==70.3.0 \ - --hash=sha256:f171bab1dfbc86b132997f26a119f6056a57950d058587841a0082e8830f9dc5 \ - --hash=sha256:fe384da74336c398e0d956d1cae0669bc02eed936cdb1d49b57de1990dc11ffc - # via -r requirements/python3/requirements.in diff --git a/securedrop/requirements/python3/test-requirements.in b/securedrop/requirements/python3/test-requirements.in index 2a219cdef91..7fad50a88bf 100644 --- a/securedrop/requirements/python3/test-requirements.in +++ b/securedrop/requirements/python3/test-requirements.in @@ -6,7 +6,6 @@ html5validator mock pathlib2 pillow>=10.3.0 # Safety 67136 for CVE-2024-28219 -pip-tools>=6.1.0 pytest>=7.2.0 pytest-xdist>=3.0.2 pytest-cov @@ -24,3 +23,4 @@ types-PyYAML types-redis types-requests types-setuptools>=70.0.0 +uv diff --git a/securedrop/requirements/python3/test-requirements.txt b/securedrop/requirements/python3/test-requirements.txt index ba8ae6ab018..5d62754e1dd 100644 --- a/securedrop/requirements/python3/test-requirements.txt +++ b/securedrop/requirements/python3/test-requirements.txt @@ -1,9 +1,5 @@ -# -# This file is autogenerated by pip-compile -# To update, run: -# -# pip-compile --allow-unsafe --generate-hashes --output-file=requirements/python3/test-requirements.txt requirements/python3/test-requirements.in -# +# This file was autogenerated by uv via the following command: +# uv pip compile --generate-hashes --output-file requirements/python3/test-requirements.txt requirements/python3/test-requirements.in apipkg==1.5 \ --hash=sha256:37228cda29411948b422fae072f57e31d3396d2ee1c9783775980ee9c9990af6 \ --hash=sha256:58587dd4dc3daefad0487f6d9ae32b4542b185e1c36db6993290e7c41ca2b47c @@ -33,10 +29,6 @@ charset-normalizer==2.0.3 \ --hash=sha256:88fce3fa5b1a84fdcb3f603d889f723d1dd89b26059d0123ca435570e848d5e1 \ --hash=sha256:c46c3ace2d744cfbdebceaa3c19ae691f53ae621b39fd7570f59d14fb7f2fd12 # via requests -click==8.1.2 \ - --hash=sha256:24e1a4a9ec5bf6299411369b208c1df2188d9eb8d916302fe6bf03faed227f1e \ - --hash=sha256:479707fe14d9ec9a0757618b7a100a0ae4c4e236fac5b7f80ca68028141a1a72 - # via pip-tools coverage==5.3 \ --hash=sha256:0203acd33d2298e19b57451ebb0bed0ab0c602e5cf5a818591b4918b1f97d516 \ --hash=sha256:0f313707cdecd5cd3e217fc68c78a960b616604b559e9ea60cc16795c4304259 \ @@ -111,10 +103,6 @@ mock==2.0.0 \ --hash=sha256:5ce3c71c5545b472da17b72268978914d0252980348636840bd34a00b5cc96c1 \ --hash=sha256:b158b6df76edd239b8208d481dc46b6afd45a846b7812ff0ce58971cf5bc8bba # via -r requirements/python3/test-requirements.in -mypy-extensions==0.4.3 \ - --hash=sha256:090fedd75945a69ae91ce1303b5824f428daf5a028d2f6ab8a299250a846f15d \ - --hash=sha256:2d82818f5bb3e369420cb3c4060a7970edba416647068eb4c5343488a6c604a8 - # via mypy mypy==1.0.0 \ --hash=sha256:01b1b9e1ed40544ef486fa8ac022232ccc57109f379611633ede8e71630d07d2 \ --hash=sha256:0ab090d9240d6b4e99e1fa998c2d0aa5b29fc0fb06bd30e7ad6183c95fa07593 \ @@ -145,6 +133,10 @@ mypy==1.0.0 \ # via # -r requirements/python3/test-requirements.in # sqlalchemy-stubs +mypy-extensions==0.4.3 \ + --hash=sha256:090fedd75945a69ae91ce1303b5824f428daf5a028d2f6ab8a299250a846f15d \ + --hash=sha256:2d82818f5bb3e369420cb3c4060a7970edba416647068eb4c5343488a6c604a8 + # via mypy outcome==1.3.0.post0 \ --hash=sha256:9dcf02e65f2971b80047b377468e72a268e15c0af3cf1238e6ff14f7f91143b8 \ --hash=sha256:e771c5ce06d1415e356078d3bdd68523f284b4ce5419828922b6871e65eda82b @@ -161,10 +153,6 @@ pbr==3.1.1 \ --hash=sha256:05f61c71aaefc02d8e37c0a3eeb9815ff526ea28b3b76324769e6158d7f95be1 \ --hash=sha256:60c25b7dfd054ef9bb0ae327af949dd4676aa09ac3a9471cdc871d8a9213f9ac # via mock -pep517==0.10.0 \ - --hash=sha256:ac59f3f6b9726a49e15a649474539442cf76e0697e39df4869d25e68e880931b \ - --hash=sha256:eba39d201ef937584ad3343df3581069085bacc95454c80188291d5b3ac7a249 - # via pip-tools pillow==10.3.0 \ --hash=sha256:048ad577748b9fa4a99a0548c64f2cb8d672d5bf2e643a739ac8faff1164238c \ --hash=sha256:048eeade4c33fdf7e08da40ef402e748df113fd0b4584e32c4af74fe78baaeb2 \ @@ -236,10 +224,6 @@ pillow==10.3.0 \ --hash=sha256:fdcbb4068117dfd9ce0138d068ac512843c52295ed996ae6dd1faf537b6dbc27 \ --hash=sha256:ff61bfd9253c3915e6d41c651d5f962da23eda633cf02262990094a18a55371a # via -r requirements/python3/test-requirements.in -pip-tools==6.1.0 \ - --hash=sha256:197e3f8839095ccec3ad1ef410e0804c07d9f17dff1c340fb417ca2b63feacc9 \ - --hash=sha256:400bf77e29cca48c31abc210042932bb52dcc138ef4ea4d52c5db429aa8ae6ee - # via -r requirements/python3/test-requirements.in pluggy==0.13.1 \ --hash=sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0 \ --hash=sha256:966c145cd83c96502c3c3868f50408687b38434af77734af1e9ca461a4081d2d @@ -253,6 +237,14 @@ pysocks==1.6.8 \ # via # requests # urllib3 +pytest==7.2.0 \ + --hash=sha256:892f933d339f068883b6fd5a459f03d85bfcb355e4981e146d2c7616c21fef71 \ + --hash=sha256:c4014eb40e10f11f355ad4e3c2fb2c6c6d1919c73f3b5a433de4708202cade59 + # via + # -r requirements/python3/test-requirements.in + # pytest-cov + # pytest-mock + # pytest-xdist pytest-cov==2.5.1 \ --hash=sha256:03aa752cf11db41d281ea1d807d954c4eda35cfa1b21d6971966cc041bbf6e2d \ --hash=sha256:890fe5565400902b0c78b5357004aab1c814115894f4f21370e2433256a3eeec @@ -265,14 +257,6 @@ pytest-xdist==3.0.2 \ --hash=sha256:688da9b814370e891ba5de650c9327d1a9d861721a524eb917e620eec3e90291 \ --hash=sha256:9feb9a18e1790696ea23e1434fa73b325ed4998b0e9fcb221f16fd1945e6df1b # via -r requirements/python3/test-requirements.in -pytest==7.2.0 \ - --hash=sha256:892f933d339f068883b6fd5a459f03d85bfcb355e4981e146d2c7616c21fef71 \ - --hash=sha256:c4014eb40e10f11f355ad4e3c2fb2c6c6d1919c73f3b5a433de4708202cade59 - # via - # -r requirements/python3/test-requirements.in - # pytest-cov - # pytest-mock - # pytest-xdist pyyaml==5.4.1 \ --hash=sha256:08682f6b72c722394747bddaf0aa62277e02557c0fd1c42cb853016a38f8dedf \ --hash=sha256:0f5f5786c0e09baddcd8b4b45f20a7b5d61a7e7e99846e3c799b05c7c53fa696 \ @@ -304,7 +288,7 @@ pyyaml==5.4.1 \ --hash=sha256:fdc842473cd33f45ff6bce46aea678a54e3d21f1b61a7750ce3c498eedfe25d6 \ --hash=sha256:fe69978f3f768926cfa37b867e3843918e012cf83f680806599ddce33c2c68b0 # via html5validator -requests[socks]==2.31.0 \ +requests==2.31.0 \ --hash=sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f \ --hash=sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1 # via -r requirements/python3/test-requirements.in @@ -314,6 +298,10 @@ selenium==4.16.0 \ # via # -r requirements/python3/test-requirements.in # tbselenium +setuptools==70.3.0 \ + --hash=sha256:f171bab1dfbc86b132997f26a119f6056a57950d058587841a0082e8830f9dc5 \ + --hash=sha256:fe384da74336c398e0d956d1cae0669bc02eed936cdb1d49b57de1990dc11ffc + # via -r requirements/python3/test-requirements.in six==1.11.0 \ --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \ --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb @@ -336,26 +324,22 @@ sqlalchemy-stubs==0.4 \ tbselenium==0.8.1 \ --hash=sha256:b40df4f339459d90e8c9e6fd66f7ebf9baabbc5b79d8ca7c94ebcb092f7e1726 # via -r requirements/python3/test-requirements.in -toml==0.10.1 \ - --hash=sha256:926b612be1e5ce0634a2ca03470f95169cf16f939018233a670519cb4ac58b0f \ - --hash=sha256:bda89d5935c2eac546d648028b9901107a595863cb36bae0c73ac804a9b4ce88 - # via pep517 tomli==2.0.1 \ --hash=sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc \ --hash=sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f # via # mypy # pytest -trio-websocket==0.11.1 \ - --hash=sha256:18c11793647703c158b1f6e62de638acada927344d534e3c7628eedcb746839f \ - --hash=sha256:520d046b0d030cf970b8b2b2e00c4c2245b3807853ecd44214acd33d74581638 - # via selenium trio==0.23.2 \ --hash=sha256:5a0b566fa5d50cf231cfd6b08f3b03aa4179ff004b8f3144059587039e2b26d3 \ --hash=sha256:da1d35b9a2b17eb32cae2e763b16551f9aa6703634735024e32f325c9285069e # via # selenium # trio-websocket +trio-websocket==0.11.1 \ + --hash=sha256:18c11793647703c158b1f6e62de638acada927344d534e3c7628eedcb746839f \ + --hash=sha256:520d046b0d030cf970b8b2b2e00c4c2245b3807853ecd44214acd33d74581638 + # via selenium types-mock==4.0.12 \ --hash=sha256:81f98e66bddde1b2a8d96c15c084d5d3ed96cf6137bca9ba8aabc6b6865b9ca7 \ --hash=sha256:f8b1dbe128dc2d5aa038876a8b497dfd1a9405210a5eb3dc4b4757c2e254627c @@ -386,24 +370,34 @@ typing-extensions==4.1.1 \ # via # mypy # sqlalchemy-stubs -urllib3[socks]==1.26.6 \ +urllib3==1.26.6 \ --hash=sha256:39fb8672126159acb139a7718dd10806104dec1e2f0f6c88aab05d17df10c8d4 \ --hash=sha256:f57b4c16c62fa2760b7e3d97c35b255512fb6b59a259730f36ba32ce9f8e342f # via # -r requirements/python3/test-requirements.in # requests # selenium +uv==0.4.15 \ + --hash=sha256:04858bfd551fabe1635127d9a0afe5c62e1e7d56cf309a9674840c90bfc1f21e \ + --hash=sha256:0e9b78f1a800a4cfdfbdc9ff4e5d4cce34af770f8a1f2b9416b161f294eb3703 \ + --hash=sha256:1401e73f0e8df62b4cfbf394e65a75f18b73bf8a94a6c5653a55bd6fdb8e1bc3 \ + --hash=sha256:1bb79cb06be9bb25a1bf8641bf34593f64a96b3ba66ebd8712954f647d9faa24 \ + --hash=sha256:21a3cedb2276d635543a10a11c61f75c6e387110e23e90cdb6c6dd2e1f3c9453 \ + --hash=sha256:27884429b7fed371fe1fcbe829659c4a259463d0ecacb7891d800e4754b5f24c \ + --hash=sha256:4e40deb2cf2cb403dbaf65209d49c45462ebbb1bff290d4c18b902b5b385cdc9 \ + --hash=sha256:6eef6881abf9b858020ffd23f4e5d77423329da2d4a1bc0af6613c2f698c369a \ + --hash=sha256:7fcf7f3812dd173d39273e99fb2abb0814be6133e7a721baa424cbcfd25b483b \ + --hash=sha256:8d45295757f66d1913e5917c06f1974745adad842403d419362491939be889a6 \ + --hash=sha256:8e36b8e07595fc6216d01e729c81a0b4ff029a93cc2ef987a73d3b650d6d559c \ + --hash=sha256:9822fa4db0d8d50abf5eebe081c01666a98120455090d0b71463d01d5d4153c1 \ + --hash=sha256:9e28141883c0aa8525ad5418e519d8791b7dd75f35020d3b1457db89346c5dc8 \ + --hash=sha256:a5920ff4d114025c51d3f925130ca3b0fad277631846b1109347c24948b29159 \ + --hash=sha256:be46b37b569e3c8ffb7d78022bcc0eadeb987109f709c1cec01b00c261ed9595 \ + --hash=sha256:cf7d554656bb8c5b7710300e04d86ab5137ebdd31fe309d66860a9d474b385f8 \ + --hash=sha256:d16ae6b97eb77f478dfe51d6eb3627048d3f47bd04282d3006e6a212e541dba0 \ + --hash=sha256:e32137ba8202b1291e879e8145113bfb543fcc992b5f043852a96d803788b83c + # via -r requirements/python3/test-requirements.in wsproto==1.2.0 \ --hash=sha256:ad565f26ecb92588a3e43bc3d96164de84cd9902482b130d0ddbaa9664a85065 \ --hash=sha256:b9acddd652b585d75b20477888c56642fdade28bdfd3579aa24a4d2c037dd736 # via trio-websocket - -# The following packages are considered to be unsafe in a requirements file: -pip==21.1.1 \ - --hash=sha256:11d095ed5c15265fc5c15cc40a45188675c239fb0f9913b673a33e54ff7d45f0 \ - --hash=sha256:51ad01ddcd8de923533b01a870e7b987c2eb4d83b50b89e1bf102723ff9fed8b - # via pip-tools -setuptools==70.3.0 \ - --hash=sha256:f171bab1dfbc86b132997f26a119f6056a57950d058587841a0082e8830f9dc5 \ - --hash=sha256:fe384da74336c398e0d956d1cae0669bc02eed936cdb1d49b57de1990dc11ffc - # via -r requirements/python3/test-requirements.in diff --git a/securedrop/requirements/python3/translation-requirements.txt b/securedrop/requirements/python3/translation-requirements.txt index ec7a9c35cb0..f2e6c89f5fe 100644 --- a/securedrop/requirements/python3/translation-requirements.txt +++ b/securedrop/requirements/python3/translation-requirements.txt @@ -1,9 +1,5 @@ -# -# This file is autogenerated by pip-compile -# To update, run: -# -# pip-compile --allow-unsafe --generate-hashes --output-file=requirements/python3/translation-requirements.txt requirements/python3/translation-requirements.in -# +# This file was autogenerated by uv via the following command: +# uv pip compile --generate-hashes --output-file requirements/python3/translation-requirements.txt requirements/python3/translation-requirements.in babel==2.12.1 \ --hash=sha256:b4246fb7677d3b98f501a39d43396d3cafdc8eadb045f4a31be01863f655c610 \ --hash=sha256:cc2d99999cd01d44420ae725a21c9e3711b3aadc7976d6147f622d8581963455