This repository has been archived by the owner on Jan 5, 2024. It is now read-only.
Use Poetry for dependency management #122
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
eloquence
commented
Sep 28, 2023
eloquence
commented
Sep 28, 2023
eloquence
commented
Sep 28, 2023
eloquence
force-pushed
the
only-poetry
branch
3 times, most recently
from
68d664b
to
0206e6c
Compare
This was referenced Oct 25, 2023
|
CI will now fail fully until freedomofpress/securedrop-builder#469 is merged. |
6 tasks
We're installing the Poetry system package on Debian Bookworm -- that's generally a preferable strategy going forward, and in fact, pip will error out if you attempt to install it from PyPI. This necessitates some conditional logic we can drop once we move fully to Bookworm.
legoktm
approved these changes
Oct 27, 2023
legoktm
added a commit
to freedomofpress/securedrop-log
that referenced
this pull request
Nov 3, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI.
legoktm
added a commit
to freedomofpress/securedrop-log
that referenced
this pull request
Nov 3, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI.
legoktm
added a commit
to freedomofpress/securedrop-export
that referenced
this pull request
Nov 6, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI.
legoktm
added a commit
to freedomofpress/securedrop-export
that referenced
this pull request
Nov 6, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI.
legoktm
added a commit
to freedomofpress/securedrop-export
that referenced
this pull request
Nov 6, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI.
legoktm
added a commit
to freedomofpress/securedrop-export
that referenced
this pull request
Nov 6, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI.
legoktm
added a commit
to freedomofpress/securedrop-client
that referenced
this pull request
Nov 13, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI. The main difference is that we install PyQt5 via system packages, so the two versions we specifically need are listed in pyproject.toml and vary on the Python versions shipped with bullseye and bookworm.
8 tasks
legoktm
added a commit
to freedomofpress/securedrop-client
that referenced
this pull request
Nov 13, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI. The main difference is that we install PyQt5 via system packages, so the two versions we specifically need are listed in pyproject.toml and vary on the Python versions shipped with bullseye and bookworm. We also don't actually need the pathlib2 dependency any more because our Python version is high enough, so it's dropped now that poetry is smart enough to detect it!
legoktm
added a commit
to freedomofpress/securedrop-client
that referenced
this pull request
Nov 13, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI. The main difference is that we install PyQt5 via system packages, so the two versions we specifically need are listed in pyproject.toml and vary on the Python versions shipped with bullseye and bookworm. We also don't actually need the pathlib2 dependency any more because our Python version is high enough, so it's dropped now that poetry is smart enough to detect it!
legoktm
added a commit
to freedomofpress/securedrop-client
that referenced
this pull request
Nov 13, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI. The main difference is that we install PyQt5 via system packages, so the two versions we specifically need are listed in pyproject.toml and vary on the Python versions shipped with bullseye and bookworm. We also don't actually need the pathlib2 dependency any more because our Python version is high enough, so it's dropped now that poetry is smart enough to detect it!
legoktm
added a commit
to freedomofpress/securedrop-client
that referenced
this pull request
Nov 13, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI. The main difference is that we install PyQt5 via system packages, so the two versions we specifically need are listed in pyproject.toml and vary on the Python versions shipped with bullseye and bookworm. We also don't actually need the pathlib2 dependency any more because our Python version is high enough, so it's dropped now that poetry is smart enough to detect it!
legoktm
added a commit
to freedomofpress/securedrop-client
that referenced
this pull request
Dec 6, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI. The main difference is that we install PyQt5 via system packages, so the two versions we specifically need are listed in pyproject.toml and vary on the Python versions shipped with bullseye and bookworm. We also don't actually need the pathlib2 dependency any more because our Python version is high enough, so it's dropped now that poetry is smart enough to detect it!
legoktm
added a commit
to freedomofpress/securedrop-client
that referenced
this pull request
Dec 6, 2023
Switch dependency management to use poetry, which is much nicer than pip-tools. This is largely based off of <freedomofpress/securedrop-proxy#122> and applies the same changes to the Makefile and CI. The main difference is that we install PyQt5 via system packages, so the two versions we specifically need are listed in pyproject.toml and vary on the Python versions shipped with bullseye and bookworm. We also don't actually need the pathlib2 dependency any more because our Python version is high enough, so it's dropped now that poetry is smart enough to detect it!
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Status
Ready for review, but should not be merged until freedomofpress/securedrop-builder#467 and the changes in the
poetry-support-with-proxy-changesinsecuredrop-builderare merged, after which we can drop theFIXMEchange from the CI config.Description
This PR migrates the
securedrop-proxypackage to use Poetry for dependency management, consistent with our overall plan to use Poetry for most Python dependency management going forward. It also updates the documentation accordingly.CI is red due to freedomofpress/securedrop-client#1681, which is unrelated to this change.
Test plan
The test plan in freedomofpress/securedrop-builder#467 verifies the basic workflow already: It asks the tester to install the dependencies via Poetry, and to add a dependency for testing purposes.
Beyond that, I would recommend testing the modified
Makefiletargets in this PR.