diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml new file mode 100644 index 000000000..019ab961b --- /dev/null +++ b/.github/workflows/update-dependencies.yml @@ -0,0 +1,28 @@ +name: Update dependencies + +on: + workflow_dispatch: + schedule: + - cron: '0 6 * * 1' # "At 06:00 on Monday." + +jobs: + update-dependencies: + name: Update dependencies + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: excitedleigh/setup-nox@1.0.0 + - name: "Run update: dependencies" + run: pipx run nox + - name: Create Pull Request + if: github.ref == 'refs/heads/master' && github.repository == 'pypa/manylinux' + uses: peter-evans/create-pull-request@v3 + with: + commit-message: Update dependencies + title: '[Bot] Update dependencies' + body: | + Update the versions of our dependencies. + + PR generated by "Update dependencies" [workflow](https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}). + branch: update-dependencies-pr + delete-branch: true diff --git a/README.rst b/README.rst index 5ac12a9ae..68fb84eb0 100644 --- a/README.rst +++ b/README.rst @@ -146,7 +146,7 @@ Image content All images currently contain: -- CPython 3.5, 3.6, 3.7, 3.8 and 3.9, installed in +- CPython 3.6, 3.7, 3.8 and 3.9, installed in ``/opt/python/-``. The directories are named after the PEP 425 tags for each environment -- e.g. ``/opt/python/cp37-cp37m`` contains a CPython 3.7 build, and @@ -175,6 +175,15 @@ current (root) directory: Please note that the Docker build is using `buildx `_. +Updating the requirements +------------------------- + +The requirement files are pinned and controlled by pip-tools compile. To update +the pins, run nox on a Linux system with all supported versions of Python included. +For example, using a docker image: + + $ docker run --rm -v $PWD:/nox -t thekevjames/nox nox -f /nox/noxfile.py -s compile tools + Example ------- diff --git a/docker/Dockerfile b/docker/Dockerfile index bbe5abf85..dc9cb2821 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -154,7 +154,15 @@ COPY --from=build_cmake /manylinux-rootfs / COPY --from=build_swig /manylinux-rootfs / COPY --from=build_cpython /manylinux-rootfs / COPY --from=all_cpython /opt/_internal /opt/_internal/ -COPY build_scripts/finalize.sh build_scripts/update-system-packages.sh build_scripts/python-tag-abi-tag.py build_scripts/requirements.txt build_scripts/requirements-tools.txt /build_scripts/ +COPY build_scripts/finalize.sh build_scripts/update-system-packages.sh \ + build_scripts/python-tag-abi-tag.py \ + build_scripts/requirements3.6.txt \ + build_scripts/requirements3.7.txt \ + build_scripts/requirements3.8.txt \ + build_scripts/requirements3.9.txt \ + build_scripts/requirements3.10.txt \ + build_scripts/requirements-tools.txt \ + /build_scripts/ RUN manylinux-entrypoint /build_scripts/finalize.sh && rm -rf /build_scripts ENV SSL_CERT_FILE=/opt/_internal/certs.pem diff --git a/docker/build_scripts/finalize.sh b/docker/build_scripts/finalize.sh index 7d750ea91..cf4022308 100755 --- a/docker/build_scripts/finalize.sh +++ b/docker/build_scripts/finalize.sh @@ -20,9 +20,10 @@ for PREFIX in $(find /opt/_internal/ -mindepth 1 -maxdepth 1 -name 'cpython*'); if [ -e ${PREFIX}/bin/pip3 ] && [ ! -e ${PREFIX}/bin/pip ]; then ln -s pip3 ${PREFIX}/bin/pip fi + PY_VER=$(${PREFIX}/bin/python -c "import sys; print('.'.join(str(v) for v in sys.version_info[:2]))") # Since we fall back on a canned copy of pip, we might not have # the latest pip and friends. Upgrade them to make sure. - ${PREFIX}/bin/pip install -U --require-hashes -r ${MY_DIR}/requirements.txt + ${PREFIX}/bin/pip install -U --require-hashes -r ${MY_DIR}/requirements${PY_VER}.txt # Create a symlink to PREFIX using the ABI_TAG in /opt/python/ ABI_TAG=$(${PREFIX}/bin/python ${MY_DIR}/python-tag-abi-tag.py) ln -s ${PREFIX} /opt/python/${ABI_TAG} @@ -38,7 +39,7 @@ TOOLS_PATH=/opt/_internal/tools source $TOOLS_PATH/bin/activate # Install default packages -pip install -U --require-hashes -r $MY_DIR/requirements.txt +pip install -U --require-hashes -r $MY_DIR/requirements3.7.txt # Install certifi and auditwheel pip install -U --require-hashes -r $MY_DIR/requirements-tools.txt @@ -66,4 +67,3 @@ hardlink -cv /opt/_internal # update system packages LC_ALL=C ${MY_DIR}/update-system-packages.sh - diff --git a/docker/build_scripts/requirements-tools.txt b/docker/build_scripts/requirements-tools.txt index 8e4463782..f4b7da83d 100644 --- a/docker/build_scripts/requirements-tools.txt +++ b/docker/build_scripts/requirements-tools.txt @@ -1,12 +1,18 @@ -# pip requirements for tools -# NOTE: certifi has GPG signatures; could download and verify independently. -certifi==2020.12.5 \ - --hash=sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830 \ - --hash=sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --allow-unsafe --generate-hashes --output-file=docker/build_scripts/requirements-tools.txt requirements-tools.in +# auditwheel==4.0.0 \ - --hash=sha256:96927695ddf27b4edb67291e326908d64ffe272b8a42b9504f283e7ae5ebbc14 \ - --hash=sha256:03a079fe273f42336acdb5953ff5ce7578f93ca6a832b16c835fe337a1e2bd4a -# this package is required for auditwheel + --hash=sha256:03a079fe273f42336acdb5953ff5ce7578f93ca6a832b16c835fe337a1e2bd4a \ + --hash=sha256:96927695ddf27b4edb67291e326908d64ffe272b8a42b9504f283e7ae5ebbc14 + # via -r requirements-tools.in +certifi==2020.12.5 \ + --hash=sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c \ + --hash=sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830 + # via -r requirements-tools.in pyelftools==0.27 \ --hash=sha256:5609aa6da1123fccfae2e8431a67b4146aa7fad5b3889f808df12b110f230937 \ --hash=sha256:cde854e662774c5457d688ca41615f6594187ba7067af101232df889a6b7a66b + # via auditwheel diff --git a/docker/build_scripts/requirements.txt b/docker/build_scripts/requirements3.10.txt similarity index 53% rename from docker/build_scripts/requirements.txt rename to docker/build_scripts/requirements3.10.txt index 18e668c3a..2b56bd9ae 100644 --- a/docker/build_scripts/requirements.txt +++ b/docker/build_scripts/requirements3.10.txt @@ -1,36 +1,42 @@ -# pip requirements for all cpythons -# NOTE: pip has GPG signatures; could download and verify independently. -pip==21.1.1 \ - --hash=sha256:11d095ed5c15265fc5c15cc40a45188675c239fb0f9913b673a33e54ff7d45f0 \ - --hash=sha256:51ad01ddcd8de923533b01a870e7b987c2eb4d83b50b89e1bf102723ff9fed8b -wheel==0.36.2 \ - --hash=sha256:78b5b185f0e5763c26ca1e324373aadd49182ca90e825f7853f4b2509215dc0e \ - --hash=sha256:e11eefd162658ea59a60a0f6c7d493a7190ea4b9a85e335b33489d9f17e0245e -setuptools==56.2.0 \ - --hash=sha256:bc30153eec47d82f20c6f5e1a13d4ee725c6deb7013a67557f89bfe5d25235c4 \ - --hash=sha256:7bb5652625e94e73b9358b7ed8c6431b732e80cf31f4e0972294c64f0e5b849e +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --allow-unsafe --generate-hashes --output-file=docker/build_scripts/requirements3.10.txt requirements.in +# build==0.3.1.post1 \ - --hash=sha256:88bc8ff6cb948247bebd5b3bf6b8b71d10fd93bce848f9d2fd9b28cbdd40ae8b \ - --hash=sha256:85123bf327404e68142b1eb2a8298b052e984ad5b12738549688371e6337c73a + --hash=sha256:85123bf327404e68142b1eb2a8298b052e984ad5b12738549688371e6337c73a \ + --hash=sha256:88bc8ff6cb948247bebd5b3bf6b8b71d10fd93bce848f9d2fd9b28cbdd40ae8b + # via -r requirements.in packaging==20.9 \ --hash=sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5 \ --hash=sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a + # via build pep517==0.10.0 \ - --hash=sha256:eba39d201ef937584ad3343df3581069085bacc95454c80188291d5b3ac7a249 \ - --hash=sha256:ac59f3f6b9726a49e15a649474539442cf76e0697e39df4869d25e68e880931b + --hash=sha256:ac59f3f6b9726a49e15a649474539442cf76e0697e39df4869d25e68e880931b \ + --hash=sha256:eba39d201ef937584ad3343df3581069085bacc95454c80188291d5b3ac7a249 + # via build pyparsing==2.4.7 \ --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b + # via packaging toml==0.10.2 \ --hash=sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b \ --hash=sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f -importlib-metadata==3.7.0 ; python_version<'3.8' \ - --hash=sha256:24499ffde1b80be08284100393955842be4a59c7c16bbf2738aad0e464a8e0aa \ - --hash=sha256:c6af5dbf1126cd959c4a8d8efd61d4d3c83bddb0459a17e554284a077574b614 -zipp==3.4.0 ; python_version<'3.8' \ - --hash=sha256:102c24ef8f171fd729d46599845e95c7ab894a4cf45f5de11a44cc7444fb1108 \ - --hash=sha256:ed5eee1974372595f9e416cc7bbeeb12335201d8081ca8a0743c954d4446e5cb -typing-extensions==3.7.4.3 ; python_version<'3.8' \ - --hash=sha256:7cb407020f00f7bfc3cb3e7881628838e69d8f3fcab2f64742a5e76b2f841918 \ - --hash=sha256:99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c \ - --hash=sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f + # via + # build + # pep517 +wheel==0.36.2 \ + --hash=sha256:78b5b185f0e5763c26ca1e324373aadd49182ca90e825f7853f4b2509215dc0e \ + --hash=sha256:e11eefd162658ea59a60a0f6c7d493a7190ea4b9a85e335b33489d9f17e0245e + # via -r requirements.in + +# The following packages are considered to be unsafe in a requirements file: +pip==21.1.1 \ + --hash=sha256:11d095ed5c15265fc5c15cc40a45188675c239fb0f9913b673a33e54ff7d45f0 \ + --hash=sha256:51ad01ddcd8de923533b01a870e7b987c2eb4d83b50b89e1bf102723ff9fed8b + # via -r requirements.in +setuptools==56.2.0 \ + --hash=sha256:7bb5652625e94e73b9358b7ed8c6431b732e80cf31f4e0972294c64f0e5b849e \ + --hash=sha256:bc30153eec47d82f20c6f5e1a13d4ee725c6deb7013a67557f89bfe5d25235c4 + # via -r requirements.in diff --git a/docker/build_scripts/requirements3.6.txt b/docker/build_scripts/requirements3.6.txt new file mode 100644 index 000000000..6c5884dba --- /dev/null +++ b/docker/build_scripts/requirements3.6.txt @@ -0,0 +1,59 @@ +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --allow-unsafe --generate-hashes --output-file=docker/build_scripts/requirements3.6.txt requirements.in +# +build==0.3.1.post1 \ + --hash=sha256:85123bf327404e68142b1eb2a8298b052e984ad5b12738549688371e6337c73a \ + --hash=sha256:88bc8ff6cb948247bebd5b3bf6b8b71d10fd93bce848f9d2fd9b28cbdd40ae8b + # via -r requirements.in +importlib-metadata==3.9.1 \ + --hash=sha256:1cedf994a9b6885dcbb7ed40b24c332b1de3956319f4b1a0f07c0621d453accc \ + --hash=sha256:c9c1b6c7dbc62084f3e6a614a194eb16ded7947736c18e3300125d5c0a7a8b3c + # via + # build + # pep517 +packaging==20.9 \ + --hash=sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5 \ + --hash=sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a + # via build +pep517==0.10.0 \ + --hash=sha256:ac59f3f6b9726a49e15a649474539442cf76e0697e39df4869d25e68e880931b \ + --hash=sha256:eba39d201ef937584ad3343df3581069085bacc95454c80188291d5b3ac7a249 + # via build +pyparsing==2.4.7 \ + --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ + --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b + # via packaging +toml==0.10.2 \ + --hash=sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b \ + --hash=sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f + # via + # build + # pep517 +typing-extensions==3.7.4.3 \ + --hash=sha256:7cb407020f00f7bfc3cb3e7881628838e69d8f3fcab2f64742a5e76b2f841918 \ + --hash=sha256:99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c \ + --hash=sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f + # via importlib-metadata +wheel==0.36.2 \ + --hash=sha256:78b5b185f0e5763c26ca1e324373aadd49182ca90e825f7853f4b2509215dc0e \ + --hash=sha256:e11eefd162658ea59a60a0f6c7d493a7190ea4b9a85e335b33489d9f17e0245e + # via -r requirements.in +zipp==3.4.1 \ + --hash=sha256:3607921face881ba3e026887d8150cca609d517579abe052ac81fc5aeffdbd76 \ + --hash=sha256:51cb66cc54621609dd593d1787f286ee42a5c0adbb4b29abea5a63edc3e03098 + # via + # importlib-metadata + # pep517 + +# The following packages are considered to be unsafe in a requirements file: +pip==21.0.1 \ + --hash=sha256:37fd50e056e2aed635dec96594606f0286640489b0db0ce7607f7e51890372d5 \ + --hash=sha256:99bbde183ec5ec037318e774b0d8ae0a64352fe53b2c7fd630be1d07e94f41e5 + # via -r requirements.in +setuptools==54.2.0 \ + --hash=sha256:aa9c24fb83a9116b8d425e53bec24c7bfdbffc313c2159f9ed036d4a6dd32d7d \ + --hash=sha256:b726461910b9ba30f077880c228bea22121aec50b172edf39eb7ff026c054a11 + # via -r requirements.in diff --git a/docker/build_scripts/requirements3.7.txt b/docker/build_scripts/requirements3.7.txt new file mode 100644 index 000000000..40b76531b --- /dev/null +++ b/docker/build_scripts/requirements3.7.txt @@ -0,0 +1,59 @@ +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --allow-unsafe --generate-hashes --output-file=docker/build_scripts/requirements3.7.txt requirements.in +# +build==0.3.1.post1 \ + --hash=sha256:85123bf327404e68142b1eb2a8298b052e984ad5b12738549688371e6337c73a \ + --hash=sha256:88bc8ff6cb948247bebd5b3bf6b8b71d10fd93bce848f9d2fd9b28cbdd40ae8b + # via -r requirements.in +importlib-metadata==3.9.1 \ + --hash=sha256:1cedf994a9b6885dcbb7ed40b24c332b1de3956319f4b1a0f07c0621d453accc \ + --hash=sha256:c9c1b6c7dbc62084f3e6a614a194eb16ded7947736c18e3300125d5c0a7a8b3c + # via + # build + # pep517 +packaging==20.9 \ + --hash=sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5 \ + --hash=sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a + # via build +pep517==0.10.0 \ + --hash=sha256:ac59f3f6b9726a49e15a649474539442cf76e0697e39df4869d25e68e880931b \ + --hash=sha256:eba39d201ef937584ad3343df3581069085bacc95454c80188291d5b3ac7a249 + # via build +pyparsing==2.4.7 \ + --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ + --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b + # via packaging +toml==0.10.2 \ + --hash=sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b \ + --hash=sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f + # via + # build + # pep517 +typing-extensions==3.7.4.3 \ + --hash=sha256:7cb407020f00f7bfc3cb3e7881628838e69d8f3fcab2f64742a5e76b2f841918 \ + --hash=sha256:99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c \ + --hash=sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f + # via importlib-metadata +wheel==0.36.2 \ + --hash=sha256:78b5b185f0e5763c26ca1e324373aadd49182ca90e825f7853f4b2509215dc0e \ + --hash=sha256:e11eefd162658ea59a60a0f6c7d493a7190ea4b9a85e335b33489d9f17e0245e + # via -r requirements.in +zipp==3.4.1 \ + --hash=sha256:3607921face881ba3e026887d8150cca609d517579abe052ac81fc5aeffdbd76 \ + --hash=sha256:51cb66cc54621609dd593d1787f286ee42a5c0adbb4b29abea5a63edc3e03098 + # via + # importlib-metadata + # pep517 + +# The following packages are considered to be unsafe in a requirements file: +pip==21.0.1 \ + --hash=sha256:37fd50e056e2aed635dec96594606f0286640489b0db0ce7607f7e51890372d5 \ + --hash=sha256:99bbde183ec5ec037318e774b0d8ae0a64352fe53b2c7fd630be1d07e94f41e5 + # via -r requirements.in +setuptools==54.2.0 \ + --hash=sha256:aa9c24fb83a9116b8d425e53bec24c7bfdbffc313c2159f9ed036d4a6dd32d7d \ + --hash=sha256:b726461910b9ba30f077880c228bea22121aec50b172edf39eb7ff026c054a11 + # via -r requirements.in diff --git a/docker/build_scripts/requirements3.8.txt b/docker/build_scripts/requirements3.8.txt new file mode 100644 index 000000000..72f158591 --- /dev/null +++ b/docker/build_scripts/requirements3.8.txt @@ -0,0 +1,42 @@ +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --allow-unsafe --generate-hashes --output-file=docker/build_scripts/requirements3.8.txt requirements.in +# +build==0.3.1.post1 \ + --hash=sha256:85123bf327404e68142b1eb2a8298b052e984ad5b12738549688371e6337c73a \ + --hash=sha256:88bc8ff6cb948247bebd5b3bf6b8b71d10fd93bce848f9d2fd9b28cbdd40ae8b + # via -r requirements.in +packaging==20.9 \ + --hash=sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5 \ + --hash=sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a + # via build +pep517==0.10.0 \ + --hash=sha256:ac59f3f6b9726a49e15a649474539442cf76e0697e39df4869d25e68e880931b \ + --hash=sha256:eba39d201ef937584ad3343df3581069085bacc95454c80188291d5b3ac7a249 + # via build +pyparsing==2.4.7 \ + --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ + --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b + # via packaging +toml==0.10.2 \ + --hash=sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b \ + --hash=sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f + # via + # build + # pep517 +wheel==0.36.2 \ + --hash=sha256:78b5b185f0e5763c26ca1e324373aadd49182ca90e825f7853f4b2509215dc0e \ + --hash=sha256:e11eefd162658ea59a60a0f6c7d493a7190ea4b9a85e335b33489d9f17e0245e + # via -r requirements.in + +# The following packages are considered to be unsafe in a requirements file: +pip==21.0.1 \ + --hash=sha256:37fd50e056e2aed635dec96594606f0286640489b0db0ce7607f7e51890372d5 \ + --hash=sha256:99bbde183ec5ec037318e774b0d8ae0a64352fe53b2c7fd630be1d07e94f41e5 + # via -r requirements.in +setuptools==54.2.0 \ + --hash=sha256:aa9c24fb83a9116b8d425e53bec24c7bfdbffc313c2159f9ed036d4a6dd32d7d \ + --hash=sha256:b726461910b9ba30f077880c228bea22121aec50b172edf39eb7ff026c054a11 + # via -r requirements.in diff --git a/docker/build_scripts/requirements3.9.txt b/docker/build_scripts/requirements3.9.txt new file mode 100644 index 000000000..e39425a76 --- /dev/null +++ b/docker/build_scripts/requirements3.9.txt @@ -0,0 +1,42 @@ +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --allow-unsafe --generate-hashes --output-file=docker/build_scripts/requirements3.9.txt requirements.in +# +build==0.3.1.post1 \ + --hash=sha256:85123bf327404e68142b1eb2a8298b052e984ad5b12738549688371e6337c73a \ + --hash=sha256:88bc8ff6cb948247bebd5b3bf6b8b71d10fd93bce848f9d2fd9b28cbdd40ae8b + # via -r requirements.in +packaging==20.9 \ + --hash=sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5 \ + --hash=sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a + # via build +pep517==0.10.0 \ + --hash=sha256:ac59f3f6b9726a49e15a649474539442cf76e0697e39df4869d25e68e880931b \ + --hash=sha256:eba39d201ef937584ad3343df3581069085bacc95454c80188291d5b3ac7a249 + # via build +pyparsing==2.4.7 \ + --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ + --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b + # via packaging +toml==0.10.2 \ + --hash=sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b \ + --hash=sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f + # via + # build + # pep517 +wheel==0.36.2 \ + --hash=sha256:78b5b185f0e5763c26ca1e324373aadd49182ca90e825f7853f4b2509215dc0e \ + --hash=sha256:e11eefd162658ea59a60a0f6c7d493a7190ea4b9a85e335b33489d9f17e0245e + # via -r requirements.in + +# The following packages are considered to be unsafe in a requirements file: +pip==21.0.1 \ + --hash=sha256:37fd50e056e2aed635dec96594606f0286640489b0db0ce7607f7e51890372d5 \ + --hash=sha256:99bbde183ec5ec037318e774b0d8ae0a64352fe53b2c7fd630be1d07e94f41e5 + # via -r requirements.in +setuptools==54.2.0 \ + --hash=sha256:aa9c24fb83a9116b8d425e53bec24c7bfdbffc313c2159f9ed036d4a6dd32d7d \ + --hash=sha256:b726461910b9ba30f077880c228bea22121aec50b172edf39eb7ff026c054a11 + # via -r requirements.in diff --git a/noxfile.py b/noxfile.py new file mode 100644 index 000000000..b88054c67 --- /dev/null +++ b/noxfile.py @@ -0,0 +1,31 @@ +import nox + + +@nox.session(python=["3.6", "3.7", "3.8", "3.9", "3.10"]) +def compile(session): + session.install("pip-tools") + + # Needed by Python 3.5 and 3.6 in nox docker image + session.env["LC_ALL"] = "C.UTF-8" + session.env["LANG"] = "C.UTF-8" + + session.run( + "pip-compile", + "--generate-hashes", + "requirements.in", + "--allow-unsafe", + "--output-file", + f"docker/build_scripts/requirements{session.python}.txt", + ) + +@nox.session(python="3.7") +def tools(session): + session.install("pip-tools") + session.run( + "pip-compile", + "--generate-hashes", + "requirements-tools.in", + "--allow-unsafe", + "--output-file", + f"docker/build_scripts/requirements-tools.txt", + ) diff --git a/requirements-tools.in b/requirements-tools.in new file mode 100644 index 000000000..13b097c37 --- /dev/null +++ b/requirements-tools.in @@ -0,0 +1,2 @@ +certifi +auditwheel diff --git a/requirements.in b/requirements.in new file mode 100644 index 000000000..2c40803a5 --- /dev/null +++ b/requirements.in @@ -0,0 +1,4 @@ +pip +setuptools +wheel +build