From e442fc532a19b38a07dd7d57575dbafdb925ff1c Mon Sep 17 00:00:00 2001 From: Devin Matte Date: Mon, 30 May 2022 13:11:56 -0400 Subject: [PATCH] Locking and updating dependencies (#351) * Locking and updating dependencies * Running update before install --- .github/workflows/python-app.yml | 2 +- Dockerfile | 2 +- README.md | 4 + package-lock.json | 6 +- package.json | 2 +- requirements.in | 31 +++++ requirements.txt | 227 +++++++++++++++++++++++++++---- 7 files changed, 239 insertions(+), 35 deletions(-) create mode 100644 requirements.in diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 852cb726..f8ae97f9 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Install ldap dependencies - run: sudo apt-get install libldap2-dev libsasl2-dev + run: sudo apt-get update && sudo apt-get install libldap2-dev libsasl2-dev - uses: actions/checkout@v2 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v2 diff --git a/Dockerfile b/Dockerfile index cae1b260..8097c784 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,4 +25,4 @@ RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - && \ RUN ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime -CMD ["gunicorn", "conditional:app", "--bind=0.0.0.0:8080", "--access-logfile=-", "--timeout=256"] +CMD ["ddtrace-run", "gunicorn", "conditional:app", "--bind=0.0.0.0:8080", "--access-logfile=-", "--timeout=256"] diff --git a/README.md b/README.md index 7d069a94..7377f98a 100644 --- a/README.md +++ b/README.md @@ -57,6 +57,10 @@ npm start This will run the asset pipeline, start the Python server, and start BrowserSync. Your default web browser will open automatically. If it doesn't, navigate to `http://127.0.0.1:3000`. Any changes made to the frontend files in `frontend` or the Jinja templates in `conditional/templates` will cause the browser to reload automatically. +### Dependencies + +To add new dependencies, add them to `requirements.in` and then run `pip-compile requirements.in` to produce a new locked `requirements.txt`. Do not edit `requirements.txt` directly as it will be overwritten by future PRs. + ### Database Migrations If the database schema is changed after initializing the database, you must migrate it to the new schema by running: diff --git a/package-lock.json b/package-lock.json index e9531351..2ccacbbe 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8222,9 +8222,9 @@ } }, "lodash": { - "version": "4.17.19", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz", - "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==" + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, "lodash._arraycopy": { "version": "3.0.0", diff --git a/package.json b/package.json index 219cb26b..4d761e8a 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ "enumify": "^1.0.4", "jquery": "^3.1.0", "load-awesome": "^1.1.0", - "lodash": "4.17.19", + "lodash": "4.17.21", "reveal.js": "^3.3.0", "selectize": "^0.12.2", "selectize-scss": "^0.9.1", diff --git a/requirements.in b/requirements.in new file mode 100644 index 00000000..5a7b246c --- /dev/null +++ b/requirements.in @@ -0,0 +1,31 @@ +alembic~=0.9.8 +astroid~=2.4.0 +blinker~=1.4 +click~=7.1 +csh_ldap>=2.3.1 +ddtrace~=1.1.4 +Flask~=1.1.4 +Flask-Migrate~=2.1.1 +Flask-Gzip~=0.2 +Flask-pyoidc~=1.3.0 +Flask-SQLAlchemy~=2.3.2 +gunicorn~=20.1.0 +isort~=4.3.4 +itsdangerous~=0.24 +Jinja2~=2.10 +lazy-object-proxy~=1.4.0 +Mako~=1.0.7 +MarkupSafe~=1.0 +mccabe~=0.6.1 +oic~=0.11.0 +pip-tools~=6.6.2 +psycopg2-binary~=2.9.3 +pylint~=2.6.0 +python-dateutil~=2.6.1 +python-editor~=1.0.3 +sentry-sdk[flask]~=0.19.5 +six~=1.12.0 +SQLAlchemy~=1.3.22 +structlog~=18.1.0 +Werkzeug~=0.15.3 +wrapt~=1.11.0 diff --git a/requirements.txt b/requirements.txt index 449e67ea..e6cff61e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,29 +1,198 @@ -alembic~=0.9.8 -astroid~=2.4.0 -blinker~=1.4 -click~=7.1 -csh_ldap>=2.3.1 -Flask~=1.1.0 -Flask-Migrate~=2.1.1 -Flask-Gzip~=0.2 -Flask-pyoidc~=1.3.0 -Flask-SQLAlchemy~=2.3.2 -gunicorn~=19.7.1 -isort~=4.3.4 -itsdangerous~=0.24 -Jinja2~=2.10 -lazy-object-proxy~=1.4.0 -Mako~=1.0.7 -MarkupSafe~=1.0 -mccabe~=0.6.1 -oic~=0.11.0 -psycopg2~=2.8.5 -pylint~=2.6.0 -python-dateutil~=2.6.1 -python-editor~=1.0.3 -sentry-sdk[flask]~=0.19.5 -six~=1.12.0 -SQLAlchemy~=1.3.22 -structlog~=18.1.0 -Werkzeug~=0.15.3 -wrapt~=1.11.0 +# +# This file is autogenerated by pip-compile with python 3.8 +# To update, run: +# +# pip-compile requirements.in +# +alabaster==0.7.12 + # via oic +alembic==0.9.10 + # via + # -r requirements.in + # flask-migrate +astroid==2.4.2 + # via + # -r requirements.in + # pylint +attrs==21.4.0 + # via ddtrace +beaker==1.11.0 + # via oic +blinker==1.4 + # via + # -r requirements.in + # sentry-sdk +certifi==2022.5.18.1 + # via + # requests + # sentry-sdk +cffi==1.15.0 + # via cryptography +charset-normalizer==2.0.12 + # via requests +click==7.1.2 + # via + # -r requirements.in + # flask + # pip-tools +cryptography==37.0.2 + # via pyopenssl +csh-ldap==2.3.1 + # via -r requirements.in +ddsketch==2.0.3 + # via ddtrace +ddtrace==1.1.4 + # via -r requirements.in +dnspython==2.2.1 + # via srvlookup +flask==1.1.4 + # via + # -r requirements.in + # flask-gzip + # flask-migrate + # flask-pyoidc + # flask-sqlalchemy + # sentry-sdk +flask-gzip==0.2 + # via -r requirements.in +flask-migrate==2.1.1 + # via -r requirements.in +flask-pyoidc==1.3.0 + # via -r requirements.in +flask-sqlalchemy==2.3.2 + # via + # -r requirements.in + # flask-migrate +future==0.18.2 + # via + # oic + # pyjwkest +gunicorn==20.1.0 + # via -r requirements.in +idna==3.3 + # via requests +isort==4.3.21 + # via + # -r requirements.in + # pylint +itsdangerous==0.24 + # via + # -r requirements.in + # flask +jinja2==2.11.3 + # via + # -r requirements.in + # flask +lazy-object-proxy==1.4.3 + # via + # -r requirements.in + # astroid +mako==1.0.14 + # via + # -r requirements.in + # alembic + # oic +markupsafe==1.1.1 + # via + # -r requirements.in + # jinja2 + # mako +mccabe==0.6.1 + # via + # -r requirements.in + # pylint +oic==0.11.0.1 + # via + # -r requirements.in + # flask-pyoidc +packaging==21.3 + # via ddtrace +pep517==0.12.0 + # via pip-tools +pip-tools==6.6.2 + # via -r requirements.in +protobuf==3.20.1 + # via + # ddsketch + # ddtrace +psycopg2-binary==2.9.3 + # via -r requirements.in +pyasn1==0.4.8 + # via + # pyasn1-modules + # python-ldap +pyasn1-modules==0.2.8 + # via python-ldap +pycparser==2.21 + # via cffi +pycryptodomex==3.14.1 + # via + # oic + # pyjwkest +pyjwkest==1.4.2 + # via oic +pylint==2.6.2 + # via -r requirements.in +pyopenssl==22.0.0 + # via oic +pyparsing==3.0.9 + # via packaging +python-dateutil==2.6.1 + # via + # -r requirements.in + # alembic +python-editor==1.0.4 + # via + # -r requirements.in + # alembic +python-ldap==3.0.0 + # via csh-ldap +requests==2.27.1 + # via + # oic + # pyjwkest +sentry-sdk[flask]==0.19.5 + # via -r requirements.in +six==1.12.0 + # via + # -r requirements.in + # astroid + # ddsketch + # ddtrace + # oic + # pyjwkest + # python-dateutil + # structlog +sqlalchemy==1.3.24 + # via + # -r requirements.in + # alembic + # flask-sqlalchemy +srvlookup==2.0.0 + # via csh-ldap +structlog==18.1.0 + # via -r requirements.in +tenacity==8.0.1 + # via ddtrace +toml==0.10.2 + # via pylint +tomli==2.0.1 + # via pep517 +urllib3==1.26.9 + # via + # requests + # sentry-sdk +werkzeug==0.15.6 + # via + # -r requirements.in + # flask +wheel==0.37.1 + # via pip-tools +wrapt==1.11.2 + # via + # -r requirements.in + # astroid + +# The following packages are considered to be unsafe in a requirements file: +# pip +# setuptools