Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

整理: requirements-license.txt を廃止 #1281

Merged
merged 17 commits into from
Jun 9, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/test-security.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
run: pip install -r requirements-dev.txt

- name: <Test> Check Python dependency security
run: safety check -r requirements.txt -r requirements-dev.txt -r requirements-build.txt -r requirements-license.txt -o bare
run: safety check -r requirements.txt -r requirements-dev.txt -r requirements-build.txt -o bare

- name: <Deploy> Notify Discord of security testing result
uses: sarisia/actions-status-discord@v1
Expand Down
4 changes: 1 addition & 3 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,10 @@ jobs:
poetry export --without-hashes -o requirements.txt.check
poetry export --without-hashes --with dev -o requirements-dev.txt.check
poetry export --without-hashes --with build -o requirements-build.txt.check
poetry export --without-hashes --with license -o requirements-license.txt.check

diff -q requirements.txt requirements.txt.check || \
diff -q requirements-dev.txt requirements-dev.txt.check || \
diff -q requirements-build.txt requirements-build.txt.check || \
diff -q requirements-license.txt requirements-license.txt.check > /dev/null
diff -q requirements-build.txt requirements-build.txt.check > /dev/null
if [ $? = 1 ]; then
echo "poetry export has some diff"
exit 1
Expand Down
6 changes: 0 additions & 6 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,3 @@ repos:
language: python
stages: [push]
pass_filenames: false
- id: poetry-export-license
name: poetry-export-license
entry: poetry export --without-hashes --with license -o requirements-license.txt
language: python
stages: [push]
pass_filenames: false
3 changes: 1 addition & 2 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,6 @@ poetry update # 全部更新
poetry export --without-hashes -o requirements.txt # こちらを更新する場合は下3つも更新する必要があります。
poetry export --without-hashes --with dev -o requirements-dev.txt
poetry export --without-hashes --with build -o requirements-build.txt
poetry export --without-hashes --with license -o requirements-license.txt
```

## 静的解析
Expand Down Expand Up @@ -297,7 +296,7 @@ python -m pytest --snapshot-update
シェルで以下のコマンドを実行することで脆弱性が診断されます。

```bash
safety check -r requirements.txt -r requirements-dev.txt -r requirements-build.txt -r requirements-license.txt
safety check -r requirements.txt -r requirements-dev.txt -r requirements-build.txt
```

## ビルド
Expand Down
7 changes: 5 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -240,7 +240,8 @@ RUN sed -i "s/__version__ = \"latest\"/__version__ = \"${VOICEVOX_ENGINE_VERSION
RUN sed -i "s/\"version\": \"999\\.999\\.999\"/\"version\": \"${VOICEVOX_ENGINE_VERSION}\"/" /opt/voicevox_engine/engine_manifest.json

# Generate licenses.json
ADD ./requirements-license.txt /tmp/
ADD ./requirements.txt /tmp/
ADD ./requirements-dev.txt /tmp/
RUN <<EOF
set -eux

Expand All @@ -250,7 +251,9 @@ RUN <<EOF
# /home/user/.local/bin is required to use the commands installed by pip
export PATH="/home/user/.local/bin:${PATH:-}"

gosu user /opt/python/bin/pip3 install -r /tmp/requirements-license.txt
gosu user /opt/python/bin/pip3 install -r /tmp/requirements.txt
# requirements-dev.txt でバージョン指定されている pip-licenses をインストールする
gosu user /opt/python/bin/pip3 install "$(grep pip-licenses /tmp/requirements-dev.txt | cut -f 1 -d ';')"
gosu user /opt/python/bin/python3 build_util/generate_licenses.py > /opt/voicevox_engine/resources/engine_manifest_assets/dependency_licenses.json
cp /opt/voicevox_engine/resources/engine_manifest_assets/dependency_licenses.json /opt/voicevox_engine/licenses.json
EOF
Expand Down
1 change: 0 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -653,7 +653,6 @@ poetry update # 全部更新
poetry export --without-hashes -o requirements.txt # こちらを更新する場合は下3つも更新する必要があります。
poetry export --without-hashes --with dev -o requirements-dev.txt
poetry export --without-hashes --with build -o requirements-build.txt
poetry export --without-hashes --with license -o requirements-license.txt
```

#### ライセンス
Expand Down
4 changes: 3 additions & 1 deletion build_util/create_venv_and_generate_licenses.bash
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,9 @@ else
source $VENV_PATH/bin/activate
fi

pip install -r requirements-license.txt
pip install -r requirements.txt
# requirements-dev.txt でバージョン指定されている pip-licenses をインストールする
pip install "$(grep pip-licenses requirements-dev.txt | cut -f 1 -d ';')"
python build_util/generate_licenses.py > "${OUTPUT_LICENSE_JSON_PATH}"

deactivate
Expand Down
2 changes: 1 addition & 1 deletion poetry.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 1 addition & 3 deletions pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -71,14 +71,12 @@ httpx = "^0.27.0" # NOTE: required by fastapi.testclient.TestClient
syrupy = "^4.6.1"
types-pyyaml = "^6.0.12"
safety = "^3.1.0"
pip-licenses = "4.4.0" # NOTE: must be specified exactly (c.f. #1281)
tarepan marked this conversation as resolved.
Show resolved Hide resolved
pre-commit = "^2.16.0"

[tool.poetry.group.build.dependencies]
pyinstaller = "^5.13"

[tool.poetry.group.license.dependencies]
pip-licenses = "^4.4.0"

[build-system]
requires = ["poetry-core"]
build-backend = "poetry.core.masonry.api"
3 changes: 3 additions & 0 deletions requirements-dev.txt
Original file line number Diff line number Diff line change
Expand Up @@ -56,13 +56,15 @@ numpy==1.26.4 ; python_version >= "3.11" and python_version < "3.12"
packaging==24.0 ; python_version >= "3.11" and python_version < "3.12"
pathspec==0.12.1 ; python_version >= "3.11" and python_version < "3.12"
pexpect==4.9.0 ; python_version >= "3.11" and python_version < "3.12"
pip-licenses==4.4.0 ; python_version >= "3.11" and python_version < "3.12"
pkginfo==1.10.0 ; python_version >= "3.11" and python_version < "3.12"
platformdirs==4.2.2 ; python_version >= "3.11" and python_version < "3.12"
pluggy==1.5.0 ; python_version >= "3.11" and python_version < "3.12"
poetry-core==1.9.0 ; python_version >= "3.11" and python_version < "3.12"
poetry-plugin-export==1.8.0 ; python_version >= "3.11" and python_version < "3.12"
poetry==1.8.2 ; python_version >= "3.11" and python_version < "3.12"
pre-commit==2.21.0 ; python_version >= "3.11" and python_version < "3.12"
prettytable==3.10.0 ; python_version >= "3.11" and python_version < "3.12"
ptyprocess==0.7.0 ; python_version >= "3.11" and python_version < "3.12"
pycodestyle==2.11.1 ; python_version >= "3.11" and python_version < "3.12"
pycparser==2.22 ; python_version >= "3.11" and python_version < "3.12"
Expand Down Expand Up @@ -106,5 +108,6 @@ unidiff==0.7.5 ; python_version >= "3.11" and python_version < "3.12"
urllib3==2.2.1 ; python_version >= "3.11" and python_version < "3.12"
uvicorn==0.29.0 ; python_version >= "3.11" and python_version < "3.12"
virtualenv==20.26.2 ; python_version >= "3.11" and python_version < "3.12"
wcwidth==0.2.13 ; python_version >= "3.11" and python_version < "3.12"
xattr==1.1.0 ; python_version >= "3.11" and python_version < "3.12" and sys_platform == "darwin"
zipp==3.18.1 ; python_version >= "3.11" and python_version < "3.12"
30 changes: 0 additions & 30 deletions requirements-license.txt

This file was deleted.