From b0a7a1ab1e5c3404e3788ea09dfcf3c8ae39a77c Mon Sep 17 00:00:00 2001 From: Kunal Mehta Date: Tue, 17 Dec 2024 16:09:10 -0800 Subject: [PATCH] WIP: Pull in pygobject as a Debian package dependency Create the venv with --system-site-packages so system python3-* packages can be used. --- debian/control | 2 +- debian/setup-venv.sh | 2 +- export/build-requirements.txt | 2 - export/poetry.lock | 75 ++++------------------------------- export/pyproject.toml | 6 ++- 5 files changed, 14 insertions(+), 73 deletions(-) diff --git a/debian/control b/debian/control index 0665922b2..b05e9f027 100644 --- a/debian/control +++ b/debian/control @@ -14,7 +14,7 @@ Description: securedrop client for qubes workstation Package: securedrop-export Architecture: amd64 -Depends: ${misc:Depends}, python3, udisks2, cups, cups-ipp-utils, printer-driver-brlaser, printer-driver-hpcups, +Depends: ${misc:Depends}, python3, python3-gi-cairo, udisks2, cups, cups-ipp-utils, printer-driver-brlaser, printer-driver-hpcups, avahi-daemon, system-config-printer, libcups2, gnome-disk-utility, libreoffice, desktop-file-utils, shared-mime-info, libfile-mimeinfo-perl, gir1.2-gtk-4.0 Description: Submission export scripts for SecureDrop Workstation diff --git a/debian/setup-venv.sh b/debian/setup-venv.sh index 3e8a01b47..b3cddb357 100644 --- a/debian/setup-venv.sh +++ b/debian/setup-venv.sh @@ -3,7 +3,7 @@ set -euxo pipefail NAME=$1 -if [[ $NAME == "client" ]]; then +if [[ $NAME == "client" || $NAME == "export" ]]; then VENV_ARGS="--system-site-packages" else VENV_ARGS="" diff --git a/export/build-requirements.txt b/export/build-requirements.txt index 6dd8c5d0e..393535f6a 100644 --- a/export/build-requirements.txt +++ b/export/build-requirements.txt @@ -1,4 +1,2 @@ pexpect==4.9.0 --hash=sha256:5760fc48f9eb64fabd910e0b8f16b4c831e3ede32a3059ef7252e89a38950646 ptyprocess==0.7.0 --hash=sha256:320c49e0aea7441a2e2a47bfc655442f1c4e9d27dc8cf2b905832934af942761 -pycairo==1.27.0 --hash=sha256:43b8f610ef329dfbc0a9431cc174044c52b78c6e02a5d2842c67edba1c10a51c -pygobject==3.50.0 --hash=sha256:cb02f8b467eab914788fee782a66e79e7d3599821e3279298bb2a27089288138 diff --git a/export/poetry.lock b/export/poetry.lock index 415e06468..f70da7e13 100644 --- a/export/poetry.lock +++ b/export/poetry.lock @@ -1,10 +1,9 @@ -# This file is automatically @generated by Poetry and should not be changed by hand. +# This file is automatically @generated by Poetry 1.8.2 and should not be changed by hand. [[package]] name = "attrs" version = "23.1.0" description = "Classes Without Boilerplate" -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -23,7 +22,6 @@ tests-no-zope = ["cloudpickle", "hypothesis", "mypy (>=1.1.1)", "pympler", "pyte name = "boltons" version = "21.0.0" description = "When they're not builtins, they're boltons." -category = "dev" optional = false python-versions = "*" files = [ @@ -35,7 +33,6 @@ files = [ name = "bracex" version = "2.4" description = "Bash style brace expander." -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -47,7 +44,6 @@ files = [ name = "certifi" version = "2024.7.4" description = "Python package for providing Mozilla's CA Bundle." -category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -59,7 +55,6 @@ files = [ name = "charset-normalizer" version = "3.3.2" description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." -category = "dev" optional = false python-versions = ">=3.7.0" files = [ @@ -159,7 +154,6 @@ files = [ name = "click" version = "8.1.7" description = "Composable command line interface toolkit" -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -174,7 +168,6 @@ colorama = {version = "*", markers = "platform_system == \"Windows\""} name = "click-option-group" version = "0.5.6" description = "Option groups missing in Click" -category = "dev" optional = false python-versions = ">=3.6,<4" files = [ @@ -194,7 +187,6 @@ tests-cov = ["coverage", "coveralls", "pytest", "pytest-cov"] name = "colorama" version = "0.4.6" description = "Cross-platform colored terminal text." -category = "dev" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" files = [ @@ -206,7 +198,6 @@ files = [ name = "coverage" version = "7.6.4" description = "Code coverage measurement for Python" -category = "dev" optional = false python-versions = ">=3.9" files = [ @@ -281,7 +272,6 @@ toml = ["tomli"] name = "defusedxml" version = "0.7.1" description = "XML bomb protection for Python stdlib modules" -category = "dev" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" files = [ @@ -293,7 +283,6 @@ files = [ name = "deprecated" version = "1.2.14" description = "Python @deprecated decorator to deprecate old python classes, functions or methods." -category = "dev" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" files = [ @@ -311,7 +300,6 @@ dev = ["PyTest", "PyTest-Cov", "bump2version (<1)", "sphinx (<2)", "tox"] name = "exceptiongroup" version = "1.2.1" description = "Backport of PEP 654 (exception groups)" -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -326,7 +314,6 @@ test = ["pytest (>=6)"] name = "face" version = "22.0.0" description = "A command-line application framework (and CLI parser). Friendly for users, full-featured for developers." -category = "dev" optional = false python-versions = "*" files = [ @@ -341,7 +328,6 @@ boltons = ">=20.0.0" name = "glom" version = "22.1.0" description = "A declarative object transformer and formatter, for conglomerating nested data." -category = "dev" optional = false python-versions = "*" files = [ @@ -361,7 +347,6 @@ yaml = ["PyYAML"] name = "googleapis-common-protos" version = "1.65.0" description = "Common protobufs used in Google APIs" -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -379,7 +364,6 @@ grpc = ["grpcio (>=1.44.0,<2.0.0.dev0)"] name = "idna" version = "3.4" description = "Internationalized Domain Names in Applications (IDNA)" -category = "dev" optional = false python-versions = ">=3.5" files = [ @@ -391,7 +375,6 @@ files = [ name = "importlib-metadata" version = "7.1.0" description = "Read metadata from Python packages" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -411,7 +394,6 @@ testing = ["flufl.flake8", "importlib-resources (>=1.3)", "jaraco.test (>=5.4)", name = "iniconfig" version = "2.0.0" description = "brain-dead simple config-ini parsing" -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -423,7 +405,6 @@ files = [ name = "jsonschema" version = "4.19.2" description = "An implementation of JSON Schema validation for Python" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -445,7 +426,6 @@ format-nongpl = ["fqdn", "idna", "isoduration", "jsonpointer (>1.13)", "rfc3339- name = "jsonschema-specifications" version = "2023.7.1" description = "The JSON Schema meta-schemas and vocabularies, exposed as a Registry" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -460,7 +440,6 @@ referencing = ">=0.28.0" name = "markdown-it-py" version = "3.0.0" description = "Python port of markdown-it. Markdown parsing, done right!" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -485,7 +464,6 @@ testing = ["coverage", "pytest", "pytest-cov", "pytest-regressions"] name = "mdurl" version = "0.1.2" description = "Markdown URL utilities" -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -497,7 +475,6 @@ files = [ name = "mypy" version = "1.13.0" description = "Optional static typing for Python" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -550,7 +527,6 @@ reports = ["lxml"] name = "mypy-extensions" version = "1.0.0" description = "Type system extensions for programs checked with the mypy type checker." -category = "dev" optional = false python-versions = ">=3.5" files = [ @@ -562,7 +538,6 @@ files = [ name = "opentelemetry-api" version = "1.25.0" description = "OpenTelemetry Python API" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -578,7 +553,6 @@ importlib-metadata = ">=6.0,<=7.1" name = "opentelemetry-exporter-otlp-proto-common" version = "1.25.0" description = "OpenTelemetry Protobuf encoding" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -593,7 +567,6 @@ opentelemetry-proto = "1.25.0" name = "opentelemetry-exporter-otlp-proto-http" version = "1.25.0" description = "OpenTelemetry Collector Protobuf over HTTP Exporter" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -614,7 +587,6 @@ requests = ">=2.7,<3.0" name = "opentelemetry-instrumentation" version = "0.46b0" description = "Instrumentation Tools & Auto Instrumentation for OpenTelemetry Python" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -631,7 +603,6 @@ wrapt = ">=1.0.0,<2.0.0" name = "opentelemetry-instrumentation-requests" version = "0.46b0" description = "OpenTelemetry requests instrumentation" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -652,7 +623,6 @@ instruments = ["requests (>=2.0,<3.0)"] name = "opentelemetry-proto" version = "1.25.0" description = "OpenTelemetry Python Proto" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -667,7 +637,6 @@ protobuf = ">=3.19,<5.0" name = "opentelemetry-sdk" version = "1.25.0" description = "OpenTelemetry Python SDK" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -684,7 +653,6 @@ typing-extensions = ">=3.7.4" name = "opentelemetry-semantic-conventions" version = "0.46b0" description = "OpenTelemetry Semantic Conventions" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -699,7 +667,6 @@ opentelemetry-api = "1.25.0" name = "opentelemetry-util-http" version = "0.46b0" description = "Web util for OpenTelemetry" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -711,7 +678,6 @@ files = [ name = "packaging" version = "23.2" description = "Core utilities for Python packages" -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -723,7 +689,6 @@ files = [ name = "peewee" version = "3.17.0" description = "a little orm" -category = "dev" optional = false python-versions = "*" files = [ @@ -734,7 +699,6 @@ files = [ name = "pexpect" version = "4.9.0" description = "Pexpect allows easy control of interactive console applications." -category = "main" optional = false python-versions = "*" files = [ @@ -749,7 +713,6 @@ ptyprocess = ">=0.5" name = "pluggy" version = "1.5.0" description = "plugin and hook calling mechanisms for python" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -765,7 +728,6 @@ testing = ["pytest", "pytest-benchmark"] name = "protobuf" version = "4.25.5" description = "" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -786,7 +748,6 @@ files = [ name = "ptyprocess" version = "0.7.0" description = "Run a subprocess in a pseudo terminal" -category = "main" optional = false python-versions = "*" files = [ @@ -798,7 +759,6 @@ files = [ name = "pycairo" version = "1.27.0" description = "Python interface for cairo" -category = "main" optional = false python-versions = ">=3.9" files = [ @@ -819,7 +779,6 @@ files = [ name = "pygments" version = "2.16.1" description = "Pygments is a syntax highlighting package written in Python." -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -832,23 +791,21 @@ plugins = ["importlib-metadata"] [[package]] name = "pygobject" -version = "3.50.0" +version = "3.42.2" description = "Python bindings for GObject Introspection" -category = "main" optional = false -python-versions = "<4.0,>=3.9" +python-versions = ">=3.6, <4" files = [ - {file = "pygobject-3.50.0.tar.gz", hash = "sha256:4500ad3dbf331773d8dedf7212544c999a76fc96b63a91b3dcac1e5925a1d103"}, + {file = "PyGObject-3.42.2.tar.gz", hash = "sha256:21524cef33100c8fd59dc135948b703d79d303e368ce71fa60521cc971cd8aa7"}, ] [package.dependencies] -pycairo = ">=1.16" +pycairo = ">=1.16,<2.0" [[package]] name = "pytest" version = "8.3.3" description = "pytest: simple powerful testing with Python" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -869,7 +826,6 @@ dev = ["argcomplete", "attrs (>=19.2)", "hypothesis (>=3.56)", "mock", "pygments name = "pytest-cov" version = "6.0.0" description = "Pytest plugin for measuring coverage." -category = "dev" optional = false python-versions = ">=3.9" files = [ @@ -888,7 +844,6 @@ testing = ["fields", "hunter", "process-tests", "pytest-xdist", "virtualenv"] name = "pytest-mock" version = "3.14.0" description = "Thin-wrapper around the mock package for easier use with pytest" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -906,7 +861,6 @@ dev = ["pre-commit", "pytest-asyncio", "tox"] name = "referencing" version = "0.30.2" description = "JSON Referencing + Python" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -922,7 +876,6 @@ rpds-py = ">=0.7.0" name = "requests" version = "2.31.0" description = "Python HTTP for Humans." -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -944,7 +897,6 @@ use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] name = "rich" version = "13.5.3" description = "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal" -category = "dev" optional = false python-versions = ">=3.7.0" files = [ @@ -963,7 +915,6 @@ jupyter = ["ipywidgets (>=7.5.1,<9)"] name = "rpds-py" version = "0.12.0" description = "Python bindings to Rust's persistent data structures (rpds)" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1072,7 +1023,6 @@ files = [ name = "ruamel-yaml" version = "0.17.40" description = "ruamel.yaml is a YAML parser/emitter that supports roundtrip preservation of comments, seq/map flow style, and map key order" -category = "dev" optional = false python-versions = ">=3" files = [ @@ -1091,7 +1041,6 @@ jinja2 = ["ruamel.yaml.jinja2 (>=0.2)"] name = "ruamel-yaml-clib" version = "0.2.8" description = "C version of reader, parser and emitter for ruamel.yaml derived from libyaml" -category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -1151,7 +1100,6 @@ files = [ name = "semgrep" version = "1.95.0" description = "Lightweight static analysis for many languages. Find bug variants with patterns that look like source code." -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1190,7 +1138,6 @@ wcmatch = ">=8.3,<9.0" name = "setuptools" version = "75.3.0" description = "Easily download, build, install, upgrade, and uninstall Python packages" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1205,13 +1152,12 @@ cover = ["pytest-cov"] doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "pygments-github-lexers (==0.0.5)", "pyproject-hooks (!=1.1)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-favicon", "sphinx-inline-tabs", "sphinx-lint", "sphinx-notfound-page (>=1,<2)", "sphinx-reredirects", "sphinxcontrib-towncrier", "towncrier (<24.7)"] enabler = ["pytest-enabler (>=2.2)"] test = ["build[virtualenv] (>=1.0.3)", "filelock (>=3.4.0)", "ini2toml[lite] (>=0.14)", "jaraco.develop (>=7.21)", "jaraco.envs (>=2.2)", "jaraco.path (>=3.2.0)", "jaraco.test (>=5.5)", "packaging (>=23.2)", "pip (>=19.1)", "pyproject-hooks (!=1.1)", "pytest (>=6,!=8.1.*)", "pytest-home (>=0.5)", "pytest-perf", "pytest-subprocess", "pytest-timeout", "pytest-xdist (>=3)", "tomli-w (>=1.0.0)", "virtualenv (>=13.0.0)", "wheel (>=0.44.0)"] -type = ["importlib-metadata (>=7.0.2)", "jaraco.develop (>=7.21)", "mypy (>=1.12.0,<1.13.0)", "pytest-mypy"] +type = ["importlib-metadata (>=7.0.2)", "jaraco.develop (>=7.21)", "mypy (==1.12.*)", "pytest-mypy"] [[package]] name = "tomli" version = "2.0.1" description = "A lil' TOML parser" -category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -1223,7 +1169,6 @@ files = [ name = "types-pexpect" version = "4.9.0.20240806" description = "Typing stubs for pexpect" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1235,7 +1180,6 @@ files = [ name = "types-setuptools" version = "75.2.0.20241025" description = "Typing stubs for setuptools" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1247,7 +1191,6 @@ files = [ name = "typing-extensions" version = "4.8.0" description = "Backported and Experimental Type Hints for Python 3.8+" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1259,7 +1202,6 @@ files = [ name = "urllib3" version = "2.2.1" description = "HTTP library with thread-safe connection pooling, file post, and more." -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1277,7 +1219,6 @@ zstd = ["zstandard (>=0.18.0)"] name = "wcmatch" version = "8.5" description = "Wildcard/glob file name matcher." -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1292,7 +1233,6 @@ bracex = ">=2.1.1" name = "wrapt" version = "1.16.0" description = "Module for decorators, wrappers and monkey patching." -category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -1372,7 +1312,6 @@ files = [ name = "zipp" version = "3.20.2" description = "Backport of pathlib-compatible object wrapper for zip files" -category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1391,4 +1330,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.0" python-versions = "^3.11" -content-hash = "02fee64e15a2c1af8b7f2e8ba930176bd234072d4833116d321348e1c043c295" +content-hash = "b7542274cc63f6518e0ea5da73b3b452b2c8c3b0cbf1607558fc80ceb8c23ba5" diff --git a/export/pyproject.toml b/export/pyproject.toml index 9671f22f2..ae3bb2dda 100644 --- a/export/pyproject.toml +++ b/export/pyproject.toml @@ -9,9 +9,13 @@ readme = "README.md" [tool.poetry.dependencies] python = "^3.11" pexpect = "^4.9.0" -pygobject = "^3.50.0" [tool.poetry.group.dev.dependencies] +# In production this is installed using a system package +# so match that version exactly +pygobject = [ + {version = "=3.42.2", python = ">=3.11"}, # bookworm +] mypy = "^1.13.0" types-setuptools = "^75.2.0" pytest = "^8.3.3"