Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use --require-hashes when installing requirements.txt #1792

Merged
merged 1 commit into from
Feb 6, 2024

Conversation

legoktm
Copy link
Member

@legoktm legoktm commented Feb 6, 2024

Status

Ready for review

Description

This is mostly a safety measure, as pip will automatically enable require hashes mode when it sees hashes in the requirements.txt file.

Previously we couldn't do this because dh-virtualenv wasn't flexible enough, but we've now dropped that and can do it directly!

Fixes #1791.

Test Plan

  • CI passes
  • Run ./scripts/build-debs.sh, see --require-hashes in the output and no errors

This is mostly a safety measure, as pip will automatically enable
require hashes mode when it sees hashes in the requirements.txt file.

Previously we couldn't do this because dh-virtualenv wasn't flexible
enough, but we've now dropped that and can do it directly!

Fixes #1791.
@legoktm legoktm requested a review from a team as a code owner February 6, 2024 21:09
@rocodes rocodes self-assigned this Feb 6, 2024
Copy link
Contributor

@rocodes rocodes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test plan

  • CI passes - no, but the relevant tests pass. (proxy failing, known/unrelated)
  • Run ./scripts/build-debs.sh, see --require-hashes in the output and no errors

@rocodes rocodes merged commit 7bdf76e into main Feb 6, 2024
45 of 49 checks passed
@rocodes rocodes deleted the build-require-hashes branch February 6, 2024 22:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

Explicitly require hashes in pip during package build
2 participants