Install securedrop-app-code dependencies in development environment via make venv
#6358
Assignees
Comments
|
This is a real rabbit hole... This is because if you create a venv, it has latest setuptools, which is incompatible with our old jsmin, and setuptools only gets downgraded later on. Stupid fix: install develop-reqs first, which downgrades setuptools, then install sd-app-code which has jsmin. Better fix: have boot-strap-venv.sh downgrade setuptools to 56 before we install anything else, at the cost of duplicating |
|
Other option: just include Trying that now... |
legoktm
added a commit
that referenced
this issue
Mar 23, 2022
We want the development virtualenv to include the production dependencies as well as the development ones for the benefit of tools like mypy as well as editors like PyCharm. Care was taken to ensure all the versions match those used in production. The main change to develop-requirements.txt is that click has been upgraded to v8, because Flask v2 requires it. We also have `make venv` downgrade setuptools before we install anything, this is mostly for the benefit of `jsmin` which uses now-removed setuptools functionality and requires an older version just to be installable. Fixes #6358.
8 tasks
2 tasks
|
Today we discussed that rather than targetting develop-requirements, we'll put mypy in test-requirements.txt and run it via the dev container. |
legoktm
added a commit
that referenced
this issue
Mar 31, 2022
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no
longer bundled with mypy, so we need to explicitly install various
types-{name} packages.
* Since we need to install extra packages and need other dependencies
like Flask, move mypy into test-requirements.txt and run it via the
dev container.
* The main issue spotted by the SQLAlchemy plugin, that
sources.filesystem_id is nullable, is being fixed in a separate PR:
#6350.
* Drop the explicit type comments now that mypy can infer them.
* Use `--explicit-package-bases` when running mypy, so it treats the
securedrop/admin directories as modules regardless of whether
`__init__.py` files exist. This is needed so the two tests/
directories don't conflict with each other.
* Add missing return types to all schema changes and the templates that
generate them.
* In the `create_source_uuid_column` migration, drop the use of
`quoted_name()`. For some reason mypy doesn't like it, but more
importantly we don't need it in SQLite and we don't use it in any
other schema change.
* Make SecureTemporaryFile.write()'s return type match its parent by
returning the number of bytes that were written.
Fixes #6346.
Fixes #6358.
legoktm
added a commit
that referenced
this issue
Mar 31, 2022
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no
longer bundled with mypy, so we need to explicitly install various
types-{name} packages.
* Since we need to install extra packages and need other dependencies
like Flask, move mypy into test-requirements.txt and run it via the
dev container.
* The main issue spotted by the SQLAlchemy plugin, that
sources.filesystem_id is nullable, is being fixed in a separate PR:
#6350.
* Drop the explicit type comments now that mypy can infer them.
* Use `--explicit-package-bases` when running mypy, so it treats the
securedrop/admin directories as modules regardless of whether
`__init__.py` files exist. This is needed so the two tests/
directories don't conflict with each other.
* Add missing return types to all schema changes and the templates that
generate them.
* In the `create_source_uuid_column` migration, drop the use of
`quoted_name()`. For some reason mypy doesn't like it, but more
importantly we don't need it in SQLite and we don't use it in any
other schema change.
* Make SecureTemporaryFile.write()'s return type match its parent by
returning the number of bytes that were written.
Fixes #6346.
Fixes #6358.
legoktm
added a commit
that referenced
this issue
Apr 7, 2022
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no
longer bundled with mypy, so we need to explicitly install various
types-{name} packages.
* Since we need to install extra packages and need other dependencies
like Flask, move mypy into test-requirements.txt and run it via the
dev container.
* The main issue spotted by the SQLAlchemy plugin, that
sources.filesystem_id is nullable, is being fixed in a separate PR:
#6350.
* Drop the explicit type comments now that mypy can infer them.
* Use `--explicit-package-bases` when running mypy, so it treats the
securedrop/admin directories as modules regardless of whether
`__init__.py` files exist. This is needed so the two tests/
directories don't conflict with each other.
* Add missing return types to all schema changes and the templates that
generate them.
* In the `create_source_uuid_column` migration, drop the use of
`quoted_name()`. For some reason mypy doesn't like it, but more
importantly we don't need it in SQLite and we don't use it in any
other schema change.
* Make SecureTemporaryFile.write()'s return type match its parent by
returning the number of bytes that were written.
Fixes #6346.
Fixes #6358.
legoktm
added a commit
that referenced
this issue
Apr 12, 2022
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no
longer bundled with mypy, so we need to explicitly install various
types-{name} packages.
* Since we need to install extra packages and need other dependencies
like Flask, move mypy into test-requirements.txt and run it via the
dev container.
* The main issue spotted by the SQLAlchemy plugin, that
sources.filesystem_id is nullable, is being fixed in a separate PR:
#6350.
* Drop the explicit type comments now that mypy can infer them.
* Use `--explicit-package-bases` when running mypy, so it treats the
securedrop/admin directories as modules regardless of whether
`__init__.py` files exist. This is needed so the two tests/
directories don't conflict with each other.
* Add missing return types to all schema changes and the templates that
generate them.
* In the `create_source_uuid_column` migration, drop the use of
`quoted_name()`. For some reason mypy doesn't like it, but more
importantly we don't need it in SQLite and we don't use it in any
other schema change.
* Make SecureTemporaryFile.write()'s return type match its parent by
returning the number of bytes that were written.
Fixes #6346.
Fixes #6358.
legoktm
added a commit
that referenced
this issue
Apr 19, 2022
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no
longer bundled with mypy, so we need to explicitly install various
types-{name} packages.
* Since we need to install extra packages and need other dependencies
like Flask, move mypy into test-requirements.txt and run it via the
dev container.
* The main issue spotted by the SQLAlchemy plugin, that
sources.filesystem_id is nullable, is being fixed in a separate PR:
#6350.
* Drop the explicit type comments now that mypy can infer them.
* Use `--explicit-package-bases` when running mypy, so it treats the
securedrop/admin directories as modules regardless of whether
`__init__.py` files exist. This is needed so the two tests/
directories don't conflict with each other.
* Add missing return types to all schema changes and the templates that
generate them.
* In the `create_source_uuid_column` migration, drop the use of
`quoted_name()`. For some reason mypy doesn't like it, but more
importantly we don't need it in SQLite and we don't use it in any
other schema change.
* Make SecureTemporaryFile.write()'s return type match its parent by
returning the number of bytes that were written.
Fixes #6346.
Fixes #6358.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
We should install the
securedrop-app-code-requirements.txtdependencies when setting up the development environment viamake venv.The main motivation for this is to make mypy work better out of the box. Currently we use an old version of mypy that bundles possibly-outdated type stubs for key libraries we use like flask. Because new mypy (as planned in #6351) no longer bundles those stubs, it'll be impossible to use mypy locally unless you also have flask, etc. installed in your development virtualenv.
In addition this will make using editors like PyCharm much easier, because it expects all the dependencies to be installed in a single virtualenv.
Finally, this should bring the local development environment closer to what CI does, which AIUI takes a venv with
securedrop-app-code-requirementsdeps installed, and then installsdevelop-requirementsover it.The only obstacle to this is that right now develop wants click==7, while sd-app-code wants click==8. This appears to be easily fixable, since our molecule version is already compatible with click 8.
The text was updated successfully, but these errors were encountered: