Skip to content

Commit

Permalink
fix: remove trailing CR-LF from package spec when building requirements
Browse files Browse the repository at this point in the history 
This is particularly important on Windows hosts. For more background on
this change: pypa/pip-audit#365 (comment)
  • Loading branch information
@jenstroeger
jenstroeger committed Sep 7, 2022
1 parent 25c486b commit 0ce9d0c
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,7 @@ requirements: requirements.txt
requirements.txt: pyproject.toml
echo -n "" > requirements.txt
for pkg in `python -m pip freeze --local --disable-pip-version-check --exclude-editable`; do \
pkg=$${pkg//[$$'\r\n']}; \
echo -n $$pkg >> requirements.txt; \
echo "Fetching package metadata for requirement '$$pkg'"; \
[[ $$pkg =~ (.*)==(.*) ]] && curl -s https://pypi.org/pypi/$${BASH_REMATCH[1]}/$${BASH_REMATCH[2]}/json | python -c "import json, sys; print(''.join(f''' \\\\\n --hash=sha256:{pkg['digests']['sha256']}''' for pkg in json.load(sys.stdin)['urls']));" >> requirements.txt; \
Expand Down

0 comments on commit 0ce9d0c

Please sign in to comment.