整理: requirements-license.txt を廃止 (VOICEVOX#1281)

* refactor: `requirements-license.txt` を削除

* fix: コンフリクト

* fix: lock を更新

* refactor: `pip-license` を requirements-test.txt でバージョン指定

* fix: lint

* fix: lint

* fix: codec

* fix: 依存性管理を更新

* fix: merge

* refactor: bash コマンドを簡略化

* fix: bash 省略の反映忘れを訂正

.github/workflows/test-security.yml

@@ -24,7 +24,7 @@ jobs:
           requirements-suffix: "-dev"
 
       - name: <Test> Check Python dependency security
-        run: safety check -r requirements.txt -r requirements-dev.txt -r requirements-build.txt -r requirements-license.txt -o bare
+        run: safety check -r requirements.txt -r requirements-dev.txt -r requirements-build.txt -o bare
 
       - name: <Deploy> Notify Discord of security testing result
         uses: sarisia/actions-status-discord@v1

.github/workflows/test.yml

@@ -35,12 +35,10 @@ jobs:
           poetry export --without-hashes -o requirements.txt.check
           poetry export --without-hashes --with dev -o requirements-dev.txt.check
           poetry export --without-hashes --with build -o requirements-build.txt.check
-          poetry export --without-hashes --with license -o requirements-license.txt.check
 
           diff -q requirements.txt requirements.txt.check || \
           diff -q requirements-dev.txt requirements-dev.txt.check || \
-          diff -q requirements-build.txt requirements-build.txt.check || \
-          diff -q requirements-license.txt requirements-license.txt.check > /dev/null
+          diff -q requirements-build.txt requirements-build.txt.check > /dev/null
           if [ $? = 1 ]; then
             echo "poetry export has some diff"
             exit 1

.pre-commit-config.yaml

@@ -34,9 +34,3 @@ repos:
         language: python
         stages: [push]
         pass_filenames: false
-      - id: poetry-export-license
-        name: poetry-export-license
-        entry: poetry export --without-hashes --with license -o requirements-license.txt
-        language: python
-        stages: [push]
-        pass_filenames: false

CONTRIBUTING.md

@@ -229,7 +229,6 @@ poetry update # 全部更新
 poetry export --without-hashes -o requirements.txt # こちらを更新する場合は下３つも更新する必要があります。
 poetry export --without-hashes --with dev -o requirements-dev.txt
 poetry export --without-hashes --with build -o requirements-build.txt
-poetry export --without-hashes --with license -o requirements-license.txt
 ```
 
 ## 静的解析
@@ -297,7 +296,7 @@ python -m pytest --snapshot-update
 シェルで以下のコマンドを実行することで脆弱性が診断されます。  
 
 ```bash
-safety check -r requirements.txt -r requirements-dev.txt -r requirements-build.txt -r requirements-license.txt
+safety check -r requirements.txt -r requirements-dev.txt -r requirements-build.txt
 ```
 
 ## ビルド

Dockerfile

@@ -240,7 +240,8 @@ RUN sed -i "s/__version__ = \"latest\"/__version__ = \"${VOICEVOX_ENGINE_VERSION
 RUN sed -i "s/\"version\": \"999\\.999\\.999\"/\"version\": \"${VOICEVOX_ENGINE_VERSION}\"/" /opt/voicevox_engine/engine_manifest.json
 
 # Generate licenses.json
-ADD ./requirements-license.txt /tmp/
+ADD ./requirements.txt /tmp/
+ADD ./requirements-dev.txt /tmp/
 RUN <<EOF
     set -eux
 
@@ -250,7 +251,9 @@ RUN <<EOF
     # /home/user/.local/bin is required to use the commands installed by pip
     export PATH="/home/user/.local/bin:${PATH:-}"
 
-    gosu user /opt/python/bin/pip3 install -r /tmp/requirements-license.txt
+    gosu user /opt/python/bin/pip3 install -r /tmp/requirements.txt
+    # requirements-dev.txt でバージョン指定されている pip-licenses をインストールする
+    gosu user /opt/python/bin/pip3 install "$(grep pip-licenses /tmp/requirements-dev.txt | cut -f 1 -d ';')"
     gosu user /opt/python/bin/python3 build_util/generate_licenses.py > /opt/voicevox_engine/resources/engine_manifest_assets/dependency_licenses.json
     cp /opt/voicevox_engine/resources/engine_manifest_assets/dependency_licenses.json /opt/voicevox_engine/licenses.json
 EOF

README.md

@@ -653,7 +653,6 @@ poetry update # 全部更新
 poetry export --without-hashes -o requirements.txt # こちらを更新する場合は下３つも更新する必要があります。
 poetry export --without-hashes --with dev -o requirements-dev.txt
 poetry export --without-hashes --with build -o requirements-build.txt
-poetry export --without-hashes --with license -o requirements-license.txt
 ```
 
 #### ライセンス

build_util/create_venv_and_generate_licenses.bash

@@ -18,7 +18,9 @@ else
     source $VENV_PATH/bin/activate
 fi
 
-pip install -r requirements-license.txt
+pip install -r requirements.txt
+# requirements-dev.txt でバージョン指定されている pip-licenses をインストールする
+pip install "$(grep pip-licenses requirements-dev.txt | cut -f 1 -d ';')"
 python build_util/generate_licenses.py > "${OUTPUT_LICENSE_JSON_PATH}"
 
 deactivate

pyproject.toml

@@ -74,14 +74,12 @@ httpx = "^0.27.0" # NOTE: required by fastapi.testclient.TestClient
 syrupy = "^4.6.1"
 types-pyyaml = "^6.0.12"
 safety = "^3.1.0"
+pip-licenses = "4.4.0" # NOTE: must be specified exactly (c.f. #1281)
 pre-commit = "^2.16.0"
 
 [tool.poetry.group.build.dependencies]
 pyinstaller = "^5.13"
 
-[tool.poetry.group.license.dependencies]
-pip-licenses = "^4.4.0"
-
 [build-system]
 requires = ["poetry-core"]
 build-backend = "poetry.core.masonry.api"

requirements-dev.txt

@@ -56,13 +56,15 @@ numpy==1.26.4 ; python_version >= "3.11" and python_version < "3.12"
 packaging==24.0 ; python_version >= "3.11" and python_version < "3.12"
 pathspec==0.12.1 ; python_version >= "3.11" and python_version < "3.12"
 pexpect==4.9.0 ; python_version >= "3.11" and python_version < "3.12"
+pip-licenses==4.4.0 ; python_version >= "3.11" and python_version < "3.12"
 pkginfo==1.10.0 ; python_version >= "3.11" and python_version < "3.12"
 platformdirs==4.2.2 ; python_version >= "3.11" and python_version < "3.12"
 pluggy==1.5.0 ; python_version >= "3.11" and python_version < "3.12"
 poetry-core==1.9.0 ; python_version >= "3.11" and python_version < "3.12"
 poetry-plugin-export==1.8.0 ; python_version >= "3.11" and python_version < "3.12"
 poetry==1.8.2 ; python_version >= "3.11" and python_version < "3.12"
 pre-commit==2.21.0 ; python_version >= "3.11" and python_version < "3.12"
+prettytable==3.10.0 ; python_version >= "3.11" and python_version < "3.12"
 ptyprocess==0.7.0 ; python_version >= "3.11" and python_version < "3.12"
 pycodestyle==2.11.1 ; python_version >= "3.11" and python_version < "3.12"
 pycparser==2.22 ; python_version >= "3.11" and python_version < "3.12"
@@ -106,5 +108,6 @@ unidiff==0.7.5 ; python_version >= "3.11" and python_version < "3.12"
 urllib3==2.2.1 ; python_version >= "3.11" and python_version < "3.12"
 uvicorn==0.29.0 ; python_version >= "3.11" and python_version < "3.12"
 virtualenv==20.26.2 ; python_version >= "3.11" and python_version < "3.12"
+wcwidth==0.2.13 ; python_version >= "3.11" and python_version < "3.12"
 xattr==1.1.0 ; python_version >= "3.11" and python_version < "3.12" and sys_platform == "darwin"
 zipp==3.18.1 ; python_version >= "3.11" and python_version < "3.12"