mirror of https://github.com/zulip/zulip.git
43996106d8
In the past it has blocked Python library security updates with overly strict version bounds, and we don’t use it as a library, only as a binary. Skip the PROVISION_VERSION bump because we can use the tx binary from either location. Signed-off-by: Anders Kaseorg <anders@zulipchat.com> |
||
|---|---|---|
| .. | ||
| README.md | ||
| common.in | ||
| dev.in | ||
| dev.txt | ||
| docs.in | ||
| docs.txt | ||
| mypy.in | ||
| mypy.txt | ||
| pip.in | ||
| pip.txt | ||
| pip2.txt | ||
| prod.in | ||
| prod.txt | ||
| thumbor-dev.in | ||
| thumbor-dev.txt | ||
| thumbor.in | ||
| thumbor.txt | ||
README.md
The dependency graph of the requirements is as follows:
dev prod
+ + +
| +->common<-+
v
mypy,docs
Of the files, only dev, prod, and mypy have been used in the install scripts directly. The rest are implicit dependencies.
Steps to update a lock file, e.g. to update ipython from 5.3.0 to latest version:
0. Remove entries for ipython==5.4.1 in dev.txt and prod.txt.
- Run
./tools/update-locked-requirements, which will generate new entries, pinned to the latest version. - Increase
PROVISION_VERSIONinversion.py. - Run
./tools/provisionto install the new deps and test them. - Commit your changes.