Locking and updating dependencies (#351)

devinmatte · jabbate19 · commit e442fc532a19 · 2022-09-07T12:23:38.000-04:00
* Locking and updating dependencies

* Running update before install
diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml
@@ -19,7 +19,7 @@ jobs:
 
     steps:
       - name: Install ldap dependencies
-        run: sudo apt-get install libldap2-dev libsasl2-dev
+        run: sudo apt-get update && sudo apt-get install libldap2-dev libsasl2-dev
       - uses: actions/checkout@v2
       - name: Set up Python ${{ matrix.python-version }}
         uses: actions/setup-python@v2
diff --git a/Dockerfile b/Dockerfile
@@ -25,4 +25,4 @@ RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - && \
 
 RUN ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime
 
-CMD ["gunicorn", "conditional:app", "--bind=0.0.0.0:8080", "--access-logfile=-", "--timeout=256"]
+CMD ["ddtrace-run", "gunicorn", "conditional:app", "--bind=0.0.0.0:8080", "--access-logfile=-", "--timeout=256"]
diff --git a/README.md b/README.md
@@ -57,6 +57,10 @@ npm start
 
 This will run the asset pipeline, start the Python server, and start BrowserSync. Your default web browser will open automatically. If it doesn't, navigate to `http://127.0.0.1:3000`. Any changes made to the frontend files in `frontend` or the Jinja templates in `conditional/templates` will cause the browser to reload automatically.
 
+### Dependencies
+
+To add new dependencies, add them to `requirements.in` and then run `pip-compile requirements.in` to produce a new locked `requirements.txt`. Do not edit `requirements.txt` directly as it will be overwritten by future PRs.
+
 ### Database Migrations
 
 If the database schema is changed after initializing the database, you must migrate it to the new schema by running:
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -37,7 +37,7 @@
     "enumify": "^1.0.4",
     "jquery": "^3.1.0",
     "load-awesome": "^1.1.0",
-    "lodash": "4.17.19",
+    "lodash": "4.17.21",
     "reveal.js": "^3.3.0",
     "selectize": "^0.12.2",
     "selectize-scss": "^0.9.1",
diff --git a/requirements.in b/requirements.in
@@ -0,0 +1,31 @@
+alembic~=0.9.8
+astroid~=2.4.0
+blinker~=1.4
+click~=7.1
+csh_ldap>=2.3.1
+ddtrace~=1.1.4
+Flask~=1.1.4
+Flask-Migrate~=2.1.1
+Flask-Gzip~=0.2
+Flask-pyoidc~=1.3.0
+Flask-SQLAlchemy~=2.3.2
+gunicorn~=20.1.0
+isort~=4.3.4
+itsdangerous~=0.24
+Jinja2~=2.10
+lazy-object-proxy~=1.4.0
+Mako~=1.0.7
+MarkupSafe~=1.0
+mccabe~=0.6.1
+oic~=0.11.0
+pip-tools~=6.6.2
+psycopg2-binary~=2.9.3
+pylint~=2.6.0
+python-dateutil~=2.6.1
+python-editor~=1.0.3
+sentry-sdk[flask]~=0.19.5
+six~=1.12.0
+SQLAlchemy~=1.3.22
+structlog~=18.1.0
+Werkzeug~=0.15.3
+wrapt~=1.11.0
diff --git a/requirements.txt b/requirements.txt
@@ -1,29 +1,198 @@
-alembic~=0.9.8
-astroid~=2.4.0
-blinker~=1.4
-click~=7.1
-csh_ldap>=2.3.1
-Flask~=1.1.0
-Flask-Migrate~=2.1.1
-Flask-Gzip~=0.2
-Flask-pyoidc~=1.3.0
-Flask-SQLAlchemy~=2.3.2
-gunicorn~=19.7.1
-isort~=4.3.4
-itsdangerous~=0.24
-Jinja2~=2.10
-lazy-object-proxy~=1.4.0
-Mako~=1.0.7
-MarkupSafe~=1.0
-mccabe~=0.6.1
-oic~=0.11.0
-psycopg2~=2.8.5
-pylint~=2.6.0
-python-dateutil~=2.6.1
-python-editor~=1.0.3
-sentry-sdk[flask]~=0.19.5
-six~=1.12.0
-SQLAlchemy~=1.3.22
-structlog~=18.1.0
-Werkzeug~=0.15.3
-wrapt~=1.11.0
+#
+# This file is autogenerated by pip-compile with python 3.8
+# To update, run:
+#
+#    pip-compile requirements.in
+#
+alabaster==0.7.12
+    # via oic
+alembic==0.9.10
+    # via
+    #   -r requirements.in
+    #   flask-migrate
+astroid==2.4.2
+    # via
+    #   -r requirements.in
+    #   pylint
+attrs==21.4.0
+    # via ddtrace
+beaker==1.11.0
+    # via oic
+blinker==1.4
+    # via
+    #   -r requirements.in
+    #   sentry-sdk
+certifi==2022.5.18.1
+    # via
+    #   requests
+    #   sentry-sdk
+cffi==1.15.0
+    # via cryptography
+charset-normalizer==2.0.12
+    # via requests
+click==7.1.2
+    # via
+    #   -r requirements.in
+    #   flask
+    #   pip-tools
+cryptography==37.0.2
+    # via pyopenssl
+csh-ldap==2.3.1
+    # via -r requirements.in
+ddsketch==2.0.3
+    # via ddtrace
+ddtrace==1.1.4
+    # via -r requirements.in
+dnspython==2.2.1
+    # via srvlookup
+flask==1.1.4
+    # via
+    #   -r requirements.in
+    #   flask-gzip
+    #   flask-migrate
+    #   flask-pyoidc
+    #   flask-sqlalchemy
+    #   sentry-sdk
+flask-gzip==0.2
+    # via -r requirements.in
+flask-migrate==2.1.1
+    # via -r requirements.in
+flask-pyoidc==1.3.0
+    # via -r requirements.in
+flask-sqlalchemy==2.3.2
+    # via
+    #   -r requirements.in
+    #   flask-migrate
+future==0.18.2
+    # via
+    #   oic
+    #   pyjwkest
+gunicorn==20.1.0
+    # via -r requirements.in
+idna==3.3
+    # via requests
+isort==4.3.21
+    # via
+    #   -r requirements.in
+    #   pylint
+itsdangerous==0.24
+    # via
+    #   -r requirements.in
+    #   flask
+jinja2==2.11.3
+    # via
+    #   -r requirements.in
+    #   flask
+lazy-object-proxy==1.4.3
+    # via
+    #   -r requirements.in
+    #   astroid
+mako==1.0.14
+    # via
+    #   -r requirements.in
+    #   alembic
+    #   oic
+markupsafe==1.1.1
+    # via
+    #   -r requirements.in
+    #   jinja2
+    #   mako
+mccabe==0.6.1
+    # via
+    #   -r requirements.in
+    #   pylint
+oic==0.11.0.1
+    # via
+    #   -r requirements.in
+    #   flask-pyoidc
+packaging==21.3
+    # via ddtrace
+pep517==0.12.0
+    # via pip-tools
+pip-tools==6.6.2
+    # via -r requirements.in
+protobuf==3.20.1
+    # via
+    #   ddsketch
+    #   ddtrace
+psycopg2-binary==2.9.3
+    # via -r requirements.in
+pyasn1==0.4.8
+    # via
+    #   pyasn1-modules
+    #   python-ldap
+pyasn1-modules==0.2.8
+    # via python-ldap
+pycparser==2.21
+    # via cffi
+pycryptodomex==3.14.1
+    # via
+    #   oic
+    #   pyjwkest
+pyjwkest==1.4.2
+    # via oic
+pylint==2.6.2
+    # via -r requirements.in
+pyopenssl==22.0.0
+    # via oic
+pyparsing==3.0.9
+    # via packaging
+python-dateutil==2.6.1
+    # via
+    #   -r requirements.in
+    #   alembic
+python-editor==1.0.4
+    # via
+    #   -r requirements.in
+    #   alembic
+python-ldap==3.0.0
+    # via csh-ldap
+requests==2.27.1
+    # via
+    #   oic
+    #   pyjwkest
+sentry-sdk[flask]==0.19.5
+    # via -r requirements.in
+six==1.12.0
+    # via
+    #   -r requirements.in
+    #   astroid
+    #   ddsketch
+    #   ddtrace
+    #   oic
+    #   pyjwkest
+    #   python-dateutil
+    #   structlog
+sqlalchemy==1.3.24
+    # via
+    #   -r requirements.in
+    #   alembic
+    #   flask-sqlalchemy
+srvlookup==2.0.0
+    # via csh-ldap
+structlog==18.1.0
+    # via -r requirements.in
+tenacity==8.0.1
+    # via ddtrace
+toml==0.10.2
+    # via pylint
+tomli==2.0.1
+    # via pep517
+urllib3==1.26.9
+    # via
+    #   requests
+    #   sentry-sdk
+werkzeug==0.15.6
+    # via
+    #   -r requirements.in
+    #   flask
+wheel==0.37.1
+    # via pip-tools
+wrapt==1.11.2
+    # via
+    #   -r requirements.in
+    #   astroid
+
+# The following packages are considered to be unsafe in a requirements file:
+# pip
+# setuptools

Original file line number	Diff line number	Diff line change
`@@ -25,4 +25,4 @@ RUN curl -sL https://deb.nodesource.com/setup_10.x \| bash - && \`
`25`	`25`
`26`	`26`	`RUN ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime`
`27`	`27`
`28`		`-CMD ["gunicorn", "conditional:app", "--bind=0.0.0.0:8080", "--access-logfile=-", "--timeout=256"]`
	`28`	`+CMD ["ddtrace-run", "gunicorn", "conditional:app", "--bind=0.0.0.0:8080", "--access-logfile=-", "--timeout=256"]`