Resolve dependency versions explicitly in pyproject.toml
Marco Ricci commited on 2025-01-31 18:03:02
Zeige 1 geänderte Dateien mit 22 Einfügungen und 9 Löschungen.
Remove the `~=` version specifiers in favor of `>=` specifiers, and only use explicitly tested versions as minimum version requirements. Also explicitly list pytest plugins and coverage plugins as dependencies.
- pyproject.toml 3da246c..ba1baa6
| ... | ... |
@@ -44,24 +44,30 @@ dynamic = ['version'] |
| 44 | 44 |
dev = [ |
| 45 | 45 |
# Development uses the hatch build system, to isolate all tools in |
| 46 | 46 |
# their own virtual environment... |
| 47 |
- "hatch ~= 1.10", |
|
| 47 |
+ "hatch >= 1.10", |
|
| 48 | 48 |
# ...but it is still sensible to have most static analysis tools |
| 49 | 49 |
# available in the main virtual environment as well, so that your |
| 50 | 50 |
# editor/IDE setup can access them as well. |
| 51 |
- "mypy ~= 1.0", |
|
| 52 |
- "ruff ~= 0.9.0", |
|
| 51 |
+ "mypy >= 1.0", |
|
| 52 |
+ "ruff >= 0.9.0", |
|
| 53 | 53 |
# Test dependencies should be installed as well, to have static |
| 54 | 54 |
# analysis in the test suite working too. `packaging` is needed |
| 55 | 55 |
# because the test suite compares version numbers. |
| 56 |
+ "coverage[toml] >= 7.4", |
|
| 57 |
+ "coverage-enable-subprocess >= 1.0", |
|
| 56 | 58 |
"hypothesis >= 6.0", |
| 57 | 59 |
"packaging", |
| 58 |
- "pytest ~= 8.1", |
|
| 60 |
+ "pytest >= 8.1", |
|
| 61 |
+ "pytest-randomly >= 3.15", |
|
| 62 |
+ "pytest-xdist[psutil] >= 3.6.0", |
|
| 59 | 63 |
] |
| 60 | 64 |
export = [ |
| 61 | 65 |
# The vault configuration exporter relies on cryptography. |
| 62 | 66 |
# Version 38 was the first to include the `algorithms.AES256` |
| 63 |
- # interface, instead of only the `algorithms.AES` interface. |
|
| 64 |
- "cryptography >= 38.0.0", |
|
| 67 |
+ # interface, instead of only the `algorithms.AES` interface, but |
|
| 68 |
+ # this was never tested, so we require the earliest cryptography |
|
| 69 |
+ # version we tested on. |
|
| 70 |
+ "cryptography >= 42.0.0", |
|
| 65 | 71 |
] |
| 66 | 72 |
|
| 67 | 73 |
[project.scripts] |
| ... | ... |
@@ -148,10 +154,17 @@ features = [ |
| 148 | 154 |
|
| 149 | 155 |
[tool.hatch.envs.hatch-test] |
| 150 | 156 |
default-args = ['src', 'tests'] |
| 151 |
-extra-dependencies = [ |
|
| 157 |
+# See "dev" extra in main project section for commentary on the |
|
| 158 |
+# dependencies. We override them here because hatch is too restrictive |
|
| 159 |
+# by default. |
|
| 160 |
+dependencies = [ |
|
| 161 |
+ "coverage[toml] >= 7.4", |
|
| 162 |
+ "coverage-enable-subprocess >= 1.0", |
|
| 152 | 163 |
"hypothesis >= 6.0", |
| 153 |
- "packaging", # The test suite compares version numbers. |
|
| 154 |
- "pytest ~= 8.1", |
|
| 164 |
+ "packaging", |
|
| 165 |
+ "pytest >= 8.1", |
|
| 166 |
+ "pytest-randomly >= 3.15", |
|
| 167 |
+ "pytest-xdist[psutil] >= 3.6.0", |
|
| 155 | 168 |
] |
| 156 | 169 |
matrix-name-format = '{variable}_{value}'
|
| 157 | 170 |
|
| 158 | 171 |