From 6d5c5cd867a190c15294b6c404c8c3e36c2253be Mon Sep 17 00:00:00 2001 From: Jussi Kukkonen Date: Wed, 11 Dec 2024 10:29:13 +0200 Subject: [PATCH 1/2] requirements: pynacl is no longer needed This is obsolete by now. Signed-off-by: Jussi Kukkonen --- docs/INSTALLATION.rst | 7 +++---- requirements/main.txt | 2 +- tox.ini | 2 +- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/docs/INSTALLATION.rst b/docs/INSTALLATION.rst index 1d2a6330c3..8e23e927f8 100644 --- a/docs/INSTALLATION.rst +++ b/docs/INSTALLATION.rst @@ -25,14 +25,13 @@ algorithms, and more performant backends. Opt-in is available via .. note:: - Please consult with underlying crypto backend installation docs -- - `cryptography `_ and - `pynacl `_ -- + Please consult with underlying crypto backend installation docs. e.g. + `cryptography `_ for possible system dependencies. :: - python3 -m pip securesystemslib[crypto,pynacl] tuf + python3 -m pip securesystemslib[crypto] tuf Install for development diff --git a/requirements/main.txt b/requirements/main.txt index e1d3346d03..e93071ff00 100644 --- a/requirements/main.txt +++ b/requirements/main.txt @@ -6,5 +6,5 @@ # 'pinned.txt' is updated on GitHub with Dependabot, which # triggers CI/CD builds to automatically test against updated dependencies. # -securesystemslib[crypto, pynacl] +securesystemslib[crypto] requests diff --git a/tox.ini b/tox.ini index 03dd2324e8..6e5e5a3e8b 100644 --- a/tox.ini +++ b/tox.ini @@ -34,7 +34,7 @@ allowlist_externals = python3 # Must to be invoked explicitly with, e.g. `tox -e with-sslib-main` [testenv:with-sslib-main] commands_pre = - python3 -m pip install --force-reinstall git+https://github.com/secure-systems-lab/securesystemslib.git@main#egg=securesystemslib[crypto,pynacl] + python3 -m pip install --force-reinstall git+https://github.com/secure-systems-lab/securesystemslib.git@main#egg=securesystemslib[crypto] commands = python3 -m coverage run aggregate_tests.py From 83ec7be7cf3b08991c02b85872f3799e9c6342b3 Mon Sep 17 00:00:00 2001 From: Jussi Kukkonen Date: Wed, 11 Dec 2024 10:36:00 +0200 Subject: [PATCH 2/2] requirements: Generate pinned list The only real change is pynacl being removed. The command used to generate the list is documented in the generated file. Note that --strip-extras is used: it will be default soon anyway. Signed-off-by: Jussi Kukkonen --- requirements/pinned.txt | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/requirements/pinned.txt b/requirements/pinned.txt index 973e24cd23..9ffe661e2f 100644 --- a/requirements/pinned.txt +++ b/requirements/pinned.txt @@ -1,10 +1,24 @@ -certifi==2024.12.14 # via requests -cffi==1.17.1 # via cryptography, pynacl -charset-normalizer==3.4.1 # via requests -cryptography==44.0.0 # via securesystemslib -idna==3.10 # via requests -pycparser==2.22 # via cffi -pynacl==1.5.0 # via securesystemslib +# +# This file is autogenerated by pip-compile with Python 3.11 +# by the following command: +# +# pip-compile --output-file=requirements/pinned.txt --strip-extras requirements/main.txt +# +certifi==2024.12.14 + # via requests +cffi==1.17.1 + # via cryptography +charset-normalizer==3.4.1 + # via requests +cryptography==44.0.0 + # via securesystemslib +idna==3.10 + # via requests +pycparser==2.22 + # via cffi requests==2.32.3 -securesystemslib[crypto,pynacl]==1.2.0 -urllib3==2.3.0 # via requests + # via -r requirements/main.txt +securesystemslib==1.2.0 + # via -r requirements/main.txt +urllib3==2.3.0 + # via requests