Skip to content

Commit

Permalink
Pin hashes for test-requirements.txt
Browse files Browse the repository at this point in the history 
Also adds --allow-unsafe to allow pinning hashes of setuptools in test-requirements.txt

The `--allow-unsafe` flags should not impact security: it is to allow pip to pin setuptools and pip-tools (see issue #4686).
  • Loading branch information
@emkll
emkll committed Oct 9, 2019
1 parent 0192a79 commit 05b820f
Show file tree
Hide file tree
Showing 2 changed files with 164 additions and 40 deletions.
3 changes: 2 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ update-python3-requirements: ## Update Python 3 requirements with pip-compile.
../admin/requirements-ansible.in \
../admin/requirements.in \
requirements/python3/develop-requirements.in
@$(DEVSHELL) pip-compile \
@$(DEVSHELL) pip-compile --generate-hashes \
--allow-unsafe \
--output-file requirements/python3/test-requirements.txt \
requirements/python3/test-requirements.in
@$(DEVSHELL) pip-compile --generate-hashes \
Expand Down
201 changes: 162 additions & 39 deletions securedrop/requirements/python3/test-requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,45 +2,168 @@
# This file is autogenerated by pip-compile
# To update, run:
#
# pip-compile --output-file=requirements/python3/test-requirements.txt requirements/python3/test-requirements.in
# pip-compile --generate-hashes --allow-unsafe --output-file=requirements/python3/test-requirements.txt requirements/python3/test-requirements.in
#
atomicwrites==1.3.0 # via pytest
attrs==17.4.0 # via hypothesis, pytest
beautifulsoup4==4.6.0
blinker==1.4
certifi==2018.11.29 # via requests
chardet==3.0.4 # via requests
click==6.7 # via flask, pip-tools
coverage==4.4.2 # via pytest-cov
easyprocess==0.2.3 # via pyvirtualdisplay
flaky==3.6.0
flask-testing==0.7.1
flask==1.0.2 # via flask-testing
hypothesis==4.22.2
idna==2.8 # via requests
importlib-metadata==0.18 # via pluggy
itsdangerous==0.24 # via flask
jinja2==2.10.1 # via flask
markupsafe==1.0 # via jinja2
mock==2.0.0
more-itertools==7.1.0 # via pytest
pathlib2==2.3.4 # via pytest
pbr==3.1.1 # via mock
pip-tools==4.0.0
pluggy==0.12.0 # via pytest
py==1.5.2
pysocks==1.6.8 # via requests
pytest-cov==2.5.1
pytest-mock==1.7.1
pytest==3.10
pyvirtualdisplay==0.2.1
requests[socks]==2.22.0
selenium==3.141.0
six==1.11.0 # via mock, pathlib2, pip-tools, pytest
tbselenium==0.4.2
urllib3==1.25.3
werkzeug==0.16.0 # via flask
zipp==0.5.1 # via importlib-metadata
atomicwrites==1.3.0 \
--hash=sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4 \
--hash=sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6 \
# via pytest
attrs==17.4.0 \
--hash=sha256:1c7960ccfd6a005cd9f7ba884e6316b5e430a3f1a6c37c5f87d8b43f83b54ec9 \
--hash=sha256:a17a9573a6f475c99b551c0e0a812707ddda1ec9653bed04c13841404ed6f450 \
# via hypothesis, pytest
beautifulsoup4==4.6.0 \
--hash=sha256:11a9a27b7d3bddc6d86f59fb76afb70e921a25ac2d6cc55b40d072bd68435a76 \
--hash=sha256:7015e76bf32f1f574636c4288399a6de66ce08fb7b2457f628a8d70c0fbabb11 \
--hash=sha256:808b6ac932dccb0a4126558f7dfdcf41710dd44a4ef497a0bb59a77f9f078e89
blinker==1.4 \
--hash=sha256:471aee25f3992bd325afa3772f1063dbdbbca947a041b8b89466dc00d606f8b6
certifi==2018.11.29 \
--hash=sha256:47f9c83ef4c0c621eaef743f133f09fa8a74a9b75f037e8624f83bd1b6626cb7 \
--hash=sha256:993f830721089fef441cdfeb4b2c8c9df86f0c63239f06bd025a76a7daddb033 \
# via requests
chardet==3.0.4 \
--hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \
--hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 \
# via requests
click==6.7 \
--hash=sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d \
--hash=sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b \
# via flask, pip-tools
coverage==4.4.2 \
--hash=sha256:007eeef7e23f9473622f7d94a3e029a45d55a92a1f083f0f3512f5ab9a669b05 \
--hash=sha256:079248312838c4c8f3494934ab7382a42d42d5f365f0cf7516f938dbb3f53f3f \
--hash=sha256:17307429935f96c986a1b1674f78079528833410750321d22b5fb35d1883828e \
--hash=sha256:2ad357d12971e77360034c1596011a03f50c0f9e1ecd12e081342b8d1aee2236 \
--hash=sha256:2e1a5c6adebb93c3b175103c2f855eda957283c10cf937d791d81bef8872d6ca \
--hash=sha256:309d91bd7a35063ec7a0e4d75645488bfab3f0b66373e7722f23da7f5b0f34cc \
--hash=sha256:358d635b1fc22a425444d52f26287ae5aea9e96e254ff3c59c407426f44574f4 \
--hash=sha256:3f4d0b3403d3e110d2588c275540649b1841725f5a11a7162620224155d00ba2 \
--hash=sha256:493082f104b5ca920e97a485913de254cbe351900deed72d4264571c73464cd0 \
--hash=sha256:4c4f368ffe1c2e7602359c2c50233269f3abe1c48ca6b288dcd0fb1d1c679733 \
--hash=sha256:5ff16548492e8a12e65ff3d55857ccd818584ed587a6c2898a9ebbe09a880674 \
--hash=sha256:66f393e10dd866be267deb3feca39babba08ae13763e0fc7a1063cbe1f8e49f6 \
--hash=sha256:700d7579995044dc724847560b78ac786f0ca292867447afda7727a6fbaa082e \
--hash=sha256:81912cfe276e0069dca99e1e4e6be7b06b5fc8342641c6b472cb2fed7de7ae18 \
--hash=sha256:82cbd3317320aa63c65555aa4894bf33a13fb3a77f079059eb5935eea415938d \
--hash=sha256:845fddf89dca1e94abe168760a38271abfc2e31863fbb4ada7f9a99337d7c3dc \
--hash=sha256:87d942863fe74b1c3be83a045996addf1639218c2cb89c5da18c06c0fe3917ea \
--hash=sha256:9721f1b7275d3112dc7ccf63f0553c769f09b5c25a26ee45872c7f5c09edf6c1 \
--hash=sha256:a7cfaebd8f24c2b537fa6a271229b051cdac9c1734bb6f939ccfc7c055689baa \
--hash=sha256:b0059630ca5c6b297690a6bf57bf2fdac1395c24b7935fd73ee64190276b743b \
--hash=sha256:bd4800e32b4c8d99c3a2c943f1ac430cbf80658d884123d19639bcde90dad44a \
--hash=sha256:cdd92dd9471e624cd1d8c1a2703d25f114b59b736b0f1f659a98414e535ffb3d \
--hash=sha256:d00e29b78ff610d300b2c37049a41234d48ea4f2d2581759ebcf67caaf731c31 \
--hash=sha256:d1ee76f560c3c3e8faada866a07a32485445e16ed2206ac8378bd90dadffb9f0 \
--hash=sha256:dd707a21332615108b736ef0b8513d3edaf12d2a7d5fc26cd04a169a8ae9b526 \
--hash=sha256:e3ba9b14607c23623cf38f90b23f5bed4a3be87cbfa96e2e9f4eabb975d1e98b \
--hash=sha256:e9a0e1caed2a52f15c96507ab78a48f346c05681a49c5b003172f8073da6aa6b \
--hash=sha256:eea9135432428d3ca7ee9be86af27cb8e56243f73764a9b6c3e0bda1394916be \
--hash=sha256:f29841e865590af72c4b90d7b5b8e93fd560f5dea436c1d5ee8053788f9285de \
--hash=sha256:f3a5c6d054c531536a83521c00e5d4004f1e126e2e2556ce399bef4180fbe540 \
--hash=sha256:f87f522bde5540d8a4b11df80058281ac38c44b13ce29ced1e294963dd51a8f8 \
--hash=sha256:f8c55dd0f56d3d618dfacf129e010cbe5d5f94b6951c1b2f13ab1a2f79c284da \
# via pytest-cov
easyprocess==0.2.3 \
--hash=sha256:94e241cadc9a46f55b5c06000df85618849602e7e1865b8de87576b90a22e61f \
# via pyvirtualdisplay
flaky==3.6.0 \
--hash=sha256:36fa125bceebfe869739b62e203db4653488dff09615e5a4f3d7607d48363c6a \
--hash=sha256:c24e321b3b4b4a2d323b646acff6738e7601849832f4280864d69f00a6a9869d
flask-testing==0.7.1 \
--hash=sha256:dc076623d7d850653a018cb64f500948334c8aeb6b10a5a842bf1bcfb98122bc
flask==1.0.2 \
--hash=sha256:2271c0070dbcb5275fad4a82e29f23ab92682dc45f9dfbc22c02ba9b9322ce48 \
--hash=sha256:a080b744b7e345ccfcbc77954861cb05b3c63786e93f2b3875e0913d44b43f05 \
# via flask-testing
hypothesis==4.22.2 \
--hash=sha256:7d504c4de30ec2bf9e9421e6dacb76666266bc584440b3fda4ba3ae7ecb8d2fc \
--hash=sha256:ce7c4a46823f73e9ef548f10963095bf82c787646a09d1886979f007c74b07cc \
--hash=sha256:e97ef0a17a6dfb3873aa7e4ef3e6398d5b5ee7fbc5923f2cebfa4a1d5f9eb44b
idna==2.8 \
--hash=sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407 \
--hash=sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c \
# via requests
importlib-metadata==0.18 \
--hash=sha256:6dfd58dfe281e8d240937776065dd3624ad5469c835248219bd16cf2e12dbeb7 \
--hash=sha256:cb6ee23b46173539939964df59d3d72c3e0c1b5d54b84f1d8a7e912fe43612db \
# via pluggy
itsdangerous==0.24 \
--hash=sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519 \
# via flask
jinja2==2.10.1 \
--hash=sha256:065c4f02ebe7f7cf559e49ee5a95fb800a9e4528727aec6f24402a5374c65013 \
--hash=sha256:14dd6caf1527abb21f08f86c784eac40853ba93edb79552aa1e4b8aef1b61c7b \
# via flask
markupsafe==1.0 \
--hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 \
# via jinja2
mock==2.0.0 \
--hash=sha256:5ce3c71c5545b472da17b72268978914d0252980348636840bd34a00b5cc96c1 \
--hash=sha256:b158b6df76edd239b8208d481dc46b6afd45a846b7812ff0ce58971cf5bc8bba
more-itertools==7.1.0 \
--hash=sha256:3ad685ff8512bf6dc5a8b82ebf73543999b657eded8c11803d9ba6b648986f4d \
--hash=sha256:8bb43d1f51ecef60d81854af61a3a880555a14643691cc4b64a6ee269c78f09a \
# via pytest
pathlib2==2.3.4 \
--hash=sha256:2156525d6576d21c4dcaddfa427fae887ef89a7a9de5cbfe0728b3aafa78427e \
--hash=sha256:446014523bb9be5c28128c4d2a10ad6bb60769e78bd85658fe44a450674e0ef8 \
# via pytest
pbr==3.1.1 \
--hash=sha256:05f61c71aaefc02d8e37c0a3eeb9815ff526ea28b3b76324769e6158d7f95be1 \
--hash=sha256:60c25b7dfd054ef9bb0ae327af949dd4676aa09ac3a9471cdc871d8a9213f9ac \
# via mock
pip-tools==4.0.0 \
--hash=sha256:3b9fb8948340eff5869ac83dc85e3a7c62b837cec33609c45c48c2e5aa740ba5 \
--hash=sha256:44469037863c3587b4c565caf258e2c752d4235c508cf8410a69164bb65ffc78
pluggy==0.12.0 \
--hash=sha256:0825a152ac059776623854c1543d65a4ad408eb3d33ee114dff91e57ec6ae6fc \
--hash=sha256:b9817417e95936bf75d85d3f8767f7df6cdde751fc40aed3bb3074cbcb77757c \
# via pytest
py==1.5.2 \
--hash=sha256:8cca5c229d225f8c1e3085be4fcf306090b00850fefad892f9d96c7b6e2f310f \
--hash=sha256:ca18943e28235417756316bfada6cd96b23ce60dd532642690dcfdaba988a76d
pysocks==1.6.8 \
--hash=sha256:3fe52c55890a248676fd69dc9e3c4e811718b777834bcaab7a8125cf9deac672 \
# via requests
pytest-cov==2.5.1 \
--hash=sha256:03aa752cf11db41d281ea1d807d954c4eda35cfa1b21d6971966cc041bbf6e2d \
--hash=sha256:890fe5565400902b0c78b5357004aab1c814115894f4f21370e2433256a3eeec
pytest-mock==1.7.1 \
--hash=sha256:03a2fea79d0a83a8de2e77e92afe5f0a5ca99a58cc68f843f9a74de34800a943 \
--hash=sha256:b879dff61e31fcd4727c227c182f15f222a155293cc64ed5a02d55e0020cf949
pytest==3.10 \
--hash=sha256:630ff1dbe04f469ee78faa5660f712e58b953da7df22ea5d828c9012e134da43 \
--hash=sha256:a2b5232735dd0b736cbea9c0f09e5070d78fcaba2823a4f6f09d9a81bd19415c
pyvirtualdisplay==0.2.1 \
--hash=sha256:012883851a992f9c53f0dc6a512765a95cf241bdb734af79e6bdfef95c6e9982
requests[socks]==2.22.0 \
--hash=sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4 \
--hash=sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31
selenium==3.141.0 \
--hash=sha256:2d7131d7bc5a5b99a2d9b04aaf2612c411b03b8ca1b1ee8d3de5845a9be2cb3c \
--hash=sha256:deaf32b60ad91a4611b98d8002757f29e6f2c2d5fcaf202e1c9ad06d6772300d
six==1.11.0 \
--hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
--hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb \
# via mock, pathlib2, pip-tools, pytest
tbselenium==0.4.2 \
--hash=sha256:9f39b7285103442cc389623e1dedc3ef08b1475afd5076bba1d947d92a348d0b \
--hash=sha256:e24ff69f610ca294093f399099407124c7ffc6a8325e7d9ca19e93ffc5eb91df
urllib3==1.25.3 \
--hash=sha256:b246607a25ac80bedac05c6f282e3cdaf3afb65420fd024ac94435cabe6e18d1 \
--hash=sha256:dbe59173209418ae49d485b87d1681aefa36252ee85884c31346debd19463232
werkzeug==0.16.0 \
--hash=sha256:7280924747b5733b246fe23972186c6b348f9ae29724135a6dfc1e53cea433e7 \
--hash=sha256:e5f4a1f98b52b18a93da705a7458e55afb26f32bff83ff5d19189f92462d65c4 \
# via flask
zipp==0.5.1 \
--hash=sha256:8c1019c6aad13642199fbe458275ad6a84907634cc9f0989877ccc4a2840139d \
--hash=sha256:ca943a7e809cc12257001ccfb99e3563da9af99d52f261725e96dfe0f9275bc3 \
# via importlib-metadata

# The following packages are considered to be unsafe in a requirements file:
# setuptools==41.2.0 # via pytest
setuptools==41.4.0 \
--hash=sha256:7eae782ccf36b790c21bde7d86a4f303a441cd77036b25c559a602cf5186ce4d \
--hash=sha256:8d01f7ee4191d9fdcd9cc5796f75199deccb25b154eba82d44d6a042cf873670 \
# via pytest

0 comments on commit 05b820f

Please sign in to comment.