Replace VCS-based requirements with github-hosted zip archives

See jazzband/pip-tools#807 for more information about permitting URLs as packages. We want this because --generate-hashes works with URL-based requirements but not with Git-repo-based requirements. Subtle different, but it works. As such I think it's okay to remove the separate github URL requirements file.
freedomofpress · Dec 17, 2019 · 08d7f2d · 08d7f2d
1 parent 55e9fa9
commit 08d7f2d
Show file tree

Hide file tree

Showing 7 changed files with 5 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -105,7 +105,6 @@ There are two Python requirements files:
 
 * `requirements.in` production application dependencies
 * `dev-requirements.in` local testing and CI requirements
-* `requirements-github.txt` contains URLs and commit hashes for GitHub-hosted dependencies.
 
 Add the desired dependency to the appropriate `.in` file, then run:
 

diff --git a/docker/DevDjangoDockerfile b/docker/DevDjangoDockerfile
@@ -28,8 +28,6 @@ RUN adduser --gecos "" --uid "${USERID}" gcorn
 RUN paxctl -cm /usr/local/bin/python
 COPY securethenews/dev-requirements.txt /requirements.txt
 RUN pip install --require-hashes -r /requirements.txt
-COPY securethenews/requirements-github.txt /requirements-github.txt
-RUN pip install -r /requirements-github.txt
 
 RUN  mkdir /deploy && \
     chown -R gcorn: /deploy

diff --git a/docker/ProdDjangoDockerfile b/docker/ProdDjangoDockerfile
@@ -52,7 +52,6 @@ RUN find /django -path /django/node_modules -prune -o -print -exec chown gcorn:
 
 WORKDIR /django
 RUN pip install --require-hashes -r /django/securethenews/requirements.txt
-RUN pip install -r /django/securethenews/requirements-github.txt
 
 # Really not used in production. Needed for mapped named volume
 # permission handling https://github.com/docker/compose/issues/3270

diff --git a/securethenews/dev-requirements.txt b/securethenews/dev-requirements.txt
@@ -108,6 +108,8 @@ django-crispy-forms==1.7.2 \
 django-filter==2.1.0 \
     --hash=sha256:3dafb7d2810790498895c22a1f31b2375795910680ac9c1432821cbedb1e176d \
     --hash=sha256:a3014de317bef0cd43075a0f08dfa1d319a7ccc5733c3901fb860da70b0dda68
+https://github.com/freedomofpress/django-logging/zipball/34fbeeea7a83bd54f8551bb50382a06b69814d4e \
+    --hash=sha256:25d9a5e3393591a2fb81b22d069ac586e11abdfcad64ada8b911ca852ef9aa67
 django-mailgun==0.9.1 \
     --hash=sha256:d795076d18c0aa66fbac37f8b428f036417a3ec7ecc2d6499c021d318d60bfff
 django-modelcluster==4.3 \

diff --git a/securethenews/requirements-github.txt b/securethenews/requirements-github.txt
diff --git a/securethenews/requirements.in b/securethenews/requirements.in
@@ -1,3 +1,4 @@
+https://github.com/freedomofpress/django-logging/zipball/34fbeeea7a83bd54f8551bb50382a06b69814d4e
 Django>=2.1.11,<2.2
 django-analytical>=2.5,<2.6
 django-cors-headers

diff --git a/securethenews/requirements.txt b/securethenews/requirements.txt
@@ -107,6 +107,8 @@ django-crispy-forms==1.7.2 \
 django-filter==2.1.0 \
     --hash=sha256:3dafb7d2810790498895c22a1f31b2375795910680ac9c1432821cbedb1e176d \
     --hash=sha256:a3014de317bef0cd43075a0f08dfa1d319a7ccc5733c3901fb860da70b0dda68
+https://github.com/freedomofpress/django-logging/zipball/34fbeeea7a83bd54f8551bb50382a06b69814d4e \
+    --hash=sha256:25d9a5e3393591a2fb81b22d069ac586e11abdfcad64ada8b911ca852ef9aa67
 django-mailgun==0.9.1 \
     --hash=sha256:d795076d18c0aa66fbac37f8b428f036417a3ec7ecc2d6499c021d318d60bfff
 django-modelcluster==4.3 \