Commit b2a02af
committed
HP-1842 Update python-jose to version 3.3.0
Move python-jose dependency to requirements.in, as it's not just a
development dependency. It's needed by the actual server too; via
django-helusers, but still.
Use the `cryptography` backend with python-jose, which is the
recommended choice. Python-jose depends on `ecdsa`, `pyasn1` and `rsa`
packages, but it doesn't need them when the `cryptography` backend is
used. Those packages are excluded from the requirements.txt file by
using --unsafe-package arguments with pip-compile. This works for now,
since python-jose is the ONLY package that depends on those packages. If
any other package update needs any of those other dependencies, then
they need to be allwed again. There is a proposal to pip-tools [1] to
provide a better tool for this kind of use case, but it hasn't been
accepted.
In order to not get those unnecessary dependencies installed anyways,
the --no-deps argument needs to be given to `pip`. This was added to
Dockerfile.
[1] jazzband/pip-tools#16451 parent 9a9462f commit b2a02af
File tree
5 files changed
+18
-36
lines changed5 files changed
+18
-36
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
18 | 18 | | |
19 | 19 | | |
20 | 20 | | |
21 | | - | |
| 21 | + | |
22 | 22 | | |
23 | 23 | | |
24 | 24 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
17 | 17 | | |
18 | 18 | | |
19 | 19 | | |
20 | | - | |
21 | 20 | | |
22 | 21 | | |
23 | 22 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
42 | 42 | | |
43 | 43 | | |
44 | 44 | | |
45 | | - | |
46 | | - | |
47 | | - | |
48 | | - | |
49 | 45 | | |
50 | 46 | | |
51 | 47 | | |
| |||
68 | 64 | | |
69 | 65 | | |
70 | 66 | | |
71 | | - | |
72 | | - | |
73 | | - | |
74 | | - | |
75 | 67 | | |
76 | 68 | | |
77 | 69 | | |
| |||
140 | 132 | | |
141 | 133 | | |
142 | 134 | | |
143 | | - | |
144 | | - | |
145 | | - | |
146 | | - | |
147 | 135 | | |
148 | 136 | | |
149 | 137 | | |
| |||
177 | 165 | | |
178 | 166 | | |
179 | 167 | | |
180 | | - | |
181 | | - | |
182 | | - | |
183 | | - | |
184 | 168 | | |
185 | 169 | | |
186 | 170 | | |
| |||
193 | 177 | | |
194 | 178 | | |
195 | 179 | | |
196 | | - | |
197 | | - | |
198 | | - | |
199 | | - | |
200 | 180 | | |
201 | 181 | | |
202 | 182 | | |
203 | | - | |
204 | 183 | | |
205 | 184 | | |
206 | | - | |
207 | 185 | | |
208 | 186 | | |
209 | 187 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
14 | 14 | | |
15 | 15 | | |
16 | 16 | | |
| 17 | + | |
17 | 18 | | |
18 | 19 | | |
19 | 20 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
| 5 | + | |
6 | 6 | | |
7 | 7 | | |
8 | 8 | | |
| |||
16 | 16 | | |
17 | 17 | | |
18 | 18 | | |
| 19 | + | |
| 20 | + | |
19 | 21 | | |
20 | 22 | | |
| 23 | + | |
| 24 | + | |
21 | 25 | | |
22 | 26 | | |
23 | 27 | | |
| |||
53 | 57 | | |
54 | 58 | | |
55 | 59 | | |
56 | | - | |
57 | | - | |
58 | | - | |
59 | | - | |
60 | 60 | | |
61 | 61 | | |
62 | 62 | | |
| |||
90 | 90 | | |
91 | 91 | | |
92 | 92 | | |
93 | | - | |
94 | | - | |
| 93 | + | |
| 94 | + | |
95 | 95 | | |
96 | 96 | | |
97 | | - | |
98 | | - | |
| 97 | + | |
| 98 | + | |
| 99 | + | |
| 100 | + | |
99 | 101 | | |
100 | 102 | | |
101 | 103 | | |
| |||
110 | 112 | | |
111 | 113 | | |
112 | 114 | | |
113 | | - | |
114 | | - | |
115 | 115 | | |
116 | 116 | | |
117 | 117 | | |
| |||
128 | 128 | | |
129 | 129 | | |
130 | 130 | | |
131 | | - | |
132 | 131 | | |
133 | 132 | | |
134 | 133 | | |
| |||
138 | 137 | | |
139 | 138 | | |
140 | 139 | | |
| 140 | + | |
| 141 | + | |
| 142 | + | |
| 143 | + | |
| 144 | + | |
0 commit comments