set --allow-unsafe for pip-compile (future major default)

Amsterdam · Feb 21, 2024 · 85dfb29 · 85dfb29
1 parent 39add69
commit 85dfb29
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 11 deletions.
diff --git a/server/Makefile b/server/Makefile
@@ -9,14 +9,13 @@ sync:
 
 .PHONY: requirements
 requirements: requirements.in requirements_dev.in
-	pip-compile -v --generate-hashes --output-file requirements.txt requirements.in
-	pip-compile -v --generate-hashes --output-file requirements_dev.txt requirements_dev.in
+	pip-compile -v --generate-hashes --allow-unsafe --output-file requirements.txt requirements.in
+	pip-compile -v --generate-hashes --allow-unsafe --output-file requirements_dev.txt requirements_dev.in
 
 .PHONY: upgrade
 upgrade:
 	pur --patch=Django -r requirements_dev.in
-	pip-compile -v --generate-hashes --upgrade --output-file requirements.txt requirements.in
-	pip-compile -v --generate-hashes --upgrade --output-file requirements_dev.txt requirements_dev.in
+	make requirements
 
 .PHONY: test
 test:

diff --git a/server/requirements.txt b/server/requirements.txt
@@ -2,7 +2,7 @@
 # This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
-#    pip-compile --generate-hashes --output-file=requirements.txt requirements.in
+#    pip-compile --allow-unsafe --generate-hashes --output-file=requirements.txt requirements.in
 #
 asgiref==3.7.2 \
     --hash=sha256:89b2ef2247e3b562a16eef663bc0e2e703ec6468e2fa8a5cd61cd449786d4f6e \

diff --git a/server/requirements_dev.txt b/server/requirements_dev.txt
@@ -2,7 +2,7 @@
 # This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
-#    pip-compile --generate-hashes --output-file=requirements_dev.txt requirements_dev.in
+#    pip-compile --allow-unsafe --generate-hashes --output-file=requirements_dev.txt requirements_dev.in
 #
 asgiref==3.7.2 \
     --hash=sha256:89b2ef2247e3b562a16eef663bc0e2e703ec6468e2fa8a5cd61cd449786d4f6e \
@@ -377,8 +377,14 @@ wheel==0.42.0 \
     --hash=sha256:c45be39f7882c9d34243236f2d63cbd58039e360f85d0913425fbd7ceea617a8
     # via pip-tools
 
-# WARNING: The following packages were not pinned, but pip requires them to be
-# pinned when the requirements file includes hashes and the requirement is not
-# satisfied by a package already installed. Consider using the --allow-unsafe flag.
-# pip
-# setuptools
+# The following packages are considered to be unsafe in a requirements file:
+pip==24.0 \
+    --hash=sha256:ba0d021a166865d2265246961bec0152ff124de910c5cc39f1156ce3fa7c69dc \
+    --hash=sha256:ea9bd1a847e8c5774a5777bb398c19e80bcd4e2aa16a4b301b718fe6f593aba2
+    # via pip-tools
+setuptools==69.1.0 \
+    --hash=sha256:850894c4195f09c4ed30dba56213bf7c3f21d86ed6bdaafb5df5972593bfc401 \
+    --hash=sha256:c054629b81b946d63a9c6e732bc8b2513a7c3ea645f11d0139a2191d735c60c6
+    # via
+    #   -r requirements_dev.in
+    #   pip-tools