skia2/requirements.txt

11 lines
678 B
Plaintext
Raw Normal View History

# Pip checks downloaded package archives against local hashes to protect against remote tampering
# Read https://pip.pypa.io/en/stable/cli/pip_install/#hash-checking-mode for more information
[bazel] Use hermetic Python with jinja2+MarkupSafe The file generation logic that dawn [1] uses to make some source files requires jinja2, which also requires MarkupSafe. The GN build handles this by specifying those repos in DEPS, checking them out at a certain git hash, and then providing them via a command line arg [2]. We do not have to do it this way in Bazel to have reproducible builds. This CL specifies an exact version (verified by sha256) of those two deps and then uses a hermetic version of Python 3.9 to run all py_binary commands. Previously, we would rely on the system Python (and installed libraries). That happened to work on my machine, but not on other machines without jinja2 and MarkupSafe installed. After this CL, it should work on machines that do not have python even installed. I chose the same jinja2 version used by Dawn [3], which was 2.11.3. Then I chose the newest version of MarkupSafe that was compatible with jinja2 (2.0.1). If we have other python scripts that need external deps, we should be able to specify them in the py_binary that needs them and in requirements.txt. Then, the pip_install() step in WORKSPACE.bazel will download them and make them available. [1] https://dawn.googlesource.com/dawn.git/+/refs/heads/main/docs/dawn/overview.md [2] https://dawn.googlesource.com/dawn.git/+/e45ff6a4b3c2f06dade68ec0f01ddc3bfd70c282/generator/generator_lib.gni#77 [3] https://chromium.googlesource.com/chromium/src/third_party/jinja2/+/ee69aa00ee8536f61db6a451f3858745cf587de6 Change-Id: I3d0074f3003de179400e239e00107c34f35f4901 Bug: skia:12541 Reviewed-on: https://skia-review.googlesource.com/c/skia/+/524217 Reviewed-by: Ben Wagner <bungeman@google.com> Reviewed-by: Leandro Lovisolo <lovisolo@google.com>
2022-03-25 16:36:17 +00:00
jinja2==2.11.3 --hash=sha256:03e47ad063331dd6a3f04a43eddca8a966a26ba0c5b7207a9a9e4e08f1b29419
# https://github.com/pallets/markupsafe/issues/286
# Multiple hash entries are required for platform dependent distributions.
# Currently supported hashes by platform in order are: Linux, MacOS
MarkupSafe==2.0.1 --hash=sha256:1f2ade76b9903f39aa442b4aadd2177decb66525062db244b35d71d0ee8599b6 \
--hash=sha256:3c112550557578c26af18a1ccc9e090bfe03832ae994343cfdacd287db6a6ae7