You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To add or update a dependency, modify either `dev-requirements.in` and `requirements.in` and then run `make update-pip-dependencies`. This will generate `dev-requirements.txt` and `requirements.txt`.
55
+
If you're adding or updating a dependency, you need to:
56
56
57
-
**IMPORTANT:** Do not modify `build-requirements.txt` during normal development. We use a pip mirror for our build process and the hashes in that file point to wheels on our mirror.
57
+
1. Modify either `dev-requirements.in` and `requirements.in` (depending on whether it is prod or dev only) and then run `make update-pip-dependencies`. This will generate `dev-requirements.txt` and `requirements.txt`.
58
+
59
+
2. For building a debian package from this project, we use the requirements in
60
+
`build-requirements.txt` which uses our pip mirror, i.e. the hashes in that file point to
61
+
wheels on our pip mirror. A maintainer will need to add
62
+
the updated dependency to our pip mirror (you can request this in the PR).
63
+
64
+
3. Once the pip mirror is updated, you should checkout the [securedrop-debian-packaging repo](https://github.com/freedomofpress/securedrop-debian-packaging) and run `make requirements`. Commit the `build-requirements.txt` that results and add it to your PR.
0 commit comments