[tor-bugs] #29484 [Obfuscation/BridgeDB]: Update the requirements.txt and freeze them on release
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 12 17:44:39 UTC 2019
#29484: Update the requirements.txt and freeze them on release
--------------------------------------+----------------------
Reporter: dgoulet | Owner: dgoulet
Type: task | Status: assigned
Priority: Medium | Milestone:
Component: Obfuscation/BridgeDB | Version:
Severity: Normal | Keywords: bridgedb
Actual Points: | Parent ID:
Points: 1 | Reviewer: sysrqb
Sponsor: Sponsor19 |
--------------------------------------+----------------------
The `requirements.txt` file has package versions that are pinned and some
are very old by now.
I've done a quick test and using all the latest works with a very minor
fix in the code so far.
We should have a development one that uses the latest packages (maybe?)
and then use a minimal one that we use when we release (pip freeze).
This way, we keep up to date with everything and do not fall into the risk
of having huge security holes because old dependencies for instance.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29484>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list