From b6d30f82753814220e360b82d0b5d87e834b279c Mon Sep 17 00:00:00 2001 From: Mikhail Shchatko Date: Tue, 4 Jan 2022 12:11:19 +0300 Subject: SERVER-57312 Pin transitive Python dependencies and use the pinned file for installation in Evergreen --- etc/pip/components/aws.req | 4 ++-- etc/pip/components/compile.req | 8 ++++---- etc/pip/components/idl.req | 6 +++--- etc/pip/components/jiraclient.req | 6 +++--- etc/pip/components/lint.req | 2 +- etc/pip/components/resmoke.req | 8 ++++---- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/etc/pip/components/aws.req b/etc/pip/components/aws.req index 22ca9575f5b..94c132729e7 100644 --- a/etc/pip/components/aws.req +++ b/etc/pip/components/aws.req @@ -1,2 +1,2 @@ -boto3 -botocore +boto3 <= 1.20.26 +botocore <= 1.23.26 diff --git a/etc/pip/components/compile.req b/etc/pip/components/compile.req index c208cab2722..1ef0f56a10d 100644 --- a/etc/pip/components/compile.req +++ b/etc/pip/components/compile.req @@ -1,6 +1,6 @@ # Mongo compile -Cheetah3 # src/mongo/base/generate_error_codes.py -packaging -regex -requirements_parser +Cheetah3 <= 3.2.6.post1 # src/mongo/base/generate_error_codes.py +packaging <= 21.3 +regex <= 2021.11.10 +requirements_parser <= 0.3.1 setuptools diff --git a/etc/pip/components/idl.req b/etc/pip/components/idl.req index acc5e414966..0b0ef8924b2 100644 --- a/etc/pip/components/idl.req +++ b/etc/pip/components/idl.req @@ -1,3 +1,3 @@ -unittest-xml-reporting>=2.2.0 -typing -packaging +unittest-xml-reporting >= 2.2.0, <= 3.0.4 +typing <= 3.7.4.3 +packaging <= 21.3 diff --git a/etc/pip/components/jiraclient.req b/etc/pip/components/jiraclient.req index 6a402e42ed6..1e18fadee5c 100644 --- a/etc/pip/components/jiraclient.req +++ b/etc/pip/components/jiraclient.req @@ -1,6 +1,6 @@ # TIG jira integration -jira -requests-oauth -PyJWT # https://github.com/pycontribs/jira/issues/247 +jira <= 3.1.1 +requests-oauth <= 0.4.1 +PyJWT <= 2.3.0 # https://github.com/pycontribs/jira/issues/247 cryptography == 2.3 # Needed for oauthlib to use RSAAlgorithm # Version locked - see SERVER-36618 # We are omitting pycrypto based on https://github.com/pycontribs/jira/pull/629 diff --git a/etc/pip/components/lint.req b/etc/pip/components/lint.req index 4f0c6239610..02bab15f540 100644 --- a/etc/pip/components/lint.req +++ b/etc/pip/components/lint.req @@ -5,7 +5,7 @@ mypy < 0.900; python_version > "3.5" pydocstyle == 2.1.1 pylint == 2.7.2 structlog ~= 19.2.0 -typing +typing <= 3.7.4.3 yamllint == 1.15.0 yapf == 0.26.0 evergreen-lint == 0.1.3 diff --git a/etc/pip/components/resmoke.req b/etc/pip/components/resmoke.req index ed4d2a47dce..674796ff9e1 100644 --- a/etc/pip/components/resmoke.req +++ b/etc/pip/components/resmoke.req @@ -1,9 +1,9 @@ curatorbin == 1.2.3 PyKMIP == 0.10.0 evergreen.py == 3.2.0 -jinja2 +jinja2 <= 2.11.3 MarkupSafe == 1.1.0 # See SERVER-57036, this is a transitive dependency of jinja2 -mock +mock <= 4.0.3 shrub.py == 1.1.4 ocspresponder == 0.5.0 flask == 1.1.1 @@ -13,7 +13,7 @@ grpcio-tools == 1.37.0; platform_machine == "x86_64" or platform_machine == "aar googleapis-common-protos == 1.53.0 blackduck == 1.0.1 PyGithub == 1.53 -urllib3 >= 1.26.0 +urllib3 >= 1.26.0, <= 1.26.7 distro == 1.5.0 dnspython == 2.1.0 -proxy-protocol == 0.7.5 \ No newline at end of file +proxy-protocol == 0.7.5 -- cgit v1.2.1