Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

relax pyproject dependency versions and introduce requirements.txt #2132

Merged
merged 6 commits into from
Jun 11, 2024
Merged

relax pyproject dependency versions and introduce requirements.txt #2132

merged 6 commits into from
Jun 11, 2024

Conversation

williballenthin
Copy link
Collaborator

@williballenthin williballenthin commented Jun 7, 2024
edited
Loading

closes #2053
closes #2079

    # As a library, capa uses lower version bounds
    # when specifying its dependencies. This lets
    # other programs that use capa (and other libraries)
    # to find a compatible set of dependency versions.
    #
    # We can optionally pin to specific versions or
    # limit the upper bound when there's a good reason;
    # but the default is to assume all greater versions
    # probably work with capa until proven otherwise.
    #
    # The following link provides good background:
    # https://iscinumpy.dev/post/bound-version-constraints/
    #
    # When we develop capa, and when we distribute it as
    # a standalone binary, we'll use specific versions
    # that are pinned in requirements.txt.
    # But the requirements for a library are specified here
    # and are looser.
    #
    # Related discussions:
    # 
    #   - https://github.com/mandiant/capa/issues/2053
    #   - https://github.com/mandiant/capa/pull/2059
    #   - https://github.com/mandiant/capa/pull/2079

Checklist

  • CHANGELOG updated
  • No new tests needed
  • Documentation updated

@williballenthin williballenthin added this to the v7.1 milestone Jun 7, 2024
github-actions[bot]

This comment was marked as resolved.

Sign in to view

@williballenthin
Copy link
Collaborator Author

@uckelman-sf please review, too.

@github-actions github-actions bot dismissed their stale review June 7, 2024 07:56

CHANGELOG updated or no update needed, thanks! 😄

@williballenthin

This comment has been minimized.

Sign in to view
mr-tz
mr-tz approved these changes Jun 7, 2024
View reviewed changes
Copy link
Collaborator

@mr-tz mr-tz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💘

@williballenthin

This comment has been minimized.

Sign in to view
@mr-tz
Copy link
Collaborator

mr-tz commented Jun 11, 2024

g2g?

This was referenced Jun 11, 2024
Closed
Closed
Closed
@williballenthin williballenthin merged commit 833ec47 into master Jun 11, 2024
27 checks passed
@williballenthin williballenthin deleted the fix/2053 branch June 11, 2024 12:29
@uckelman-sf
Copy link
Contributor

This looks good; I'm running it through our testing now.

Thanks very much for making the change!

ygasparis pushed a commit to ygasparis/capa that referenced this pull request Jun 18, 2024
@williballenthin @mr-tz @ygasparis
relax pyproject dependency versions and introduce requirements.txt (m…
122342e 
…andiant#2132)

* relax pyproject dependency versions and introduce requirements.txt

closes mandiant#2053
closes mandiant#2079

* pyproject: document dev/build profile dependency policies

* changelog

* doc: installation: describe requirements.txt usage

* pyproject: don't use dnfile 0.15 yet

---------

Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mr-tz mr-tz mr-tz approved these changes

@github-actions github-actions[bot] github-actions left review comments

@mike-hunhoff mike-hunhoff Awaiting requested review from mike-hunhoff

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v7.1
Development

Successfully merging this pull request may close these issues.

flare-capa is incompatible with flare-floss 3.1.0
3 participants
@williballenthin @mr-tz @uckelman-sf