chore: pin requirements with hashed lock file#6
Merged
Conversation
Split dependencies into requirements.in (loose constraints) and requirements.txt (pip-compile generated lock with hashes), resolved against Python 3.14. CI now fails if the lock file drifts from requirements.in. This lets consumers (such as the admin-ops service in platform) bundle deps via Bazel pip.parse, which requires a fully pinned lock file. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Two small additions that make run_tests.py work under hermetic Python runners (e.g. Bazel py_binary) without changing standalone behavior: 1. --output-dir: optional flag controlling where pytest is invoked from (reports/ is written beneath it). Defaults to the test suite directory, matching the prior hardcoded cwd. 2. Propagate sys.path to the pytest subprocess via PYTHONPATH. This is a no-op for normal usage where sys.path is set by the shell's Python, but makes the subprocess see site-packages added by .pth files (as Bazel's rules_python does). Respects an already-set PYTHONPATH in the environment — the user's value takes precedence. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
goharanwar
force-pushed
the
chore/add-pinned-requirements-lock
branch
from
8e07b89 to
10edb73
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
requirements.in(loose constraints) andrequirements.txt(pip-compile generated lock with hashes), resolved against Python 3.14.requirements.txtdrifts fromrequirements.in.Motivation
The platform repo's admin-ops service shells out to this test suite and currently does
pip install -r requirements.txtatdocker buildtime. Consumers that want hermetic, reproducible dependency resolution (e.g. Bazelpip.parse(requirements_lock = ...)which is howcommon/doc-conversion-pyhandles pymupdf) require a fully pinned lock file with hashes.This change makes the suite compatible with that pattern while keeping
pip install -r requirements.txtworking for existing users — they just now get reproducible installs.Test plan
pip-compile --generate-hashes --output-file=requirements.txt requirements.ininside apython:3.14-slimcontainerpip install -r requirements.txtsucceeds on Python 3.14 (verified via admin-ops Dockerfile build — 27 cp314 wheels installed cleanly)api.vectara.devFollow-up
Once this merges, the platform repo admin-ops PR will be updated to bump the pinned commit SHA and (in a follow-up) wire up
git_repository+pip.parseso the Dockerfile no longer clones the repo or runspip installat build time.🤖 Generated with Claude Code