From 590abec33934a2da41e47ecd9c5f48bdc758aae5 Mon Sep 17 00:00:00 2001 From: SomberNight Date: Fri, 4 Nov 2022 19:40:05 +0000 Subject: [PATCH] build requirements: colorama grew a new build-time dependency :/ or more like four: ``` $ pipdeptree hatchling==1.11.1 - editables [required: >=0.3, installed: 0.3] - packaging [required: >=21.3, installed: 21.3] - pyparsing [required: >=2.0.2,!=3.0.5, installed: 3.0.9] - pathspec [required: >=0.10.1, installed: 0.10.1] - pluggy [required: >=1.0.0, installed: 1.0.0] - tomli [required: >=1.2.2, installed: 2.0.1] ``` Let's monitor how the situation evolves, and whether other packages start requiring hatchling, but for now I am not going to add four new packages into the trusted base set... Pinning colorama to an older version for now. related: https://github.com/tartley/colorama/pull/338 https://github.com/tartley/colorama/issues/349 --- contrib/requirements/requirements-build-android.txt | 3 ++- contrib/requirements/requirements-hw.txt | 5 +++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/contrib/requirements/requirements-build-android.txt b/contrib/requirements/requirements-build-android.txt index c9e79d5bd..82aa6ad76 100644 --- a/contrib/requirements/requirements-build-android.txt +++ b/contrib/requirements/requirements-build-android.txt @@ -9,7 +9,8 @@ sh # needed by python-for-android: appdirs -colorama>=0.3.3 +# colorama upper bound to avoid needing hatchling +colorama>=0.3.3,<0.4.6 jinja2 sh>=1.10 pep517 diff --git a/contrib/requirements/requirements-hw.txt b/contrib/requirements/requirements-hw.txt index 3ec9a156b..7343f21af 100644 --- a/contrib/requirements/requirements-hw.txt +++ b/contrib/requirements/requirements-hw.txt @@ -15,3 +15,8 @@ pyserial>=3.5.0,<4.0.0 # prefer older protobuf (see #7922) # (pulled in via e.g. keepkey and bitbox02) protobuf>=3.12,<4 + +# prefer older colorama to avoid needing hatchling +# (pulled in via trezor -> click -> colorama) +# (pulled in via safet -> click -> colorama) +colorama<0.4.6