paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-24 00:23:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

setup_venv: Use pip install --require-hashes for better security.

Browse Source 
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
This commit is contained in:
Anders Kaseorg
2019-10-03 04:37:50 +00:00
committed by Tim Abbott
parent 3d876aacc6
commit 775162d687
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/lib/setup_venv.py
View File

@@ -102,8 +102,8 @@ YUM_THUMBOR_VENV_DEPENDENCIES = [
def install_venv_deps(pip, requirements_file): def install_venv_deps(pip, requirements_file):
# type: (str, str) -> None # type: (str, str) -> None
pip_requirements = os.path.join(ZULIP_PATH, "requirements", "pip.txt") pip_requirements = os.path.join(ZULIP_PATH, "requirements", "pip.txt")
run([pip, "install", "--force-reinstall", "--requirement", pip_requirements]) run([pip, "install", "--force-reinstall", "--require-hashes", "--requirement", pip_requirements])
run([pip, "install", "--no-deps", "--requirement", requirements_file]) run([pip, "install", "--no-deps", "--require-hashes", "--requirement", requirements_file])
def get_index_filename(venv_path): def get_index_filename(venv_path):
# type: (str) -> str # type: (str) -> str