Update Python dependencies (mozilla#14939)

* Add outdated Python package helper * Update Python dependencies
alexgibson · Aug 20, 2024 · 4672529 · 4672529
1 parent 202d64f
commit 4672529
Show file tree

Hide file tree

Showing 6 changed files with 839 additions and 757 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -65,7 +65,7 @@ repos:
           - --comment-style
           - "|#|"
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.5.0
+    rev: v0.5.5
     hooks:
       - id: ruff
       - id: ruff-format

diff --git a/bin/check-pinned-requirements.py b/bin/check-pinned-requirements.py
@@ -0,0 +1,70 @@
+#!/usr/bin/env python3
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+import re
+import subprocess
+
+
+def extract_pinned(requirements_file):
+    """Extract pinned dependencies from a requirements file."""
+    pinned_deps = {}
+    with open(requirements_file, "r") as file:
+        for line in file:
+            # Skip comments and empty lines
+            if line.strip() and not line.startswith("#"):
+                # Match lines with version constraints (pinned dependencies) using non-capturing groups for the operator
+                pinned_match = re.match(r"^(\S+)(?:==|>=)(\S+)", line.strip())
+                if pinned_match:
+                    pkg_name = pinned_match.group(1)
+                    version = pinned_match.group(2)
+                    pinned_deps[pkg_name] = version
+    return pinned_deps
+
+
+def get_outdated_packages():
+    """Get a list of outdated packages and their latest versions using `pip list -o`."""
+    result = subprocess.run(["pip", "list", "-o"], capture_output=True, text=True)
+    outdated = {}
+    raw = result.stdout.splitlines()
+    for line in raw[2:]:  # Skip header lines
+        if line:
+            parts = line.split()
+            if len(parts) >= 3:
+                package_name = parts[0]
+                latest_version = parts[2]
+                outdated[package_name] = latest_version
+    return raw, outdated
+
+
+def check_outdated_for_requirements(requirements_files):
+    """Check outdated packages for each requirements file."""
+    # Get outdated packages once for efficiency
+    raw_outdated, outdated = get_outdated_packages()
+
+    for req_file in requirements_files:
+        # Extract pinned and unpinned dependencies for the current requirements file
+        pinned = extract_pinned(req_file)
+
+        outdated_dep = [p for p in outdated if p in pinned]
+
+        print(f"\nOutdated pinned packages for {req_file}:")
+        if outdated_dep:
+            for pkg_name in sorted(outdated_dep):
+                print(f"    {pkg_name} {pinned[pkg_name]} -> {outdated[pkg_name]}")
+        else:
+            print("  No outdated pinned packages.")
+
+    print("\nAll outdated packages:")
+    print("\n".join(raw_outdated))
+
+
+def main():
+    requirements_files = [f"requirements/{f}" for f in ("prod.in", "dev.in", "docs.in")]
+    check_outdated_for_requirements(requirements_files)
+
+
+if __name__ == "__main__":
+    main()
diff --git a/requirements/dev.in b/requirements/dev.in
@@ -5,7 +5,7 @@ braceexpand==0.1.7
 factory-boy==3.3.0
 freezegun==1.5.1
 markdown-it-py>=2.2.0
-pipdeptree==2.23.0
+pipdeptree==2.23.1
 py==1.11.0
 Pygments>=2.15.0  # to bring it up to a secure version
 PyPOM==2.2.4
@@ -18,11 +18,11 @@ pytest-mock==3.14.0
 pytest-parallel==0.1.1
 pytest-rerunfailures==14.0
 pytest-selenium==4.0.1
-responses==0.25.0
-ruff==0.5.0
+responses==0.25.3
+ruff==0.5.5
 selenium==4.9.1  # Pinned to 4.9.1 until https://github.com/pytest-dev/pytest-selenium/issues/315 is resolved
-translate-toolkit==3.13.1
+translate-toolkit==3.13.2
 wagtail-factories==4.2.1
 # Related to moz-l10n-lint, used in CI
 cl-ext.lang==0.1.0
-compare-locales==9.0.3
+compare-locales==9.0.4