Consider upgrading dependant python packages for relengapi

ASSIGNED
Assigned to

Status

Infrastructure & Operations
RelOps
--
minor
ASSIGNED
3 years ago
2 years ago

People

(Reporter: Callek, Assigned: garbas)

Tracking

Details

(Whiteboard: [relsec])

(Reporter)

Description

3 years ago
So out of curiosity I was peeking at what was available on pypi vs our internal pypi for relengapi. Here are the upgrades available.

Before we actually do this would be good to skim the list of changes to be sure there are no API conflicts or similar issues we should be aware of.

[root@relengwebadm.private.scl3 relengapi]# virtualenv/bin/pip list --outdated
Flask-Login (Current: 0.2.10 Latest: 0.2.11)
python-dateutil (Current: 1.5 Latest: 2.2)
argparse (Current: 1.1 Latest: 1.2.1)
Could not find any downloads that satisfy the requirement relengapi-mapper
pip (Current: 1.5.4 Latest: 1.5.6)
amqp (Current: 1.4.4 Latest: 1.4.6)
SQLAlchemy (Current: 0.9.4 Latest: 0.9.8)
celery (Current: 3.1.9 Latest: 3.1.16)
Jinja2 (Current: 2.7.1 Latest: 2.7.3)
docutils (Current: 0.11 Latest: 0.12)
Could not find any downloads that satisfy the requirement relengapi-clobberer
kombu (Current: 3.0.14 Latest: 3.0.23)
Werkzeug (Current: 0.9.3 Latest: 0.9.6)
requests (Current: 2.2.1 Latest: 2.4.3)
wrapt (Current: 1.8.0 Latest: 1.9.0)
itsdangerous (Current: 0.23 Latest: 0.24)
six (Current: 1.6.1 Latest: 1.8.0)
Sphinx (Current: 1.2.2 Latest: 1.2.3)
WebOb (Current: 1.2.3 Latest: 1.4)
MarkupSafe (Current: 0.18 Latest: 0.23)
pytz (Current: 2014.1 Latest: 2014.7)
python-ldap (Current: 2.4.15 Latest: 2.4.18)
IPy (Current: 0.75 Latest: 0.82)
simplegeneric (Current: 0.8 Latest: 0.8.1)
billiard (Current: 3.3.0.16 Latest: 3.3.0.18)
relengapi (Current: 0.3 Latest: 1.0.0)
setuptools (Current: 4.0.1 Latest: 6.1)

[root@relengwebadm.private.scl3 relengapi]# virtualenv/bin/pip list --outdated --no-index --find-links=http://pypi.pub.build.mozilla.org/pub/ | grep -v "Consider using https"
Ignoring indexes: https://pypi.python.org/simple/
relengapi-mapper (Current: 0.2.2 Latest: 0.8)
pip (Current: 1.5.4 Latest: 1.5.5)

NOTE: relengapi-mapper is explicitly wrong, since 0.8 was an *older* version than 0.2.2 (sadly)
This is a good idea, but I don't think now (with the deployment of clobberer and relengapi-1.0.0) is a good time.  It'd be best done during a "quiet time" for other changes so that any problems can be traced directly to the upgrade.

Any of the three of us can do it, so I'm not sure who to assign the bug to for safe-keeping.
(Reporter)

Comment 2

3 years ago
Completely agreed on timing concerns -- but I'll take it for now.
Assignee: relops → bugspam.Callek

Updated

3 years ago
Whiteboard: [kanban:engops:https://kanbanize.com/ctrl_board/6/446]

Updated

3 years ago
Whiteboard: [kanban:engops:https://kanbanize.com/ctrl_board/6/446] → [kanban:engops:https://kanbanize.com/ctrl_board/6/452]

Updated

3 years ago
Whiteboard: [kanban:engops:https://kanbanize.com/ctrl_board/6/452]

Updated

3 years ago
Whiteboard: [kanban:engops:https://kanbanize.com/ctrl_board/6/510]

Comment 3

3 years ago
A Pivotal Tracker story has been created for this Bug: https://www.pivotaltracker.com/story/show/81866246

Updated

3 years ago
Whiteboard: [kanban:engops:https://kanbanize.com/ctrl_board/6/510] → [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1586] [kanban:engops:https://kanbanize.com/ctrl_board/6/510]

Updated

3 years ago
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1586] [kanban:engops:https://kanbanize.com/ctrl_board/6/510] → [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1588] [kanban:engops:https://kanbanize.com/ctrl_board/6/510]

Updated

3 years ago
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1588] [kanban:engops:https://kanbanize.com/ctrl_board/6/510] → [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1595] [kanban:engops:https://kanbanize.com/ctrl_board/6/510]

Updated

3 years ago
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1595] [kanban:engops:https://kanbanize.com/ctrl_board/6/510] → [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1597] [kanban:engops:https://kanbanize.com/ctrl_board/6/510]

Updated

3 years ago
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1597] [kanban:engops:https://kanbanize.com/ctrl_board/6/510] → [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1598] [kanban:engops:https://kanbanize.com/ctrl_board/6/510]
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1598] [kanban:engops:https://kanbanize.com/ctrl_board/6/510] → [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1598]
(Reporter)

Comment 4

2 years ago
Handing off to Rok to triage accordingly with his other relengapi plans.
Assignee: bugspam.Callek → rok
:Callek tnx, i've did some work as part of the "nixify" PR (but in a separate commit) https://github.com/mozilla/build-relengapi/pull/369


[nix-shell] ~/d/m/relengapi ❯❯❯ virtualenv env
[nix-shell] ~/d/m/relengapi ❯❯❯ ./env/bin/pip install -r requirements.txt -r requirements-test.txt -r requirements-ldap.txt
[nix-shell] ~/d/m/relengapi ❯❯❯ ./env/bin/pip list --outdated
setuptools (Current: 19.4 Latest: 20.3.1 [wheel])
virtualenv (Current: 13.1.2 Latest: 15.0.1 [wheel])
httpretty (Current: 0.8.10 Latest: 0.8.14 [wheel])
Werkzeug (Current: 0.11.4 Latest: 0.11.5 [wheel])
pip (Current: 7.1.2 Latest: 8.1.1 [wheel])
wheel (Current: 0.24.0 Latest: 0.29.0 [wheel])
WSME (Current: 0.7.0 Latest: 0.8.0 [wheel])
kombu (Current: 3.0.34 Latest: 3.0.35 [wheel])


setuptools, virtualenv, pip, wheel can be ignored since they were provided by my system (which i guess i need to update :P)
i'll make sure above gets updated.
Status: NEW → ASSIGNED
(Reporter)

Comment 6

2 years ago
Note WSME being outdated is *expected* atm, (tests fail if we update WSME)...

There is https://requires.io/github/mozilla/build-relengapi/requirements/ for the actual specified requirements of relengapi, this bug was initially for the "installed packages on relengweb itself" being outdated versus what we specified in setup.py.

I note it seems you have added requirements.txt which have older versions too (was that based on the live venv?)

Either way, I trust you to drive this with dustin or others following up.
:Callek oh i see. i guess ``pip list --outdated`` does not take ``setup.py`` specifications into account.
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/1598] → [relsec]
You need to log in before you can comment on or make changes to this bug.