Use pyup.io to automatically open PRs for updating Python dependencies

RESOLVED FIXED

Status

Tree Management
Treeherder
P3
normal
RESOLVED FIXED
11 months ago
9 months ago

People

(Reporter: emorley, Assigned: emorley)

Tracking

Details

Attachments

(3 attachments)

(Assignee)

Description

11 months ago
Unlike requires.io, https://pyup.io/ supports updating the pip hashes, so it's actually viable to use the automatic GitHub PR feature.

This should save a reasonable amount of time.

Comment 1

10 months ago
Created attachment 8855499 [details] [review]
[treeherder] mozilla:pyup > mozilla:master

Comment 2

10 months ago
Commits pushed to master at https://github.com/mozilla/treeherder

https://github.com/mozilla/treeherder/commit/8f9e344dd2c0895c60bd3c9bf6e662bd2a9f0a25
Bug 1345131 - Update pytest-* packages

Since the new pytest-html version now depends on pytest-metadata, and
pyup doesn't yet handle adding new sub-dependencies as part of package
updates, so we have to do so manually. The other packages have to be
updated at the same time, since pytest-html made breaking changes in a
minor version, sigh.

https://github.com/pytest-dev/pytest-html/blob/master/CHANGES.rst
https://github.com/pytest-dev/pytest-html/compare/v1.13.0...v1.14.2

https://github.com/pytest-dev/pytest-variables/blob/master/CHANGES.rst
https://github.com/pytest-dev/pytest-variables/compare/v1.4...v1.5.1

https://github.com/pytest-dev/pytest-base-url/blob/master/CHANGES.rst
https://github.com/pytest-dev/pytest-base-url/compare/v1.2.0...v1.3.0

https://pytest-selenium.readthedocs.io/en/latest/news.html
https://github.com/pytest-dev/pytest-selenium/compare/v1.8.0...v1.9.1

https://github.com/mozilla/treeherder/commit/6c0f80564e89c8d97a36ece748c6d210bd6f3dbd
Bug 1345131 - Add pyup version filters to requirements/common.txt

This prevents pyup from trying to update these packages beyond the
versions specified.

https://github.com/mozilla/treeherder/commit/00b29712ff014d3eba35f2c58e7c74158f4a785e
Bug 1345131 - Exclude requirements/common.txt from pyup temporarily

This will allow us to have the combined initial PR from pyup for
`dev.txt` and `docs.txt` first (since they are safer), and then later
this annotation will be removed, causing pyup to open separate PRs for
remaining package updates (so we can update the more risky common.txt
packages a few at a time).

Comment 3

9 months ago
Created attachment 8859152 [details] [review]
[treeherder] mozilla:pyup-initial-update > mozilla:master

Comment 4

9 months ago
Commits pushed to master at https://github.com/mozilla/treeherder

https://github.com/mozilla/treeherder/commit/57b523c55f51db90c68cc65c0b7ff69d625df614
Bug 1345131 - Correct import order in models/models.py

https://github.com/mozilla/treeherder/commit/f4c74da59c3a4b90ae0e8320c65d77c3ff13d710
Bug 1345131 - Update pytest from 3.0.6 to 3.0.7

https://github.com/mozilla/treeherder/commit/bcd899f7fc385bd5c42d874014c20e4c1f79b4ea
Bug 1345131 - Update django-debug-toolbar from 1.6 to 1.7

https://github.com/mozilla/treeherder/commit/7eee873838d82547292ca279a7f29104b8f32a08
Bug 1345131 - Update webtest from 2.0.24 to 2.0.27

https://github.com/mozilla/treeherder/commit/0fc9ea410d99778c7b0b1cd563a3afb0550213c4
Bug 1345131 - Update django-extensions from 1.7.5 to 1.7.8

https://github.com/mozilla/treeherder/commit/0d8d9cccd7e5391c88c99fceeef7cc40e55db2b0
Bug 1345131 - Update werkzeug from 0.11.15 to 0.12.1

https://github.com/mozilla/treeherder/commit/5bda5842dd4282a201fd0d310777ea35ba94cc09
Bug 1345131 - Update flake8 from 3.2.1 to 3.3.0

https://github.com/mozilla/treeherder/commit/32ec376936ab30935dfc2116400be7f2f44b4372
Bug 1345131 - Update isort from 4.2.2 to 4.2.5

https://github.com/mozilla/treeherder/commit/73cd37f463e4cf618327b8582d343b4022bcc06e
Bug 1345131 - Update py from 1.4.32 to 1.4.33

https://github.com/mozilla/treeherder/commit/30344cc6dde06d1601f849a377f48f0494157816
Bug 1345131 - Update waitress from 1.0.1 to 1.0.2

https://github.com/mozilla/treeherder/commit/dc195407dc5f795ebab157d0e555f34c761bb87a
Bug 1345131 - Update webob from 1.7.1 to 1.7.2

https://github.com/mozilla/treeherder/commit/c839a31c31f5fbc4aa8d195f494e4854145dd40a
Bug 1345131 - Update pbr from 1.10.0 to 2.1.0

https://github.com/mozilla/treeherder/commit/c5b873af866177c7e1aa0cba588b6b6d919f41ac
Bug 1345131 - Update mccabe from 0.5.3 to 0.6.1

https://github.com/mozilla/treeherder/commit/f00126054a86929f9f38aa3c081dd114c26cfd94
Bug 1345131 - Update pycodestyle from 2.2.0 to 2.3.1

https://github.com/mozilla/treeherder/commit/fce76b47ec56524e52411d5d6933eaca84496c15
Bug 1345131 - Update pyflakes from 1.3.0 to 1.5.0

https://github.com/mozilla/treeherder/commit/c22708bb4a3762edda94c68631cd930d557e6b53
Bug 1345131 - Update selenium from 3.0.2 to 3.3.3

https://github.com/mozilla/treeherder/commit/67895f509e82584b843318d19d0f75930970fac2
Bug 1345131 - Pin sphinx to latest version 1.5.5

https://github.com/mozilla/treeherder/commit/8d80623c36f3ab28e1f73aeb2b6915ce9af2a2cd
Bug 1345131 - Pin sphinx-autobuild to latest version 0.6.0

https://github.com/mozilla/treeherder/commit/7207d69c3e6ee41195a938f3cb2e6d76fd9b714c
Bug 1345131 - Pin sphinx-rtd-theme to latest version 0.2.4

https://github.com/mozilla/treeherder/commit/ab82e6152635b8150f4a612bdba5be96131406c0
Bug 1345131 - Pin sphinxcontrib-httpdomain to latest version 1.5.0

Comment 5

9 months ago
Created attachment 8859191 [details] [review]
[treeherder] mozilla:pyup-common-requirements > mozilla:master

Comment 6

9 months ago
Commit pushed to master at https://github.com/mozilla/treeherder

https://github.com/mozilla/treeherder/commit/1946425ef0e3e15e21aaf9e21df92214ab3972d8
Bug 1345131 - Enable pyup.io for requirements/common.txt

Now that the initial PR is out of the way, subsequent PRs will be one
package per PR, which is what we want for the more risky common.txt
updates (mass updating the dev dependencies was safe and so not worth
the additional spam of one PR per package).
(Assignee)

Updated

9 months ago
Status: NEW → RESOLVED
Last Resolved: 9 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.