Skip to content

Commit

Permalink
Pin colorama in bundled installer
Browse files Browse the repository at this point in the history
Updating to colorama > 0.4.5 requires additional
build dependencies (`hatchling`, `flit_core`,
etc). This increases the complexity of the bundled
installer.

We cannot add this to `EXTRA_RUNTIME_DEPS`
because the `pip download` in `download_cli_deps`
will fetch the latest `colorama`, which will take
precedence when running the `install` script.

This change pins `colorama` to the last version
without the additional dependencies.
  • Loading branch information
kdaily committed Apr 26, 2024
1 parent 0ab6bcb commit b9ab36e
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 4 deletions.
5 changes: 5 additions & 0 deletions .changes/next-release/enhancement-dependency-63735.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"type": "enhancement",
"category": "dependency",
"description": "Bump upper bound of colorama to <0.4.7; fixes `#7086 <https://github.com/aws/aws-cli/issues/7086>`__"
}
19 changes: 15 additions & 4 deletions scripts/make-bundle
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,12 @@ EXTRA_RUNTIME_DEPS = [
('virtualenv', '16.7.8'),
('jmespath', '0.10.0'),
]
PINNED_RUNTIME_DEPS = [
# The CLI has a relaxed pin for colorama, but versions >0.4.5
# require extra build time dependencies. We are pinning it to
# a version that does not need those.
('colorama', '0.4.5'),
]
BUILDTIME_DEPS = [
('setuptools-scm', '3.3.3'),
('wheel', '0.33.6'),
Expand Down Expand Up @@ -78,12 +84,17 @@ def download_package_tarballs(dirname, packages):
))


def download_cli_deps(scratch_dir):
def download_cli_deps(scratch_dir, packages):
# pip download will always download a more recent version of a package
# even if one exists locally. The list of packages supplied in `packages`
# forces the use of a specific runtime dependency.
awscli_dir = os.path.dirname(
os.path.dirname(os.path.abspath(__file__)))
pinned_packages = " ".join(
f"{name}=={version}" for (name, version) in packages
)
with cd(scratch_dir):
run('pip download %s %s' % (
PIP_DOWNLOAD_ARGS, awscli_dir))
run(f"pip download {PIP_DOWNLOAD_ARGS} {pinned_packages} {awscli_dir}")


def _remove_cli_zip(scratch_dir):
Expand Down Expand Up @@ -169,7 +180,7 @@ def main():
setup_dir,
packages=BUILDTIME_DEPS,
)
download_cli_deps(package_dir)
download_cli_deps(package_dir, packages=PINNED_RUNTIME_DEPS)
add_cli_sdist(package_dir)
create_bootstrap_script(scratch_dir)
zip_filename = zip_dir(scratch_dir)
Expand Down

0 comments on commit b9ab36e

Please sign in to comment.