Through #58, we started using requirements.txt instead of safety for alerting us of security issues, leveraging GitHub's own security checks.
As suggested at #58 (comment), we could use it as the definitive source of packages to install, e.g.:
pip==24.2
psutil==6.0.0
pycparser==2.22
pywin32==306; sys_platform == 'windows'
This should work better than defining the packages to install through build.conf, then auto-updating requirements.txt with pip freeze, and then automatically commiting the update at the end of a successful Windows build.
Through #58, we started using
requirements.txtinstead ofsafetyfor alerting us of security issues, leveraging GitHub's own security checks.As suggested at #58 (comment), we could use it as the definitive source of packages to install, e.g.:
This should work better than defining the packages to install through
build.conf, then auto-updatingrequirements.txtwithpip freeze, and then automatically commiting the update at the end of a successful Windows build.