TLDR: improve pinning of build and package dependencies.
The purpose of this issue is to bring awareness of build and package dependency pinning issues.
We should pin the build dependencies to avoid situations like recently when pip was updated to a version that deprecated a progress bar option we were using. Since we install the latest version of pip, our package CI started failing.
For our packages, we should also consider using pip-tools to improve the predictability and determinism of our package builds. An update to an unpinned dependency of our packages pinned dependencies may break in some future CI.
This effort should be done in a way that can be replicated across other custom Python applications we build for WLAN Pi.
TLDR: improve pinning of build and package dependencies.
The purpose of this issue is to bring awareness of build and package dependency pinning issues.
We should pin the build dependencies to avoid situations like recently when pip was updated to a version that deprecated a progress bar option we were using. Since we install the latest version of pip, our package CI started failing.
https://github.com/WLAN-Pi/wlanpi-profiler/blob/1bc9070193694b012550987471e8d68919739935/debian/rules#L12
For our packages, we should also consider using pip-tools to improve the predictability and determinism of our package builds. An update to an unpinned dependency of our packages pinned dependencies may break in some future CI.
This effort should be done in a way that can be replicated across other custom Python applications we build for WLAN Pi.