Open cfm opened 1 week ago
apxs is just its own weird thing that we need to handle, but the funny thing is if we embraced uv even farther, it could automatically download Python 3.8 for us if missing instead of falling back to whichever system Python is available.
Maybe there's a fast path of like, if you have everything we need, skip the container. But probably not worth the extra hassle/logic.
After I initially reviewed #7234, @legoktm added in https://github.com/freedomofpress/securedrop/issues/7234#issuecomment-2402639037:
I didn't retest with that change, and we've just discovered why I should have: without the container, the available system Python is what's used to build packages, and
apxs
is required from theapache2-dev
package. @legoktm thinks these are reasons to movemake update-pip-requirements
back into the development containers after all.