maybe fixes https://github.com/spesmilo/electrum/issues/7640
Looks like by default pip is ignoring the locally available setuptools and wheel,
and downloading the latest ones from the internet at build time...
https://pip.pypa.io/en/stable/reference/build-system/pyproject-toml/?highlight=no-build-isolation#disabling-build-isolationhttps://stackoverflow.com/a/62889268
> When making build requirements available, pip does so in an isolated environment. That is, pip does not install those requirements into the user’s site-packages, but rather installs them in a temporary directory which it adds to the user’s sys.path for the duration of the build. This ensures that build requirements are handled independently of the user’s runtime environment. For example, a project that needs a recent version of setuptools to build can still be installed, even if the user has an older version installed (and without silently replacing that version).
>
> In certain cases, projects (or redistributors) may have workflows that explicitly manage the build environment. For such workflows, build isolation can be problematic. If this is the case, pip provides a --no-build-isolation flag to disable build isolation. Users supplying this flag are responsible for ensuring the build environment is managed appropriately (including ensuring that all required build dependencies are installed).
If only it were that easy!
If we add the "--no-build-isolation" flag, it becomes our responsibility to install *all* build time deps,
hence we now have "requirements-build-makepackages.txt".
We've already been pinning pip/setuptools/wheel; it is `pip freeze --all`
(the "--all" arg) that does that. This change just tries to ensure that
we pin the latest version when possible.
Previously if e.g. "pip" was not pulled in by any package in "requirements${i}.txt",
we would just pin whatever is installed locally.
This is the time of the year Apple breaks our mac builds, as usual.
mac now has its own "binaries" requirements. This allows us to use
an older version of PyQt5 in the mac binaries. For some reason
if we bundle newer PyQt5, the built app will not start on macOS 11
(but will on older macOS).
related: #6461
in particular, see https://github.com/spesmilo/electrum/issues/6461#issuecomment-713888921
the one in apt refused to install certain package versions (that were pinned by hash!!)
and installed different versions instead... e.g.:
Collecting wheel==0.34.2 (from -r /opt/electrum/contrib/build-linux/sdist/../../../contrib/deterministic-build/requirements.txt (line 112))
Downloading 521c6dc7fe/wheel-0.34.2.tar.gz (58kB)
100% |████████████████████████████████| 61kB 3.8MB/s
Requested wheel==0.34.2 from 521c6dc7fe/wheel-0.34.2.tar.gz (sha256)=8788e9155fe14f54164c1b9eb0a319d98ef02c160725587ad60f14ddc57b6f96 (from -r /opt/electrum/contrib/build-linux/sdist/../../../contrib/deterministic-build/requirements.txt (line 112)), but installing version 0.30.0
Certain dependencies are only needed on old python versions,
e.g. backports of stdlib functionality.
We should definitely not use newer python when running freeze_packages.sh
than what we bundle in the binaries. Perhaps it is prudent to use the
min python version that we support (which is atm older than what we bundle).
error was:
In --require-hashes mode, all requirements must have their versions pinned with ==. These do not:
setuptools from 04a0b689d3/setuptools-39.0.1-py2.py3-none-any.whl (md5)=ca299c7acd13a72e1171a3697f2b99bc (from protobuf==3.5.2.post1->-r ./contrib/deterministic-build/requirements.txt (line 21))
This is used to make sure we also freeze versions for
packages that will only be used on Windows or OS X, while
the freezing script is most likely only be run on Linux.
