From 1e9c0b43b17072fa8f9ee302b5c3e38adbb5a6e8 Mon Sep 17 00:00:00 2001
From: Kevin Chung <kchung@ctfd.io>
Date: Mon, 16 Nov 2020 17:06:01 -0500
Subject: [PATCH] Freeze python dependencies using pip-tools (#1722)

* Rename `requirements.txt` to `requirements.in`
* Generate `requirements.txt` using `pip-tools` under Python 3.6
* Add `pip-tools` to `development.txt`
* Closes #1679
---
 development.txt  |   1 +
 requirements.in  |  32 +++++++++++++++
 requirements.txt | 102 ++++++++++++++++++++++++++++++++---------------
 3 files changed, 103 insertions(+), 32 deletions(-)
 create mode 100644 requirements.in

diff --git a/development.txt b/development.txt
index c79c7a34..e64e4ef6 100644
--- a/development.txt
+++ b/development.txt
@@ -1,4 +1,5 @@
 -r requirements.txt
+pip-tools==5.3.1
 pytest==5.4.2
 pytest-randomly==3.4.0
 coverage==5.1
diff --git a/requirements.in b/requirements.in
new file mode 100644
index 00000000..008ca6ab
--- /dev/null
+++ b/requirements.in
@@ -0,0 +1,32 @@
+Flask==1.1.2
+Werkzeug==1.0.1
+Jinja2==2.11.2
+Flask-SQLAlchemy==2.4.3
+Flask-Caching==1.8.0
+Flask-Migrate==2.5.3
+Flask-Script==2.0.6
+SQLAlchemy==1.3.17
+SQLAlchemy-Utils==0.36.6
+passlib==1.7.2
+bcrypt==3.1.7
+itsdangerous==1.1.0
+requests==2.23.0
+PyMySQL==0.9.3
+gunicorn==20.0.4
+dataset==1.3.1
+cmarkgfm==0.4.2
+redis==3.5.2
+gevent==20.9.0
+python-dotenv==0.13.0
+flask-restx==0.2.0
+flask-marshmallow==0.10.1
+marshmallow-sqlalchemy==0.17.0
+boto3==1.13.9
+marshmallow==2.20.2
+pydantic==1.5.1
+lxml==4.5.1
+html5lib==1.0.1
+WTForms==2.3.1
+python-geoacumen==0.0.1
+maxminddb==1.5.4
+tenacity==6.2.0
diff --git a/requirements.txt b/requirements.txt
index 008ca6ab..7d71de71 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,32 +1,70 @@
-Flask==1.1.2
-Werkzeug==1.0.1
-Jinja2==2.11.2
-Flask-SQLAlchemy==2.4.3
-Flask-Caching==1.8.0
-Flask-Migrate==2.5.3
-Flask-Script==2.0.6
-SQLAlchemy==1.3.17
-SQLAlchemy-Utils==0.36.6
-passlib==1.7.2
-bcrypt==3.1.7
-itsdangerous==1.1.0
-requests==2.23.0
-PyMySQL==0.9.3
-gunicorn==20.0.4
-dataset==1.3.1
-cmarkgfm==0.4.2
-redis==3.5.2
-gevent==20.9.0
-python-dotenv==0.13.0
-flask-restx==0.2.0
-flask-marshmallow==0.10.1
-marshmallow-sqlalchemy==0.17.0
-boto3==1.13.9
-marshmallow==2.20.2
-pydantic==1.5.1
-lxml==4.5.1
-html5lib==1.0.1
-WTForms==2.3.1
-python-geoacumen==0.0.1
-maxminddb==1.5.4
-tenacity==6.2.0
+#
+# This file is autogenerated by pip-compile
+# To update, run:
+#
+#    pip-compile
+#
+alembic==1.4.3            # via dataset, flask-migrate
+aniso8601==8.0.0          # via flask-restx
+attrs==20.3.0             # via jsonschema
+bcrypt==3.1.7             # via -r requirements.in
+boto3==1.13.9             # via -r requirements.in
+botocore==1.16.26         # via boto3, s3transfer
+certifi==2020.11.8        # via requests
+cffi==1.14.3              # via bcrypt, cmarkgfm
+chardet==3.0.4            # via requests
+click==7.1.2              # via flask
+cmarkgfm==0.4.2           # via -r requirements.in
+dataclasses==0.8          # via pydantic
+dataset==1.3.1            # via -r requirements.in
+docutils==0.15.2          # via botocore
+flask-caching==1.8.0      # via -r requirements.in
+flask-marshmallow==0.10.1  # via -r requirements.in
+flask-migrate==2.5.3      # via -r requirements.in
+flask-restx==0.2.0        # via -r requirements.in
+flask-script==2.0.6       # via -r requirements.in
+flask-sqlalchemy==2.4.3   # via -r requirements.in, flask-migrate
+flask==1.1.2              # via -r requirements.in, flask-caching, flask-marshmallow, flask-migrate, flask-restx, flask-script, flask-sqlalchemy
+gevent==20.9.0            # via -r requirements.in
+greenlet==0.4.17          # via gevent
+gunicorn==20.0.4          # via -r requirements.in
+html5lib==1.0.1           # via -r requirements.in
+idna==2.10                # via requests
+importlib-metadata==2.0.0  # via jsonschema
+itsdangerous==1.1.0       # via -r requirements.in, flask
+jinja2==2.11.2            # via -r requirements.in, flask
+jmespath==0.10.0          # via boto3, botocore
+jsonschema==3.2.0         # via flask-restx
+lxml==4.5.1               # via -r requirements.in
+mako==1.1.3               # via alembic
+markupsafe==1.1.1         # via jinja2, mako, wtforms
+marshmallow-sqlalchemy==0.17.0  # via -r requirements.in
+marshmallow==2.20.2       # via -r requirements.in, flask-marshmallow, marshmallow-sqlalchemy
+maxminddb==1.5.4          # via -r requirements.in, python-geoacumen
+passlib==1.7.2            # via -r requirements.in
+pycparser==2.20           # via cffi
+pydantic==1.5.1           # via -r requirements.in
+pymysql==0.9.3            # via -r requirements.in
+pyrsistent==0.17.3        # via jsonschema
+python-dateutil==2.8.1    # via alembic, botocore
+python-dotenv==0.13.0     # via -r requirements.in
+python-editor==1.0.4      # via alembic
+python-geoacumen==0.0.1   # via -r requirements.in
+pytz==2020.4              # via flask-restx
+redis==3.5.2              # via -r requirements.in
+requests==2.23.0          # via -r requirements.in
+s3transfer==0.3.3         # via boto3
+six==1.15.0               # via bcrypt, flask-marshmallow, flask-restx, html5lib, jsonschema, python-dateutil, sqlalchemy-utils, tenacity
+sqlalchemy-utils==0.36.6  # via -r requirements.in
+sqlalchemy==1.3.17        # via -r requirements.in, alembic, dataset, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
+tenacity==6.2.0           # via -r requirements.in
+urllib3==1.25.11          # via botocore, requests
+webencodings==0.5.1       # via html5lib
+werkzeug==1.0.1           # via -r requirements.in, flask, flask-restx
+wtforms==2.3.1            # via -r requirements.in
+zipp==3.4.0               # via importlib-metadata
+zope.event==4.5.0         # via gevent
+zope.interface==5.2.0     # via gevent
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools