QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-05-25 17:55:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c5fc31a67f89ac60ce0293af8ec7d25c744b8fe3
superset2/requirements
History
Claude Code 95b2441700 chore(deps): bump sqlglot lower bound + regenerate lockfiles 
Per @villebro's review on #40186: dependabot's default behavior only
widens the upper bound, so the PR left the lower bound at the old
version (>=28.10.0) and didn't touch the compiled requirements/*.txt
lockfiles that ship with the repo.

- Bump lower bound: `sqlglot>=28.10.0, <31` → `sqlglot>=30.8.0, <31`
  in both `pyproject.toml` and `superset-core/pyproject.toml`
  (the latter was at `<29` and would have blocked uv resolution
  against the wider range).
- Regenerate `requirements/base.txt` and `requirements/development.txt`
  via `./scripts/uv-pip-compile.sh`. Both now pin `sqlglot==30.8.0`.

Other deps in the lockfiles updated to whatever uv resolves alongside
the new sqlglot — those are transitive movements, not intentional.
2026-05-20 15:57:14 -07:00
..
base.in
fix(security): patch CVEs in cryptography, mako, pyarrow, pyopenssl, requests (#39523)
2026-04-21 16:35:04 +01:00
base.txt
chore(deps): bump sqlglot lower bound + regenerate lockfiles
2026-05-20 15:57:14 -07:00
development.in
feat(mcp): PR1 - Add MCP service scaffold for Apache Superset (#35163)
2025-10-24 16:59:23 -07:00
development.txt
chore(deps): bump sqlglot lower bound + regenerate lockfiles
2026-05-20 15:57:14 -07:00
README.md
fix: make flask-cors a core dependency (#34115)
2025-07-09 14:54:39 -07:00
translations.in
fix: docker refactor (#31385)
2024-12-13 16:17:44 -08:00
translations.txt
fix: make flask-cors a core dependency (#34115)
2025-07-09 14:54:39 -07:00

README.md

Python dependency logic

In this folder, the .in files, in conjunction with the ../pyproject.toml file (in the root of the repo) are used to generate the pinned requirements as .txt files.

To alter the pinned dependency, you can edit/alter the .in and pyproject.toml files, and then run the following command:

./scripts/uv-pip-compile.sh

:::warning The pinned dependencies are based on the current version of python supported in Superset. Output of ./scripts/uv-pip-compile.sh may vary slightly based on the python version you are using to run the command. Check the pyproject.toml file for the current version of python supported. :::

This will generate the pinned requirements in the .txt files, which will be used in our CI/CD pipelines and in the Docker images.

We recommend to everyone in the community to use the pinned requirements in their local development environments, to ensure consistency across different environments, though we don't force requirements as part of our python package semantics to allow flexibility for users to install different versions of the dependencies if they wish.

Note that development.txt is a superset of what's in base.txt, and all version numbers for shared library should fully match at all times. translations.txt is meant as a supplemental file to be used in conjunction with the other requirements files, and is not meant to be used standalone.

Reference in New Issue View Git Blame Copy Permalink