From 4e54a34d87056067c0110c00282f6a3248dc5f6f Mon Sep 17 00:00:00 2001 From: Astounds Date: Sat, 30 May 2026 00:34:34 -0500 Subject: feat: update README and HACKING, lock deps via pip-compile in Docker MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Use pip-compile --generate-hashes in the Docker build stage so that the runtime stage installs pinned dependencies with verified integrity, ensuring fully reproducible container builds. - Add Docker section to README - Fix Python badge (3.7+ → 3.11+) and outdated docs links - Upgrade pip, setuptools, and wheel in Dockerfile to fix grype findings --- pyproject.toml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 pyproject.toml (limited to 'pyproject.toml') diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..c98f37e --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,32 @@ +[build-system] +requires = ["setuptools>=64", "wheel"] +build-backend = "setuptools.backends._legacy:_Backend" + +[project] +name = "yt-local" +description = "Privacy-focused, browser-based YouTube client with Tor support" +readme = "README.md" +requires-python = ">=3.11" +license = { text = "AGPL-3.0-only" } +authors = [ + { name = "heckyel", email = "heckyel@riseup.net" }, +] +dependencies = [ + "flask>=1.0.3", + "flask-babel>=4.0.0", + "babel>=2.12.0", + "gevent>=1.2.2", + "brotli>=1.0.7", + "pysocks>=1.6.8", + "urllib3>=1.24.1", + "defusedxml>=0.5.0", + "cachetools>=4.0.0", + "stem>=1.8.0", + "requests>=2.25.0", +] + +[project.optional-dependencies] +dev = ["pytest>=6.2.1"] + +[tool.pip-tools] +generate-hashes = true -- cgit v1.2.3