Backport: add locked requirements

[hexagonrecursion]

This will be a backport of #6235
Fixes: #6224

The first step is to test the updated requirements on github ci. I'll add the rest once the CI is green.

#6235 (comment)

try the locked requirements on github ci first (by placing them in development.txt)

[hexagonrecursion]

ERROR: Could not find a version that satisfies the requirement pip==22.0.3

I'll debug this tomorrow morning

[hexagonrecursion]

https://pip.pypa.io/en/stable/news/#id13

pip 22.0 dropped support for Python 3.6. What should we do? Should we lock an old version of pip? Should we drop Python 3.6?

It might be possible to make the lock depend on the python version.

[ThomasWaldmann]

Lock pip to a working version. In 1.1-maint, we should not drop old python versions except if there is no other possibility or if they are out of support for a while.

And use same pip for all py versions, so that we do not get different behavior just because of that.

[codecov-commenter]

Codecov Report

Merging #6253 (30a79d9) into 1.1-maint (377971e) will decrease coverage by 0.00%.
The diff coverage is n/a.

@@              Coverage Diff              @@
##           1.1-maint    #6253      +/-   ##
=============================================
- Coverage      79.69%   79.68%   -0.01%     
=============================================
  Files             27       27              
  Lines          10494    10494              
  Branches        2149     2149              
=============================================
- Hits            8363     8362       -1     
- Misses          1605     1606       +1     
  Partials         526      526              

Impacted Files	Coverage Δ
src/borg/archive.py	80.87% <0.00%> (-0.15%)	⬇️
src/borg/helpers.py	87.68% <0.00%> (+0.07%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 377971e...30a79d9. Read the comment docs.

[hexagonrecursion]

AttributeError: module 'collections' has no attribute 'MutableMapping

I'll debug this later today

[hexagonrecursion]

TypeError: required field "lineno" missing from alias

Possibly relevant: pytest-dev/pytest#8539 pytest-dev/pytest#8546

[hexagonrecursion]

I have tried the existing requirements.d/development.lock.txt and it fails on python3.10 too. There appears to be no version of pytest that simultaneously supports both py3.5 ad 3.10:

1. pytest 6.2.x supports python3.6+ only
2. Fix assertion rewriting on Python 3.10 pytest-dev/pytest#8540 was backported to pytest6.2.x, but not to pytest6.1.x

I see two paths forward:

1. Theoretically Fix assertion rewriting on Python 3.10 pytest-dev/pytest#8540 could be backported to pytest6.1.x
2. Use environment markers

[ThomasWaldmann]

just noticed that i used the locked requirements for the "main" borg build in vagrant (see Vagrantfile).
guess that build is not done with py310.

but then, when tox runs in the vagrant machine, it uses the unlocked requirements (see tox.ini).

so, we'll just ignore the py310 issue and make the locked requirements as good as it gets for < 3.10.

note: the borg binaries are built with python 3.7.11 so it is most important to have everything up-to-date that is used for that.

[hexagonrecursion]

note: the borg binaries are built with python 3.7.11 so it is most important to have everything up-to-date that is used for that.

This appears to be at odds with the goal of supporting 3.5:

$ python -V
Python 3.7.11
$ pip list --outdated
Package        Version Latest Type
-------------- ------- ------ -----
pip            20.3.4  22.0.3 wheel
pluggy         0.13.1  1.0.0  wheel
pytest         6.1.2   7.0.0  wheel
pytest-cov     2.12.1  3.0.0  wheel
pytest-xdist   2.2.1   2.5.0  wheel
setuptools     50.3.2  60.8.1 wheel
setuptools-scm 5.0.2   6.4.2  wheel
twine          1.15.0  3.8.0  wheel

[ThomasWaldmann]

When I said "up-to-date" I meant also "as good as it gets" considering our other requirements (thus not necessarily using the latest and greatest, but something more recent than we had before).

[ThomasWaldmann]

BTW, considering your recent activity, feel free to add yourself to AUTHORS file if you like.

[hexagonrecursion]

Should be ready now. CI is happy with the locks: https://github.com/borgbackup/borg/runs/5085767052