Migrate build system to uv #4074
Conversation
Temporary fix for #4074 breaking normal builds
70c6bdf to
b32a972
Compare
|
Associated forum thread: https://forums.ankiweb.net/t/new-online-installer-launcher/62745 |
|
Regardless of the outcomes of the forum discussion, I think we need to drop PyOxidizer with haste, as the high-severity CVEs on blocked dependencies are starting to build up, and Python 3.9's not long for this world. If the uv-based launcher approach ultimately proves unpopular, we can pivot to briefcase or pyinstaller, and the uv usage for building will be nice to keep in any case. If anyone has objections to this being merged in, please speak up soon. (will be following up on the forum tomorrow about the launcher feedback) |
|
@L-M-Sherlock this has updated us to fsrs 4.1.1 as we weren't pinning a specific commit - is that ok? |
|
It's OK if it doesn't introduce a compatible problem. In fsrs 4.1.1, I bump |
|
It's ok, I updated the rand crate at the same time :-) |
|
Another day, another Python CVE. Let's not wait any longer. |
Closes #3787, and is a step towards #3081 and #4022 This change breaks our PyOxidizer bundling process. While we probably could update it to work with the new venvs & lockfile, my intention is to use this as a base to try out a uv-based packager/installer. Some notes about the changes: - Use uv for python download + venv installation - Drop python/requirements* in favour of pyproject files / uv.lock - Bumped to latest Python 3.9 version. The move to 3.13 should be a fairly trivial change when we're ready. - Dropped the old write_wheel.py in favour of uv/hatchling. This has the unfortunate side-effect of dropping leading zeros in our wheels, which we could try hack around in the future. - Switch to Qt 6.7 for the dev repo, as it's the first PyQt version with a Linux/ARM WebEngine wheel. - Unified our macOS deployment target with minimum required for ARM. - Dropped unused fluent python files - Dropped unused python license generation - Dropped helpers to run under Qt 5, as our wheels were already requiring Qt 6 to install.
We can't provide ARM64 wheels to users yet due to #4079, but we can at least speed up the build. The rustls -> native-tls change on Windows is because ring requires clang to compile for ARM64, and I figured it's best to keep our Windows deps consistent. We already built the wheels with native-tls.
We were shipping a single arch library in a purelib, leading to breakages when running on a different platform.
This is convenient, but suboptimal on a Mac at the moment. The first run of mpv will take a number of seconds for security checks to run, and our mpv code ends up timing out, repeating the process each time. Our installer stub will need to invoke mpv once first to get it validated. We could address this by distributing the audio with the installer/stub, or perhaps by putting the binaries in a .pkg file that's notarized+stapled and then included in the wheel.
- remove more of the old bundling code - handle app icon
- Switch to Qt 6.8 for repo default, as 6.7 depends on an older libwebp/tiff which is unavailable on newer installs - Drop tools/mac-x86, as we no longer need to test against Qt 5 - Add flags to cross compile wheels on Mac and Linux - Bump glibc target to 2_36, building on Debian Stable - Increase mpv timeout on macOS to allow for initial gatekeeper checks - Ship both arm64 and amd64 uv on Linux, with a bash stub to pick the appropriate arch.
- Rust 1.87 for now (1.88 due out in around a week) - Nom looks involved, so I left it for now - prost-reflect depends on a new prost version that got yanked
Updated protoc binaries + add helper in order to try fix build breakage. Ended up being due to an AI-generated update to pip-system-certs that was not reviewed carefully enough: https://gitlab.com/alelec/pip-system-certs/-/issues/36 The updated mypy/black needed some tweaks to our files.
- urllib3 for CVE - pip-system-certs got fixed - markdown/pytest also updated
| "mock", | ||
| "types-decorator", | ||
| "types-flask", | ||
| "types-flask-cors", | ||
| "types-markdown", | ||
| "types-waitress", | ||
| "types-pywin32", |
There was a problem hiding this comment.
@dae Shouldn't types-* packages should be optional development dependencies? Looks like there are potentially some other packages in the pyproject.toml files that can be excluded in the installation (mock and werkzeug maybe?).
| [build-system] | ||
| requires = ["hatchling"] | ||
| build-backend = "hatchling.build" | ||
|
|
||
| [tool.hatch.build.targets.wheel] | ||
| packages = ["anki"] | ||
|
|
||
| [tool.hatch.version] | ||
| source = "code" | ||
| path = "../python/version.py" | ||
|
|
||
| [tool.hatch.build.hooks.custom] | ||
| path = "hatch_build.py" |
There was a problem hiding this comment.
@dae Should pylib/test/ and anything else be excluded? https://hatch.pypa.io/latest/build/#configuration
There was a problem hiding this comment.
Inspecting the wheel revealed unwanted __pycache__ files, but no tests. I'll push a fix later.
|
Yep, those look like oversights. Thanks! |
| let response = client | ||
| .get("https://api.github.com/repos/astral-sh/uv/releases/latest") | ||
| .header("User-Agent", "Anki-Build-Script") | ||
| .send()?; |
There was a problem hiding this comment.
Probably not an issue since I don't see this being use programmatically anywhere, IIUC, but worth noting:
The primary rate limit for unauthenticated requests is 60 requests per hour.
There was a problem hiding this comment.
We're only likely to run it once every few months, so I think we'll be fine :-)
- Use --locked to assert that the lockfile won't change, so we need to explicitly 'uv lock' when making changes. Still trying to get to the bottom of why the lockfile sometimes has editable entries, which break things when switching between platforms. - Exclude __pycache__ from wheels - Move the typing stubs to our dev deps (#4074 (review))
|
👋 Hi! I work on uv at Astral. Please feel free to ping me if there's anything we can do to help out! |
|
Thanks for reaching out, I have a 100% repro and write rust daily so I seem uniquely qualified to help out. I will circle back to Anki with the results and likely eventual code cleanup from our workaround #4162 |
|
Thank you both for getting to the bottom of this! |
# Description Several users, myself included, had some issues with Anki (recently migrated to uv). https://forums.ankiweb.net/t/bug-anki-25-07-fails-to-launch-on-linux/63475 zanieb came in and gave us pointers, including looking at our uv logs. ankitects/anki#4074 (comment) log: Grinkers#1 (comment) The actual issue was that I had a system config in /etc/uv/uv.toml but uv wasn't giving useful feedback for its combining/unification. A higher level issue is that there's nice logs, however logging is initialized after! We want to log files read, but need to read the files to know what log level to use. https://github.com/astral-sh/uv/blob/7e48292fac968b015c4521e193b09e27af1d5c7b/crates/uv-settings/src/lib.rs#L68 https://github.com/astral-sh/uv/blob/7e48292fac968b015c4521e193b09e27af1d5c7b/crates/uv/src/lib.rs#L354 zanieb mentioned there's #13123, so consider this a +1 to that. ## Result The end of the output will be: ``` DEBUG Downloads disabled. Skipping... DEBUG Released lock at `/tmp/uv-823c7b0e73da3e08.lock` error: No interpreter found for Python 3.13.5 in managed installations ``` Sorry for the minuscule sized PR. Feel free to close if there's a bigger logging pass. --------- Co-authored-by: Zanie Blue <[email protected]>
Closes #3787, and is a step towards #3081 and #4022.
If playing with this branch, rm -rf out/pyenv when switching back.
This change breaks our PyOxidizer bundling process. While we probably could update it to work with the new venvs & lockfile, my intention is to use this as a base to try out a uv-based packager/installer.
See the first commit for some further notes.