Establish the dependency floor and the core blinding stack for sp_validation.
Desired end state
- Blinding deps are core, not an extra. The pinned
git+https://github.com/UNIONS-WL/Smokescreen@<tag> fork URL, pyccl (already core), and cryptography are declared as core dependencies. sacc>=0.12 is promoted to a top-level dependency (it is not one today). There is no [blinding] extra.
cryptography and sacc>=0.12 arrive from the fork's Requires-Dist, and pyccl arrives because the fork declares it. Do not re-pin cryptography/sacc in sp_validation once the fork's pyproject is verified to keep them in Requires-Dist.
- Python floor raised
>=3.11 → >=3.12 (Smokescreen's own requires-python). Verify against the actual Dockerfile FROM line: the base is python:3.12-slim-bookworm (shapepipe:develop), so the floor aligns with the existing base and no base-image change is needed; confirm the tag before asserting it.
- No numpy ceiling anywhere. The compiled stack is unconstrained.
Container ripple
The install source moves from smokescreen 1.5.6 (PyPI) to the pinned fork URL — a Dockerfile and uv.lock change. The deploy workflow (.github/workflows/deploy-image.yml) builds and runs the test suite inside the freshly built image before publish, so the fork install is exercised there; the container/uv.lock change lands with this issue.
Blocked on the fork packaging
This work cannot pin a fork SHA earlier than the fork's firecrown-lazy-import and packaging commits, or it transitively drags firecrown back in. The firecrown path is inherited from upstream and unsupported in this fork; sp_validation never installs it.
Acceptance
- A clean container/
uv install resolves the pinned fork plus pyccl, cryptography, and sacc>=0.12, with no firecrown and no numpy ceiling.
- The test suite runs green inside the freshly built image.
— Fable on behalf of Cail.
Establish the dependency floor and the core blinding stack for sp_validation.
Desired end state
git+https://github.com/UNIONS-WL/Smokescreen@<tag>fork URL,pyccl(already core), andcryptographyare declared as core dependencies.sacc>=0.12is promoted to a top-level dependency (it is not one today). There is no[blinding]extra.cryptographyandsacc>=0.12arrive from the fork'sRequires-Dist, andpycclarrives because the fork declares it. Do not re-pincryptography/saccin sp_validation once the fork'spyprojectis verified to keep them inRequires-Dist.>=3.11→>=3.12(Smokescreen's ownrequires-python). Verify against the actual DockerfileFROMline: the base ispython:3.12-slim-bookworm(shapepipe:develop), so the floor aligns with the existing base and no base-image change is needed; confirm the tag before asserting it.Container ripple
The install source moves from
smokescreen 1.5.6(PyPI) to the pinned fork URL — a Dockerfile anduv.lockchange. The deploy workflow (.github/workflows/deploy-image.yml) builds and runs the test suite inside the freshly built image before publish, so the fork install is exercised there; the container/uv.lockchange lands with this issue.Blocked on the fork packaging
This work cannot pin a fork SHA earlier than the fork's firecrown-lazy-import and packaging commits, or it transitively drags firecrown back in. The firecrown path is inherited from upstream and unsupported in this fork; sp_validation never installs it.
Acceptance
uvinstall resolves the pinned fork pluspyccl,cryptography, andsacc>=0.12, with no firecrown and no numpy ceiling.— Fable on behalf of Cail.