Blinding dependencies as core: Smokescreen fork pin, sacc, cryptography; Python floor 3.12#243
Draft
cailmdaley wants to merge 1 commit into
Draft
Blinding dependencies as core: Smokescreen fork pin, sacc, cryptography; Python floor 3.12#243cailmdaley wants to merge 1 commit into
cailmdaley wants to merge 1 commit into
Conversation
…); py3.12 floor The blinding dependencies are core runtime dependencies — no optional extra. The Smokescreen install identity is the UNIONS-WL fork pinned by SHA on its packaging branch (declares pyccl, lazy theory-backend imports, so the closure is CCL-only); the pin will be swapped to the fork's release tag once the fork packaging PRs merge. sacc>=0.12 and cryptography are declared explicitly; pyccl was already core. requires-python rises 3.11 -> 3.12 (Smokescreen requires >=3.12); ruff target-version follows to py312. uv.lock regenerated: fork ref resolved, no firecrown and no numpy ceiling anywhere in the graph. deploy-image CI gains an `import smokescreen` step against the freshly built image; the Dockerfile is unchanged (core closure installs via the existing line). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01KpaRHk3QwN13myduQ3hJyf
1d4826c to
bd15a0b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Makes the blinding dependencies installable and reproducible as core runtime dependencies of sp_validation. Blinding the tomographic data vector needs Smokescreen with its CCL theory backend; with firecrown out of the picture the closure is small (Smokescreen fork +
cryptography+sacc;pycclalready core), so it lives in the base install — there is no[blinding]extra.Closes #242.
What this PR declares
smokescreen @ git+https://github.com/UNIONS-WL/Smokescreen@588a6b9The fork at this ref declares
pycclin its metadata and imports its theory backends lazily, so a clean install is CCL-only — no firecrown anywhere in the resolved graph, and no numpy ceiling. Nothing is published to PyPI; the fork ships as a git pin only.Provisional pin: the SHA points at the fork's packaging branch. Once the fork packaging PRs merge and a release tag is cut, this pin will be updated to the tag (same content, stable name) before merge.
sacc>=0.12andcryptographyare declared explicitly in coredependencies, so the runtime closure is self-documenting and independent of fork-metadata drift.requires-pythonrises>=3.11→>=3.12(Smokescreen requires 3.12); rufftarget-versionfollows topy312. This drops Python 3.11 support for the package — safe against the container base (python:3.12-slim-bookwormviashapepipe:develop) and CI, which runs only inside that image; no known consumer runs 3.11.Container and CI
uv pip install -e '.[test,glass]'line installs it.deploy-image.ymlgains one step: animport smokescreencheck against the freshly built image, next to the existingimport sp_validationsmoke test and the fast test suite, all of which gate publication.Verified
On Python 3.12, a fresh
uv venv+uv pip install -e .resolves without firecrown and without any numpy upper bound (numpy 2.5.1 lands), andimport smokescreensucceeds in the installed environment.uv lockresolves the fork ref cleanly (254 packages; zerofirecrown, zeronumpy<markers).uv.lockstays untracked per this repo's.gitignore.🤖 Generated with Claude Code
https://claude.ai/code/session_01KpaRHk3QwN13myduQ3hJyf