mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-08-29 18:31:51 +02:00
793f72c06c
New python dependencies are introduced by the memory mapping script. Rather than add another `requirements.txt` utilise poetry. This is a proper dependency management framework for Python. The two main upsides of using poetry instead of the traditional requirements.txt are maintainability and reproducibility. Poetry provides a proper lock file for pinning dependencies, similar to npm for JavaScript. This allows for separate environments (i.e. docs, tools) to be created efficiently, and in a reproducible manner, wherever the project is deployed. Having dependencies pinned in this manner is a boon as a security focused project. An additional upside is that we will receive security updates for dependencies via GitHub's Dependabot. Change-Id: I5a3c2003769b878a464c8feac0f789e5ecf8d56c Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>