From f8b10ab68c2fe6ea909cb2de5afe800bb9120566 Mon Sep 17 00:00:00 2001
From: krateng <git.noreply@krateng.ch>
Date: Sun, 19 Jan 2025 02:48:13 +0100
Subject: [PATCH] Pin dependencies, close GH-390

---
 Containerfile          |  2 +-
 README.md              |  2 +-
 pyproject.toml         | 33 ++++++++++++++++-----------------
 requirements.txt       | 29 +++++++++++++++--------------
 requirements_extra.txt |  2 +-
 5 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/Containerfile b/Containerfile
index 0be4d51..b808ccc 100644
--- a/Containerfile
+++ b/Containerfile
@@ -1,4 +1,4 @@
-FROM lsiobase/alpine:3.19 as base
+FROM lsiobase/alpine:3.19 AS base
 
 WORKDIR /usr/src/app
 
diff --git a/README.md b/README.md
index c85a7c8..2cc387a 100644
--- a/README.md
+++ b/README.md
@@ -41,7 +41,7 @@ You can check [my own Maloja page](https://maloja.krateng.ch) as an example inst
 ## How to install
 
 To avoid issues with version / dependency mismatches, Maloja should only be used in **Docker** or **Podman**, not on bare metal.
-I cannot offer any help for bare metal installations.
+I cannot offer any help for bare metal installations (but using venv should help).
 
 Pull the [latest image](https://hub.docker.com/r/krateng/maloja) or check out the repository and use the included Containerfile.
 
diff --git a/pyproject.toml b/pyproject.toml
index b80a311..1b6bb99 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -3,7 +3,7 @@ name = "malojaserver"
 version = "3.2.3"
 description = "Self-hosted music scrobble database"
 readme = "README.md"
-requires-python = ">=3.11"
+requires-python = "==3.11.*"
 license = { file="LICENSE" }
 authors = [ { name="Johannes Krattenmacher", email="maloja@dev.krateng.ch" } ]
 
@@ -19,26 +19,25 @@ classifiers = [
 ]
 
 dependencies = [
-	"bottle>=0.12.16",
-	"waitress>=2.1.0",
-	"doreah>=2.0.1, <3",
-	"nimrodel>=0.8.0",
-	"setproctitle>=1.1.10",
-	#"pyvips>=2.1.16",
-	"jinja2>=3.0.0",
-	"lru-dict>=1.1.6",
-	"psutil>=5.8.0",
-	"sqlalchemy>=2.0",
-	"python-datauri>=1.1.0",
-	"requests>=2.27.1",
-	"setuptools>68.0.0",
-	"toml>=0.10.2",
-	"PyYAML>=6.0.1"
+	"bottle==0.13.*",
+	"waitress==3.0.*",
+	"doreah==2.0.*",
+	"nimrodel==0.8.*",
+	"setproctitle==1.3.*",
+	"jinja2==3.1.*",
+	"lru-dict==1.3.*",
+	"psutil==5.9.*",
+	"sqlalchemy==2.0",
+	"python-datauri==3.0.*",
+	"requests==2.32.*",
+	"setuptools==75.8.*",
+	"toml==0.10.*",
+	"PyYAML==6.0.*"
 ]
 
 [project.optional-dependencies]
 full = [
-	"pyvips>=2.1"
+	"pyvips==2.2.*"
 ]
 
 [project.scripts]
diff --git a/requirements.txt b/requirements.txt
index 7c78921..9bcea41 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,14 +1,15 @@
-bottle>=0.12.16
-waitress>=2.1.0
-doreah>=2.0.1, <3
-nimrodel>=0.8.0
-setproctitle>=1.1.10
-jinja2>=3.0.0
-lru-dict>=1.1.6
-psutil>=5.8.0
-sqlalchemy>=2.0
-python-datauri>=1.1.0
-requests>=2.27.1
-setuptools>68.0.0
-toml>=0.10.2
-PyYAML>=6.0.1
\ No newline at end of file
+bottle==0.13.*
+waitress==3.0.*
+doreah==2.0.*
+nimrodel==0.8.*
+setproctitle==1.3.*
+jinja2==3.1.*
+lru-dict==1.3.*
+psutil==5.9.*
+sqlalchemy==2.0
+python-datauri==3.0.*
+requests==2.32.*
+setuptools==75.8.*
+toml==0.10.*
+PyYAML==6.0.*
+
diff --git a/requirements_extra.txt b/requirements_extra.txt
index d7b7dc7..9852560 100644
--- a/requirements_extra.txt
+++ b/requirements_extra.txt
@@ -1,2 +1,2 @@
-pyvips>=2.1
+pyvips==2.2.*