Kunal Mehta

icon indicating a website link https://legoktm.com icon indicating an email [email protected]

icon location Most projects are available from https://git.legoktm.com/

Results 276 comments of Kunal Mehta

Simplify our HTTP dependencies

I have a preference to any library that is already relatively well maintained in Debian :) Both libcurl and libmicrohttpd are popular and used by other projects and have good...

Using reproducible wheels into our securedrop-app-code Debian package on Focal

This is the remaining issue preventing reproducibility of `securedrop-app-code`. The issue is really subtle, the only thing that varies is the "build ID". pip ends up building each wheel in...

Using reproducible wheels into our securedrop-app-code Debian package on Focal

Also, during package builds we're currently building all of the Python dependencies *twice*. Using pre-built wheels will cut that down to zero times.

Using reproducible wheels into our securedrop-app-code Debian package on Focal

I filed #6546 to clean up how our requirements.txt files are organized before we embark down this.

Using reproducible wheels into our securedrop-app-code Debian package on Focal

Current work in flight: * https://github.com/freedomofpress/securedrop-debian-packaging/pull/382 - makes room to add sever wheels into the repo, reusing the same bootstrapping scripts * https://github.com/freedomofpress/securedrop-debian-packaging/pull/383 is a draft of adding the server...

Remove `sh` dependency

Nope, go for it! Let me know if you have any questions.

Fix up requirements.txt files used for boostrapping

My specific proposal is `bootstrap-requirements.in`: ``` pip>=21.3 setuptools>=56.0.0 setuptools-scm>=6.0.1 wheel ``` And then `translation-requirements.in`: ``` babel>=2.9.1 sh ``` (sh might go away in https://github.com/freedomofpress/securedrop/issues/6547). Waiting on #6544 because it'll probably...

Drop dh-virtualenv

Here's my demo of this change against securedrop-client: https://github.com/freedomofpress/securedrop-debian-packaging/commit/a580cf01d5f634b80f98c64230f4398da0603bd0 - I think it's significantly clearer exactly what is happening during the install step (the sed step probably needs a comment)....

LGTM.com shutting down in December 2022

I tagged this with needs discussion because my personal opinion is that the checks were not useful and if we just dropped them that would be fine. I think other...

LGTM.com shutting down in December 2022

> [#6537 (comment)](https://github.com/freedomofpress/securedrop/pull/6537#issuecomment-1239541960) is an example of an LGTM report which I think is somewhat useful. All of those are already pylint checks: * Unused import: https://pylint.pycqa.org/en/latest/user_guide/messages/warning/unused-import.html * Non-callable called:...