Relax package requirements and follow PEP 517

[simonhkswan]

Hi there 👋🏼

The latest version of tensorflow_privacy (0.8.0) seems to have very strict package requirements --> it's not allowing the installation of things such as matplotlib==3.4 or pandas==1.3.5 in my other projects.

It looks like the current setup.py is setup just like the requirements.txt and pins packages using ~= which means only matplotlib==3.3.x and pandas==1.1.x are allowed.

https://github.com/tensorflow/privacy/blob/81d588070206a4a4bad9d14e430e17944fbe30ef/setup.py#L29-L36

I've found a few resources[^1][^2] describing the difference between the concrete requirements.txt file and the abstract requirements that should be defined in setup.py. Hopefully these should be enough to explain why I've suggested relaxing the requirements in this PR.

I've also added a pyproject.toml file so that the package can be built in the updated fashion described by PEP 517[^3]. The added config file lets you use build to package python projects[^4].

Lastly, I updated the build shell script commands that called setup.py directly but had some issues running bazel (I'm actually not sure if bazel is used to build the package yet). Anyway, the changes in the build script account for the addition of the pyproject.toml file.

Let me know if I should change anything - happy to help out!

[^1]: abstract/concrete requirements: https://packaging.python.org/en/latest/discussions/install-requires-vs-requirements/#requirements-files [^2]: A nice blog comparing setup.py and requirements.txt (referenced by above): https://caremad.io/posts/2013/07/setup-vs-requirement/ [^3]: PEP 517: https://peps.python.org/pep-0517/ [^4]: https://setuptools.pypa.io/en/latest/build_meta.html

[simonhkswan]

It looks like the majority of the changes needed have been included in

• #305

At least, the version requirements in setup.py have been relaxed so happy to close this PR.

Any feedback from the maintainers of the repo would be appreciated! 🙏🏼