From 864e6078bcecb9550c58a8b6ab6c271665097d41 Mon Sep 17 00:00:00 2001 From: Qi Luo Date: Thu, 24 Feb 2022 17:00:13 -0800 Subject: [PATCH] sonic-slave-buster pins the versions of Jinja2 and MarkupSafe in py3 (#10043) #### Why I did it Upstream breaking change, ref discussion https://github.com/pallets/markupsafe/issues/282 --- sonic-slave-buster/Dockerfile.j2 | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/sonic-slave-buster/Dockerfile.j2 b/sonic-slave-buster/Dockerfile.j2 index 9720bcebc4..974fab8c8e 100644 --- a/sonic-slave-buster/Dockerfile.j2 +++ b/sonic-slave-buster/Dockerfile.j2 @@ -466,6 +466,11 @@ RUN pip3 uninstall -y enum34 # For templating RUN pip2 install j2cli==0.3.10 +# Note: Jinja2 depends on MarkupSafe, however markupsafe 2.1.0 breaks Jinja2 2.10 +# Debian buster dist-packages include python3-markupsafe (1.1.0-1) and python3-jinja2 (2.10-2) +# If not pinning the versions, any requirement like `MarkupSafe>=2.0` will pull latest into site-packages and mess up. +RUN pip3 install MarkupSafe==2.0.1 +RUN pip3 install Jinja2==3.0.3 # For sonic-mgmt-framework RUN pip2 install "PyYAML==5.4.1"