From 73cf25efe8327f7804343043c1d0c1929e4756f3 Mon Sep 17 00:00:00 2001
From: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Thu, 11 Jan 2024 16:13:13 +0100
Subject: [PATCH] build: constrain version in verify_release script

In #2528 we added a workaround in cd.yml, which allows pinning the
build backend version AND having Dependabot autodupates for it.

This workaround also needs to be applied verify_release for reproducible
builds verification.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
---
 verify_release | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/verify_release b/verify_release
index ec945008..bab8f032 100755
--- a/verify_release
+++ b/verify_release
@@ -45,8 +45,14 @@ def build(build_dir: str) -> str:
         git_cmd = ["git", "clone", "--quiet", orig_dir, src_dir]
         subprocess.run(git_cmd, stdout=subprocess.DEVNULL, check=True)
 
+        # patch env to constrain build backend version as we do in cd.yml
+        env = os.environ.copy()
+        env["PIP_CONSTRAINT"] = "requirements/build.txt"
+
         build_cmd = ["python3", "-m", "build", "--outdir", build_dir, src_dir]
-        subprocess.run(build_cmd, stdout=subprocess.DEVNULL, check=True)
+        subprocess.run(
+            build_cmd, stdout=subprocess.DEVNULL, check=True, env=env
+        )
 
     build_version = None
     for filename in os.listdir(build_dir):