Current pip-compile usage does not have --no-emit-index-url

[filipeo2-mck]

Issue

Unfortunately, default usage of pip-compile emits user's configured index-url by default, when the user has one configured in its pips config file.
To avoid this behavior a flag --no-emit-index-url must be set.

Solution

While this issue is not fixed in their repo (there is an open issue about this insecure behavior), I'm adding the flag --no-emit-index-url to existing pip-compile executions to protect contributors from having their credentials leaked.

Additional improvement

Maybe it's a matter of preference, but I added a flag --annotation-style=line that makes the generated requirements.txt look much cleaner, shorter and more readable. This change can be removed, if not accepted.

From:

aiosignal==1.3.1
     # via ray
alabaster==0.7.13
     # via sphinx
anyio==3.7.1
     # via
     #   fastapi
     #   jupyter-server
     #   starlette
argcomplete==3.1.1
     # via nox
argon2-cffi==23.1.0
     # via jupyter-server
...

To:

aiosignal==1.3.1          # via ray
alabaster==0.7.13         # via sphinx
anyio==3.7.1              # via fastapi, jupyter-server, starlette
argcomplete==3.1.1        # via nox
argon2-cffi==23.1.0       # via jupyter-server
...

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (4425ad8) 93.92% compared to head (1729e89) 93.92%.
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1390   +/-   ##
=======================================
  Coverage   93.92%   93.92%           
=======================================
  Files          91       91           
  Lines        6781     6781           
=======================================
  Hits         6369     6369           
  Misses        412      412           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.