Skip to content
This repository has been archived by the owner on Feb 19, 2021. It is now read-only.

Potential dependency conflicts between historical and marshmallow #126

Open
NeolithEra opened this issue Aug 5, 2019 · 1 comment
Open

Potential dependency conflicts between historical and marshmallow #126

NeolithEra opened this issue Aug 5, 2019 · 1 comment

Comments

@NeolithEra
Copy link

Hi, as shown in the following full dependency graph of historical, historical requires marshmallow (the latest version), while the installed version of swag-client(0.4.3) requires marshmallow>=2.13.5,<3.0.0.

According to Pip's “first found wins” installation strategy, marshmallow 2.19.5 is the actually installed version.

Although the first found package version marshmallow 2.19.5 just satisfies the later dependency constraint (marshmallow>=2.13.5,<3.0.0), it will lead to a build failure once developers release a newer version of marshmallow.

Dependency tree--------

historical-master
| +-boto3(version range:>=1.9.47)
| +-click(version range:>=6.7)
| +-cloudaux(version range:>=1.4.14)
| | +-boto(version range:>=2.41.0)
| | +-boto3(version range:*)
| | +-botocore(version range:*)
| | +-defusedxml(version range:*)
| | +-flagpole(version range:>=1.0.1)
| | +-inflection(version range:*)
| | +-joblib(version range:>=0.9.4)
| | +-six(version range:>=1.11.0)
| +-deepdiff(version range:>=3.3.0)
| | +-jsonpickle(version range:==1.0)
| | +-ordered-set(version range:==3.1)
| +-jinja2(version range:==2.10)
| | +-markupsafe(version range:>=0.23)
| +-marshmallow(version range:>=2.13.5)
| +-pynamodb(version range:>=3.3.1)
| | +-botocore(version range:>=1.12.54)
| | +-python-dateutil(version range:<3.0.0,>=2.1)
| | | +-six(version range:*)
| | | +-six(version range:>=1.5)
| | +-six(version range:*)
| +-python-dateutil(version range:==2.6.1)
| | +-six(version range:*)
| | +-six(version range:>=1.5)
| +-raven-python-lambda(version range:>=0.1.7)
| | +-boto3(version range:*)
| | +-psutil(version range:>=5.2.2)
| | +-raven(version range:>=6.1.0)
| +-swag-client(version range:==0.4.3)
| | +-boto3(version range:>=1.4.6)
| | +-click(version range:>=6.7)
| | +-click-log(version range:>=0.2.1)
| | | +-click(version range:*)
| | +-deepdiff(version range:>=3.3.0)
| | | +-jsonpickle(version range:==1.0)
| | | +-ordered-set(version range:==3.1)
| | +-dogpile-cache(version range:>=0.6.4)
| | | +-decorator(version range:*)
| | +-jmespath(version range:>=0.9.3)
| | +-marshmallow(version range:>=2.13.5,<3.0.0)
| | +-retrying(version range:>=1.3.3)
| | | +-six(version range:>=1.7.0)
| | +-simplejson(version range:>=3.16.0)
| | +-tabulate(version range:>=0.7.7)

Thanks for your attention.
Best,
Neolith
@NeolithEra
Copy link
Author

Solution

Fix your direct dependencies to be marshmallow>=2.13.5,<3.0.0 to remove this conflict.
I have checked this revision will not affect your downstream projects now.

Build a good dependency ecosystem for python projects is our common goal. ^_^

@mikegrima May I pull a request to solve this issue?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@NeolithEra