What is the issue?
requirements.txt lists dependencies without pinned versions, meaning pip installs the latest compatible versions each time. This makes the environment non-deterministic: different developers and CI runs can end up with different package versions, leading to inconsistent behavior or unexpected breakages.
(Suggested by @Pa04rth in #854)
Expected Behaviour
Every pip install -r requirements.txt should produce an identical environment regardless of when it is run.
Actual Behaviour
Dependencies are unpinned (e.g. Flask, click), so pip resolves to whatever is latest at install time.
Steps to reproduce
- Open
requirements.txt and note entries like Flask, click have no version pins.
- Create a fresh virtual environment and run
pip install -r requirements.txt.
- Run
pip freeze and observe that pip has resolved specific versions not specified in requirements.txt, showing the environment is determined at install time.
What is the issue?
requirements.txt lists dependencies without pinned versions, meaning pip installs the latest compatible versions each time. This makes the environment non-deterministic: different developers and CI runs can end up with different package versions, leading to inconsistent behavior or unexpected breakages.
(Suggested by @Pa04rth in #854)
Expected Behaviour
Every
pip install -r requirements.txtshould produce an identical environment regardless of when it is run.Actual Behaviour
Dependencies are unpinned (e.g.
Flask,click), so pip resolves to whatever is latest at install time.Steps to reproduce
requirements.txtand note entries likeFlask,clickhave no version pins.pip install -r requirements.txt.pip freezeand observe that pip has resolved specific versions not specified inrequirements.txt, showing the environment is determined at install time.