Skip to content
This repository has been archived by the owner on Dec 16, 2022. It is now read-only.

Add CI tests for dependency conflicts #2280

Closed
schmmd opened this issue Jan 4, 2019 · 12 comments
Closed

Add CI tests for dependency conflicts #2280

schmmd opened this issue Jan 4, 2019 · 12 comments
Assignees
@schmmd
Milestone
1.0.0

Comments

@schmmd
Copy link
Member

schmmd commented Jan 4, 2019

Occasionally AllenNLP has dependency conflicts, see #1824 and #2195. We don't catch these conflicts ourselves because pip is rather flexible about how it resolves dependencies, but when we publish releases some of our users run into them (either because they use poetry or run conda forge).

Ideally we would run a stricter check ourselves which would allow us to address these issues as they happen--rather than hearing about them after a release.
@schmmd schmmd self-assigned this Jan 4, 2019
@schmmd
Copy link
Member Author

schmmd commented Jan 4, 2019

@sodre @phireski do either of you have a suggestion about a tool we should use to identify dependency conflicts earlier?

@schmmd schmmd mentioned this issue Jan 4, 2019
Closed
@sodre
Copy link
Contributor

sodre commented Jan 4, 2019

@schmmd, I asked in the conda-forge gitter channel. I'll report back once I get something.

@epwalsh
Copy link
Member

epwalsh commented Jan 4, 2019

FWIW I currently use pipdeptree for this purpose in some of my projects as part of my CI pipeline.

@schmmd
Copy link
Member Author

schmmd commented Jan 17, 2019

I did some brief searching today but didn't come up with a clear option for how to test for conflicts in our dependencies.

@epwalsh
Copy link
Member

epwalsh commented Jan 19, 2019

@schmmd did you happen to look at pipdeptree? This is the exact script I run in CI to check for conflicts:

#!/bin/sh
set -e
pipdeptree --warn fail 1>/dev/null

@schmmd
Copy link
Member Author

schmmd commented Jan 21, 2019

@epwalsh thanks for the reminder. I'll take a look. I assumed (for some reason) that it draws a tree rather than checks for conflicts.

@schmmd
Copy link
Member Author

schmmd commented Jan 21, 2019

#2195 claimed that v0.7.2 had a dependency conflict that we should have caught. Unfortunately pipdeptree --warn fail does not catch this.

@schmmd schmmd mentioned this issue Feb 15, 2019
Closed
@matt-gardner
Copy link
Contributor

@schmmd, any updates here or ideas on how to proceed with this issue?

@schmmd
Copy link
Member Author

schmmd commented Jun 14, 2019

I have no idea what to do. Unassigning myself.

@schmmd schmmd removed their assignment Jun 14, 2019
@DeNeutoy DeNeutoy added the P3 label Aug 9, 2019
@schmmd schmmd mentioned this issue Aug 29, 2019
Closed
@matt-gardner matt-gardner added this to the 1.0.0 milestone Dec 17, 2019
@matt-gardner
Copy link
Contributor

Adding this to the 1.0 milestone, so we can revisit this issue once we've pruned our dependencies after moving things to sub-repos. That might just solve the problem.

@schmmd schmmd removed the P3 label Jan 3, 2020
@schmmd schmmd self-assigned this Jan 6, 2020
@DeNeutoy
Copy link
Contributor

Marking this as fixed by adding dependabot to our repo, e.g #3623 . This doesn't directly fix this issue, as it's still possible to have conflicting version pins, but this should become more unlikely now the versions we pin to get updated automatically. Also, we didn't have a good alternative solution, because it's a hard problem in general.

Feel free to re-open if we think of a better way to do something about this.

@schmmd
Copy link
Member Author

schmmd commented Jan 15, 2020

@DeNeutoy thanks for closing that out. It's a reasonable action given where we are (which is much better than before).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@schmmd schmmd

Labels
None yet
Projects
None yet
Milestone
1.0.0
Development

No branches or pull requests
5 participants
@schmmd @sodre @matt-gardner @epwalsh @DeNeutoy