-
-
Notifications
You must be signed in to change notification settings - Fork 106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Specify min/max versions for all dependencies in setup.py #875
Conversation
Codecov Report
@@ Coverage Diff @@
## sprint29 #875 +/- ##
============================================
- Coverage 67.71% 67.13% -0.58%
============================================
Files 44 44
Lines 5556 5556
============================================
- Hits 3762 3730 -32
- Misses 1794 1826 +32
Continue to review full report at Codecov.
|
@zaneselvans It will be tidier to use compatible release clauses (https://www.python.org/dev/peps/pep-0440/#compatible-release). For example:
Also, did you forget |
setup.py
Outdated
"flake8>=3.8,<4.0", | ||
"flake8-builtins>=1.5,<2.0", | ||
"flake8-colors>=0.1,<0.2", | ||
"flake8-docstrings>=1.5,<2.0", | ||
"flake8-rst-docstrings", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing version constraints.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The most recent version was 0.0.14 and so I wasn't sure what to do with it! Restricting to <0.1.0 seemed a bit odd.
This looks like a good place to start, by at least protecting us from automatic upgrades most likely to introduce breaking changes. I've been using poetry to manage dependencies in new python projects, and it uses a "lock file" with resolved dependency versions (which gets committed to the repository) so that all environments match exactly – essentially equivalent to pinning all versions explicitly, but with the benefit of having a layer of software figuring out which combination actually works. But since there are difficulties with using It makes me nervous to have dependency versions specified twice – in |
Yeah, I am not a fan of specifying the versions twice either. :-/ |
At @ezwelty's suggestion (after some unexpected breakage) I've tried to set minimum and maximum versions for all of our direct dependencies in
setup.py
so that unexpected major breaking updates should be much less frequent. I'm not entirely sure how this will interact with our use ofenvironment.yml
to specify thepudl-dev
environment, but so far it seems to work fine withtox
andpip
. Recreating mypudl-dev
environment locally from scratch, and then installing pudl inside it using pip seems to work fine though.