Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

poetry and pip disagree whether dependency should be installed due to wrong marker specification #7775

Open
4 tasks done
mirekdlugosz opened this issue Apr 7, 2023 · 0 comments
Open
4 tasks done

poetry and pip disagree whether dependency should be installed due to wrong marker specification #7775

mirekdlugosz opened this issue Apr 7, 2023 · 0 comments
Labels
area/deps Related to representing and locking dependencies kind/bug Something isn't working as expected status/triage This issue needs to be triaged

Comments

@mirekdlugosz
Copy link

  • Poetry version: 1.4.2

  • Python version: 3.11.3

  • OS version and name: Fedora 37

  • pyproject.toml: https://gist.github.com/mirekdlugosz/f5d93f7b5a907acf7e448a0fdc9fdc65

  • I am on the latest stable Poetry version, installed using a recommended method.

  • I have searched the issues of this repo and believe that this is not a duplicate.

  • I have consulted the FAQ and blog for any relevant entries or release notes.

  • If an exception occurs when executing a command, I executed it again in debug mode (-vvv option) and have included the output below.

Issue

redis==4.5.4 has following dependency specification:

async-timeout>=4.0.2; python_version<="3.11.2"

The idea was to only install async-timeout on Python 3.11.2 or earlier. But this marker is wrong - python_full_version should be used instead of python_version.

When running on Python 3.11.3, pip will pull in this dependency, while poetry will skip it:

$ pip install redis==4.5.4
Collecting redis==4.5.4
  Using cached redis-4.5.4-py3-none-any.whl (238 kB)
Collecting async-timeout>=4.0.2
  Using cached async_timeout-4.0.2-py3-none-any.whl (5.8 kB)
Installing collected packages: async-timeout, redis
Successfully installed async-timeout-4.0.2 redis-4.5.4

$ poetry add redis==4.5.4

Updating dependencies
Resolving dependencies... (0.1s)

Package operations: 1 install, 0 updates, 0 removals

  • Installing redis (4.5.4)

I think this can be considered a bug in poetry. If you consider "python_version" to evaluate to 3.11.0, then entire marker should evaluate to True. If you consider that parser should also run something like '.'.join(version_specifier.split('.')[:2]) on reference version, then it will eventually compare "3.11" to "3.11" and also evaluate to True.

I have found past issues like python-poetry/poetry-core#382 or #5717 . It seems that historically there has been some confusion about difference between python_version and python_full_version (hard to blame anyone, redis was also confused). Perhaps this is showing that there are some remnants of this still around.

I can try to poke around a little and submit a PR, but would need some pointers.
@mirekdlugosz mirekdlugosz added kind/bug Something isn't working as expected status/triage This issue needs to be triaged labels Apr 7, 2023
@Secrus Secrus added the area/deps Related to representing and locking dependencies label Oct 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/deps Related to representing and locking dependencies kind/bug Something isn't working as expected status/triage This issue needs to be triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mirekdlugosz @Secrus