pip dependencies don't follow pep440 #521
Comments
|
💯 I am very determined to shift from a Poetry-based approach to a standards-based approach. But it's hard and slow. |
|
Is the poetry approach also the reason the dependencies are represented as a map instead of as an array of strings? In conda, the dependencies are also represented as an array of strings. There might even be multiple entries for the same package. "depends": [
"_openmp_mutex >=4.5",
"astropy >=2.0",
"cached-property",
"cffi >=1.0",
"click",
"fftw >=3.3.8,<4.0a0",
"gsl >=2.6,<2.7.0a0",
"h5py >=2.8.0",
"libblas >=3.8.0,<4.0a0",
"libgcc-ng >=7.5.0",
"matplotlib-base",
"numpy",
"python >=3.6,<3.7.0a0",
"python_abi 3.6.* *_cp36m",
"pyyaml",
"scipy"
],In the pip metadata they are essentially also represented as a array of strings. Technically there can also be multiple entries for the same package/distribution. |
|
Yes, it's a pretty big mess to untangle. Especially because lots of people rely on current behavior, and most people using Poetry don't realize the insanity of the approach. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Checklist
What happened?
I noticed that the dependencies of a
LockedDependencydon't follow PEP440. Are the dependencies taken in a form that poetry uses internally?See for instance this entry:
conda-lock/tests/test-pypi-resolve-gh155/conda-lock.yml
Line 429 in f64b74e
This is not a valid version specifier. If you look at the referenced wheel the requirement is also:
!=3.05, >=2.0.2It would be good to use the standard PEP440 syntax for dependencies. Even better would be to use PEP 508 requirements.
Conda Info
No response
Conda Config
No response
Conda list
No response
Additional Context
No response
The text was updated successfully, but these errors were encountered: