Skip to content

Upgrade and unpin python dependencies #921

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bartsanchez wants to merge 2 commits into from
Closed

Upgrade and unpin python dependencies #921

bartsanchez wants to merge 2 commits into from

Conversation

@bartsanchez
Copy link
Contributor

@bartsanchez bartsanchez commented Dec 4, 2024

No description provided.

@bartsanchez bartsanchez force-pushed the bart/upgrade-dependencies branch from d7fd33a to 75d083d Compare December 4, 2024 21:08
boriel
boriel reviewed Dec 5, 2024
View reviewed changes
pyproject.toml

[tool.poetry.group.dev.dependencies]
pytest = "*"
bump2version = "^1.0.0"
Copy link
Collaborator

@boriel boriel Dec 5, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm unsure about this strategy.
I.e. mypy ^1.0.0 is equivalent to 1.*. Leaving the door open that way can break many things.
And even doing that, you will have to poetry update from time to time.

In other words: I would pin the major versions (as with mypy) and do a poetry update periodically to upgrade the .lock file.

Copy link
Contributor Author

@bartsanchez bartsanchez Dec 5, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since you have a lockfile you can't break anything until you execute the poetry update command. The version is already pinned in the lock file. See this as an example.

I would say the purpose of the lockfile is to pin the versions, so I don't see the point of also pin them in the pyproject (unless there is version that really breaks your code and then you can pin in the pyproject until you fix the issue).

Right now, by unpinning them there are no tests failing. This does not mean that there are no bugs but, unless you pin the versions forever you will end up discovering them at some point.

However, feel free to close this PR if you think it's not helping.

@boriel
Copy link
Collaborator

boriel commented Mar 15, 2025

I'm now having inconsistent buids with ruff.
See https://github.com/boriel-basic/zxbasic/actions/runs/13872541425/job/38820924869

For example, some build fail now in my laptop, others in the pipeline, and for different reasons. Forcing poetry update does not seem to fix the issue.

@bartsanchez
Copy link
Contributor Author

bartsanchez commented Mar 16, 2025

@boriel This is the Ruff version that was used by the CI job: 0.9.4.

Which one do you have in your laptop?

Forcing poetry update does not seem to fix the issue.

Maybe this is the root cause of the problem. Probably you don't want to run poetry udpate but poetry install to just use the software versions that are living in the lockfile.

@boriel
Copy link
Collaborator

boriel commented Mar 17, 2025

Never mind. I recreated my virtualenv and it passed. Weird.

@bartsanchez
Copy link
Contributor Author

bartsanchez commented Mar 30, 2025

Closing this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@boriel boriel boriel left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bartsanchez @boriel