search

MCV-Software / TWBlue

TWBlue, an accessible, open source and multiplatform twitter application.
GNU General Public License v2.0
58 stars 36 forks source link

indirect dependency in requirements.txt causing dependency conflict #632

Closed Arfs6 closed 4 months ago

Arfs6 commented 4 months ago

Bug Description

There are some dependency conflicts in our requirements.txt, and it's mostly coming from google-trans. That package looks really old

Steps to reproduce

  1. Fetch the latest TWBlue from source: git pull?
  2. Run python.exe -m pip install -r requirements.txt to install python packages listed in it.

Expected behaviour

Pip downloads and installed all packages successfully.

Current behaviour

Pip bumps into a dependency conflict and prints the following error message:

pendencies.

The conflict is caused by:
    The user requested httpx==0.27.0
    googletrans 4.0.0rc1 depends on httpx==0.13.3
...

Suggested Fix

Drop all packages that are not direct dependencies from requirements.txt. Why not just dropping httpx? Because eventually another package will have conflict again. Why drop all indirect dependencies? Because TWBlue doesn't depend on it. I think it's not our responsibility to keep track of all the specific versions of all the packages. There is a need for test as well, because it's dependabot that is bumping the packages. We already have some github actions, it's just to add another one. We could start by testing pip installations and cx_freeze builds.