search

NatLibFi / Annif

Annif is a multi-algorithm automated subject indexing tool for libraries, archives and museums.
https://annif.org
Other
195 stars 41 forks source link

Update dependencies v0.61 #683

Closed juhoinkinen closed 1 year ago

juhoinkinen commented 1 year ago

This updates some outdated dependencies:

Also pins (at least) minor versions of all non-dev dependencies to the versions currently being installed and removes some unnecessary dependencies (swagger_ui_bundle, codecov).

codecov[bot] commented 1 year ago

Codecov Report

Patch coverage has no change and project coverage change: +0.03 :tada:

Comparison is base (3a5fc50) 99.57% compared to head (7d2e98d) 99.61%.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #683 +/- ## ========================================== + Coverage 99.57% 99.61% +0.03% ========================================== Files 88 89 +1 Lines 6138 6166 +28 ========================================== + Hits 6112 6142 +30 + Misses 26 24 -2 ``` [see 33 files with indirect coverage changes](https://codecov.io/gh/NatLibFi/Annif/pull/683/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=NatLibFi) Help us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=NatLibFi). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=NatLibFi)

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.

juhoinkinen commented 1 year ago

I think swagger_ui_bundle = "*" is nowdays not needed as a direct dependency and could be removed.

The dependency was added in #215 due to a problem discussed in https://github.com/spec-first/connexion/issues/406#issuecomment-440633705, which seems to be fixed now.

Done: Remove unnecessary swagger_ui_bundle dependency

osma commented 1 year ago

Would it make sense to pin major/minor versions, at least for all non-dev dependencies? At least nltk and gunicorn are not pinned currently and this could cause sudden API breakage.

juhoinkinen commented 1 year ago

TensorFlow 2.12.0 has some breaking changes:

tf.keras:

Moved all saving-related utilities to a new namespace, keras.saving, for example: keras.saving.load_model, keras.saving.save_model, keras.saving.custom_object_scope, keras.saving.get_custom_objects, keras.saving.register_keras_serializable,keras.saving.get_registered_name and keras.saving.get_registered_object. The previous API locations (in keras.utils and keras.models) will be available indefinitely, but we recommend you update your code to point to the new API locations.

Annif imports load_model, which could or should be updated: https://github.com/NatLibFi/Annif/blob/33bc561187a453cf1653bda8e041e516fbb34903/annif/backend/nn_ensemble.py#L15

And also atomic_save apparently uses the old location.

But now I see there is a conflict in installing the new TF version and numpy:

Because tensorflow-cpu (2.12.0) depends on numpy (>=1.22,<1.24)
 and no versions of tensorflow-cpu match >2.12.0,<2.13.0, tensorflow-cpu (>=2.12.0,<2.13.0) requires numpy (>=1.22,<1.24).
So, because annif depends on both numpy (1.24.*) and tensorflow-cpu (2.12.*), version solving failed.
juhoinkinen commented 1 year ago

Force-pushed to drop upgrading to TensorFlow v2.12.0, which conflicted with Numpy.

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information