Provide way to do full dependency locking

[Czaki]

Is your feature request related to a problem? Please describe.

If program is provided as python package it contains description of all dependencies if files like setup.cfg or pyproject.toml (ex for poetry). It will be nice to not double this entry in files

Describe the solution you'd like To avoid double providing information it will be nice to read requirements from setup.cfg if present and append it to requires entry.

Describe alternatives you've considered Manual manage or customs scripts which will overwrite pyproject.toml

Additional context I could try to create such PR (but currently does not understand towncrier checks).

[freakboy3742]

I'm slightly hesitant on this request, because setup.cfg and pyproject.toml are for different purposes, and should be expressing dependencies in a different way.

setup.cfg is for packaging a library. A library should not be hard pinning package versions - it should be specifying ranges that are valid, so that pip can resolve dependencies.

pyproject.toml (in the context of Briefcase, anyway) is for packaging apps. An app should have hard pins for all it's dependencies, because the specific versions used to deploy a particular version of an app is part of the definition of the app.

Having Briefcase to read requirements from setup.cfg is essentially reading the wrong thing - it's reading a library configuration into an app.

However, I could be convinced to expand Briefcase to use Poetry lock formats (or, better still, a PyPA-standardized format for locked requirements). Poetry can (apparently) handle different lock lists for different platforms; we'll need to incorporate that into Briefcase's usage.

I'll modify the ticket title to reflect that usage; there's a lot more design work needed here, though.

[Czaki]

However, I could be convinced to expand Briefcase to use Poetry lock formats (or, better still, a PyPA-standardized format for locked requirements). Poetry can (apparently) handle different lock lists for different platforms; we'll need to incorporate that into Briefcase's usage.

In such approach I also suggest support for requirements file. This file has support in pip-tools (pip-compile command) and tools like dependabot, requires.io etc which simplify managing and updating dependecies.

[freakboy3742]

We can certainly try; the problem is that requirements files don't have enough flexibility (by themselves). A project can only have a single requirements.txt file, and there's no provision for "optional" requirements. Briefcase needs to be able to specify different package lists for different platforms.

We could use different requirements files for different platforms - but AFAIK that then breaks the automated tooling around requirements files, as those tools assume a single requirements.txt file.

[Czaki]

We can certainly try; the problem is that requirements files don't have enough flexibility (by themselves). A project can only have a single requirements.txt file, and there's no provision for "optional" requirements. Briefcase needs to be able to specify different package lists for different platforms.

PEP 508? example from my test configuration pytest-xvfb ; sys_platform == 'linux'

And some entry like file:requirements/requirements_briefcase_windows.txt?

We could use different requirements files for different platforms - but AFAIK that then breaks the automated tooling around requirements files, as those tools assume a single requirements.txt file.

Which tools? I have multiple requirements file (for docs, for pyinstaller build etc) and everything works.