Open baszalmstra opened 8 months ago
:100: I am very determined to shift from a Poetry-based approach to a standards-based approach. But it's hard and slow.
Is the poetry approach also the reason the dependencies are represented as a map instead of as an array of strings?
In conda, the dependencies are also represented as an array of strings. There might even be multiple entries for the same package.
"depends": [
"_openmp_mutex >=4.5",
"astropy >=2.0",
"cached-property",
"cffi >=1.0",
"click",
"fftw >=3.3.8,<4.0a0",
"gsl >=2.6,<2.7.0a0",
"h5py >=2.8.0",
"libblas >=3.8.0,<4.0a0",
"libgcc-ng >=7.5.0",
"matplotlib-base",
"numpy",
"python >=3.6,<3.7.0a0",
"python_abi 3.6.* *_cp36m",
"pyyaml",
"scipy"
],
In the pip metadata they are essentially also represented as a array of strings. Technically there can also be multiple entries for the same package/distribution.
Require-Dist: foo (>3.0); python_version>=3.8
Require-Dist: foo (>2.0); python_version<3.8
Yes, it's a pretty big mess to untangle. Especially because lots of people rely on current behavior, and most people using Poetry don't realize the insanity of the approach.
Checklist
What happened?
I noticed that the dependencies of a
LockedDependency
don't follow PEP440. Are the dependencies taken in a form that poetry uses internally?See for instance this entry:
https://github.com/conda/conda-lock/blob/f64b74ec91c57218bd11692b8e5cda3611d64649/tests/test-pypi-resolve-gh155/conda-lock.yml#L429
This is not a valid version specifier. If you look at the referenced wheel the requirement is also:
!=3.05, >=2.0.2
It would be good to use the standard PEP440 syntax for dependencies. Even better would be to use PEP 508 requirements.
Conda Info
No response
Conda Config
No response
Conda list
No response
Additional Context
No response