Closed k-macmillan closed 1 year ago
Hey team! Please add your planning poker estimate with Zenhub @cris-oddball @EvanParish @ianperera @jakehova @k-macmillan @kalbfled @trevor2718
Reassigned to Lucas due to availability and knowledge. Aiming to discuss dependency learnings/options this Friday at the engineering sync.
Please see the updated doc. I have a strong distate for pipenv due to its being managed by pip. For me, Poetry is the obvious winner. I will now be diving deep into PDM to see how it compares to poetry. My axiom for choosing a dependency manager is developer autonomy.
Goal
The goal of this task is to test PDM as a dependency manager and identify how it addresses the tests below. Gather notes about ease of setup and how well the package is documented, in addition to testing the items listed below.
Update the doc with your findings.
Tech Stack-Specific
The following are related to our specific tech stack.
Flask Import Error Test
Celery Dependencies
Security Vulnerability Check
How does each handle security vulnerabilities?
Updating Pinned Versions
What, if anything does it do with pinned versions? If a pin is removed how does it handle it?
Specific Version Commit Test
Specific commit test. How does it handle it?
Specific Version Tag Test
Timebox
3 days