Open pawelad opened 1 year ago
Ah, I just found the upstream issue in pip
- https://github.com/pypa/pip/issues/9644
I guess there's nothing we can do on pip-tools
side? I wonder what should be the workaround? I went back to using the old resolver (and dropped --skip-extras
), but if I understand it correctly, this will become a breaking bug when pip-tools
7 is released and the new resolver will become the default?
In your reproductions it looks like needed dependencies are not included in the compiled txt
s: backports.zoneinfo
is absent from main.txt
, though apparently required by django
, and typing-extensions
is absent from dev.txt
, though apparently required by black
.
This may be a bug, or it may be a case of mismatched environments between compilation and installation. Looking at black
's pyproject.toml
, I see that typing_extensions
is required only when Python is < 3.10
. Similarly for django
, backports.zoneinfo
is only required when Python is < 3.9
.
So probably you are running pip-compile
in an environment with Python > 3.10
, but pip install
in one with Python < 3.9
. This is not currently expected to succeed, when the requirements differ across those environments.
See also:
You're 100% right about mixing Python 3.8 and 3.10 (my project Python version vs. the temporary venv I created to reproduce), but I'm almost certain that the bigger problem still stands (as 'confirmed' by https://github.com/pypa/pip/issues/9644).
I'll update the description in the coming days.
@AndydeCleyre I updated issue description with pins from my production environment and making sure I'm doing everything on Python 3.8.13, pip 22.3.1 and pip-tools 6.10.0. Let me know if you still can't reproduce it.
Like I said, I believe it's a known bug in pip's new resolver (https://github.com/pypa/pip/issues/9644) with known workarounds (https://github.com/pypa/pip/issues/9644#issuecomment-813432613) and lack of resources to fix (https://github.com/pypa/pip/issues/9644#issuecomment-1022002270)
I guess there's nothing to do on pip-tools
side, but having it open here for visibility might have some worth, especially since this will become a much more pressing issue when the new resolver is gonna be enabled by default (I'd recommend postponing that until this bug is fixed).
FWIW, my current workaround is to stop using the new resolver until this gets fixed.
My current workaround is to use --no-deps
with pip install -r
. Since pip-compile
has specified all dependencies, --no-deps
seems quite reasonable.
Seen again as #1865 (closed as dupe of this one). The title here could probably use an update (note that --strip-extras
and -c` are not necessary to reproduce).
Hi,
First of all, thanks for the package and all the hard work you put into it.
I tried looking through the repo for a similar bug, but I haven't found anything. At the same time, I don't think I'm doing anything too much out of the ordinary - I'm using:
--generate-hashes
, for obvious security reasons-c constraints.txt
at the top of the dev requirements files, as that's the recommended layered approach--resolver=backtracking
, for better package resolving (and it will be the default at some point)--strip-extras
, because otherwise using--resolver=backtracking
failed withConstraints cannot have extras
The above scenario unfortunately produces requirement files that cannot be installed because of this:
As I understand it,
--strip-extras
, which is needed for--resolver=backtracking
to work with-c constraints.txt
, is currently incompatible with--generate-hashes
, because it needs all dependencies to have hashes and (correctly?) differences betweenPyJWT[crypto]
andPyJWT
.My current workaround will probably involve dropping
--resolver=backtracking
and--strip-extras
for now, but I wanted to write up this issue while I'm debugging all this.Related issues: #398, #1092, #1300
Environment Versions
Steps to replicate
Given requirements files:
Expected result
I'd like to be able to use generated requirements files to install the packages.
Actual result
I can't install the packages, neither with
pip-sync
or withpip install -r
: