Closed sethmlarson closed 5 months ago
Are you talking about the comment headers in the resulting constraint files?
I'm talking about a file like this one, I discovered this while using --only-binary=:all:
for python/release-tools:
#
# This file is autogenerated by pip-compile with Python 3.10
# by the following command:
#
# pip-compile --generate-hashes --output-file=requirements.txt --pip-args='--only-binary=:all: --no-binary=grapheme,grpclib' requirements.in
#
--no-binary grapheme
--no-binary grpclib
--only-binary :all:
... (all the requirements)
Note the order of --pip-args
and that the combination of --no-binary
and --only-binary
in the resulting requirements.txt
don't produce the same behavior in pip.
@webknjaz I've created a PR with a fix that also illustrates the problem: https://github.com/jazzband/pip-tools/pull/2082
FWIW I'm of a opinion that the output file should be used as a constraint, not a requirement.
As in, pip install -r requirements.in -c requirements.txt
. And so such pip options should really go into the input file..
Environment Versions
Steps to replicate
--no-binary=library
option first,--only-binary=:all:
option second.--no-binary
is wiped out by the--only-binary=:all:
Expected result
The resulting requirements contain
--no-binary
and--only-binary
options that have the same behavior as input options.Actual result
Requirements don't have the same behavior as input options.
This improvement matters because using --no-binary/--only-binary is the best way for users to control the amount of potential code execution that happens during the installation process. I have a local fix that I plan on creating a PR.