GPHemsley
commented
4 years ago @hackeryarn This sounds like an issue you'd want to raise with pipenv, not pipfile.
Open hackeryarn opened 4 years ago
GPHemsley
commented
4 years ago @hackeryarn This sounds like an issue you'd want to raise with pipenv, not pipfile.
hackeryarn
commented
4 years ago @GPHemsley Wouldn't we still need a syntax inside a Pipfile to skip locking a dependency? I don't think this is specific to pipenv, I just mentioned a work around that included it because that's what I was using.
In my scenario, I get an error because the private repository does not provide a valid hash for a dependency, therefore checking that dependency against the hash inside my Pipfile.lock always fails. I still want to use Pipfile.lock for all other dependencies but skip this one.
GPHemsley-RELX
commented
3 years ago Oh, you want to encode that instruction in your Pipfile? I misunderstood.
hackeryarn
commented
3 years ago That's exactly it. I would like a way to specify dependencies to skip locking while still locking the rest.
Is there currently a way to skip locking a single dependency.
In my case, one of my dependencies comes from a private repository that does not provide valid hashes. Right now, my only option is to run
pipenv insatll --skip-lock.I would like to still have a lock on all other dependencies but skip it for the dependency that doesn't have valid hashes.