Open karenc opened 5 years ago
We enabled pyup on one of our repositories that have requirements.txt that are symlinks. It looks something like this:
requirements.txt
prod_envs/requirements.txt prod/requirements.txt -> ../prod_envs/requirements.txt staging/requirements.txt -> ../prod_envs/requirements.txt
So prod/requirements.txt and staging/requirements.txt both point to prod_envs/requirements.txt. We wanted staging and prod to have the same versions, so we symlinked them to the same file.
prod/requirements.txt
staging/requirements.txt
prod_envs/requirements.txt
What happened was pyup-bot created a commit like this:
- ../prod_envs/requirements.txt + Jinja2==2.10.1 + urllib3==1.25.3
So it's creating a symlink to Jinja2==2.10.1\nurllib3==1.25.3\n and of course that's invalid.
Jinja2==2.10.1\nurllib3==1.25.3\n
I expect pyup-bot to only update prod_envs/requirements.txt.
(As a workaround, I think I'll configure the bot to not update those symlinked requirements.txt... :thinking:)
We enabled pyup on one of our repositories that have
requirements.txtthat are symlinks. It looks something like this:So
prod/requirements.txtandstaging/requirements.txtboth point toprod_envs/requirements.txt. We wanted staging and prod to have the same versions, so we symlinked them to the same file.What happened was pyup-bot created a commit like this:
So it's creating a symlink to
Jinja2==2.10.1\nurllib3==1.25.3\nand of course that's invalid.I expect pyup-bot to only update
prod_envs/requirements.txt.(As a workaround, I think I'll configure the bot to not update those symlinked requirements.txt... :thinking:)