search

yoeo / guesslang

Detect the programming language of a source code
https://guesslang.readthedocs.io
MIT License
805 stars 116 forks source link

Installation conflict on installation. #56

Open Vinchethescript opened 2 years ago

Vinchethescript commented 2 years ago

Hello. I tried right now to install guesslang, but I got this error:

Defaulting to user installation because normal site-packages is not writeable
Looking in indexes: https://pypi.org/simple, https://www.piwheels.org/simple
Collecting guesslang
  Using cached guesslang-2.2.1-py3-none-any.whl (2.5 MB)
  Using cached guesslang-2.2.0-py3-none-any.whl (2.5 MB)
  Using cached https://www.piwheels.org/simple/guesslang/guesslang-2.0.3-py3-none-any.whl (2.1 MB)
  Using cached https://www.piwheels.org/simple/guesslang/guesslang-2.0.1-py3-none-any.whl (2.1 MB)
  Using cached https://www.piwheels.org/simple/guesslang/guesslang-2.0.0-py3-none-any.whl (13.0 MB)
  Using cached guesslang-0.9.3-py3-none-any.whl (3.2 MB)
Requirement already satisfied: numpy in /home/pi/.local/lib/python3.8/site-packages (from guesslang) (1.20.3)
  Using cached https://www.piwheels.org/simple/guesslang/guesslang-0.9.1-py3-none-any.whl (3.2 MB)
Collecting numpy<1.13,>=1.12
  Using cached numpy-1.12.1.zip (4.8 MB)
  Preparing metadata (setup.py) ... done
ERROR: Cannot install guesslang==0.9.1, guesslang==0.9.3, guesslang==2.0.0, guesslang==2.0.1, guesslang==2.0.3, guesslang==2.2.0 and guesslang==2.2.1 because these package versions have conflicting dependencies.

The conflict is caused by:
    guesslang 2.2.1 depends on tensorflow==2.5.0
    guesslang 2.2.0 depends on tensorflow==2.5.0
    guesslang 2.0.3 depends on tensorflow==2.5.0
    guesslang 2.0.1 depends on tensorflow==2.2.0
    guesslang 2.0.0 depends on tensorflow==2.2.0
    guesslang 0.9.3 depends on tensorflow==1.7.0rc1
    guesslang 0.9.1 depends on tensorflow==1.1.0

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip attempt to solve the dependency conflict

ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/user_guide/#fixing-conflicting-dependencies

How do I fix this?

AndydeCleyre commented 2 years ago

I'm commenting here rather than reporting a new issue, which would be "loosen tensorflow version requirements."

Currently tensorflow ==2.5.0 is required in the packaging, and that in turn depends on a version of numpy marked as vulnerable.

EDIT: This means that a properly locked requirements.txt file for a project requiring guesslang will be marked as insecure by dependabot and similar tools.

fawaf commented 2 years ago

+1 to this issue as well. tensorflow looks to only have 2.8.0rc0 and 2.8.0rc1 available now in pip.

woshichuanqilz commented 2 years ago

Is this fixed? How to install it correctly now?

Extremensive commented 2 years ago

I also got this problem

AndydeCleyre commented 2 years ago

Is this fixed? How to install it correctly now?

So a while ago I submitted a tiny PR to loosen the requirement, but this repo seems inactive and it has not been accepted.

For the app I maintain that needs this, I install my "fork" instead, with this in my requirements file:

# guesslang has a problematic and strict version lock on tensorflow
guesslang @ git+https://github.com/andydecleyre/guesslang@tensorflow-looser
Yiannis128 commented 7 months ago

So for anyone having trouble installing this, this is a temporary solution you can use. I say temporary because this really should be fixed by the devs.

pipenv shell
pip install --no-deps guesslang
pipenv install tensorflow

This will just install whatever version of tensorflow and it will ignore the tensorflow requirement of this package.