Post · bonfire.cafe

Realization: #Python dependency groups (PEP 735, added in pip 25.1) can be used for optional 'narrowing' of a dependency graph.

E.g. I have a project that depends on package shaky>=X.Y.Z, <X.Y+1 where we have some trust issues with the API stablity of the shaky upstream.

But X.Y.Z is the 'nominal' resolution of that requirement for release, higher versions are allowed as an "early warning system" for upstream breakage (i.e. in a nightly build)

So I could have a dependency group called release or nominal or something that further restricts the requirement to shaky==X.Y.Z

I don't think I am going to do this, but it's a neat trick.

SnoopJ

@SnoopJ@hachyderm.io replied · 4 days ago

Just in case someone is about to reply to "solve" the nominal-version problem:

This project is already using pip-compile to solve that problem, we create a record of the entire graph with exact versions and hashes for each release.

So it's a less a "how can this problem be solved" problem and more of a musing on ergonomics.

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.2.21 no JS en

Automatic federation enabled