Why pin runtime dependencies so tightly?
See original GitHub issueHi,
Looking at the setup.py file, it looks like the following are all required runtime dependencies, all of which need to be pinned very precisely:
requirements = [ "Cython==0.29.23", "cvxpy==1.1.12", "fbprophet==0.5", "holidays==0.9.10", # 0.10.2, "ipykernel==4.8.2", "ipython==7.1.1", "ipywidgets==7.2.1", "jupyter==1.0.0", "jupyter-client==6.1.5", "jupyter-console==6.", # used version 6 to avoid conflict with ipython version "jupyter-core==4.7.1", "matplotlib==3.4.1", "nbformat==5.1.3", "notebook==5.4.1", "numpy==1.20.2", "osqp==0.6.1", "overrides==2.8.0", "pandas==1.1.3", "patsy==0.5.1", "Pillow==8.0.1", "plotly==3.10.0", "pystan==2.18.0.0", "pyzmq==22.0.3", "scipy==1.5.4", "seaborn==0.9.0", "six==1.15.0", "scikit-learn==0.24.1", "Sphinx==3.2.1", "sphinx-gallery==0.6.1", "sphinx-rtd-theme==0.4.2", "statsmodels==0.12.2", "testfixtures==6.14.2", "tornado==5.1.1", "tqdm==4.52.0"]
My question is - why pin them so tightly, and are all of them really necessary? E.g. do I really need sphinx-gallery
? Such tight pins make it very difficult to integrate into any existing project. Why not just require a lower bound for many/most of these?
Issue Analytics
- State:
- Created 2 years ago
- Reactions:4
- Comments:15 (6 by maintainers)
Top Results From Across the Web
How should you pin dependencies and why? – The Guild
By freezing the dependencies we want to achieve repeatable deployment and make sure that every developer is testing on the very same codebase....
Read more >Understanding the npm dependency model - Alexis King
Indeed, it is often safe for a library author to pin a dependency to a specific version without affecting dependent packages or applications...
Read more >Dependencies - Adopting Erlang
Erlang's open source dependencies are just OTP applications, like every other library in a release. As such, all that's required to use an...
Read more >Should you Pin your JavaScript Dependencies?
The pros and cons of dependency pinning for JavaScript/npm. ... For projects of any type, the main reason to use ranges is so...
Read more >NVIDIA CUDA Installation Guide for Linux
The CUDA development environment relies on tight integration with the host development environment, including the host compiler and C runtime libraries, ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I am not sure whether it’s related, but trying to do
pip install greykite
broke my Jupyter installation for meYes, I think most of these issues are related to prophet installation. We are working on a solution and it should be resolved in the next release which we hope to publish in a timely fashion. Please stay tuned for an update.