Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cannot get correct dependency information

See original GitHub issue

Pipenv seems to use dependency information of the wrong version.

$ pipenv --version
pipenv, version 11.8.0

Pipfile (which is auto generated from my requirements.txt)

[[source]]

url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"


[packages]

google-endpoints = "==2.4.5"
google-endpoints-api-management = "==1.3.0"


[dev-packages]



[requires]

python_version = "2.7"

When I run pipenv lock --verbose, it fails with the following message.

Locking [dev-packages] dependencies…
Using pip: -i https://pypi.python.org/simple

                          ROUND 1
Current constraints:

Finding the best candidates:

Finding secondary dependencies:
------------------------------------------------------------
Result of round 1: stable, done

Locking [packages] dependencies…
Using pip: -i https://pypi.python.org/simple

                          ROUND 1
Current constraints:
  google-endpoints==2.4.5
  google-endpoints-api-management==1.3.0

Finding the best candidates:
  found candidate google-endpoints==2.4.5 (constraint was ==2.4.5)
  found candidate google-endpoints-api-management==1.3.0 (constraint was ==1.3.0)

Finding secondary dependencies:
  google-endpoints-api-management==1.3.0 requires cachetools<2,>=1.0.0, dogpile.cache<0.7,>=0.6.1, enum34<2,>=1.1.6, google-apitools<0.6,>=0.5.21, oauth2client==3.0.0, pyjwkest<=1.0.9,>=1.0.0, pylru<2.0,>=1.0.9, requests<3.0,>=2.10.0, strict-rfc3339<0.8,>=0.7, urllib3<2.0,>=1.16
  google-endpoints==2.4.5   requires attrs==17.2.0, google-endpoints-api-management>=1.5.0, semver==2.7.7, setuptools>=36.2.5

New dependencies found in this round:
  adding [u'attrs', '==17.2.0', '[]']
  adding [u'cachetools', '<2,>=1.0.0', '[]']
  adding [u'dogpile.cache', '<0.7,>=0.6.1', '[]']
  adding [u'enum34', '<2,>=1.1.6', '[]']
  adding [u'google-apitools', '<0.6,>=0.5.21', '[]']
  adding [u'google-endpoints-api-management', '>=1.5.0', '[]']
  adding [u'oauth2client', '==3.0.0', '[]']
  adding [u'pyjwkest', '<=1.0.9,>=1.0.0', '[]']
  adding [u'pylru', '<2.0,>=1.0.9', '[]']
  adding [u'requests', '<3.0,>=2.10.0', '[]']
  adding [u'semver', '==2.7.7', '[]']
  adding [u'strict-rfc3339', '<0.8,>=0.7', '[]']
  adding [u'urllib3', '<2.0,>=1.16', '[]']
Removed dependencies in this round:
Unsafe dependencies in this round:
------------------------------------------------------------
Result of round 1: not stable

                          ROUND 2
Current constraints:
  attrs==17.2.0
  cachetools<2,>=1.0.0
  dogpile.cache<0.7,>=0.6.1
  enum34<2,>=1.1.6
  google-apitools<0.6,>=0.5.21
  google-endpoints==2.4.5
  google-endpoints-api-management==1.3.0,>=1.5.0
  oauth2client==3.0.0
  pyjwkest<=1.0.9,>=1.0.0
  pylru<2.0,>=1.0.9
  requests<3.0,>=2.10.0
  semver==2.7.7
  strict-rfc3339<0.8,>=0.7
  urllib3<2.0,>=1.16

Finding the best candidates:
  found candidate attrs==17.2.0 (constraint was ==17.2.0)
  found candidate cachetools==1.1.6 (constraint was >=1.0.0,<2)
  found candidate dogpile.cache==0.6.5 (constraint was >=0.6.1,<0.7)
  found candidate enum34==1.1.6 (constraint was >=1.1.6,<2)
  found candidate google-apitools==0.5.22 (constraint was >=0.5.21,<0.6)
  found candidate google-endpoints==2.4.5 (constraint was ==2.4.5)

Warning: Your dependencies could not be resolved. You likely have a mismatch in your sub-dependencies.
  You can use $ pipenv install --skip-lock to bypass this mechanism, then run $ pipenv graph to inspect the situation.
Could not find a version that matches google-endpoints-api-management==1.3.0,>=1.5.0
Tried: 1.0.0b1, 1.0.0b2, 1.0.0b5, 1.0.0b6, 1.0.0b7, 1.0.0b8, 1.0.0b9, 1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.1.0, 1.1.1, 1.1.1, 1.1.2, 1.1.2, 1.1.3, 1.1.3, 1.2.0, 1.2.0, 1.2.1, 1.2.1, 1.3.0, 1.3.0, 1.4.0, 1.4.0, 1.5.0, 1.5.0, 1.5.1, 1.5.1
Warning: Your dependencies could not be resolved. You likely have a mismatch in your sub-dependencies.
  You can use $ pipenv install --skip-lock to bypass this mechanism, then run $ pipenv graph to inspect the situation.
Could not find a version that matches google-endpoints-api-management==1.3.0,>=1.5.0
Tried: 1.0.0b1, 1.0.0b2, 1.0.0b5, 1.0.0b6, 1.0.0b7, 1.0.0b8, 1.0.0b9, 1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.1.0, 1.1.1, 1.1.1, 1.1.2, 1.1.2, 1.1.3, 1.1.3, 1.2.0, 1.2.0, 1.2.1, 1.2.1, 1.3.0, 1.3.0, 1.4.0, 1.4.0, 1.5.0, 1.5.0, 1.5.1, 1.5.1

However according to pypi google-endpoints 2.4.5 requires google-endpoints-api-management more than 1.2.1, so I think google-endpoints-api-management 1.3.0 I configured, matches google-endpoints 2.4.5.

Moreover, google-endpoints 2.4.5 doesn’t require semver, but the version 3.0.0 (latest version) requires it. I suppose Pipenv uses information of google-endpoints 3.0.0.

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

3reactions
uranusjrcommented, Mar 19, 2018

@milkcocoa I think it is fixed in 11.8.0, but you’re likely hitting a cache problem that prevents Pipenv from doing the right thing. Try deleting the Pipenv caches (~/Library/Cached/pipenv if you’re on macOS, not sure about other platforms) and start over.

0reactions
milkcocoacommented, Mar 19, 2018

@uranusjr Thanks a lot, I’ve confirmed it works correctly after deleting caches 😃

Read more comments on GitHub >

github_iconTop Results From Across the Web

pom.xml - Maven can't find dependencies ... - Stack Overflow
The first line "Downloading:..." only says that maven tries to download the artifact. It is no statement about success.
Read more >
apt - How do I resolve unmet dependencies after adding a PPA?
Apt will attempt to correct broken dependencies. If you manually installed a package that had unmet dependencies, apt-get will install those dependencies, ...
Read more >
Gradle dependencies | IntelliJ IDEA Documentation - JetBrains
Start typing a name of a dependency you want to find, select the one you need from the list of search results and...
Read more >
How to find out where a Maven dependency comes from
Need to know exactly which libraries and dependencies your Java project is using? Maven knows that. Here's how find out.
Read more >
Introduction to the Dependency Mechanism - Apache Maven
The dependency management section is a mechanism for centralizing dependency information. When you have a set of projects that inherit from a ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Package locking is crazy slow for scikit-learn

Next page

virtualenv is not isolated. You can still use packages installed system-wide