Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
install's `--keep-outdated` does not seem to be respected
See original GitHub issue(Closed as duplicate, see issue at #966 and PR at #3304)
When I have outdated dependencies, installing a new package with the --keep-outdated flag still updates dependencies that have no overlap with my newly-requested dependency. Similar issues (but pre---keep-oudated, I think?): #966, #1219, #1409.
Describe your environment
- OS X 10.13.2
- Python version: 3.6.4
- Pipenv version: 11.0.2
Expected result
Packages that have no overlap in their dependencies with my current set of dependencies should not change my current set of dependencies when --keep-outdated is specified.
Actual result
My existing packages are updated as if I had not specified the flag.
Steps to replicate
> mkdir foo && cd foo
> pipenv shell
Creating a virtualenv for this project…
Using base prefix '/usr/local/Cellar/python3/3.6.4_2/Frameworks/Python.framework/Versions/3.6'
New python executable in /Users/seankelley/.virtualenvs/foo-9CvoEbl5/bin/python3.6
Also creating executable in /Users/seankelley/.virtualenvs/foo-9CvoEbl5/bin/python
Installing setuptools, pip, wheel...done.
Virtualenv location: /Users/seankelley/.virtualenvs/foo-9CvoEbl5
Creating a Pipfile for this project…
Spawning environment shell (/usr/local/bin/zsh). Use 'exit' to leave.
. /Users/seankelley/.virtualenvs/foo-9CvoEbl5/bin/activate
> pipenv install boto3==1.6.2
Installing boto3==1.6.2…
Collecting boto3==1.6.2
Using cached boto3-1.6.2-py2.py3-none-any.whl
Collecting jmespath<1.0.0,>=0.7.1 (from boto3==1.6.2)
Using cached jmespath-0.9.3-py2.py3-none-any.whl
Collecting botocore<1.10.0,>=1.9.2 (from boto3==1.6.2)
Using cached botocore-1.9.3-py2.py3-none-any.whl
Collecting s3transfer<0.2.0,>=0.1.10 (from boto3==1.6.2)
Using cached s3transfer-0.1.13-py2.py3-none-any.whl
Collecting docutils>=0.10 (from botocore<1.10.0,>=1.9.2->boto3==1.6.2)
Using cached docutils-0.14-py3-none-any.whl
Collecting python-dateutil<3.0.0,>=2.1 (from botocore<1.10.0,>=1.9.2->boto3==1.6.2)
Using cached python_dateutil-2.6.1-py2.py3-none-any.whl
Collecting six>=1.5 (from python-dateutil<3.0.0,>=2.1->botocore<1.10.0,>=1.9.2->boto3==1.6.2)
Using cached six-1.11.0-py2.py3-none-any.whl
Installing collected packages: jmespath, docutils, six, python-dateutil, botocore, s3transfer, boto3
Successfully installed boto3-1.6.2 botocore-1.9.3 docutils-0.14 jmespath-0.9.3 python-dateutil-2.6.1 s3transfer-0.1.13 six-1.11.0
Adding boto3==1.6.2 to Pipfile's [packages]…
Pipfile.lock not found, creating…
Locking [dev-packages] dependencies…
Locking [packages] dependencies…
Updated Pipfile.lock (1faca3)!
Installing dependencies from Pipfile.lock (1faca3)…
🐍 ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 7/7 — 00:00
... and here I edit the Pipfile, replacing boto3's `==1.6.2` specification with `*` in order to recreate the environment where I first discovered this issue ...
> pipenv install --keep-outdated coverage
Installing coverage…
Collecting coverage
Using cached coverage-4.5.1-cp36-cp36m-macosx_10_12_x86_64.whl
Installing collected packages: coverage
Successfully installed coverage-4.5.1
Adding coverage to Pipfile's [packages]…
Pipfile.lock (1faca3) out of date, updating to (63af11)…
Locking [dev-packages] dependencies…
Locking [packages] dependencies…
Updated Pipfile.lock (63af11)!
Installing dependencies from Pipfile.lock (63af11)…
🐍 ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 8/8 — 0
Pipfile pre-coverage, pre-editing
[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"
[packages]
"boto3" = "==1.6.2"
[dev-packages]
[requires]
python_version = "3.6"
Pipfile pre-coverage, post-editing
[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"
[packages]
"boto3" = "*"
[dev-packages]
[requires]
python_version = "3.6"
Pipfile.lock pre-coverage
{
"_meta": {
"hash": {
"sha256": "8d7dcd28948fa28543f1ad7b866b5c37c583afe5a78a010ab3213e9bec1faca3"
},
"pipfile-spec": 6,
"requires": {
"python_version": "3.6"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.python.org/simple",
"verify_ssl": true
}
]
},
"default": {
"boto3": {
"hashes": [
"sha256:0537aa3c840b2a6c9cdc53704b1ca27c19f1850e16056db1f6241917a5eee648",
"sha256:1576a72dd1a6435b29b41d541411fcabcef2777de9abebc50d01046ca24447f9"
],
"version": "==1.6.2"
},
"botocore": {
"hashes": [
"sha256:8a8c59f4c7b4e3521d82aee4b8cba55e80de44617649c2320823505bfebbcaa4",
"sha256:d5b892ab86cd3e8d6cb570dd5275bf1c600cbbf9f07a40a22bcdd9023c0e844f"
],
"version": "==1.9.3"
},
"docutils": {
"hashes": [
"sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6",
"sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274",
"sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6"
],
"version": "==0.14"
},
"jmespath": {
"hashes": [
"sha256:6a81d4c9aa62caf061cb517b4d9ad1dd300374cd4706997aff9cd6aedd61fc64",
"sha256:f11b4461f425740a1d908e9a3f7365c3d2e569f6ca68a2ff8bc5bcd9676edd63"
],
"version": "==0.9.3"
},
"python-dateutil": {
"hashes": [
"sha256:891c38b2a02f5bb1be3e4793866c8df49c7d19baabf9c1bad62547e0b4866aca",
"sha256:95511bae634d69bc7329ba55e646499a842bc4ec342ad54a8cdb65645a0aad3c"
],
"version": "==2.6.1"
},
"s3transfer": {
"hashes": [
"sha256:90dc18e028989c609146e241ea153250be451e05ecc0c2832565231dacdf59c1",
"sha256:c7a9ec356982d5e9ab2d4b46391a7d6a950e2b04c472419f5fdec70cc0ada72f"
],
"version": "==0.1.13"
},
"six": {
"hashes": [
"sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9",
"sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb"
],
"version": "==1.11.0"
}
},
"develop": {}
}
Pipfile post-coverage
[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"
[packages]
"boto3" = "*"
coverage = "*"
[dev-packages]
[requires]
python_version = "3.6"
[pipenv]
keep_outdated = true
Pipfile.lock post-coverage
{
"_meta": {
"hash": {
"sha256": "68b45659b8e63d966f0ad9bd96550a54c0b87ef67baef31d132042e90d63af11"
},
"pipfile-spec": 6,
"requires": {
"python_version": "3.6"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.python.org/simple",
"verify_ssl": true
}
]
},
"default": {
"boto3": {
"hashes": [
"sha256:cf5768f1b9f26d5f82369ef97e11eee0010d10f8723b081c61ff17a1cd199bea",
"sha256:d817c21abcb41f390cec28e444d180db7d40ec2786ff5f54813af52e53598362"
],
"version": "==1.6.3"
},
"botocore": {
"hashes": [
"sha256:8a8c59f4c7b4e3521d82aee4b8cba55e80de44617649c2320823505bfebbcaa4",
"sha256:d5b892ab86cd3e8d6cb570dd5275bf1c600cbbf9f07a40a22bcdd9023c0e844f"
],
"version": "==1.9.3"
},
"coverage": {
"hashes": [
"sha256:03481e81d558d30d230bc12999e3edffe392d244349a90f4ef9b88425fac74ba",
"sha256:0b136648de27201056c1869a6c0d4e23f464750fd9a9ba9750b8336a244429ed",
"sha256:198626739a79b09fa0a2f06e083ffd12eb55449b5f8bfdbeed1df4910b2ca640",
"sha256:28b2191e7283f4f3568962e373b47ef7f0392993bb6660d079c62bd50fe9d162",
"sha256:2eb564bbf7816a9d68dd3369a510be3327f1c618d2357fa6b1216994c2e3d508",
"sha256:337ded681dd2ef9ca04ef5d93cfc87e52e09db2594c296b4a0a3662cb1b41249",
"sha256:3a2184c6d797a125dca8367878d3b9a178b6fdd05fdc2d35d758c3006a1cd694",
"sha256:3c79a6f7b95751cdebcd9037e4d06f8d5a9b60e4ed0cd231342aa8ad7124882a",
"sha256:3d72c20bd105022d29b14a7d628462ebdc61de2f303322c0212a054352f3b287",
"sha256:3eb42bf89a6be7deb64116dd1cc4b08171734d721e7a7e57ad64cc4ef29ed2f1",
"sha256:4635a184d0bbe537aa185a34193898eee409332a8ccb27eea36f262566585000",
"sha256:56e448f051a201c5ebbaa86a5efd0ca90d327204d8b059ab25ad0f35fbfd79f1",
"sha256:5a13ea7911ff5e1796b6d5e4fbbf6952381a611209b736d48e675c2756f3f74e",
"sha256:69bf008a06b76619d3c3f3b1983f5145c75a305a0fea513aca094cae5c40a8f5",
"sha256:6bc583dc18d5979dc0f6cec26a8603129de0304d5ae1f17e57a12834e7235062",
"sha256:701cd6093d63e6b8ad7009d8a92425428bc4d6e7ab8d75efbb665c806c1d79ba",
"sha256:7608a3dd5d73cb06c531b8925e0ef8d3de31fed2544a7de6c63960a1e73ea4bc",
"sha256:76ecd006d1d8f739430ec50cc872889af1f9c1b6b8f48e29941814b09b0fd3cc",
"sha256:7aa36d2b844a3e4a4b356708d79fd2c260281a7390d678a10b91ca595ddc9e99",
"sha256:7d3f553904b0c5c016d1dad058a7554c7ac4c91a789fca496e7d8347ad040653",
"sha256:7e1fe19bd6dce69d9fd159d8e4a80a8f52101380d5d3a4d374b6d3eae0e5de9c",
"sha256:8c3cb8c35ec4d9506979b4cf90ee9918bc2e49f84189d9bf5c36c0c1119c6558",
"sha256:9d6dd10d49e01571bf6e147d3b505141ffc093a06756c60b053a859cb2128b1f",
"sha256:be6cfcd8053d13f5f5eeb284aa8a814220c3da1b0078fa859011c7fffd86dab9",
"sha256:c1bb572fab8208c400adaf06a8133ac0712179a334c09224fb11393e920abcdd",
"sha256:de4418dadaa1c01d497e539210cb6baa015965526ff5afc078c57ca69160108d",
"sha256:e05cb4d9aad6233d67e0541caa7e511fa4047ed7750ec2510d466e806e0255d6",
"sha256:f3f501f345f24383c0000395b26b726e46758b71393267aeae0bd36f8b3ade80"
],
"version": "==4.5.1"
},
"docutils": {
"hashes": [
"sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6",
"sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274",
"sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6"
],
"version": "==0.14"
},
"jmespath": {
"hashes": [
"sha256:6a81d4c9aa62caf061cb517b4d9ad1dd300374cd4706997aff9cd6aedd61fc64",
"sha256:f11b4461f425740a1d908e9a3f7365c3d2e569f6ca68a2ff8bc5bcd9676edd63"
],
"version": "==0.9.3"
},
"python-dateutil": {
"hashes": [
"sha256:891c38b2a02f5bb1be3e4793866c8df49c7d19baabf9c1bad62547e0b4866aca",
"sha256:95511bae634d69bc7329ba55e646499a842bc4ec342ad54a8cdb65645a0aad3c"
],
"version": "==2.6.1"
},
"s3transfer": {
"hashes": [
"sha256:90dc18e028989c609146e241ea153250be451e05ecc0c2832565231dacdf59c1",
"sha256:c7a9ec356982d5e9ab2d4b46391a7d6a950e2b04c472419f5fdec70cc0ada72f"
],
"version": "==0.1.13"
},
"six": {
"hashes": [
"sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9",
"sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb"
],
"version": "==1.11.0"
}
},
"develop": {}
}
Issue Analytics
- State:
- Created 6 years ago
- Reactions:9
- Comments:17 (7 by maintainers)
Top Results From Across the Web
npm update is not updating the version in package.json file
The objective of the npm update command is to update your package-lock.json according to what you have specified in the package.json file.
Read more >Why you shouldn't invoke setup.py directly - Paul Ganssle
This does not mean that setuptools itself is deprecated, or that using setup.py to configure your package builds is going to be removed....
Read more >Frequently Encountered Pipenv Problems - Read the Docs
☤ Pipenv does not respect dependencies in setup.py¶. No, it does not, intentionally. Pipfile and setup.py serve different purposes, and should not consider ......
Read more >Protecting Personal Information: A Guide for Business
Most companies keep sensitive personal information in their files—names, Social Security numbers, credit card, or other account data—that identifies ...
Read more >Origin Cache Control - Cloudflare Docs
proxy-revalidate — Has the same meaning as the must-revalidate response directive except that it does not apply to private client caches. stale- ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
the lockfile will always get re-generated if it is out-of-date.
For those following along at home, it seems like this flag is indeed legitimately broken. From https://github.com/pypa/pipenv/issues/966#issuecomment-416784883:
This issue should probably be re-opened to reflect reality.