Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
No documented way to unpin after converting requirements.txt
See original GitHub issueDescribe you environment
- MacOS 10.13
- Python version: Python 3.6.3
- Pipenv version: Pipenv 8.2.7
Expected result
Converting an existing project that uses requirements.txt, Pipenv creates a Pipfile with pinned versions and a Pipfile.lock with the versions from my requirements.txt. It then tells me I might want to unpin my Pipfile. I expected there to be a process for unpinning my Pipfile while maintaining my Pipfile.lock, but pipenv wants to recreate my Pipfile.lock whenever I change my Pipfile.
Actual result
I can’t find any documented way to remove the version pins from Pipfile without the next invocation of pipenv install upgrading all my packages. The only way I have found is to let pipenv regenerate Pipfile.lock, then discard all the changes except the meta hash.
Issue Analytics
- State:
- Created 6 years ago
- Comments:21 (11 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
The point isn’t that we know we need to keep a specific version pinned, nor that we don’t want to update sometime soon. We just don’t want to be forced to update at the same time we switch to pipenv, because pipenv is supposed to be better at helping us to keep packages up to date while retaining the ability to manage the upgrades with care! In fact, even if literally the next commit I make is to upgrade all the packages, I’d like to do that upgrade separately, so I know, when inevitably something breaks, whether it was setting things up incorrectly when switching to pipenv or updating the packages. (And, depending how careful I’m being, I may want to do that separately for each package.)
Perhaps the better way to do that is to simply leave each the version pin in the Pipfile until we’re ready to update that package? But then we lose the ability to use e.g.
pipenv update --dry-runto see what we’re going to update – and it seems like this is not the best way for a Pipfile+Pipfile.lock to express what we want, and is different from what we would have if we had used pipenv from the start.Perhaps this will all be clearer if I propose some alternate verbiage in context – I’ll make a pull request.
Wanted to add one comment here: it seems to me like (once
--keep-oudatedis working per #966) it might be helpful to mention this strategy explicitly in documentation or in the “you may want to unpin your dependencies message”. That is to say, if you want to migrate fromrequirements.txttoPipfile, leaving your dependencies unpinned but without upgrading them today, you want to:pipenv install -r requirements.txt*inPipfilepipenv lock --keep-outdatedThe last one is not at all obvious, and if you don’t do it, you’ll think you kept the pinned dependencies inPipfile.lock, but actually as soon as youpipenv installthey will get clobbered by the latest ones.