question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

No documented way to unpin after converting requirements.txt

See original GitHub issue
Describe you environment
  1. MacOS 10.13
  2. Python version: Python 3.6.3
  3. Pipenv version: Pipenv 8.2.7
Expected result

Converting an existing project that uses requirements.txt, Pipenv creates a Pipfile with pinned versions and a Pipfile.lock with the versions from my requirements.txt. It then tells me I might want to unpin my Pipfile. I expected there to be a process for unpinning my Pipfile while maintaining my Pipfile.lock, but pipenv wants to recreate my Pipfile.lock whenever I change my Pipfile.

Actual result

I can’t find any documented way to remove the version pins from Pipfile without the next invocation of pipenv install upgrading all my packages. The only way I have found is to let pipenv regenerate Pipfile.lock, then discard all the changes except the meta hash.

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:21 (11 by maintainers)

github_iconTop GitHub Comments

2reactions
benjaminjkraftcommented, Apr 25, 2018

The point isn’t that we know we need to keep a specific version pinned, nor that we don’t want to update sometime soon. We just don’t want to be forced to update at the same time we switch to pipenv, because pipenv is supposed to be better at helping us to keep packages up to date while retaining the ability to manage the upgrades with care! In fact, even if literally the next commit I make is to upgrade all the packages, I’d like to do that upgrade separately, so I know, when inevitably something breaks, whether it was setting things up incorrectly when switching to pipenv or updating the packages. (And, depending how careful I’m being, I may want to do that separately for each package.)

Perhaps the better way to do that is to simply leave each the version pin in the Pipfile until we’re ready to update that package? But then we lose the ability to use e.g. pipenv update --dry-run to see what we’re going to update – and it seems like this is not the best way for a Pipfile+Pipfile.lock to express what we want, and is different from what we would have if we had used pipenv from the start.

Perhaps this will all be clearer if I propose some alternate verbiage in context – I’ll make a pull request.

1reaction
benjaminjkraftcommented, Apr 21, 2018

Wanted to add one comment here: it seems to me like (once --keep-oudated is working per #966) it might be helpful to mention this strategy explicitly in documentation or in the “you may want to unpin your dependencies message”. That is to say, if you want to migrate from requirements.txt to Pipfile, leaving your dependencies unpinned but without upgrading them today, you want to:

  • pipenv install -r requirements.txt
  • change all your specifiers to * in Pipfile
  • pipenv lock --keep-outdated The last one is not at all obvious, and if you don’t do it, you’ll think you kept the pinned dependencies in Pipfile.lock, but actually as soon as you pipenv install they will get clobbered by the latest ones.
Read more comments on GitHub >

github_iconTop Results From Across the Web

Why should version numbers not be pinned in a Pipfile?
The docs are quite opinionated on the likely reason you have pinned versions on your requirements file: it probably came from pip freeze ......
Read more >
Ask HN: Why Poetry did not become a mainstream package ...
I have recently been introduced to Poetry. I am a pretty experienced Python dev with both back-end and ML in my project basket....
Read more >
How to Update Requirements Files - PyNWB - Read the Docs
requirements.txt of the project can be created or updated and then captured using the following script: mkvirtualenv pynwb-requirements cd pynwb pip install ...
Read more >
About responsive search ads - Google Ads Help
After you enter headlines and descriptions, Google Ads assembles the text into multiple ad combinations in a way that avoids redundancy.
Read more >
Should You Use Upper Bound Version Constraints?
This enables Poetry to roll back a dependency on a subsequent solve, while pip does not know what the original requirements were and...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found