`pipenv lock` also updates `dev-packages` deps, without "--dev" flag
See original GitHub issueIssue description
To the best of my knowledge, I am observing pipenv
mis-behaving; using the lock
command, without the --dev
flag, having pipenv affect dev-packages
.
Expected result
By default, it should only operate on [packages]
(default/app), unless supplied the --dev
flag.
https://pipenv.readthedocs.io/en/latest/cli/#pipenv-lock
Actual result
+ /usr/local/bin/pipenv lock
Locking [dev-packages] dependencies…
✔ Success!
Locking [packages] dependencies…
✔ Success!
Why? Don’t touch dev-packages
, we did not supply --dev
.
Steps to replicate
See above.
- pipenv --support
$ pipenv --support
Pipenv version: '2018.11.26'
Pipenv location: '/usr/local/lib/python3.7/site-packages/pipenv'
Python location: '/usr/local/bin/python'
Python installations found:
3.7.3
:/usr/local/bin/python
3.7.3
:/usr/local/bin/python3.7m
3.5.3
:/usr/bin/python3.5m
3.5.3
:/usr/bin/python3
PEP 508 Information:
{'implementation_name': 'cpython',
'implementation_version': '3.7.3',
'os_name': 'posix',
'platform_machine': 'x86_64',
'platform_python_implementation': 'CPython',
'platform_release': '4.15.0-64-generic',
'platform_system': 'Linux',
'platform_version': '#73-Ubuntu SMP Thu Sep 12 13:16:13 UTC 2019',
'python_full_version': '3.7.3',
'python_version': '3.7',
'sys_platform': 'linux'}
System environment variables:
HOSTNAME
PYTHON_PIP_VERSION
HOME
GPG_KEY
TERM
PATH
LANG
PYTHON_VERSION
PWD
PYTHONPATH
PIP_DISABLE_PIP_VERSION_CHECK
PYTHONDONTWRITEBYTECODE
PIP_SHIMS_BASE_MODULE
PIP_PYTHON_PATH
PYTHONFINDER_IGNORE_UNSUPPORTED
Pipenv–specific environment variables:
Debug–specific environment variables:
PATH
:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
LANG
:C.UTF-8
PWD
:/app
Contents of Pipfile
(‘/app/Pipfile’):
[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"
[packages]
"boto3" = "*"
(SNIP)
mysql-connector-python = "*"
pyodbc = "*"
requests = "*"
xlrd = "*"
[dev-packages]
freezegun = "*"
metrics = "*"
moto = "*"
pyfakefs = "*"
pylint = "*"
pytest = "*"
pytest-cov = "*"
pytest-mock = "*"
pytest-sugar = "*"
pytz = "*"
sqlparse = "*"
[requires]
python_version = "3.7"
(SNIP) (lock file N/A for now - it depends/varies when the user runs lock
;o)
Issue Analytics
- State:
- Created 4 years ago
- Reactions:14
- Comments:5
Top GitHub Comments
I have the same issue. Is there a way to force pipenv to skip dev packages?
Locking updates all named categories because we have constraints from the default that affect the locking of dev, otherwise you could have conflicting package versions. In the latest versions of pipenv, we pass a constraints file for this purpose and the resolver will fail if you are requesting two different version of say Django between dev and default. This is not something we want to skip over because it would create inconsistencies in the lock file.