Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Poetry install and update resolve versions differently when requirements aren't pinned
See original GitHub issue- I am on the latest Poetry version.
- I have searched the issues of this repo and believe that this is not a duplicate.
- If an exception occurs when executing a command, I executed it again in debug mode (
-vvvoption).
- OS version and name: Debian running in WSL2
- Poetry version: 1.1.0b2
- Link of a Gist with the contents of your pyproject.toml file: https://gist.github.com/iserko/ae0b5240bdb6af0a63264f834a3b4bee
Issue
Using the pyproject.toml I can run poetry install (log) and get the latest dbt installed (at the time that’s 0.17.2), but then when I run poetry update (log) it downgrades dbt and updates requests.
The workaround for this is to pin dbt to dbt = "^0.17.2", however I was surprised to see poetry just downgrade.
Issue Analytics
- State:
- Created 3 years ago
- Comments:6 (5 by maintainers)
Top Results From Across the Web
Dependency specification | Documentation | Poetry - Python ...
If other dependencies require a different version, the solver will ultimately fail and abort any install or update procedures.
Read more >Dependency Management With Python Poetry
When you run the poetry add command, Poetry automatically updates pyproject.toml and pins the resolved versions in the poetry.lock file. However ...
Read more >The Nine Circles of Python Dependency Hell - Medium
To fix this problem, use a constraints file to specify the version range that will satisfy both dependencies.2,3 Requirements.txt and constraints files allow ......
Read more >Which Python Dependency Manager Should I Choose?
Pinning a package to a specific version can become a management nightmare. For example, you may end up with two packages in your...
Read more >Third-party dependencies - Pants build
python_requirement target for transitive dependencies, i.e. requirements that you do not ... If you incorrectly add a target from a different resolve to...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
From #6470:
For those who are interested:
poetry lockignores an existing lock file and creates a new lock file from scratch.poetry updatetakes a whitelist of packages to update. That’s why it’s more like apoetry lock --no-updateexcept for the whitelisted packages. It considers an existing lock file and tries not to update packages that are not on the whitelist. If you don’t pass any names topoetry updateall locked packages are on the whitelist, but the lockfile is still taken into consideration which can result in a different resolution order.I drafted #6477 to make
poetry updatemore determistic and similar topoetry lock.There’s a reproducible example in https://github.com/python-poetry/poetry/issues/6470, as of today at least.