-
-
Notifications
You must be signed in to change notification settings - Fork 611
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exclude package? #333
Comments
FYI--latest version of The feature request is still valid in the abstract though... |
If someone can make a PR for a |
I've started working on this but have questions. Should this exclusion happen only for packages described in a If we start to exclude dependencies, then we might break some packages. The user might not know at which level some package they want to exclude will be excluded for some other package. |
Yeah, this would be great. We've had to add a lint step to prevent |
@Groxx could you check out the branch (add-exclude-flag) of https://github.com/lwm/pip-tools/commit/f5771a3aa855887f22dad2ba4a58eef1f158f34f and give it a check if it works for you? I am afraid #388 is going to rot without review or progress. |
@milin I am not sure (new to the code here). Try it and let's find out? Not sure what you mean by a 'backup version'? How would the interface look like? |
Now that |
I think that this feature could be implemented easier by making the UNSAFE_PACKAGES list extensible as these are already removed from the dependency list. Basically by allowing other packages to be added to unsafe list, we close this feature request. I am unable to work on this myself but I would be able to find time to review the PR and also test it manually. |
Needed-By: #47 Related: jazzband/pip-tools#333
Needed-By: #47 Related: jazzband/pip-tools#333
I've made a pr to close this task here, #1509. The main pr change is small with adding unit test cases being bulk of line changes. |
@hmc-cs-mdrissi @ssbarnea @atugushev Any news regarding #1509 ? Seems to have been deprioritized several times in a row. Are we expecting to see this anytime in the near future? Is there any way I can help out with this? I've been hacking this with a grep, but it's far from ideal. @skieffer Where did #1645 come from? Assuming PR #1509 does get merged, what would the plan be for your PR? In my opinion there's too much overlap between both options. |
It addresses problems like this one and this one. As I see it, both #1645 and #1509 are important, because they are complementary. #1509 deletes nodes out of the dependency graph after the whole graph has been computed. #1645 deletes edges out of the graph, thereby preventing parts of it from ever being reached in the first place. As a result, these two options serve two different use cases:
Yeah, I too have some hacky solutions in place right now, and I think it would be great to add these features! |
Actually it would be very easy to add a third usage pattern to #1645, like this: pip-compile --cut-deps :C (note the leading So altogether there would be three patterns:
pip-compile --cut-deps A:C
pip-compile --cut-deps A
pip-compile --cut-deps :C With this, I wouldn't see much need for #1509. |
I'm happy to resolve conflicts by this weekend with pr (may do now if they look small enough). As a non-maintainer, I'm unaware when it'll move forward though. As a note on The primary use case I had was top level requirements that I needed to install separately. As an example if you have multiple editable requirements, those are unhashable and incompatible with --require-hashes. But if you want pip compile to make a file of all there dependencies you need to exclude them and then install them separately. Similarly if you have requirements that are specified by vcs then they are unhashable and need exclusion, but there dependencies are still desired. So I actually do need "C", but C needs to be treated separately. My issue is partly hashes are all or nothing today and you can't have some packages unhashed in a requirements file. |
My use case matches hmc-cs-mdrissi's exactly. Currently I'm doing that by The |
This is already implemented on main branch now and will be included in next release. |
Related: #1656 -- Someone's expecting the unpinned excluded package to be included (without a version) in |
Yeah that ticket has to do with what @IanTayler is saying on One question for @hmc-cs-mdrissi (or whomever knows the answer), if one wants to mark several packages with Currently I just include the flag multiple times, but it feels sub-optimal. Is there a way to have several unsafe packages marked at once, without having # Can this be done with --unsafe-package only being written once?
pip-compile --unsafe-package foo --unsafe-package bar --unsafe-package baz |
Working with the current master (
setuptools
unsafe-package Case 1
# The following packages are considered to be unsafe in a requirements file:
# unsafe-package In the generated Case 2
unsafe-package==1.1.1
# via -r requirements.in
# The following packages are considered to be unsafe in a requirements file:
setuptools==63.2.0
# via -r requirements.in In the generated Case 3
In the generated In other words: since @hmc-cs-mdrissi (cc @AndydeCleyre) can you read through this? Imo there's still some outstanding work before this feature should be released. |
@jamesbraza Thanks! Case 1 looks like a bug, with the option not fulfilling its promise of replacing the default unsafe package list. I agree it should be fixed before a release. In case 2 I would indeed expect all packages to be pinned, since Case 3 looks good to me. |
I agree with @AndydeCleyre view on all 3 cases. I’m not really sure what use case for allow unsafe and custom unsafe packages is besides grouping. I’ll try to take a look later this week especially on case 1. |
We could add some processing sugar for potential CSVs, like we do for extras = tuple(itertools.chain.from_iterable(ex.split(",") for ex in extras)) |
Closed as completed via #1509. |
I'm running pip-compile under OS X and have a
requirements/dev.in
file which includes IPython. This pulls ingnureadline
. When I build a pex (https://github.com/pantsbuild/pex) from this requirements file for a Linux system, it's not usable, because gnureadline is only available for OS X.I can work around this by removing or commenting out the gnureadline dependency, but this is a bit hacky. It would be great to be able to do:
pip-compile requirements/base.in && pip-compile requirements/dev.in && pip-compile --remove gnureadline requirements/stage.in
.The text was updated successfully, but these errors were encountered: