Make requirements with pip-tools 3.8.0 #24514
Conversation
There was a problem hiding this comment.
Very confused by this PR.
requests[security]was changed to justrequestswhich made a lot of changes to the requirements on prod.- pip-tools is pinned to 3.6.0. To upgrade it to 3.8.0 dev-requirements.in should have chaned and
make upgrade-requirementsshould have been run. - when i upgraded to 3.8.0 locally I do see the added setup tools, but I don't see all of these other changes that have been made
|
So one problem I had with the original version of this PR is that I ran Also, I think this is another problem: Installs the latest version of pip-tools, not the version pinned in |
| @@ -33,7 +33,7 @@ commonmark==0.9.0 # via recommonmark | |||
| concurrent-log-handler==0.9.12 | |||
| contextlib2==0.5.5 | |||
| coverage==4.5.1 | |||
| cryptography==2.6.1 | |||
| cryptography==2.7 | |||
There was a problem hiding this comment.
I'm confused how this was upgraded. make requirements is supposed to be strictly making sure that the requirements fit in with current definition in *.in files. It should only change when running make upgrade-requirements or changing the in files. (it didn't show up in #24519)
| @@ -1,7 +1,7 @@ | |||
| #!/usr/bin/env bash | |||
| set -e | |||
|
|
|||
| pip install pip-tools==3.6.1 | |||
| pip install pip-tools>=3.8 | |||
There was a problem hiding this comment.
I think that this is still fragile to this kind of change. Long term, maybe we should run the requirements test after the other tests? that way this comparison could run in the same virtualenv where we have pinned pip-tools.
There was a problem hiding this comment.
Long term, maybe we should run the requirements test after the other tests?
Sure, I'll do that in a separate PR
Attempt to fix travis build failure seen in various PRs (ex: #24509).
@emord