Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Explicit priority for source doesn't work with sub-dependencies that also have explicit priority for the same source #8102

Closed
4 tasks done
pszpetkowski opened this issue Jun 14, 2023 · 3 comments
Closed
4 tasks done

Explicit priority for source doesn't work with sub-dependencies that also have explicit priority for the same source #8102

pszpetkowski opened this issue Jun 14, 2023 · 3 comments
Labels
kind/bug Something isn't working as expected status/triage This issue needs to be triaged

Comments

@pszpetkowski
Copy link

  • I am on the latest stable Poetry version, installed using a recommended method.
  • I have searched the issues of this repo and believe that this is not a duplicate.
  • I have consulted the FAQ and blog for any relevant entries or release notes.
  • If an exception occurs when executing a command, I executed it again in debug mode (-vvv option) and have included the output below.

Issue

Explicit priority for source is a great idea but so far it seems to only be useful when a dependency doesn't have any dependencies that are stored in a private source itself. I've stumbled upon a problem where I have an application, let's call it foo_app and it depends on the foo package which in turn depends on the foo_base package. All of the foo_* dependencies are stored on the private PyPI server and it seemed like a great and clean idea to utilize the explicit priority to tell Poetry where to look. It worked for the foo package, because foo_base doesn't have any dependencies in a private source, however if explicit source is used for foo dependency in foo_app I'm getting the following error when trying to generate a lockfile with poetry lock:

Because foo (0.1.0) depends on foo_base (0.1.0) which doesn't match any versions, foo is forbidden.
So, because foo-app depends on foo (0.1.0), version solving failed.

To make it more visual the relationship basically looks like this:

foo_app ---------> (depends on) foo ---------> (depends on) foo_base

I've saved a debug output and upload as a gist at https://gist.github.com/pszpetkowski/614605f50ba2483e14ef69c49b15ef17

Above, for the pyproject.toml, I've provided a link to the repository that contains a minimal sample that showcases the issue. Hopefully it's enough to understand the issue, but if you need more information I'll be happy to provide it.
@pszpetkowski pszpetkowski added kind/bug Something isn't working as expected status/triage This issue needs to be triaged labels Jun 14, 2023
@radoering
Copy link
Member

That's expected behavior. See Package Source Constraint, especially the second info box starting with "Package source keys are not inherited by their dependencies."

Dependencies of a package that comes from source A, do not have to come from source A, too.

@pszpetkowski
Copy link
Author

Thank you for providing the exact link that explains it further, somehow I missed this.

@lukany lukany mentioned this issue Sep 7, 2023
Closed
4 tasks
@github-actions GitHub Actions
Copy link

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Something isn't working as expected status/triage This issue needs to be triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pszpetkowski @radoering