-
Notifications
You must be signed in to change notification settings - Fork 192
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cleanup dependencies #3597
Cleanup dependencies #3597
Conversation
6f8cd63
to
1dc29a4
Compare
"pymatgen>=2019.7.2", | ||
"pymysql~=0.9.3", | ||
"seekpath~=1.9", | ||
"spglib~=1.14" | ||
], | ||
"notebook": [ | ||
"jupyter==1.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think these requirements were to avoid collisions with py2 and maybe now we can just put jupyter
and notebook
, without version specification?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No unfortunately we can't. It's true that notebook>=6
does not support python 2, but it also requires pyzmq>=17
and tornado>=5
and we, because of circus
(and plumpy
and kiwipy
) have exactly pyzmq<17
and tornado<5
. I had made a start into seeing whether I could fix circus and make it compatible with the newer versions and made some headway but it is not trivial. Hopefully I can look into this more with @muhrin during the coding week
], | ||
"bpython": [ | ||
"bpython==0.17.1" | ||
"bpython~=0.18.0" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want to drop this? Is any user really using this? I guess it's more for convenience of users, but then maybe it's ok to remove?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure if anyone uses it, so that's why I left it in for now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems reasonable to me! Thanks
@asle85 and @waychal I have removed quite a few dependencies in the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks @sphuber for all this work - and great that we can upgrade to django 2!
I just have some minor suggestions, which is to not downgrade any of the dependencies we currently have (unless you have tested with the older versions).
I'll now also give installing this a try on mac.
P.S. Sorry for having made the edits in reqs_for_rtd - I realized too late.
install on macos seems fine |
Hi, I have not reviewed all changes to the dependencies in detail yet, but I have had prepared a draft for a related AEP that I just had not submitted yet. Maybe we can consider this in the context of this PR? |
@ltalirz thanks for the review. The changes you proposed are not necessary. The changes I made will not result in adowngrade. The compatible operator Edit: I performed a test in a clean virtualenv to make sure:
|
I should have been a bit more specific - it is true that installing aiida would not result in downgrading of packages, but if you install AiIDA in an environment that already has an older version of the package installed, then it will not upgrade.
|
I see, but by specifying the patch version, we strictly reduce the accepted range of versions to that specific minor version, a limitation the removal of which was the whole point of this PR. So there is a direct conflict between those two requirements. We could just tell people in the installation documentation that when installing in an existing environment, the should run |
Both I and @waychal have checked the dependencies removed in the rest extras and it looks fine to us. Given that the tests are passing it's ok to remove them. |
That is not how the
Even if you specify a patch version, it will install the latest compatible version. |
I am afraid it does. Consider the following two examples:
versus
When you specify a patch version, it will always remain within the corresponding minor version, as shown by the first example. Doing |
You're right - and apologies for not reading your commit message/comments properly (I didn't realize we are only fixing the major version). I think we should retain the ability to force upgrades of the patch level of certain packages, if we know that they contain important bug fixes (such as pgtest 1.3.1).
How about something like |
Probably not in some cases, but that is the case with many things. I agree that we should try to make things as robust as possible but this is not always possible in the case of competing and directly conflicting goals.
I think this does indeed work and would be a possible solution and certainly makes a lot of sense for dependencies where we no a particular patch version contains important bug fixes. I don't think we should blindly apply this to all our current versions though. For the majority of dependencies, the specific version we have currently were just picked because they were the latest version that was available the last time I updated all the dependencies en masse. Do you know of any other dependency that might have a specifically required patch version? |
pgtest is the only one I know for sure - as a "gut feeling" I would also add P.S. Of course, these extra |
"pg8000~=1.13", | ||
"pgtest~=1.3", | ||
"pytest~=5.3", | ||
"sqlalchemy-diff~=0.1.3" | ||
], | ||
"dev_precommit": [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think for the pre-commit dependencies it actually makes sense to pin them exactly. The issue with these is that even a "backwards compatible" change in behavior can cause the build to fail.
For example, when pylint
has a false positive, we add a # pylint: disable=...
comment. If a subsequent patch fixes the false positive, it will trigger useless-suppression
errors.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, they are presumably used only when developing aiida-core
- so there really isn't much of a concern for being compatible with other environments / packages.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have the useless-suppression
warning disabled globally, but I see your point. This can also just happen with pre-commit
and yapf
that introduce new formatting rules. However, if that happens, since these are only for developers anyway, the dev just upgrades his dependencies in his development environment and commits the changes no?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just imagine your PR fails because in just that moment some new yapf/pylint version has been released...
I would prefer to avoid this ;-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Exactly, it can be quite an annoying thing. Also, if we have scheduled CI on older branches they will just suddenly fail with pre-commit errors, for no reason.
1dc29a4
to
dd78c06
Compare
@ltalirz I have added explicit lower required patch versions for |
Yes, I think @greschd has a good point here. |
dd78c06
to
98f35aa
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks @sphuber , both for the cleanup and for your patience ;-)
Seems like a little bit more patience is required 😅 . The |
That's very strange... With your previous version of the branch (all dependencies with The only main difference I can see is that you were using pre-commit 1.19. Perhaps 1.17 had some astroid dependency that pip is somehow not properly resolving? P.S. Here the output of |
I know that |
Seems like it was a problem with the cache. I added a commit to run |
a3f4502
to
f18369c
Compare
The version requirements of all `install_requires` and `extras_require` dependencies are reevaluated. Where we used to require explicit version by pinning to exact versions using the `==` operator, we now use the more liberal operator `~=`. This is the compatible release operator: https://www.python.org/dev/peps/pep-0440/#compatible-release For a given release identifier `V.N` the compatible release clause is approximately equivalent to the pair of comparison clauses: >= V.N, == V.* With this rule we define our dependency requirements using the minor version for packages with a major version of 1 or higher and using the patch version for packages whose major version is still at 0. The reason is that when packages have released `v1` they can be expected to respect semantic versioning and not break backwards compatibility in minor version whereas this is typically not the case for `v0` versions where backward incompatible changes are introduced in minor versions as well. Note that this approach will not prevent from breaking our builds because packages break their API in minor versions, but at least we have a consistent dependency requirement policy. List of specific restrictions and changes: * `pymatgen==2019.7.2` is the last to support python 3.5 * `jinja2` moved to `install_requires` as it is used explicitly by `verdi` * `astroid==2.2.5` required by `prospector`, will cause crash if wrong Explicit lower patch requirements are set for a few packages because they are known to contain critical and required bug fixes: * `psycopg-binary>=2.8.3` * `sqlalchemy>=1.3.10` * `pgtest>=1.3.1` * `seekpath>=1.9.3` Finally, an exception is made for packages of the `dev_precommit` extra which can affect pre-commit behavior such as linting warnings or code formatting. To prevent updates in these packages from unexpectedly failing the pre-commit hooks, they are pinned to an explicit version.
This is a rolling backport of the module `unittest.mock` which has been part of the standard python library since v3.3. Note that one has to do `from unittest.mock import patch` and use it directly as for some reason `import unittest` followed by using `unittest.mock.patch` will result in an `AttributeError`.
It was only used to parse the repository URI of a profile, which can be accomplished just as well with the built in `urllib.parse.urlparse`.
They will be removed in `aiida-core==2.0.0` which will allow to drop the `ete3` dependency. This CLI command was they only code using this lib.
f18369c
to
8885d21
Compare
Fixes #3547 and fixes #2903 and fixes #3528
This PR releases the strict pinning of dependency versions.
In addition, it gets rid of some unnecessary dependencies:
mock
passlib
uritools