-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Regression with Git transitive dependencies #4051
Comments
I have recreated the issue with a minimal example, https://github.com/mtraynham/poetry_4051 Testspoetry==1.1.5
poetry==1.1.6
1.1.6 with diff patch
|
We are seeing the same issue. Can confirm adding the whitelist back fixes the issue. We have downgraded to 1.1.5 in the meantime |
This looks like the same issue as #3368 It looks like the In 1.1.5, the solver does resolve the transitive dependencies, but it ignores the versions from the VCS/path deps lockfiles, and installs the latest version that satisfies the dependency specification from the Not having a firm grasp on the code, and too little time right now to debug in depth, this snippet in particular looks like it might have significance. The deferred dependencies might not need to be resolved, but they should still be loaded? @sdispater, as the contributor of the breaking PR, what do you think? Surely the transitive package dependencies should all be installed by |
Likely related issues for 1.1.6: @sdispater I believe #3947 has introduced this issue, but I am not well versed in how or why the lockfile is no longer being used as a whitelist during install, nor why the lockfile generation is somehow different from what an install performs. I wouldn't mind adding a PR to fix the issue, but some guidance would be appreciated; I'm not sure any of us understands the code well enough to suggest a correct fix. |
Thanks @mtraynham, I had seen those, I have no idea why I didn't include those issues in my last comment Also, a correction:
Thinking about this a bit more, if you specify 2 path deps in |
The root cause has been identified (see #4202) and this will be fixed in the next bugfix release. Note that you will to regenerate the lock file for the fix to take effect. |
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
I am on the latest Poetry version.
I have searched the issues of this repo and believe that this is not a duplicate.
If an exception occurs when executing a command, I executed it again in debug mode (
-vvv
option).OS version and name: Linux/Mac
Poetry version: 1.1.6
Link of a Gist with the contents of your pyproject.toml file: https://github.com/mtraynham/poetry_4051
Issue
There seems to be a regression with transitive dependencies of a Git dependency. I haven't exactly figured out why, but the
change for the whitelist on the installer is what causes the transitive dependency to be flagged for removal rather than keeping it. The dependency is in the lock file, but when it goes to install the project, it skips it.
This particular pull causes the issue, #3947. Reverting the whitelist changes seems to correct the issue:
https://github.com/python-poetry/poetry/pull/3947/files#diff-95c2e34175a95676a55830f8442a68da156ae6a31dfec68317a2fd746be2243fL292-L297
https://github.com/python-poetry/poetry/pull/3947/files#diff-95c2e34175a95676a55830f8442a68da156ae6a31dfec68317a2fd746be2243fL308
This may actually be caused because I have 1 git dependency, which depends on another git dependency. E.g. the dependency tree looks like:
Project A -> Project B (git; poetry) -> Project C (git; setup.py) -> PyPi dep (not installed, but in the lock file)
The text was updated successfully, but these errors were encountered: