plain-night-5132401/04/2023, 6:55 PM
how do we improve the workflow? Convert it to poetry? (it doesn’t seem to support monorepo) Do I still need to go through this process? it seems pants does not support a --check option currently for lockfiles so the lockfile and my requirements could go out of date.
polite-garden-5064101/04/2023, 7:06 PM
sed '/^\/\//d' <PATH-TO-PEX-LOCKFILE> > dist/pex_lock.json # remove pants comments from lock file python3 -m venv .venv && source .venv/bin/activate && pip install pex==2.1.114 PEX_TOOLS=1 .venv/bin/pex --lock dist/pex_lock.json --include-tools -- venv --pip --bin-path prepend --collisions-ok .venv
to generate a pip compatible lockfile with versions and hashes. (based on the requirements.txt format, I forget the pep #)
pex3 lock export dist/pex_lock.json > dist/pip-lockfile.txt
plain-night-5132401/04/2023, 9:24 PM
polite-garden-5064101/04/2023, 9:28 PM
plain-night-5132401/04/2023, 9:48 PM
polite-garden-5064101/04/2023, 9:55 PM
happy-kitchen-8948201/04/2023, 10:13 PM
could be the source for generating the lockfile.
chilly-holiday-7741501/05/2023, 9:52 AM
- my assumption is that you retain poetry’s lockfile behaviour being manipulated by
that Pants doesn’t care about - are there other differences?
poetry add/remove package
enough-analyst-5443401/05/2023, 3:37 PM
chilly-holiday-7741501/06/2023, 12:46 PM
happy-kitchen-8948201/06/2023, 2:14 PM
will turn those into a full transitive lockfile
modern-monkey-7836401/10/2023, 7:18 AM
Does pants handle dependency validation automatically (i.e. making sure that dep_a is compatible with dep_b) or will we need to use pip explicitly for it to add to requirements.txt?
plain-night-5132401/10/2023, 8:34 AM
happy-kitchen-8948201/10/2023, 10:48 AM
delegates to pex, which delegates to pip, and by default to an older pip that may be slower. If you're on a Pants 2.16 dev release you can set
and get newer pip, which may have relevant perf improvements
enough-analyst-5443401/10/2023, 11:59 AM
happy-kitchen-8948201/10/2023, 12:39 PM
chilly-holiday-7741501/10/2023, 12:45 PM
, as it’s not difficult to add a helper script to do that once you grok that it’s nearly the same as what a Poetry user is used to, but the small gap feels much larger in terms of ergonomics than it really is: just to support your earlier thought Benjy: > I think using pex lockfiles makes more sense than using poetry, at this point
modern-monkey-7836401/10/2023, 6:12 PM
@modern-monkey-78364 I’m not sure I understand what you mean by “dependency validation”@happy-kitchen-89482 I mean sometimes in requirements.txt we have a dependency prometheus-client=0.14.1 and we want to add another dependency ray=2.2.0 to the project. Now ray 2.2.0 internally dependency upon prometheus-client < 0.14. So, if I currently add ray dependency right now with
, it will fail and mention that ray version is not compatible with existing prometheus-client version. Wanted to understand how it is taken care by pants.
poetry add ray
happy-kitchen-8948201/10/2023, 7:00 PM
plain-night-5132401/10/2023, 7:01 PM
modern-monkey-7836401/10/2023, 7:14 PM
Yes, lockfile generation will fail on that kind of thingWould it also tell why it failed? E.g. prometheus-client is incompatible with ray?
plain-night-5132401/10/2023, 7:14 PM
modern-monkey-7836401/10/2023, 7:15 PM
happy-kitchen-8948201/10/2023, 10:49 PM