Hi there when using `pants generate lockfiles` with poetry b Pants #general

Hi there, when using `pants generate-lockfiles` wi...

happy-pizza-30507

08/25/2022, 4:57 PM

Hi there, when using

pants generate-lockfiles

with poetry backend, how can I resolve the dependencies for multiple platforms in requirements.txt? Specifically I find that the lockfile, which is generated from linux by other team mate, is missing a few hashes that are needed on m1, causing the build to fail. Not sure if I have done anything obviously wrong here. Thanks!

enough-analyst-54434

08/25/2022, 5:04 PM

There is not much we can do there. The pex backend should support that case well, but if you need to stick with Poetry, the 1st thing to check is if the m1 wheels are in the Poetry lockfile. If they are, the problem is just with

poetry export

which we use to gen the lock.

happy-pizza-30507

08/25/2022, 5:43 PM

Thanks for the tip. I'll let you know if pex resolver could fix the issue. The last time I tried though, it confused the dependabot because it generates a non-compliant format in the lockfile. Not sure how to deal with in this case. However I'd be open to pex resolver if the situation has changed.

enough-analyst-54434

08/25/2022, 5:46 PM

Well, pex has

pex3 lock export

to do the same thing and get a requirements.txt out. BUT Pants adds a non-valid comment header to the Pants Pex lockfiles, so you 1st need to strip the comment lines off before you ask Pex to export the lock 😕

enough-analyst-54434

08/25/2022, 5:49 PM

As an alternative, you may be able to

./pants export

which will export venvs and then in your main venv

pip install pip-audit

and go from there. As I understand it. pip-audit can work with venv contents as well as requirements.txt

👍 1

5 Views

Open in Slack

Previous Next