06/23/2022, 2:43 PM
When working with lockfiles (pants 2,13, using poetry lock files) is there a way to tell which first party dependency is responsible for a given transitive dependency (pypi packages) ?
06/23/2022, 3:55 PM
Not that I can think of, but that would be a really great feature to have, since this info is all available in the lockfile.
It's just a matter of graph algorithms
We'd just need to find a way to represent the pypi package on the cmd line, since it has no corresponding target
06/23/2022, 4:26 PM
in lockfiles generated by pip-compile this info is in the comments. not sure if the poetry or pex lock file have the option to include this info.
06/23/2022, 4:28 PM
pex lockfile has this explicitly in the graph structure, afaik