I am using pants 1.30 and having issues with the f...
# general
I am using pants 1.30 and having issues with the following:
Copy code
16:27:19 [ERROR] Failed to resolve compatible distributions:
1: uvicorn==0.13.3 requires click==7.* but click 8.0.0 was resolved
This is when i run a
goal with
specified as the target. We have hundreds of build files so this is not easy to find where the culprit is. I know i can fix this with constraints.txt but I need to know what specific BUILD file is causing this. Is there a way to know? I tried
but did not see anything in there that would lead me to the problem BUILD file. Any ideas?
I know i can fix this with constraints.txt
I fear constraints.txt support wasn't added yet in 1.30 😕 Very likely, this issue is because of pip's old resolver which uses First One Seen Wins. Click 8 is likely coming from a transitive dependency, rather than a direct dependency Are you using v1 or v2 engine?
Correct on constraints…. we are trying so hard to get to 2.0
💛 1
correct on transative. unfortuantely we had about 10 of these get introduced on may 12th due to updates on may 11th… its impossible to find them all
I feel your pain 😕 The best I can think (for now) of is to use
to see where it's coming from. You could use this script I think to create the venv https://www.pantsbuild.org/docs/python-third-party-dependencies#tip-set-up-a-virtual-environment-optional (altho that might fail with the same command..you could upgrade pip in that script and tell it to use the new resolver perhaps?)
Hey @salmon-barista-63163, checking if you had any luck with identifying which dependencies are the problem? I thought of a workaround for you! See this thread for how you can set one of your direct dependencies to depend on another requirement. I think pip will do that right thing if you add
as a direct dep in your project, then set your problematic direct deps to depend on it: https://pantsbuild.slack.com/archives/C046T6T9U/p1620893638017200
I think pip will do that right thing
I think this is the case because iirc Pip's first-seen-wins will at least respect top-level requirements. If you say
pip install click<8 some_req
, it will enforce the
even if
i figured it out… it was an issue with MarkupSafe that moto, click, jinja2, and a few others were depending on. Pinning MarkupSafe and adding to some build files fixed it for now. Counting down the days until we can get to pants 2 and have a constraints file
🙌 1
Yay! Glad to hear! Pants 2.2 will also get you Pip's new resolver iirc, which is much better We also have a proposal out for Pants 2.6 to greatly improve the story around dependency management, including: * dedicated lockfiles for tools Pants runs like Black and Flake8 * Pants can autogenerate the lockfiles for you * lockfiles use hashes (important for security) * multiple lockfile support for your user code
🔥 1
@hundreds-father-404 Good to hear! those are definite improvements
💯 1
https://docs.google.com/document/d/1bCYb0UQZx9a-9tAagydCN_z3826QRvz_3aVnXKSNTJw/edit if you're curious for the proposal 🙂 any comments welcomed (Some unresolved threads, had to put the proposal down this week)