<@U06A03HV1> (or others) question about multiple l...
# developmenth
hundreds-father-404
05/19/2022, 3:50 PM@witty-crayon-22786 (or others) question about multiple lockfiles for the blog. W/ the traditional Poetry approach of one-lockfile-per-project, we talk about how it's hard to ensure compatibility between different projects
But is that actually the case..? Specifically because you can have range requirements for the wheel's metadata, even though at its build time it's using a lockfile. Project A might use
django==3.2.1django~=3hundreds-father-404
05/19/2022, 3:51 PMw
witty-crayon-22786
05/19/2022, 3:56 PMProject A might usethe lockfile itself isn’t relevant when a project is used as a library, because it will instead be subject to the lockfile of whatever binary is depending on itin its lock, but claim it works w/django==3.2.1-- so long as other projects respect that, no problemdjango~=3
witty-crayon-22786
05/19/2022, 3:57 PMbut the actual requirements (“claims” as you put it above) do all need to be compatible.
h
hundreds-father-404
05/19/2022, 4:02 PMOkay, is that really "dependency hell" then? Seems managable
b
bitter-ability-32190
05/19/2022, 4:06 PMOkay, is that really "dependency hell" then? Seems managableIMO YES
bitter-ability-32190
05/19/2022, 4:09 PMMy last gig's Python+Poetry monorepo had over 100 packages. Even with "wide" range of supported versions you'll get conflicts.
Two big reasons are if you're following semver religously, and trying to innovate, you're bumping major version often. Then if you're consuming semver, you've tied it to major version.
The other being people who don't follow semver well. Then trying to declare your metadata using a semantic version breaks down because it isn't semantic.
And most of the time it was internal packages causing the conflict, not external ones. In this case a true Pants monorepo would've caught those issues in PR.
👍 1
w
witty-crayon-22786
05/19/2022, 5:20 PMyea, dependency hell typically refers to the requirements themselves rather than the lockfiles. it’s definitely a thing.
witty-crayon-22786
05/19/2022, 5:25 PMthe other way to reduce it in a monorepo is to use a shared requirement list across all of your deps, which is then imported/templated into setup.py/per-project files (so then rather than a explicit version, you reference a “global variable”)
witty-crayon-22786
05/19/2022, 5:25 PMbut in multi-repo, you’re SOL
h
hundreds-father-404
05/24/2022, 9:41 PMokay I think I finally am okay with this blog.. @witty-crayon-22786 @bitter-ability-32190 could you please take a look? It's the "Issue: multiple lockfiles" section I struggle the most with
fyi @busy-vase-39202
https://docs.google.com/document/d/1QW-5pf9R0TeL8SfAs-QW2cJwus-du3vWZYA0HfdCaME/edit?usp=sharing
w
witty-crayon-22786
05/24/2022, 10:47 PMwill do this afternoon: thanks
❤️ 1
witty-crayon-22786
05/25/2022, 12:01 AMlooks great, thanks: minor comments.
b
busy-vase-39202
05/25/2022, 12:03 AMMay I suggest including (only if @bitter-ability-32190 consents of course) Joshua's passage above to illustrate the issue in practical real-world terms? I think hearing from a user who's experienced the pain point is really helpful here.
👍 1
b
bitter-ability-32190
05/25/2022, 12:22 AMYeah that's about a prior company, go fornit
bitter-ability-32190
05/25/2022, 1:33 AMLGTM!
❤️ 1
h
hundreds-father-404
05/25/2022, 7:12 PMthanks for the awesome feedback! I finally like this blog 🙂
❤️ 1
🙌 1