https://pantsbuild.org/ logo
#development
Title
# development
h

hundreds-father-404

05/19/2022, 3:50 PM
@witty-crayon-22786 (or others) question about multiple lockfiles for the blog. W/ the traditional Poetry approach of one-lockfile-per-project, we talk about how it's hard to ensure compatibility between different projects But is that actually the case..? Specifically because you can have range requirements for the wheel's metadata, even though at its build time it's using a lockfile. Project A might use
django==3.2.1
in its lock, but claim it works w/
django~=3
-- so long as other projects respect that, no problem
w

witty-crayon-22786

05/19/2022, 3:56 PM
Project A might use
django==3.2.1
in its lock, but claim it works w/
django~=3
-- so long as other projects respect that, no problem
the lockfile itself isn’t relevant when a project is used as a library, because it will instead be subject to the lockfile of whatever binary is depending on it
but the actual requirements (“claims” as you put it above) do all need to be compatible.
h

hundreds-father-404

05/19/2022, 4:02 PM
Okay, is that really "dependency hell" then? Seems managable
b

bitter-ability-32190

05/19/2022, 4:06 PM
Okay, is that really "dependency hell" then? Seems managable
IMO YES
My last gig's Python+Poetry monorepo had over 100 packages. Even with "wide" range of supported versions you'll get conflicts. Two big reasons are if you're following semver religously, and trying to innovate, you're bumping major version often. Then if you're consuming semver, you've tied it to major version. The other being people who don't follow semver well. Then trying to declare your metadata using a semantic version breaks down because it isn't semantic. And most of the time it was internal packages causing the conflict, not external ones. In this case a true Pants monorepo would've caught those issues in PR.
👍 1
w

witty-crayon-22786

05/19/2022, 5:20 PM
yea, dependency hell typically refers to the requirements themselves rather than the lockfiles. it’s definitely a thing.
the other way to reduce it in a monorepo is to use a shared requirement list across all of your deps, which is then imported/templated into setup.py/per-project files (so then rather than a explicit version, you reference a “global variable”)
but in multi-repo, you’re SOL
h

hundreds-father-404

05/24/2022, 9:41 PM
okay I think I finally am okay with this blog.. @witty-crayon-22786 @bitter-ability-32190 could you please take a look? It's the "Issue: multiple lockfiles" section I struggle the most with fyi @busy-vase-39202 https://docs.google.com/document/d/1QW-5pf9R0TeL8SfAs-QW2cJwus-du3vWZYA0HfdCaME/edit?usp=sharing
w

witty-crayon-22786

05/24/2022, 10:47 PM
will do this afternoon: thanks
❤️ 1
looks great, thanks: minor comments.
b

busy-vase-39202

05/25/2022, 12:03 AM
May I suggest including (only if @bitter-ability-32190 consents of course) Joshua's passage above to illustrate the issue in practical real-world terms? I think hearing from a user who's experienced the pain point is really helpful here.
👍 1
b

bitter-ability-32190

05/25/2022, 12:22 AM
Yeah that's about a prior company, go fornit
LGTM!
❤️ 1
h

hundreds-father-404

05/25/2022, 7:12 PM
thanks for the awesome feedback! I finally like this blog 🙂
❤️ 1
🙌 1