bitter-ability-32190
03/11/2022, 12:07 PMenough-analyst-54434
03/11/2022, 12:24 PMbitter-ability-32190
03/11/2022, 12:57 PMpip install
or poetry add
Allowing a developer to add an import, which implicitly adds a dependency seems dangerous, especially for it being the default setting.enough-analyst-54434
03/11/2022, 12:59 PMAllowing a developer to add an import, which implicitly adds a dependency seems dangerousI think you meant something different? Today you can add an import and dep inference will map that only to explicitly declared 3rdparty deps. Those explicit declarations may be via unpinned requirements, pinned ones or pinned and hashed ones (locked). In any of the 3 circumstances though, implicit dependency adding happens.
bitter-ability-32190
03/11/2022, 2:25 PMenough-analyst-54434
03/11/2022, 3:38 PMbitter-ability-32190
03/11/2022, 3:41 PMenough-analyst-54434
03/11/2022, 3:41 PMbitter-ability-32190
03/11/2022, 3:44 PMenough-analyst-54434
03/11/2022, 3:46 PMhundreds-father-404
03/11/2022, 4:21 PMenough-analyst-54434
03/11/2022, 4:54 PM./pants clean-all
. The issue here was not Python packaging.