Soo....with "proper lockfiles", it's desirable for...
# development
Soo....with "proper lockfiles", it's desirable for us to keep using
, rather than the current plan to use
pex -r lockfile.txt --no-transitive
. A major motivation is that it allows us to handle the problem of when it's not safe to use
and the repository PEX feature. For example, w/ a
, the subset of reqs might be valid, but the superset of all your reqs might include deps without wheels, so the superset fails to resolve. This was a real problem hit this month and now fixed to not use repository PEXes when platforms are used. But, we do still want to use a constraints file to lock down all versions I've been claiming constraints files can't be used because a) they don't support extras like
and b) they don't handle URL requirements. a) is an invalid reason, the lockfile should already have expanded
. b) was true, but is fixed by Pip 21.1 Only gotcha: Pip 21 dropped support for Python 2. Iiuc, this would mean that Pants 2.7+ no longer works with Python 2, which may be reasonable given that pip and rest of Python ecosystem has dropped support a while ago?