this post was submitted on 23 Nov 2024
9 points (90.9% liked)
Python
6426 readers
22 users here now
Welcome to the Python community on the programming.dev Lemmy instance!
π Events
Past
November 2023
- PyCon Ireland 2023, 11-12th
- PyData Tel Aviv 2023 14th
October 2023
- PyConES Canarias 2023, 6-8th
- DjangoCon US 2023, 16-20th (!django π¬)
July 2023
- PyDelhi Meetup, 2nd
- PyCon Israel, 4-5th
- DFW Pythoneers, 6th
- Django Girls Abraka, 6-7th
- SciPy 2023 10-16th, Austin
- IndyPy, 11th
- Leipzig Python User Group, 11th
- Austin Python, 12th
- EuroPython 2023, 17-23rd
- Austin Python: Evening of Coding, 18th
- PyHEP.dev 2023 - "Python in HEP" Developer's Workshop, 25th
August 2023
- PyLadies Dublin, 15th
- EuroSciPy 2023, 14-18th
September 2023
- PyData Amsterdam, 14-16th
- PyCon UK, 22nd - 25th
π Python project:
- Python
- Documentation
- News & Blog
- Python Planet blog aggregator
π Python Community:
- #python IRC for general questions
- #python-dev IRC for CPython developers
- PySlackers Slack channel
- Python Discord server
- Python Weekly newsletters
- Mailing lists
- Forum
β¨ Python Ecosystem:
π Fediverse
Communities
- #python on Mastodon
- c/django on programming.dev
- c/pythorhead on lemmy.dbzer0.com
Projects
- PythΓΆrhead: a Python library for interacting with Lemmy
- Plemmy: a Python package for accessing the Lemmy API
- pylemmy pylemmy enables simple access to Lemmy's API with Python
- mastodon.py, a Python wrapper for the Mastodon API
Feeds
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
my personal preference is a pyproject.toml over that mess
my position is it's not messy enough
Lets start off by admitting what the goal is.
We all want to avoid dependency hell.
Our primary interest is not merely cleaning up the mess of requirements files.
Cleaning up the mess results in some unintended consequences:
noise
All the requirements information is in one place. Sounds great until want to tackle and document very specific issues.
Like when Sphinx dropped support for py39, myst-parser restricted the Sphinx upper bound version, fixed it in a commit, but did not create a release.
Or cffi, every single commit just blows our mind. Adding support for things we all want. So want to set a lower bound cffi version.
My point being, these are all specific issues and should be dealt with separately. And when it's no longer relevant, know exactly what to remove. Zero noise.
complexity
When things go horribly wrong, the wrapper gets in the way. So now have to deal with both the wrapper and the issue. So there is both a learning curve, an API interface, and increased required know how.
The simple answer here is, do not do that.
confusion
When a dependency hell issue arises, have to deal with that and find ourselves drawn to poetry or uv documentation. The issue has nothing to do with either. But we are looking towards them to see how others solve it, in the poetry or uv way.
The only know-how that should be needed is whats in the pip docs.
Whats ur suggestion?
Would prefer to deal with dependency hell before it happens. To do this, the requirements files are broken up, so they are easier to deal with.
Centralizing everything into pyproject.toml does the opposite.
Rather than dealing with the issue beforehand, get to deal with it good and hard afterwards.
But pyproject.toml supports neither locking nor constraints.
Woah! Was giving the benefit of the doubt. You blow my mind.
The locking is very very specific to apps and dev environment.
But lacking constraints is like cutting off an arm.
Ah true, I had the wrong idea about this constraints file. What's your use case?
My only use case so far has been fixing broken builds when a package has build-)ldependencies that don't actually work (e.g. a dependency of a dependency breaks stuff). Not super common, but it happens.
That's a loaded question. Would like to avoid answering atm. Would lead to a package release announcement which this post is not; not prepared to right right now.
Instead here is an admittedly unsatisfactory response which i apologize for.
Wish to have the option to, later, take it back and give the straight exact answer which your question deserves.
my use case is your use case and everyone else's use case.
Avoiding dependency hell while keeping things easily manageable. Breaking up complexity into smallest pieces possible. And having a CLI tool to fix what's fixable while reporting on what's not.
My preference is to do this beforehand.