-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pip downloads many versions of extra'ed dependency while the exact version is pinned via a constraint #10233
Comments
This is likely because the resolver treats Extras are hard. And yucky. It should be possible to "push" the explicit constraint down to the candidate with the extra, but it might be tricky to implement. |
PR up in #10239. |
Bumps [pip](https://github.com/pypa/pip) from 21.2.1 to 21.2.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>21.2.2 (2021-07-31)</h1> <h2>Bug Fixes</h2> <ul> <li>New resolver: When a package is specified with extras in constraints, and with extras in non-constraint requirements, the resolver now correctly identifies the constraint's existence and avoids backtracking. (<code>[#10233](pypa/pip#10233) <https://github.com/pypa/pip/issues/10233></code>_)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/f7d912a21902d11448d8fb19cbb84ba1854bcdc4"><code>f7d912a</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/c7f3f197685d074855cfcd8e92234e7b93af3d3f"><code>c7f3f19</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/08eee0b1c0b4805e7a2963e5b455fd7d22adf283"><code>08eee0b</code></a> Correctly normalize relative paths for 'pip show'</li> <li><a href="https://github.com/pypa/pip/commit/aaba4997e4f6084bd9f0a360b39c14c0f1bd0278"><code>aaba499</code></a> Post a deprecation warning for distutils configs</li> <li><a href="https://github.com/pypa/pip/commit/a2cbacfe1cb0a8c1a149385a819e39d4c1bd6eee"><code>a2cbacf</code></a> Respect the base's constraint for extra-ed package</li> <li><a href="https://github.com/pypa/pip/commit/3d7b9c50342b1b0d4cba96016dcf82970d902d62"><code>3d7b9c5</code></a> Correctly ignore osx_framework_user mismatches</li> <li><a href="https://github.com/pypa/pip/commit/5fc6d16050adbb8ad17f399b332de1fdad6c769d"><code>5fc6d16</code></a> Suppress location warning on abiflag differences</li> <li><a href="https://github.com/pypa/pip/commit/cc5563e25172372f26de17663951c7b76223ab69"><code>cc5563e</code></a> Kill location warning on Deb and RH system Python</li> <li><a href="https://github.com/pypa/pip/commit/ec41e0ca0c32688b42ed3bcded5c3d0cf3c12c4f"><code>ec41e0c</code></a> Patch tenacity to quote typing.NoReturn</li> <li><a href="https://github.com/pypa/pip/commit/8a38cc61555673353952e260ff4b3ca9168c47ab"><code>8a38cc6</code></a> Fix broken link in <code>README.rst</code></li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/21.2.1...21.2.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=21.2.1&new-version=21.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Description
Pip looks at many version of an extra'ed dependency, even if the version is pinned with a constraint.
Expected behavior
Since there is a constraint that specifies an exact version for google-api-core, could the resolver use that information to avoid looking at many versions? If the [grpc] extra is not specified it seems pip immediately selects the correct version.
pip version
21.2.1
Python version
3.8
OS
Linux, probably not relevant
How to Reproduce
Assume the following setup.py, with a dependency on google-api-core with grpc extra:
and requirements.txt which pins google-api-core:
Running
pip install -c requirements.txt -e .
shows that pip is trying several versions of google-api-core:Output
No response
Code of Conduct
The text was updated successfully, but these errors were encountered: