Comments (5)
Hi @pawamoy @frostming , thank you both for your feedback. I didn't think of using two lock files. I have to give it some thoughts.
Have a nice day!
from pdm.
IMHO, the latest version should be sought, even in direct_minimal_versions strategy, since that strategy specifies how the lock file consistency with the pyproject file is enforced, not how the pyproject file is specified
I think, on the contrary, the lowest version should be locked.
- Another issue is what
pdm add
should do with respect to what is already specified in the pyproject file.
It means to "overwrite" what is stored in the pyproject.toml
- When reading the documentation, it is not obvious how to reliably increase the lower bounds of the dependencies specified in the pyproject file with PDM.
pdm update --unconstrained
for this. It is to "ignore" the version ranges in the pyproject.toml
temporarily and update the pinned version, then recalculate the version ranges based on the save strategy and write it back to pyproject.toml
from pdm.
Hi @frostming ,
Thanks for having speedily fixed this and taken the time to answer my comments!
Regarding your "lowest version" policy for pdm add <new>
under the direct_minimal_versions strategy, I might be using PDM wrong but it looks like it will make it harder to use. We use direct_minimal_versions to ensure that the lower version bounds in pyproject.toml
are tested, and therefore meaningful. When adding a new dependency in development, we do want to take the last stable version, since we will use the last features and documentation for new developments with that dependency. With this "lowest version" policy, I guess we will have to set the version we want explicitly with pdm add new_dep>=last_ver
. Am I correct?
from pdm.
You should probably use two lock files, one with latest versions (the default one), one with lowest versions (only used in CI, or maybe also when running tests locally).
from pdm.
Yes, basically you add dependencies to the default lock file which prefers latest and run pdm lock -L pdm.min.lock -S direct_minimal_versions
(The -S ...
can be omitted for subsequent runs) to produce another lock with minimal versions.
from pdm.
Related Issues (20)
- Feature request/proposal to expose project.scripts in output of `pdm show` HOT 2
- Proxy (HTTP_PROXY) settings are ignored for custom Repositories
- pdm venv activate doesn't quote strings properly for Powershell
- Inconsistent behavior between `pdm remove` and `pdm update`
- Unable to download non-py files HOT 2
- PDM caching breaks YoWASP packages HOT 5
- Remove editable package via CLI HOT 1
- In PowerShell `iex (pdm venv activate)` fails HOT 1
- Support for `--contstraint` file HOT 1
- Maximum recursion depth exceeded
- self update seem did not work HOT 2
- Allow installing packages without changing pyproject.toml HOT 1
- `pdm export --self` is incompatible with hashes (no `--without-hashes`)
- Locked incompatible file versions by Python version HOT 2
- Read operation timed out on bad connections
- Allow the repository url to be the service name in keyring HOT 1
- Skip using .netrc file on errors rather than raising HOT 1
- Auto show detail when step holding
- In monorepo, sibling dependencies can result in unintended absolute paths. HOT 2
- Settings for plugins
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pdm.