[Python-ideas] Python dependancies

Pavol Lisy pavol.lisy at gmail.com
Sun Jan 15 06:09:27 EST 2017 

On 1/15/17, Steven D'Aprano <steve at pearwood.info> wrote:
> On Sun, Jan 15, 2017 at 12:24:29AM -0500, Mathieu TORTUYAUX wrote:

>> And each time Python project is run developer will be aware if
>> dependancies
>> are up to date.
>
> That would be awful. It would be pure noise. If I'm running an old
> version of something, its because I want, or need, to run an old
> version. Or because I just don't care -- why should I run the latest
> version just because it is the latest version?

Maybe because security updates?

> A sniffer that I can run when I want to run it would be useful. A
> sniffer that runs automatically would be a PITA.

It depends.

I think OS level update (for example: apt-get dist-upgrade) could be
fine. (if you like to stay on old version you could freeze it manually
- but you are risk incompatibilities)

virtual environment (for example: conda update --all) could be fine too.

Next one I personally could not propose outside of test virtual environment:
  pip install yolk3k
  yolk --upgrade # this upgrade all packages

(
I checked yolk -U on my anaconda environment and it found one beta and
one release candidate version as upgradeable targets:
  ipywidgets 5.2.2 (6.0.0.beta6)
  statsmodels 0.6.1 (0.8.0rc1)
is it acceptable for you Mathieu? Instead of develop your project you
could start to work like beta-tester. :)
)

Whole thing depends on what we like to optimize.

If we want that our open source project works fine only on latest
versions of dependencies then it could be unusable for many many
people!

If we like to work only for people on bleeding edge or if we like to
reduce our testing environments only to "newest" versions then some
"edge" distribution could help. I mean it is safer  to propose run
"conda update --all" (because it is much more tested environment) for
users than run "yolk --upgrade".

So Mathieu - maybe you could try install Anaconda and run regularly
"conda update --all" and check if it satisfy your expectations.

Or maybe you could check
https://pip.pypa.io/en/stable/user_guide/#requirements-files (sorry if
I write something too obvious for you) and you and your colleagues
could manage your requirements file manually.

More information about the Python-ideas mailing list