Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adjust Python #110

Open
sanemat opened this issue Sep 19, 2014 · 8 comments
Open

Adjust Python #110

sanemat opened this issue Sep 19, 2014 · 8 comments

Comments

@sanemat
Copy link
Owner

sanemat commented Sep 19, 2014

requirements.txt + pip

@luzfcb
Copy link

luzfcb commented Sep 25, 2014

1 - look for the following requirements files in the project:

  • setup.py,
  • all files matching req_.txt or req_.pip,
  • all files matching requirements/.txt or requirements/.pip,
  • buildout.cfg and versions.cfg,
  • tox.ini.

2 - Detect inconsistency of dependencies. Same library but multiple versions defined on requirements ( including dependencies that are not explicitly used in the project, but are installed by the libraries that are used in the project )

Example:
the library A depends on FOO >= 1.0 library and B library

B library depends on FOO <= 0.8

In the end you will have a problem because B installed an older version of the FOO library, but A depends on a recent version of FOO library

ps: Sorry my english, I'm still learning

@sanemat
Copy link
Owner Author

sanemat commented Sep 26, 2014

@luzfcb Thanks for your suggestion!
Python community does not have a library for this type(like bundler, carton, david, composer) yet? Create this from scratch is a bit hard I think 😲

@luzfcb
Copy link

luzfcb commented Sep 26, 2014

The only one I know of is the pip [1].

about 1: https://requires.io already does this well. See full example here[2]

about 2: pip can detect when there is explicit duplication of a library on requirements files (at least when using -r option)
example.: pip install -r foo_file.any_extension

but so far, not figure out if it detects, or force it to detect the inconsistencies of dependencies that are not explicit on defined on requirements files.

requires.io not do that at the moment, but it would be extremely useful

ps.: do not know deeply the mentioned tools. in fact the only one who got to use was the composer for php language

[1] https://pypi.python.org/pypi/pip
[2] https://requires.io/github/mozilla/kuma/requirements/?branch=master

@luzfcb
Copy link

luzfcb commented Sep 26, 2014

@sanemat

beyond the pip, and perhaps srclib[1] and srclib-python [2]

https://sourcegraph.com/ is a service ( I still do not understand exactly what it does) made upon srclib

[1] https://srclib.org/
[2] https://github.com/sourcegraph/srclib-python

@sanemat
Copy link
Owner Author

sanemat commented Sep 26, 2014

@luzfcb Thanks!

@waghanza
Copy link

waghanza commented Mar 7, 2018

@sanemat What is the status about that ?

@sanemat
Copy link
Owner Author

sanemat commented Mar 8, 2018

@waghanza Sorry, There is no progress.
I recommend you to do like this https://moneyforward.com/engineers_blog/2017/08/31/bye-tachikoma-gem/#post-7045-md-12
I want to know your own solution! Thanks!

@waghanza
Copy link

waghanza commented Mar 8, 2018

@sanemat I always used requirements.txt (or requirements-dev.txt) conventions on python module.

I haven't yet see the code, but I'll probably parse the pypi api

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants