Upgrade pip-tools to 7.2.0
#7711
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jeffwidman
force-pushed
the
upgrade-pip-tools-to-latest
branch
from
b975629
to
a292316
Compare
jeffwidman
commented
Aug 3, 2023
| options += ["--allow-unsafe"] | ||
| options += ["--resolver backtracking"] if new_resolver_supported? |
There was a problem hiding this comment.
Interestingly, just a few months ago this option was made inheritable from the conf file:
But only over in pip_compile_file_updater, not here in pip_compile_version_resolver... @gmcrocetti curious why you only added it in one file?
There was a problem hiding this comment.
Also, out of scope for this PR, but I'd be personally inclined once this PR lands bumping pip-tools past 7.x to drop support for the legacy resolver... it's no longer the default, it's days are numbered, so I suspect not that many folks use it... probably the original impetus for #6914 was actually to use the new backtracking resolver before it was the default.
So if we removed support for legacy... probably be throwing a user-facing error if we encounter the option, then we wouldn't have to worry about supporting multiple paths and would also give a heads up to users that they need to switch.
Filed to track this:
This may be a little more aggressive then we're actually willing to do, so please take this opinion as my personal opinion and not the committed plan of the 
team.
There was a problem hiding this comment.
Hey @jeffwidman .
But only over in pip_compile_file_updater, not here in pip_compile_version_resolver... @gmcrocetti curious why you only added it in one file?
Sorry but I can't help you much here, I'm not well versed with the codebase. What I do know and call tell you for sure is that --resolver=backtracking never worked before #6914. Also, line 257 checked (should) true for my private repository (We started with python 3.9.*) - LMK if I can provide more context.
probably the original impetus for #6914 was actually to use the new backtracking resolver before it was the default.
In fact the idea was to let users choose whatever resolver they wanted to.
probably be throwing a user-facing error if we encounter the option, then we wouldn't have to worry about supporting multiple paths
I do agree "not that many folks" are using legacy but I would follow Hyrum's Law take on that and let users decide until of course pip-tools removes the support.
There was a problem hiding this comment.
Thanks for getting back to me.
What I do know and call tell you for sure is that --resolver=backtracking never worked before #6914.
Yes, because we didn't check that flag at all until that PR. Plus the backtracking resolver wasn't the default until 7.0.0 release.
I guess on second thought, there may be other resolvers down the road too, who knows... in which case we should properly implement the resolver checks both places.
There was a problem hiding this comment.
I took a further look at this, prompted by:
TBH, there's fundamentally more here than just the missing resolver option... we simply don't look at the options at all specified in the header of the compiled requirements.txt. Furthermore, there's a lot of cruft in there of copy/pasted code... so IMO it's not worth hacking in just this single option... instead, better to look at refactoring the whole "parsing" code so that its DRY'd up and reusable from both places:
jeffwidman
added
the
Ecosystems
jeffwidman
force-pushed
the
upgrade-pip-tools-to-latest
branch
from
a292316
to
b25a81c
Compare
jeffwidman
added a commit
that referenced
this pull request
Aug 5, 2023
Under `pip-tools` `7.0.0`, the default flipped from `--resolver=legacy` to `--resolver=backtracking`. As a result, the error message changed. Furthermore, the new error message is hidden behind an exception thrown by `cython>=3.0.0`/`pyyaml<6.0.1` conflict (details in yaml/pyyaml#702). I already fixed a similar error here: 0a8e0b4 So the first thing I did was bump `pyyaml` to `6.0.1`. While not strictly necessary, it'll make later debugging easier when / if someone is trying to repro this error under the new `backtracking` resolver. Secondly, I specified `--resolver=legacy` to preserve the old behavior even after we upgrade `pip-tools` (#7711). This is acceptable for the purposes of this test because this isn't testing the resolver behavior, it's testing that we properly convert the `pip-tools` native error to a well-known `Dependabot::DependencyFileNotResolvable` error. I did take a peek at the `pip-tools` internals to see if this error messsage was specific solely to the `legacy` resolver, but the logic looks pretty generic... ie, this likely could be raised under the new resolver: https://github.com/jazzband/pip-tools/blob/9e4aeff8f3b5518586091700bec9bbb570154a38/piptools/exceptions.py#L53 This is admittedly a short-term solution because the `legacy` resolver is deprecated and will be removed at some point in the future... so at that point we'll need to find another way to reproduce the error. But enough other things could change upstream in `pip`/`pip-tools` (such as they might switch the error or remove it when they remove the legacy resolver) so we can worry about that when we get there rather than prematurely optimizing. Technically I suppose we could mock the response from calling `pip-compile`, but I hate mocking what I don't own... much prefer to simply coerce it to return the expected error message. For future reference, here's the error message under `--resolver=legacy`: ```shell ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==6.0.1,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==6.0.1 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ``` And here's the error message under `--resolver=backtracking`: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=backtracking incompatible_versions.in ERROR: Cannot install -r incompatible_versions.in (line 3) and jinja2-cli[yaml]==0.7.0 because these package versions have conflicting dependencies. Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 316, in _backjump name, candidate = broken_state.mapping.popitem() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ KeyError: 'dictionary is empty' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 92, in resolve result = self._result = resolver.resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 546, in resolve state = resolution.resolve(requirements, max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 434, in resolve success = self._backjump(causes) ^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 318, in _backjump raise ResolutionImpossible(causes) pip._vendor.resolvelib.resolvers.ResolutionImpossible: [RequirementInformation(requirement=SpecifierRequirement('pyyaml; extra == "yaml"'), parent=ExtrasCandidate(base=LinkCandidate('https://files.pythonhosted.org/packages/83/52/c1bb249f49b204c14bf603e1b1a6dc2db8c3b631c4fe00a2872360085cd6/jinja2_cli-0.7.0-py2.py3-none-any.whl (from https://pypi.org/simple/jinja2-cli/)'), extras=frozenset({'yaml'}))), RequirementInformation(requirement=SpecifierRequirement('PyYAML<5.4,>=3.10; python_version != "3.4"'), parent=LinkCandidate('https://files.pythonhosted.org/packages/4e/68/35522bf3b5ef9186f3cd7cfdc00fe708c019fada077a21009ff78757b0f9/awscli-1.18.198-py2.py3-none-any.whl (from https://pypi.org/simple/awscli/)'))] The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/bin/pip-compile", line 8, in <module> sys.exit(cli()) ^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1157, in __call__ return self.main(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1078, in main rv = self.invoke(ctx) ^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1434, in invoke return ctx.invoke(self.callback, **ctx.params) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 783, in invoke return __callback(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/decorators.py", line 33, in new_func return f(get_current_context(), *args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/scripts/compile.py", line 657, in cli results = resolver.resolve(max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 604, in resolve is_resolved = self._do_resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 636, in _do_resolve resolver.resolve( File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 101, in resolve raise error from e pip._internal.exceptions.DistributionNotFound: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts ``` Furthermore, the `cython>=3.0.0`/`pyyaml<=6.0.1` conflict only appears when I do `--resolver=backtracking`, otherwise under the legacy resolver I don't see that error, even on older version of pyyaml: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==5.4 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==5.4,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==5.4 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ```
jeffwidman
added a commit
that referenced
this pull request
Aug 5, 2023
Under `pip-tools` `7.0.0`, the default flipped from `--resolver=legacy` to `--resolver=backtracking`. As a result, the error message changed. Furthermore, the new error message is hidden behind an exception thrown by `cython>=3.0.0`/`pyyaml<6.0.1` conflict (details in yaml/pyyaml#702). I already fixed a similar error here: 0a8e0b4 So the first thing I did was bump `pyyaml` to `6.0.1`. While not strictly necessary, it'll make later debugging easier when / if someone is trying to repro this error under the new `backtracking` resolver. Secondly, I specified `--resolver=legacy` to preserve the old behavior even after we upgrade `pip-tools` (#7711). This is acceptable for the purposes of this test because this isn't testing the resolver behavior, it's testing that we properly convert the `pip-tools` native error to a well-known `Dependabot::DependencyFileNotResolvable` error. I did take a peek at the `pip-tools` internals to see if this error messsage was specific solely to the `legacy` resolver, but the logic looks pretty generic... ie, this likely could be raised under the new resolver: https://github.com/jazzband/pip-tools/blob/9e4aeff8f3b5518586091700bec9bbb570154a38/piptools/exceptions.py#L53 This is admittedly a short-term solution because the `legacy` resolver is deprecated and will be removed at some point in the future... so at that point we'll need to find another way to reproduce the error. But enough other things could change upstream in `pip`/`pip-tools` (such as they might switch the error or remove it when they remove the legacy resolver) so we can worry about that when we get there rather than prematurely optimizing. Technically I suppose we could mock the response from calling `pip-compile`, but I hate mocking what I don't own... much prefer to simply coerce it to return the expected error message. For future reference, here's the error message under `--resolver=legacy`: ```shell ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==6.0.1,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==6.0.1 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ``` And here's the error message under `--resolver=backtracking`: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=backtracking incompatible_versions.in ERROR: Cannot install -r incompatible_versions.in (line 3) and jinja2-cli[yaml]==0.7.0 because these package versions have conflicting dependencies. Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 316, in _backjump name, candidate = broken_state.mapping.popitem() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ KeyError: 'dictionary is empty' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 92, in resolve result = self._result = resolver.resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 546, in resolve state = resolution.resolve(requirements, max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 434, in resolve success = self._backjump(causes) ^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 318, in _backjump raise ResolutionImpossible(causes) pip._vendor.resolvelib.resolvers.ResolutionImpossible: [RequirementInformation(requirement=SpecifierRequirement('pyyaml; extra == "yaml"'), parent=ExtrasCandidate(base=LinkCandidate('https://files.pythonhosted.org/packages/83/52/c1bb249f49b204c14bf603e1b1a6dc2db8c3b631c4fe00a2872360085cd6/jinja2_cli-0.7.0-py2.py3-none-any.whl (from https://pypi.org/simple/jinja2-cli/)'), extras=frozenset({'yaml'}))), RequirementInformation(requirement=SpecifierRequirement('PyYAML<5.4,>=3.10; python_version != "3.4"'), parent=LinkCandidate('https://files.pythonhosted.org/packages/4e/68/35522bf3b5ef9186f3cd7cfdc00fe708c019fada077a21009ff78757b0f9/awscli-1.18.198-py2.py3-none-any.whl (from https://pypi.org/simple/awscli/)'))] The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/bin/pip-compile", line 8, in <module> sys.exit(cli()) ^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1157, in __call__ return self.main(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1078, in main rv = self.invoke(ctx) ^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1434, in invoke return ctx.invoke(self.callback, **ctx.params) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 783, in invoke return __callback(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/decorators.py", line 33, in new_func return f(get_current_context(), *args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/scripts/compile.py", line 657, in cli results = resolver.resolve(max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 604, in resolve is_resolved = self._do_resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 636, in _do_resolve resolver.resolve( File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 101, in resolve raise error from e pip._internal.exceptions.DistributionNotFound: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts ``` Furthermore, the `cython>=3.0.0`/`pyyaml<=6.0.1` conflict only appears when I do `--resolver=backtracking`, otherwise under the legacy resolver I don't see that error, even on older version of pyyaml: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==5.4 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==5.4,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==5.4 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ```
jeffwidman
force-pushed
the
upgrade-pip-tools-to-latest
branch
from
b25a81c
to
e0013e0
Compare
jeffwidman
added a commit
that referenced
this pull request
Aug 7, 2023
Under `pip-tools` `7.0.0`, the default flipped from `--resolver=legacy` to `--resolver=backtracking`. As a result, the error message changed. Furthermore, the new error message is hidden behind an exception thrown by `cython>=3.0.0`/`pyyaml<6.0.1` conflict (details in yaml/pyyaml#702). I already fixed a similar error here: 0a8e0b4 So the first thing I did was bump `pyyaml` to `6.0.1`. While not strictly necessary, it'll make later debugging easier when / if someone is trying to repro this error under the new `backtracking` resolver. Secondly, I specified `--resolver=legacy` to preserve the old behavior even after we upgrade `pip-tools` (#7711). This is acceptable for the purposes of this test because this isn't testing the resolver behavior, it's testing that we properly convert the `pip-tools` native error to a well-known `Dependabot::DependencyFileNotResolvable` error. I did take a peek at the `pip-tools` internals to see if this error messsage was specific solely to the `legacy` resolver, but the logic looks pretty generic... ie, this likely could be raised under the new resolver: https://github.com/jazzband/pip-tools/blob/9e4aeff8f3b5518586091700bec9bbb570154a38/piptools/exceptions.py#L53 This is admittedly a short-term solution because the `legacy` resolver is deprecated and will be removed at some point in the future... so at that point we'll need to find another way to reproduce the error. But enough other things could change upstream in `pip`/`pip-tools` (such as they might switch the error or remove it when they remove the legacy resolver) so we can worry about that when we get there rather than prematurely optimizing. Technically I suppose we could mock the response from calling `pip-compile`, but I hate mocking what I don't own... much prefer to simply coerce it to return the expected error message. For future reference, here's the error message under `--resolver=legacy`: ```shell ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==6.0.1,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==6.0.1 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ``` And here's the error message under `--resolver=backtracking`: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=backtracking incompatible_versions.in ERROR: Cannot install -r incompatible_versions.in (line 3) and jinja2-cli[yaml]==0.7.0 because these package versions have conflicting dependencies. Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 316, in _backjump name, candidate = broken_state.mapping.popitem() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ KeyError: 'dictionary is empty' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 92, in resolve result = self._result = resolver.resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 546, in resolve state = resolution.resolve(requirements, max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 434, in resolve success = self._backjump(causes) ^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 318, in _backjump raise ResolutionImpossible(causes) pip._vendor.resolvelib.resolvers.ResolutionImpossible: [RequirementInformation(requirement=SpecifierRequirement('pyyaml; extra == "yaml"'), parent=ExtrasCandidate(base=LinkCandidate('https://files.pythonhosted.org/packages/83/52/c1bb249f49b204c14bf603e1b1a6dc2db8c3b631c4fe00a2872360085cd6/jinja2_cli-0.7.0-py2.py3-none-any.whl (from https://pypi.org/simple/jinja2-cli/)'), extras=frozenset({'yaml'}))), RequirementInformation(requirement=SpecifierRequirement('PyYAML<5.4,>=3.10; python_version != "3.4"'), parent=LinkCandidate('https://files.pythonhosted.org/packages/4e/68/35522bf3b5ef9186f3cd7cfdc00fe708c019fada077a21009ff78757b0f9/awscli-1.18.198-py2.py3-none-any.whl (from https://pypi.org/simple/awscli/)'))] The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/bin/pip-compile", line 8, in <module> sys.exit(cli()) ^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1157, in __call__ return self.main(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1078, in main rv = self.invoke(ctx) ^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1434, in invoke return ctx.invoke(self.callback, **ctx.params) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 783, in invoke return __callback(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/decorators.py", line 33, in new_func return f(get_current_context(), *args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/scripts/compile.py", line 657, in cli results = resolver.resolve(max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 604, in resolve is_resolved = self._do_resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 636, in _do_resolve resolver.resolve( File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 101, in resolve raise error from e pip._internal.exceptions.DistributionNotFound: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts ``` Furthermore, the `cython>=3.0.0`/`pyyaml<=6.0.1` conflict only appears when I do `--resolver=backtracking`, otherwise under the legacy resolver I don't see that error, even on older version of pyyaml: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==5.4 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==5.4,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==5.4 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ```
jeffwidman
added a commit
that referenced
this pull request
Aug 7, 2023
Under `pip-tools` `7.0.0`, the default flipped from `--resolver=legacy` to `--resolver=backtracking`. As a result, the error message changed. Furthermore, the new error message is hidden behind an exception thrown by `cython>=3.0.0`/`pyyaml<6.0.1` conflict (details in yaml/pyyaml#702). I already fixed a similar error here: 0a8e0b4 So the first thing I did was bump `pyyaml` to `6.0.1`. While not strictly necessary, it'll make later debugging easier when / if someone is trying to repro this error under the new `backtracking` resolver. Secondly, I specified `--resolver=legacy` to preserve the old behavior even after we upgrade `pip-tools` (#7711). This is acceptable for the purposes of this test because this isn't testing the resolver behavior, it's testing that we properly convert the `pip-tools` native error to a well-known `Dependabot::DependencyFileNotResolvable` error. I did take a peek at the `pip-tools` internals to see if this error messsage was specific solely to the `legacy` resolver, but the logic looks pretty generic... ie, this likely could be raised under the new resolver: https://github.com/jazzband/pip-tools/blob/9e4aeff8f3b5518586091700bec9bbb570154a38/piptools/exceptions.py#L53 This is admittedly a short-term solution because the `legacy` resolver is deprecated and will be removed at some point in the future... so at that point we'll need to find another way to reproduce the error. But enough other things could change upstream in `pip`/`pip-tools` (such as they might switch the error or remove it when they remove the legacy resolver) so we can worry about that when we get there rather than prematurely optimizing. Technically I suppose we could mock the response from calling `pip-compile`, but I hate mocking what I don't own... much prefer to simply coerce it to return the expected error message. For future reference, here's the error message under `--resolver=legacy`: ```shell ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==6.0.1,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==6.0.1 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ``` And here's the error message under `--resolver=backtracking`: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=backtracking incompatible_versions.in ERROR: Cannot install -r incompatible_versions.in (line 3) and jinja2-cli[yaml]==0.7.0 because these package versions have conflicting dependencies. Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 316, in _backjump name, candidate = broken_state.mapping.popitem() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ KeyError: 'dictionary is empty' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 92, in resolve result = self._result = resolver.resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 546, in resolve state = resolution.resolve(requirements, max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 434, in resolve success = self._backjump(causes) ^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 318, in _backjump raise ResolutionImpossible(causes) pip._vendor.resolvelib.resolvers.ResolutionImpossible: [RequirementInformation(requirement=SpecifierRequirement('pyyaml; extra == "yaml"'), parent=ExtrasCandidate(base=LinkCandidate('https://files.pythonhosted.org/packages/83/52/c1bb249f49b204c14bf603e1b1a6dc2db8c3b631c4fe00a2872360085cd6/jinja2_cli-0.7.0-py2.py3-none-any.whl (from https://pypi.org/simple/jinja2-cli/)'), extras=frozenset({'yaml'}))), RequirementInformation(requirement=SpecifierRequirement('PyYAML<5.4,>=3.10; python_version != "3.4"'), parent=LinkCandidate('https://files.pythonhosted.org/packages/4e/68/35522bf3b5ef9186f3cd7cfdc00fe708c019fada077a21009ff78757b0f9/awscli-1.18.198-py2.py3-none-any.whl (from https://pypi.org/simple/awscli/)'))] The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/bin/pip-compile", line 8, in <module> sys.exit(cli()) ^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1157, in __call__ return self.main(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1078, in main rv = self.invoke(ctx) ^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1434, in invoke return ctx.invoke(self.callback, **ctx.params) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 783, in invoke return __callback(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/decorators.py", line 33, in new_func return f(get_current_context(), *args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/scripts/compile.py", line 657, in cli results = resolver.resolve(max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 604, in resolve is_resolved = self._do_resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 636, in _do_resolve resolver.resolve( File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 101, in resolve raise error from e pip._internal.exceptions.DistributionNotFound: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts ``` Furthermore, the `cython>=3.0.0`/`pyyaml<=6.0.1` conflict only appears when I do `--resolver=backtracking`, otherwise under the legacy resolver I don't see that error, even on older version of pyyaml: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==5.4 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==5.4,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==5.4 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ```
jeffwidman
force-pushed
the
upgrade-pip-tools-to-latest
branch
2 times, most recently
from
c037ceb
to
99787c8
Compare
jeffwidman
force-pushed
the
upgrade-pip-tools-to-latest
branch
2 times, most recently
from
f29cd6d
to
4bd0e46
Compare
deivid-rodriguez
approved these changes
Aug 17, 2023
Relevant breaking changes: https://github.com/jazzband/pip-tools/releases/tag/7.0.0
jeffwidman
force-pushed
the
upgrade-pip-tools-to-latest
branch
from
4bd0e46
to
9609182
Compare
brettfo
pushed a commit
to brettfo/dependabot-core
that referenced
this pull request
Oct 11, 2023
…bot#7738) Under `pip-tools` `7.0.0`, the default flipped from `--resolver=legacy` to `--resolver=backtracking`. As a result, the error message changed. Furthermore, the new error message is hidden behind an exception thrown by `cython>=3.0.0`/`pyyaml<6.0.1` conflict (details in yaml/pyyaml#702). I already fixed a similar error here: dependabot@0a8e0b4 So the first thing I did was bump `pyyaml` to `6.0.1`. While not strictly necessary, it'll make later debugging easier when / if someone is trying to repro this error under the new `backtracking` resolver. Secondly, I specified `--resolver=legacy` to preserve the old behavior even after we upgrade `pip-tools` (dependabot#7711). This is acceptable for the purposes of this test because this isn't testing the resolver behavior, it's testing that we properly convert the `pip-tools` native error to a well-known `Dependabot::DependencyFileNotResolvable` error. I did take a peek at the `pip-tools` internals to see if this error messsage was specific solely to the `legacy` resolver, but the logic looks pretty generic... ie, this likely could be raised under the new resolver: https://github.com/jazzband/pip-tools/blob/9e4aeff8f3b5518586091700bec9bbb570154a38/piptools/exceptions.py#L53 This is admittedly a short-term solution because the `legacy` resolver is deprecated and will be removed at some point in the future... so at that point we'll need to find another way to reproduce the error. But enough other things could change upstream in `pip`/`pip-tools` (such as they might switch the error or remove it when they remove the legacy resolver) so we can worry about that when we get there rather than prematurely optimizing. Technically I suppose we could mock the response from calling `pip-compile`, but I hate mocking what I don't own... much prefer to simply coerce it to return the expected error message. For future reference, here's the error message under `--resolver=legacy`: ```shell ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==6.0.1,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==6.0.1 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ``` And here's the error message under `--resolver=backtracking`: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==6.0.1 --resolver=backtracking incompatible_versions.in ERROR: Cannot install -r incompatible_versions.in (line 3) and jinja2-cli[yaml]==0.7.0 because these package versions have conflicting dependencies. Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 316, in _backjump name, candidate = broken_state.mapping.popitem() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ KeyError: 'dictionary is empty' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 92, in resolve result = self._result = resolver.resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 546, in resolve state = resolution.resolve(requirements, max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 434, in resolve success = self._backjump(causes) ^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py", line 318, in _backjump raise ResolutionImpossible(causes) pip._vendor.resolvelib.resolvers.ResolutionImpossible: [RequirementInformation(requirement=SpecifierRequirement('pyyaml; extra == "yaml"'), parent=ExtrasCandidate(base=LinkCandidate('https://files.pythonhosted.org/packages/83/52/c1bb249f49b204c14bf603e1b1a6dc2db8c3b631c4fe00a2872360085cd6/jinja2_cli-0.7.0-py2.py3-none-any.whl (from https://pypi.org/simple/jinja2-cli/)'), extras=frozenset({'yaml'}))), RequirementInformation(requirement=SpecifierRequirement('PyYAML<5.4,>=3.10; python_version != "3.4"'), parent=LinkCandidate('https://files.pythonhosted.org/packages/4e/68/35522bf3b5ef9186f3cd7cfdc00fe708c019fada077a21009ff78757b0f9/awscli-1.18.198-py2.py3-none-any.whl (from https://pypi.org/simple/awscli/)'))] The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/usr/local/.pyenv/versions/3.11.4/bin/pip-compile", line 8, in <module> sys.exit(cli()) ^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1157, in __call__ return self.main(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1078, in main rv = self.invoke(ctx) ^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 1434, in invoke return ctx.invoke(self.callback, **ctx.params) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/core.py", line 783, in invoke return __callback(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/click/decorators.py", line 33, in new_func return f(get_current_context(), *args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/scripts/compile.py", line 657, in cli results = resolver.resolve(max_rounds=max_rounds) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 604, in resolve is_resolved = self._do_resolve( ^^^^^^^^^^^^^^^^^ File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/piptools/resolver.py", line 636, in _do_resolve resolver.resolve( File "/usr/local/.pyenv/versions/3.11.4/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py", line 101, in resolve raise error from e pip._internal.exceptions.DistributionNotFound: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts ``` Furthermore, the `cython>=3.0.0`/`pyyaml<=6.0.1` conflict only appears when I do `--resolver=backtracking`, otherwise under the legacy resolver I don't see that error, even on older version of pyyaml: ```shell [dependabot-core-dev] ~/python/spec/fixtures/pip_compile_files $ pyenv exec pip-compile --build-isolation --output-file=../requirements/incompatible_versions.txt --no-emit-index-url -P pyyaml==5.4 --resolver=legacy incompatible_versions.in WARNING: the legacy dependency resolver is deprecated and will be removed in future versions of pip-tools. Using legacy resolver. Consider using backtracking resolver with `--resolver=backtracking`. Could not find a version that matches pyyaml<5.4,==5.4,>=3.10 Tried: 3.10, 3.10, 3.11, 3.11, 3.12, 3.12, 3.13, 5.1, 5.1.1, 5.1.2, 5.2, 5.3, 5.3.1, 5.4, 5.4.1, 6.0, 6.0, 6.0.1, 6.0.1 Skipped pre-versions: 3.13b1, 3.13rc1, 4.2b1, 4.2b2, 4.2b4, 5.1b1, 5.1b3, 5.1b5, 5.2b1, 5.3b1, 5.4b1, 5.4b2, 6.0b1 There are incompatible versions in the resolved dependencies: pyyaml==5.4 PyYAML<5.4,>=3.10 (from awscli==1.18.198->-r incompatible_versions.in (line 3)) pyyaml (from jinja2-cli[yaml]==0.7.0->-r incompatible_versions.in (line 2)) ```
brettfo
pushed a commit
to brettfo/dependabot-core
that referenced
this pull request
Oct 11, 2023
Relevant breaking changes: https://github.com/jazzband/pip-tools/releases/tag/7.0.0
jtrobles-cdd
added a commit
to cordada/lib-cl-sii-python
that referenced
this pull request
Nov 8, 2023
- [Software Repository](https://pypi.org/project/pip-tools/7.3.0/) - [Release notes](https://github.com/jazzband/pip-tools/releases/tag/7.3.0) - [Changelog](https://github.com/jazzband/pip-tools/blob/7.3.0/CHANGELOG.md#v730) - [Commits](jazzband/pip-tools@6.14.0...7.3.0) Update procedure: - Update Make variable `PYTHON_PIP_TOOLS_VERSION_SPECIFIER`. - Update version of `pip-tools` in file `requirements-dev.in`. - Compile Python dependency manifests with `make python-deps-compile`. Related Dependabot commits and pull requests: - dependabot/dependabot-core@a3af98f - dependabot/dependabot-core#7711 - dependabot/dependabot-core@54d0b22 - dependabot/dependabot-core#7845
jtrobles-cdd
added a commit
to cordada/lib-cl-sii-python
that referenced
this pull request
Nov 8, 2023
- [Software Repository](https://pypi.org/project/pip-tools/7.3.0/) - [Release notes](https://github.com/jazzband/pip-tools/releases/tag/7.3.0) - [Changelog](https://github.com/jazzband/pip-tools/blob/7.3.0/CHANGELOG.md#v730) - [Commits](jazzband/pip-tools@6.14.0...7.3.0) Update procedure: - Update Make variable `PYTHON_PIP_TOOLS_VERSION_SPECIFIER`. - Update version of `pip-tools` in file `requirements-dev.in`. - Compile Python dependency manifests with `make python-deps-compile`. Related Dependabot commits and pull requests: - dependabot/dependabot-core@a3af98f - dependabot/dependabot-core#7711 - dependabot/dependabot-core@54d0b22 - dependabot/dependabot-core#7845
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Relevant breaking changes: https://github.com/jazzband/pip-tools/releases/tag/7.0.0
So this is blocked by: