Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't pin importlib-metadata #1438

Closed
wants to merge 1 commit into from
Closed

Don't pin importlib-metadata #1438

wants to merge 1 commit into from

Conversation

stephenfin
Copy link

In commit 975a3f4, the importlib-metadata dependency was pinned to < 4.3. This was apparently to resolve some issues with that package that occured at that time. However, said issues are no longer present and this pinning is preventing packages that have flake8 as a dependency from using the newer releases of importlib-metadata (in my case, this is preventing us from bumping flake8 used by the OpenStack hacking package).

This PR proposes removing the cap as it's no longer necessary and is actively causing issues. I'm hoping that this can be included in a future patch release (i.e. 4.0.2) but if not, I guess a future minor release will have to suffice.

@stephenfin
Copy link
Author

fwiw, it's pretty self-explanatory but here's the error message I get when I try to bump the flake8 dependency for hacking:

$ tox -e py36                                                                                                                                                                                                      
py36 create: /home/stephenfin/openstack/hacking/.tox/py36                                                                                                                                              
py36 installdeps: -chttps://releases.openstack.org/constraints/upper/master, -r/home/stephenfin/openstack/hacking/requirements.txt, -r/home/stephenfin/openstack/hacking/test-requirements.
txt                                                                                                                                                                                                                
ERROR: invocation failed (exit code 1), logfile: /home/stephenfin/openstack/hacking/.tox/py36/log/py36-1.log                                                                                           
==================================================================================================== log start ====================================================================================================
Collecting flake8~=4.0.0                                                                                                                                                                                           
  Using cached flake8-4.0.1-py2.py3-none-any.whl (64 kB)
...
Collecting flake8~=4.0.0
  Downloading flake8-4.0.0-py2.py3-none-any.whl (64 kB)
ERROR: Cannot install -r /home/stephenfin/openstack/hacking/requirements.txt (line 1) because these package versions have conflicting dependencies.

The conflict is caused by:
    flake8 4.0.1 depends on importlib-metadata<4.3; python_version < "3.8"
    flake8 4.0.0 depends on importlib-metadata<4.3; python_version < "3.8"
    The user requested (constraint) importlib-metadata===4.8.1

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip attempt to solve the dependency conflict

ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/user_guide/#fixing-conflicting-dependencies
WARNING: You are using pip version 21.2.4; however, version 21.3.1 is available.
You should consider upgrading via the '/home/stephenfin/openstack/hacking/.tox/py36/bin/python -m pip install --upgrade pip' command.

We're seeing it because we use shared constraints files that are capping various dependencies, but obviously this would be an issue for a normal package that specified e.g. importlib-metadata>4.3.

@stephenfin
Revert "limit broken importlib-metadata CC @jaraco"
821c3c8 
This reverts commit 975a3f4. The
breakage has since been fixed and, per the documentation, we only need
to use ranges for mccabe, pyflakes, and pycodestyle.

Signed-off-by: Stephen Finucane <stephen@that.guru>
@sigmavirus24
Copy link
Member

Hey @stephenfin I believe unpinning this will start emitting deprecation warnings for the API flake8 uses and nudging towards the unstable API intended to replace it. We're not intending to move to that API and the deprecation warnings are going to create maintenance burden for us. (A very small team.) Ignoring the harassment and character assassination we've already received from core python developers for not finding this to be the best path forward. I don't think we'll e lifting this pin anytime soon

@stephenfin
Copy link
Author

stephenfin commented Nov 4, 2021
edited

The commit I'm reverting here was very light on detail so I've no idea what I've potentially walked into 😄 All I know is that without this, we can't use flake8 > 4.x in OpenStack-land.

Have you any links that you could point me to providing more detail on this issue? It would be nice to find some way to resolve this that works for both the flake8 maintainers and the OpenStack community at large.

@stephenfin
Copy link
Author

Oh, okay, this is python/importlib_metadata#319. Hmm...

@sigmavirus24
Copy link
Member

There are also discussions on discuss.python.org and there have been back channel discussions of Flake8 being unreasonable for taking someone at their word that an API was stable and should be relied upon while saying the new stable API could fly out the window in the next release

@sigmavirus24 sigmavirus24 mentioned this pull request Nov 10, 2021
Closed
justinmayer added a commit to pelican-plugins/linkclass that referenced this pull request Nov 17, 2021
@justinmayer
Set Flake8 to < 4.0 due to pinned importlib-metadata
80ebaaa 
Otherwise dependency resolution breaks when other dependencies specify
importlib-metadata >= 4.4, as done by Python-Markdown and many other
packages. More details here: PyCQA/flake8#1438
@justinmayer justinmayer mentioned this pull request Nov 17, 2021
Closed
rixx added a commit to pretalx/pretalx that referenced this pull request Nov 20, 2021
@rixx
Pin flake8 to <4 to keep markdown working
2439370 
Ref Python-Markdown/markdown#1200 ref PyCQA/flake8#1438
@MarcoGorelli MarcoGorelli mentioned this pull request Dec 29, 2021
Closed
@MarcoGorelli MarcoGorelli mentioned this pull request Jan 17, 2022
Closed
@rymurr rymurr mentioned this pull request Jan 18, 2022
Closed
@jeffnyman
Copy link

I see this PR is closed as are the tickets that reference the issue -- but what's the resolution for people who want to get work done on projects? When all this work is closed, guidance would be appreciated. (Although it sounds like that's what's being mentioned in the above referenced link as well: no guidance.)

Is the recourse to simply downgrade flake8 and pin it to version prior to 4.0.1?

@Mr0grog Mr0grog mentioned this pull request Feb 2, 2022
Closed
@dhirschfeld dhirschfeld mentioned this pull request Feb 20, 2022
Merged
5 tasks
@alexpulver
Copy link

@jeffnyman there are a few suggestions in #1522

@PyCQA PyCQA locked and limited conversation to collaborators Mar 7, 2022
@stephenfin stephenfin deleted the importlib-metadata branch June 7, 2022 12:35
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@stephenfin @sigmavirus24 @jeffnyman @alexpulver