Loose version in requirements.in

785 views Asked by At

I am writing a library A that is used by an application B,

I am using pip-compile in the process for both library A and application B, and would like my requirements.txt to have a loose dependency such as

# requirements.in for library A
pandas~=1.4.0  # will install the highest version available above 1.4.0 , but not 1.5.0  or higher.

After pip-compile, this is what I have

# requirements.txt for library A
...
pandas==1.4.4
...

Is it possible to have this instead, for the output of pip-compile, so that other application B can decide, during dependency resolution, on what exact version of pandas==1.4.x to use?

# requirements.txt for library A
...
pandas~=1.4.0
...
# requirements.in for application B
libraryA==1.1.1
pandas==1.4.2

# There are incompatible versions in the resolved dependencies:
#   pandas==1.4.2 from ...
#   pandas==1.4.4 (from libraryA==1.1.1->-r requirements.in (line 1))
2

There are 2 answers

0
wankata On

Your problem is not how pip-compile works, but that you are using it at all for a library. Your library is not supposed to pin versions. The version pinning is made at the application side, just because libraries don't pin packages. And for a good reason: libraries don't have the context of all your dependencies and cannot decide for you which version of package x is compatible with all your dependencies requiring it. What I would expect from your library is to have a pyproject.toml/setup.cfg/setup.py file instructing pip like this:

#pyproject.toml
[project]
dependencies = [
    "pandas~=1.4.0"
]

And then, when I pin my versions in my application with pip-tools, pip will decide which is the most up-to-date appropriate version of pandas for my specific project and dependency tree.

Your library should give the range of your dependencies' versions you expect it to work well with, but should never pin a version, except the extremely rare case where you depend on something really specific in one and only one version of your dependency [a bug most probably :)].

4
Marco Massetti On

This should be possible by using the string version

pip install 'pandas>=1.4.0,<1.5.0'

Use double quotes for Windows.