Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Try out lockfiles for python dependency management #1612

Open
davemfish opened this issue Aug 8, 2024 · 0 comments
Open

Try out lockfiles for python dependency management #1612

davemfish opened this issue Aug 8, 2024 · 0 comments
Assignees
@davemfish

Comments

@davemfish
Copy link
Contributor

We are interested in having tighter control over the python dependencies that are installed during our testing & building GHA workflows. Some of the problems have been discussed over here: #1306

Lockfiles provided by conda-lock seem like a plausible solution.

Some requirements:

  • we still need the primary source of truth for dependencies to be in pip-compatible requirements files or pyproject.toml
    • we can generate conda-lock files from these, either from a pyproject.toml or via an intermediate conda environment.yml
  • we need locked dependencies for multiple platforms (at least windows and macos). They could be contained in the same conda-lock file.
  • we need locked dependencies for each Python version that we support. This may require separate lockfiles for each.
  • we need a system for periodically installing & testing the latest versions of packages, beyond what might be specified in the lockfile. And then updating the lockfile accordingly.
@davemfish davemfish self-assigned this Aug 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davemfish davemfish

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@davemfish