On 10/17/18, 12:24 AM, "William Pursell" <willi...@wepay.com.INVALID> wrote:
I'm jumping in a bit late here, and perhaps have missed some of the
discussion, but I haven't seen any mention of the fact that pinning
versions in setup.py isn't going to solve the problem. Perhaps it's
my lack of experience with pip, but currently pip doesn't provide any
guarantee that the version of a dependency specified in setup.py will
be the version that winds up being installed. Is this a known issue
that is being intentionally ignored because it's hard (and out of
scope) to solve? I agree that versions should be pinned in setup.py
for stable releases, but I think we need to be aware that this won't
solve the problem.
So the problem is going to be stubborn for the rare user not installing into a
clean venv, vm, or docker image, or who is not relying on pypi to host the
dependencies unmodified.
https://pip.pypa.io/en/stable/user_guide/#pinned-version-numbers
That doesn't mean it doesn't fix it for the vast majority of users who are
trying to install a particular supported stable release. Given that 1.10.0 is
the absolute very latest release, it should be supported.
Shouldn’t there be an expectation that installing on a clean system from a
supported stable branch will create a stable installation that can run the
release?
