On Tue, Jun 17, 2014 at 10:33 PM, Mike Spreitzer <mspre...@us.ibm.com> wrote: > I have noticed that lately DevStack has been hacking requirements.txt in > most projects and test-requirements.txt in many. Why is this being done? > > Thanks, > Mike > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >
This is being done to ensure that all projects are tested with a common reproduceable dependency list. Without doing this every project can install different versions of things based on the way pip resolves dependencies. It isn't intuitive and can cause us to not actually work with the dependencies advertised in requirements.txt. For example since we don't make requirements syncs happen in lockstep project A may depend on an older version of some dependency that is shared with project B. Pip will then install this older version for us and this older version is what gets tested. Then we update the dependency in project A and everything breaks because we actually needed the older version. It is also possible that project B absolutely requires the newer version that we have stated in requirements.txt (perhaps this is why requirements.txt says what it says), but if it gets the old version from project A now project B is broken. Clark _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
