Previously Chris Withers wrote: > Paul Winkler wrote: > > Well, yeah. The point of the suggestion was specifically to help you > > get more info about the dependency chain, since pip is more verbose > > about that than easy_install is. > > Well, running buildout -vvvvv gives some good clues, a piece of which is > this: > > Getting required 'zope.app.security' > required by zope.app.publication 3.5.1. > required by zope.app.component 3.6.0. > required by zope.app.testing 3.6.0. > We have the best distribution that satisfies 'zope.app.security'. > Picked: zope.app.security = 3.7.0 > > > Okay, cute, but WHY is 3.7.0 being picked, rather than the 3.6.0 that's > nailed down in zope2 2.12.0a1's setup.py?!
Because buildout is not installing the Zope2 at that point, so it is not using any version pins defined by the Zope2 egg. That is a design flaw in setuptools at the moment: it works package-by-package instead of trying to figure out what the final target working set should look like. Wichert. -- Wichert Akkerman <wich...@wiggy.net> It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )