Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potential dependency conflicts between cape-client and requests #4

Open
NeolithEra opened this issue May 27, 2020 · 2 comments
Open

Potential dependency conflicts between cape-client and requests #4

NeolithEra opened this issue May 27, 2020 · 2 comments

Comments

@NeolithEra
Copy link

Hi, as shown in the following full dependency graph of cape-client, cape-client requires requests (>=2.18.1), while the installed version of _requests-toolbelt _(0.9.1) requires requests>=2.0.1,<3.0.0.

According to Pip's “first found wins” installation strategy, requests 2.23.0 is the actually installed version.

Although the first found package version requests 2.23.0 just satisfies the later dependency constraint (requests>=2.0.1,<3.0.0), it will lead to a build failure once developers release a newer version of requests.

Dependency tree--------

cape-client - 0.1.dev3
| +- numpy(install version:1.18.2 version range:*)
| +- pandas(install version:1.0.3 version range:*)
| +- requests(install version:2.23.0 version range:*)
| | +- certifi(install version:2020.4.5.1 version range:>=2017.4.17)
| | +- chardet(install version:3.0.4 version range:>=3.0.2,<4)
| | +- idna(install version:2.9 version range:>=2.5,<3)
| | +- urllib3(install version:1.25.9 version range:>=1.21.1,<1.26)
| +- requests-toolbelt(install version:0.9.1 version range:*)
| | +- requests(install version:2.23.0 version range:>=2.0.1,<3.0.0)
| | | +- certifi(install version:2020.4.5.1 version range:>=2017.4.17)
| | | +- chardet(install version:3.0.4 version range:>=3.0.2,<4)
| | | +- idna(install version:2.9 version range:>=2.5,<3)
| | | +- urllib3(install version:1.25.9 version range:>=1.21.1,<1.26)

Thanks for your attention.
Best,
Neolith
@NeolithEra
Copy link
Author

Solution

  1. Loosen the version range of requests to be <=2.23.0.
  2. Remove your direct dependency requests, and use the requests transitively introduced by _requests-toolbelt _.
  3. Ask your direct dependency requests-toolbelt to loosen the version range of requests to be >=2.0.1.
    @Elleo Which solution do you prefer, 1 ,2 or 3?
    Please let me know your choice. May I pull a request to solve this issue?

@NeolithEra
Copy link
Author

@samredway,Could you help me review this issue? Thx :p

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@NeolithEra