pipfile icon indicating copy to clipboard operation
pipfile copied to clipboard
verified publisher icon pypa

Skip lock on a single dependency

Open hackeryarn opened this issue 5 years ago • 4 comments

Is there currently a way to skip locking a single dependency.

In my case, one of my dependencies comes from a private repository that does not provide valid hashes. Right now, my only option is to run pipenv insatll --skip-lock.

I would like to still have a lock on all other dependencies but skip it for the dependency that doesn't have valid hashes.

hackeryarn avatar Mar 27 '20 18:03 hackeryarn

@hackeryarn This sounds like an issue you'd want to raise with pipenv, not pipfile.

GPHemsley avatar May 28 '20 05:05 GPHemsley

@GPHemsley Wouldn't we still need a syntax inside a Pipfile to skip locking a dependency? I don't think this is specific to pipenv, I just mentioned a work around that included it because that's what I was using.

In my scenario, I get an error because the private repository does not provide a valid hash for a dependency, therefore checking that dependency against the hash inside my Pipfile.lock always fails. I still want to use Pipfile.lock for all other dependencies but skip this one.

hackeryarn avatar May 28 '20 15:05 hackeryarn

Oh, you want to encode that instruction in your Pipfile? I misunderstood.

GPHemsley-RELX avatar May 21 '21 16:05 GPHemsley-RELX

That's exactly it. I would like a way to specify dependencies to skip locking while still locking the rest.

hackeryarn avatar May 21 '21 18:05 hackeryarn