stable-diffusion-webui
stable-diffusion-webui copied to clipboard
[Bug]: Project dependencies may have API risk issues
Is there an existing issue for this?
- [X] I have searched the existing issues and checked the recent builds/commits
What happened?
Hi, In stable-diffusion-webui, inappropriate dependency versioning constraints can cause risks.
Below are the dependencies and version constraints that the project is using
basicsr
numpy
omegaconf
requests
piexif
Pillow
scikit-image>=0.19
timm==0.4.12
transformers==4.25.1
einops
lark
inflection
GitPython
psutil
The version constraint == will introduce the risk of dependency conflicts because the scope of dependencies is too strict. The version constraint No Upper Bound and * will introduce the risk of the missing API Error because the latest version of the dependencies may remove some APIs.
After further analysis, in this project, The version constraint of dependency basicsr can be changed to >=1.3.4.8,<=1.4.2.
The above modification suggestions can reduce the dependency conflicts as much as possible, and introduce the latest version as much as possible without calling Error in the projects.
Steps to reproduce the problem
The invocation of the current project includes all the following methods.
In version basicsr-1.3.4.7, the API basicsr.utils.download_util.load_file_from_url whch is used by the current project in stable-diffusion-webui/modules/modelloader.py is missing.
The calling methods from the basicsr
basicsr.utils.download_util.load_file_from_url basicsr.utils.img2tensor basicsr.utils.tensor2img basicsr.utils.get_root_logger basicsr.archs.rrdbnet_arch.RRDBNet
What should have happened?
import error
Commit where the problem happens
latest
What platforms do you use to access the UI ?
Linux
What browsers do you use to access the UI ?
No response
Command Line Arguments
no
List of extensions
no
Console logs
no
Additional information
No response
This repo uses requirements_versions.txt
as the canonical requirements file, and that file has pinned versions.
ok.