Fridolín Pokorný
Fridolín Pokorný
/remove-lifecycle stale
Hi @wjhrdy, thanks for poetry-related reports. They sound reasonable. 👍🏻 > It might be expected behavior to use the system python version over the specified version, but we might want...
If I understood metadata stated in the `pyproject.toml` correctly, poetry notes down python version it used: ``` [tool.poetry.dependencies] python = "^3.8" ``` We could propagate this information if stated -...
OK, I think we have a communication noise here - by propagating, I meant reading Python version from poetry files and adding it to Pipfile.lock format in `micropipenv._poetry2pipfile_lock`. Then other...
> Is something like >=3.7,
/remove-lifecycle rotten /reopen /triage accepted
> In the other hand, if we want to implement #189 we need better handling of the version ranges. But the code to handle this in `packaging` or `poetry.core` is...
CC @frenzymadness does this sound interesting feature to be implemented in micropipenv? It might be interesting to keep the report even in python s2i after the build to have a...
The feature might be interesting to track down what the installation process brought to the environment. The lockfile states package versions (optionally index URL in case of Pipenv lockfiles) but...
BTW this might be interesting to discuss with pip upstream and see their vision in this area. EDIT: A [link to the discussion](https://discuss.python.org/t/pip-installation-reports/12316). EDIT: related: https://github.com/trailofbits/pip-audit/issues/170