kalliope
kalliope copied to clipboard
Revise urllib3’s version constraint to remove the potential dependency conflicts
Hi, as shown in the following full dependency graph of kalliope, kallioperequires urllib3 (the latest version), while the installed version of requests(2.22.0) requires urllib3>=1.21.1,<1.26.
According to pip's “first found wins” installation strategy, urllib3 1.25.3 is the actually installed version.
Although the first found package version urllib3 1.25.3 just satisfies the later dependency constraint (urllib3>=1.21.1, <1.26), it will lead to a build failure once developers release a newer version of urllib3.
Dependency tree--------
kalliope(version range:)
| +-pyyaml(version range:>=5.1)
| +-six(version range:>=1.12.0)
| +-SpeechRecognition(version range:>=3.8.1)
| +-markupsafe(version range:>=1.1.1)
| +-pyaudio(version range:>=0.2.11)
| +-pyasn1(version range:>=0.4.5)
| +-ansible(version range:>=2.8.1)
| +-jinja2(version range:>=2.10.1)
| +-cffi(version range:>=1.12.3)
| +-ipaddress(version range:>=1.0.17)
| +-flask(version range:>=1.0.3)
| | +-Werkzeug(version range:>=0.15)
| | +-Jinja2(version range:>=2.10.1)
| | +-itsdangerous(version range:>=0.24)
| | +-click(version range:>=5.1)
| +-Flask-Restful(version range:>=0.3.7)
| +-flask_cors(version range:>=3.0.8)
| +-requests(version range:>=2.22.0)
| | +-chardet(version range:>=3.0.2,<3.1.0)
| | +-idna(version range:>=2.5,<2.9)
| | +-urllib3(version range:>=1.21.1,<1.26)
| | +-certifi(version range:>=2017.4.17)
| +-httpretty(version range:>=0.8.14)
| | +-six(version range:)
| +-mock(version range:>=3.0.5)
| +-Flask-Testing(version range:>=0.7.1)
| | +-Flask(version range:)
| | | +-Werkzeug(version range:>=0.15)
| | | +-Jinja2(version range:>=2.10.1)
| | | +-itsdangerous(version range:>=0.24)
| | | +-click(version range:>=5.1)
| +-apscheduler(version range:>=3.6.0)
| +-GitPython(version range:>=2.1.11)
| +-packaging(version range:>=19.0)
| +-transitions(version range:>=0.6.9)
| | +-six(version range:)
| +-sounddevice(version range:>=0.3.13)
| +-SoundFile(version range:>=0.10.2)
| +-pyalsaaudio(version range:>=0.8.4)
| +-sox(version range:>=1.3.7)
| +-paho-mqtt(version range:>=1.4.0)
| +-voicerss_tts(version range:>=1.0.6)
| +-gTTS(version range:>=2.0.3)
| +-urllib3(version range:>=1.25.3)
Thanks for your attention. Best, Neolith
Solution
-
Fix your direct dependencies to be urllib3>=1.21.1,<1.26 and requests==2.22.0, to remove this conflict. I have checked this revision will not affect your downstream projects now.
-
Remove your direct dependency urllib3, and use urllib3 transitively introduced by requests.
@Sispheor Please let me know your choice. I can submit a PR to solve this issue. Build a good dependency ecosystem for python projects is our common goal ^_^.
Hi, thanks for pointing this out. The second solution looks good. @monf what do you think?