Paul Moore

If you don't mind, I'm going to leave the question of how you view `-e .` for now. I see your point, and it has some merits, but I want...

> Neither pip-tools nor Dependabot (which uses pip-tools) have the capability of doing anything but pinning exact dependencies. OK, cool. So (without making a comment on the importance of addressing...

As I said, I was (deliberately, for the sake of understanding the use case) ignoring your view on how `-e` should be interpreted. Let's put it this way. The behaviour...

For the purposes of being precise, I believe that an actionable version of @davidism's suggestion would be: * If an editable requirement is provided, pip should ignore any version specifier...

@davidsim Not at all, pip's resolver has been broken for so long that it's really hard to untangle what counts as "broken" and what is "behaviour that people need that...

Maybe also suggest downloading all needed packages by other means and using a local wheelhouse via `--find-links`? Or is this too much detail? (It's hard to cover dependencies like this,...

Agreed. It's borederline related to the existing funded UX work (the suggested message here is very similar to where we've ended up with the `ResolutionImpossible` error for the new resolver)...

@beesuns Upgrade your Python installation to include ssl support. Unfortunately, we can't tell you how to do that, it depends on how you installed Python, and possibly how your distribution...

One point I'd like to try to capture in the model is where we can reasonably apply the rule that all instances of package XXX version X.Y are equivalent. I...

I will second @gaborbernat's comments here. Creating build environments is a non-trivial overhead in certain environments, Windows being very much an example of how bad it can get (particularly in...