poetry icon indicating copy to clipboard operation
poetry copied to clipboard

Published 20 hours ago verified publisher icon python-poetry

`poetry update` seems to ignore pre-release preferences and install pre-releases for packages for which they are not allowed.

Open aucampia opened this issue 1 year ago • 16 comments

  • Poetry version: 1.5.1
  • Python version: 3.11
  • OS version and name: Debian GNU/Linux 12 (bookworm)
  • pyproject.toml: https://github.com/aucampia/issues/blob/ba53b364209e4d334bf8fc219f4667b6db8d287b/20230713-poetry-prerelease-backdoor/pyproject.toml
  • poetry.lock: https://github.com/aucampia/issues/blob/ba53b364209e4d334bf8fc219f4667b6db8d287b/20230713-poetry-prerelease-backdoor/poetry.lock
  • [x] I am on the latest stable Poetry version, installed using a recommended method.
  • [x] I have searched the issues of this repo and believe that this is not a duplicate.
  • [x] I have consulted the FAQ and blog for any relevant entries or release notes.
  • ~~If an exception occurs when executing a command, I executed it again in debug mode (-vvv option) and have included the output below.~~

Issue

With the linked poetry.lock and pyproject.toml, when I run poetry update sqlparse, poetry upgrades dbt-postgres to a pre-release version even though the pyproject.toml file has dbt-postgres = {version = "^1.5.2", allow-prereleases = false} (the default).

See below:

$ poetry update sqlparse
Updating dependencies
Resolving dependencies... (0.6s)

Package operations: 0 installs, 7 updates, 4 removals

  • Removing jsonschema-specifications (2023.6.1)
  • Removing referencing (0.29.1)
  • Removing rpds-py (0.8.10)
  • Removing werkzeug (2.3.6)
  • Updating typing-extensions (4.7.1 -> 4.6.3)
  • Updating urllib3 (2.0.3 -> 1.26.16)
  • Updating jsonschema (4.18.2 -> 3.2.0)
  • Updating mashumaro (3.6 -> 3.8.1)
  • Updating sqlparse (0.4.3 -> 0.4.4)
  • Updating dbt-core (1.5.2 -> 1.6.0b8)
  • Updating dbt-postgres (1.5.2 -> 1.6.0b8)

Writing lock file

This can be reproduced by running docker compose build in this directory. The output of doing this can be seen in here.

aucampia avatar Jul 13 '23 14:07 aucampia

dbt-core 1.5.2 has a dependency on "sqlparse (<0.4.4,>=0.2.3)"

therefore it is impossible to follow your command to update sqlparse without selecting pre-release versions of dbt-core etc.

dimbleby avatar Jul 13 '23 16:07 dimbleby

therefore it is impossible to follow your command to update sqlparse without selecting pre-release versions of dbt-core etc.

My expectation here is that it does not upgrade sqlparse because it can't do that with the other version constraints, which is that pre-release versions are not allowed.

If I explicitly set the version constraint for dbt-postgres to exclude 1.6.x, and then run poetry update sqlparse, it does nothing, to me it seems this same behaviour should apply for allow-prerelease=false (which is the default AFAIU).

aucampia avatar Jul 13 '23 17:07 aucampia

therefore it is impossible to follow your command to update sqlparse without selecting pre-release versions of dbt-core etc.

My expectation here is that it does not upgrade sqlparse because it can't do that with the other version constraints, which is that pre-release versions are not allowed.

Just to clarify this, given the version constraints in pyproject.toml, sqlparse is already the latest version it can be, so poetry update sqlparse should be a no-op, as it should upgrade to the latest version it can given version constraints.

This is also the documented behaviour:

https://github.com/python-poetry/poetry/blob/01657ddeca182259e4350794a4f378241336085f/docs/cli.md?plain=1#L290-L293

aucampia avatar Jul 13 '23 18:07 aucampia

I just encountered this with a gevent requirement installing a pre-release version of greenlet:

I have the requirement gevent = "*" gevent 23.7.0 currently has this dependency on greenlet:

'greenlet >= 2.0.0 ; platform_python_implementation=="CPython" and python_version < "3.12"',
'greenlet >= 3.0a1 ; platform_python_implementation=="CPython" and python_version >= "3.12"',

I have python 3.11, and yet, poetry decided to update me to the non-essential greenlet version 3.0a1.

This looks like a bug, and seems arbitrary. Before the following commands, I was on greenlet 2.0.2.

$ poetry update greenlet
Updating dependencies
Resolving dependencies...

No dependencies to install or update

$ poetry update six
Updating dependencies
Resolving dependencies...

Package operations: 0 installs, 1 update, 0 removals

  • Updating greenlet (2.0.2 -> 3.0.0a1)

If continue to update greenlet again it downgrades it back to 2.0.2, and asking to update six (which should do nothing) upgrades greenlet to 3.0.0.a1.

salty-horse avatar Jul 19 '23 15:07 salty-horse

For some context, I noticed this because Dependabot updated dbt-postgres to a beta version when doing an update for sqlite.

aucampia avatar Jul 19 '23 15:07 aucampia

Just to add some context in case this issue is important enough for someone to create a PR:

The default does not prohibit prereleases per se and IMO this makes sense and shouldn't be changed. Further, changing it would be breaking for some users. The motivation behind the default behavior is that if a constraint can only be fulfilled by a prerelease, dependency resolution should not fail per default.

Setting allow-prereleases to true tells poetry to make no distinction between prereleases and non-prereleases so that the latest suitable version is chosen, no matter if it's a prerelease and if there is an older suitable stable version.

Unfortunately, setting allow-prereleases to false, currently, is the same as the default, which is a bit confusing. I agree that setting it to false, should just fail if there is no non-prerelease that satisfies the constraint.

When I put it all together, I think allow-prereleases should become a tri-state setting:

  • unset (default): keep as is (prefer stable releases and choose prereleases if that's the only solution)
  • true: keep as is (no preference, use latest if possible)
  • false: change behavior so that prereleases are forbidden for real

radoering avatar Aug 03 '23 19:08 radoering

In my greenlet scenario above, I did not set allow-prereleases

salty-horse avatar Aug 03 '23 19:08 salty-horse

last time I thought about this I reckoned that allow-prereleases was a mistake and preferably should be removed altogether - which certainly is a different direction than making it more complicated. https://github.com/python-poetry/poetry/issues/7050#issuecomment-1318277013

I guess what is going on in this one is something like:

  • there's some part of the solve path A with one set of markers, in which a pre-release is either allowed or necessary and so poetry chooses the pre-release
  • then there's some other part of the solve path B with a different set of markers. In B the pre-release satisfies the relevant constraints, but as a pre-release would not otherwise have been chosen
  • sometimes poetry solves A first, and having decided that a pre-release is part of its overall solution anyway, re-uses it for B

dimbleby avatar Aug 03 '23 19:08 dimbleby

Got the same problem (poetry 1.6.1).

The pyproject.toml file doesn't mention allow-prereleases.

[tool.poetry.dependencies]
[...]
tensorflow = "^2.12"

$ poetry update
Updating dependencies
Resolving dependencies... ([...])

Package operations: [...] installs, [...] updates, [...] removals
  • [...]
  • Updating keras (2.13.1 -> 2.14.0rc0)
  • Updating tensorflow-estimator (2.13.0 -> 2.14.0rc0)
  • Updating tensorflow (2.13.0 -> 2.14.0rc1)
  • [...]

and then

$ poetry update tensorflow
Updating dependencies
Resolving dependencies... ([...])

Package operations: [...] installs, [...] updates, [...] removals
  • [...] 
  • Downgrading keras (2.14.0rc0 -> 2.13.1)
  • Downgrading tensorflow-estimator (2.14.0rc0 -> 2.13.0)
  • Downgrading tensorflow (2.14.0rc1 -> 2.13.0)
  • [...]

akeeman avatar Sep 06 '23 13:09 akeeman

Made some simple reproduction steps for my previous comment.

It boils down to:

  • Create a new project
  • add tensorflow
  • add numpy=^1.21

Right after adding tensorflow, it'll use tensorflow 2.13.0 and numpy 1.24.3. All good. After adding the extra non-limiting constraint on numpy it'll wrongly upgrade tensorflow to 2.14.0rc1, and numpy to 1.26.0. This is a violation of the rule "prefer stable releases and choose prereleases if that's the only solution" as mentioned by @radoering in this comment.

Full shell output 
$ poetry --version
Poetry (version 1.6.1)
$ poetry new foo
Created package foo in foo
$ cd foo
$ poetry env use python3.11
Creating virtualenv foo in /path/to/project/foo/.venv
Using virtualenv: /path/to/project/foo/.venv
$ sed -i -e 's~^python = "^3.10"$~python = "^3.11,<3.12"~' pyproject.toml
$ poetry add tensorflow
Using version ^2.13.0 for tensorflow

Updating dependencies
Resolving dependencies... (1.8s)

Package operations: 38 installs, 1 update, 0 removals

  • Installing certifi (2023.7.22)
  • Installing charset-normalizer (3.2.0)
  • Installing idna (3.4)
  • Installing pyasn1 (0.5.0)
  • Installing urllib3 (1.26.16)
  • Installing cachetools (5.3.1)
  • Installing oauthlib (3.2.2)
  • Installing pyasn1-modules (0.3.0)
  • Installing requests (2.31.0)
  • Installing rsa (4.9)
  • Installing google-auth (2.23.0)
  • Installing markupsafe (2.1.3)
  • Installing requests-oauthlib (1.3.1)
  • Installing absl-py (2.0.0)
  • Installing google-auth-oauthlib (1.0.0)
  • Installing grpcio (1.58.0)
  • Installing markdown (3.4.4)
  • Installing numpy (1.24.3)
  • Installing protobuf (4.24.3)
  • Updating setuptools (68.1.2 -> 68.2.2)
  • Installing six (1.16.0)
  • Installing tensorboard-data-server (0.7.1)
  • Installing werkzeug (2.3.7)
  • Installing astunparse (1.6.3)
  • Installing flatbuffers (23.5.26)
  • Installing gast (0.4.0)
  • Installing google-pasta (0.2.0)
  • Installing h5py (3.9.0)
  • Installing keras (2.13.1)
  • Installing libclang (16.0.6)
  • Installing opt-einsum (3.3.0)
  • Installing packaging (23.1)
  • Installing tensorboard (2.13.0)
  • Installing tensorflow-estimator (2.13.0)
  • Installing tensorflow-io-gcs-filesystem (0.34.0)
  • Installing termcolor (2.3.0)
  • Installing typing-extensions (4.5.0)
  • Installing wrapt (1.15.0)
  • Installing tensorflow (2.13.0)

Writing lock file
$ poetry add -vvv numpy=^1.21
Loading configuration file /home/<username>/.config/pypoetry/config.toml
Using virtualenv: /path/to/project/foo/.venv
[keyring.backend] Loading KWallet
[keyring.backend] Loading SecretService
[keyring.backend] Loading Windows
[keyring.backend] Loading chainer
[keyring.backend] Loading libsecret
[keyring.backend] Loading macOS
Creating new session for pypi.org
Source (PyPI): 27 packages found for numpy >=1.21,<2.0

Updating dependencies
Resolving dependencies...
   1: fact: foo is 0.1.0
   1: derived: foo
   1: fact: foo depends on tensorflow (^2.13.0)
   1: fact: foo depends on numpy (^1.21)
   1: selecting foo (0.1.0)
   1: derived: numpy (>=1.21,<2.0)
   1: derived: tensorflow (>=2.13.0,<3.0.0)
Source (PyPI): 27 packages found for numpy >=1.21,<2.0
   1: selecting numpy (1.26.0)
   1: fact: tensorflow (2.13.0) depends on absl-py (>=1.0.0)
   1: fact: tensorflow (2.13.0) depends on astunparse (>=1.6.0)
   1: fact: tensorflow (2.13.0) depends on flatbuffers (>=23.1.21)
   1: fact: tensorflow (2.13.0) depends on gast (>=0.2.1,<=0.4.0)
   1: fact: tensorflow (2.13.0) depends on google-pasta (>=0.1.1)
   1: fact: tensorflow (2.13.0) depends on h5py (>=2.9.0)
   1: fact: tensorflow (2.13.0) depends on libclang (>=13.0.0)
   1: fact: tensorflow (2.13.0) depends on numpy (>=1.22,<=1.24.3)
   1: fact: tensorflow (2.13.0) depends on opt-einsum (>=2.3.2)
   1: fact: tensorflow (2.13.0) depends on packaging (*)
   1: fact: tensorflow (2.13.0) depends on protobuf (>=3.20.3,<4.21.0 || >4.21.0,<4.21.1 || >4.21.1,<4.21.2 || >4.21.2,<4.21.3 || >4.21.3,<4.21.4 || >4.21.4,<4.21.5 || >4.21.5,<5.0.0dev)
   1: fact: tensorflow (2.13.0) depends on setuptools (*)
   1: fact: tensorflow (2.13.0) depends on six (>=1.12.0)
   1: fact: tensorflow (2.13.0) depends on termcolor (>=1.1.0)
   1: fact: tensorflow (2.13.0) depends on typing-extensions (>=3.6.6,<4.6.0)
   1: fact: tensorflow (2.13.0) depends on wrapt (>=1.11.0)
   1: fact: tensorflow (2.13.0) depends on grpcio (>=1.24.3,<2.0)
   1: fact: tensorflow (2.13.0) depends on tensorboard (>=2.13,<2.14)
   1: fact: tensorflow (2.13.0) depends on tensorflow-estimator (>=2.13.0,<2.14)
   1: fact: tensorflow (2.13.0) depends on keras (>=2.13.1,<2.14)
   1: fact: tensorflow (2.13.0) depends on tensorflow-io-gcs-filesystem (>=0.23.1)
   1: derived: not tensorflow (==2.13.0)
Source (PyPI): 0 packages found for tensorflow >2.13.0,<3.0.0
   1: fact: tensorflow (2.14.0rc1) depends on absl-py (>=1.0.0)
   1: fact: tensorflow (2.14.0rc1) depends on astunparse (>=1.6.0)
   1: fact: tensorflow (2.14.0rc1) depends on flatbuffers (>=23.5.26)
   1: fact: tensorflow (2.14.0rc1) depends on gast (>=0.2.1,<0.5.0 || >0.5.0,<0.5.1 || >0.5.1,<0.5.2 || >0.5.2)
   1: fact: tensorflow (2.14.0rc1) depends on google-pasta (>=0.1.1)
   1: fact: tensorflow (2.14.0rc1) depends on h5py (>=2.9.0)
   1: fact: tensorflow (2.14.0rc1) depends on libclang (>=13.0.0)
   1: fact: tensorflow (2.14.0rc1) depends on ml-dtypes (>=0.2.0)
   1: fact: tensorflow (2.14.0rc1) depends on numpy (>=1.23.5)
   1: fact: tensorflow (2.14.0rc1) depends on opt-einsum (>=2.3.2)
   1: fact: tensorflow (2.14.0rc1) depends on packaging (*)
   1: fact: tensorflow (2.14.0rc1) depends on protobuf (>=3.20.3,<4.21.0 || >4.21.0,<4.21.1 || >4.21.1,<4.21.2 || >4.21.2,<4.21.3 || >4.21.3,<4.21.4 || >4.21.4,<4.21.5 || >4.21.5,<5.0.0dev)
   1: fact: tensorflow (2.14.0rc1) depends on setuptools (*)
   1: fact: tensorflow (2.14.0rc1) depends on six (>=1.12.0)
   1: fact: tensorflow (2.14.0rc1) depends on termcolor (>=1.1.0)
   1: fact: tensorflow (2.14.0rc1) depends on typing-extensions (>=3.6.6)
   1: fact: tensorflow (2.14.0rc1) depends on wrapt (>=1.11.0,<1.15)
   1: fact: tensorflow (2.14.0rc1) depends on grpcio (>=1.24.3,<2.0)
   1: fact: tensorflow (2.14.0rc1) depends on tensorboard (>=2.14,<2.15)
   1: fact: tensorflow (2.14.0rc1) depends on tensorflow-estimator (>=2.14.0rc0,<2.15)
   1: fact: tensorflow (2.14.0rc1) depends on keras (>=2.14.0rc0,<2.15)
   1: fact: tensorflow (2.14.0rc1) depends on tensorflow-io-gcs-filesystem (>=0.23.1)
   1: selecting tensorflow (2.14.0rc1)
   1: derived: tensorflow-io-gcs-filesystem (>=0.23.1)
   1: derived: keras (>=2.14.0rc0,<2.15)
   1: derived: tensorflow-estimator (>=2.14.0rc0,<2.15)
   1: derived: tensorboard (>=2.14,<2.15)
   1: derived: grpcio (>=1.24.3,<2.0)
   1: derived: wrapt (>=1.11.0,<1.15)
   1: derived: typing-extensions (>=3.6.6)
   1: derived: termcolor (>=1.1.0)
   1: derived: six (>=1.12.0)
   1: derived: setuptools
   1: derived: protobuf (>=3.20.3,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5,<5.0.0dev)
   1: derived: packaging
   1: derived: opt-einsum (>=2.3.2)
   1: derived: ml-dtypes (>=0.2.0)
   1: derived: libclang (>=13.0.0)
   1: derived: h5py (>=2.9.0)
   1: derived: google-pasta (>=0.1.1)
   1: derived: gast (>=0.2.1,!=0.5.0,!=0.5.1,!=0.5.2)
   1: derived: flatbuffers (>=23.5.26)
   1: derived: astunparse (>=1.6.0)
   1: derived: absl-py (>=1.0.0)
Source (PyPI): 1 packages found for keras >=2.14.0rc0,<2.15
Source (PyPI): 1 packages found for tensorflow-estimator >=2.14.0rc0,<2.15
Source (PyPI): 1 packages found for tensorboard >=2.14,<2.15
Source (PyPI): 9 packages found for wrapt >=1.11.0,<1.15
[urllib3.connectionpool] Starting new HTTPS connection (1): pypi.org:443
[urllib3.connectionpool] https://pypi.org:443 "GET /simple/ml-dtypes/ HTTP/1.1" 304 0
[filelock] Attempting to acquire lock 139711856179232 on /home/<username>/.cache/pypoetry/cache/repositories/PyPI/_http/e/7/b/8/1/e7b816ce4417ea1e475b3775edac7072e2109deeebfd08b3249d8bfd.lock
[filelock] Lock 139711856179232 acquired on /home/<username>/.cache/pypoetry/cache/repositories/PyPI/_http/e/7/b/8/1/e7b816ce4417ea1e475b3775edac7072e2109deeebfd08b3249d8bfd.lock
[filelock] Attempting to release lock 139711856179232 on /home/<username>/.cache/pypoetry/cache/repositories/PyPI/_http/e/7/b/8/1/e7b816ce4417ea1e475b3775edac7072e2109deeebfd08b3249d8bfd.lock
[filelock] Lock 139711856179232 released on /home/<username>/.cache/pypoetry/cache/repositories/PyPI/_http/e/7/b/8/1/e7b816ce4417ea1e475b3775edac7072e2109deeebfd08b3249d8bfd.lock
Source (PyPI): 2 packages found for ml-dtypes >=0.2.0
   1: selecting keras (2.14.0)
   1: selecting tensorflow-estimator (2.14.0)
   1: fact: tensorboard (2.14.0) depends on absl-py (>=0.4)
   1: fact: tensorboard (2.14.0) depends on grpcio (>=1.48.2)
   1: fact: tensorboard (2.14.0) depends on google-auth (>=1.6.3,<3)
   1: fact: tensorboard (2.14.0) depends on google-auth-oauthlib (>=0.5,<1.1)
   1: fact: tensorboard (2.14.0) depends on markdown (>=2.6.8)
   1: fact: tensorboard (2.14.0) depends on numpy (>=1.12.0)
   1: fact: tensorboard (2.14.0) depends on protobuf (>=3.19.6)
   1: fact: tensorboard (2.14.0) depends on requests (>=2.21.0,<3)
   1: fact: tensorboard (2.14.0) depends on setuptools (>=41.0.0)
   1: fact: tensorboard (2.14.0) depends on tensorboard-data-server (>=0.7.0,<0.8.0)
   1: fact: tensorboard (2.14.0) depends on werkzeug (>=1.0.1)
   1: fact: tensorboard (2.14.0) depends on wheel (>=0.26)
   1: selecting tensorboard (2.14.0)
   1: derived: wheel (>=0.26)
   1: derived: werkzeug (>=1.0.1)
   1: derived: tensorboard-data-server (>=0.7.0,<0.8.0)
   1: derived: setuptools (>=41.0.0)
   1: derived: requests (>=2.21.0,<3)
   1: derived: markdown (>=2.6.8)
   1: derived: google-auth-oauthlib (>=0.5,<1.1)
   1: derived: google-auth (>=1.6.3,<3)
   1: derived: grpcio (>=1.48.2)
   1: selecting grpcio (1.58.0)
   1: selecting typing-extensions (4.5.0)
   1: selecting termcolor (2.3.0)
   1: selecting six (1.16.0)
   1: selecting setuptools (68.2.2)
   1: selecting protobuf (4.24.3)
   1: selecting packaging (23.1)
   1: fact: opt-einsum (3.3.0) depends on numpy (>=1.7)
   1: selecting opt-einsum (3.3.0)
   1: selecting libclang (16.0.6)
   1: fact: h5py (3.9.0) depends on numpy (>=1.17.3)
   1: selecting h5py (3.9.0)
   1: fact: google-pasta (0.2.0) depends on six (*)
   1: selecting google-pasta (0.2.0)
   1: selecting gast (0.4.0)
   1: selecting flatbuffers (23.5.26)
   1: fact: astunparse (1.6.3) depends on wheel (>=0.23.0,<1.0)
   1: fact: astunparse (1.6.3) depends on six (>=1.6.1,<2.0)
   1: selecting astunparse (1.6.3)
   1: derived: wheel (>=0.23.0,<1.0)
   1: selecting absl-py (2.0.0)
   1: selecting wheel (0.41.2)
   1: fact: werkzeug (2.3.7) depends on MarkupSafe (>=2.1.1)
   1: selecting werkzeug (2.3.7)
   1: derived: MarkupSafe (>=2.1.1)
   1: selecting tensorboard-data-server (0.7.1)
   1: fact: requests (2.31.0) depends on charset-normalizer (>=2,<4)
   1: fact: requests (2.31.0) depends on idna (>=2.5,<4)
   1: fact: requests (2.31.0) depends on urllib3 (>=1.21.1,<3)
   1: fact: requests (2.31.0) depends on certifi (>=2017.4.17)
   1: selecting requests (2.31.0)
   1: derived: certifi (>=2017.4.17)
   1: derived: urllib3 (>=1.21.1,<3)
   1: derived: idna (>=2.5,<4)
   1: derived: charset-normalizer (>=2,<4)
   1: selecting markdown (3.4.4)
   1: fact: google-auth-oauthlib (1.0.0) depends on google-auth (>=2.15.0)
   1: fact: google-auth-oauthlib (1.0.0) depends on requests-oauthlib (>=0.7.0)
   1: selecting google-auth-oauthlib (1.0.0)
   1: derived: requests-oauthlib (>=0.7.0)
   1: derived: google-auth (>=2.15.0)
   1: fact: google-auth (2.23.0) depends on cachetools (>=2.0.0,<6.0)
   1: fact: google-auth (2.23.0) depends on pyasn1-modules (>=0.2.1)
   1: fact: google-auth (2.23.0) depends on rsa (>=3.1.4,<5)
   1: fact: google-auth (2.23.0) depends on urllib3 (<2.0)
   1: selecting google-auth (2.23.0)
   1: derived: urllib3 (<2.0)
   1: derived: rsa (>=3.1.4,<5)
   1: derived: pyasn1-modules (>=0.2.1)
   1: derived: cachetools (>=2.0.0,<6.0)
   1: selecting markupsafe (2.1.3)
   1: selecting certifi (2023.7.22)
   1: selecting urllib3 (1.26.16)
   1: selecting idna (3.4)
   1: selecting charset-normalizer (3.2.0)
   1: fact: requests-oauthlib (1.3.1) depends on oauthlib (>=3.0.0)
   1: fact: requests-oauthlib (1.3.1) depends on requests (>=2.0.0)
   1: selecting requests-oauthlib (1.3.1)
   1: derived: oauthlib (>=3.0.0)
   1: fact: rsa (4.9) depends on pyasn1 (>=0.1.3)
   1: selecting rsa (4.9)
   1: derived: pyasn1 (>=0.1.3)
   1: fact: pyasn1-modules (0.3.0) depends on pyasn1 (>=0.4.6,<0.6.0)
   1: selecting pyasn1-modules (0.3.0)
   1: derived: pyasn1 (>=0.4.6,<0.6.0)
   1: selecting cachetools (5.3.1)
   1: selecting oauthlib (3.2.2)
   1: selecting pyasn1 (0.5.0)
   1: selecting wrapt (1.14.1)
   0: Duplicate dependencies for numpy
   0: Merging requirements for numpy (>=1.23.3)
   1: fact: ml-dtypes (0.3.0) depends on numpy (>=1.23.3)
   1: selecting ml-dtypes (0.3.0)
   1: selecting tensorflow-io-gcs-filesystem (0.34.0)
   1: Version solving took 0.384 seconds.
   1: Tried 1 solutions.

Finding the necessary packages for the current system
Source (PyPI): 2 packages found for numpy >=1.21,<2.0
Source (PyPI): 0 packages found for tensorflow >2.13.0,<3.0.0
Source (PyPI): 1 packages found for keras >=2.14.0rc0,<2.15
Source (PyPI): 1 packages found for tensorflow-estimator >=2.14.0rc0,<2.15
Source (PyPI): 1 packages found for tensorboard >=2.14,<2.15
Source (PyPI): 1 packages found for wrapt >=1.11.0,<1.15
Source (PyPI): 1 packages found for ml-dtypes >=0.2.0

Package operations: 1 install, 6 updates, 0 removals, 34 skipped

  • Updating numpy (1.24.3 -> 1.26.0): Pending...
Skipping wheel numpy-1.26.0-cp310-cp310-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp310-cp310-macosx_11_0_arm64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp310-cp310-musllinux_1_1_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp310-cp310-win32.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp310-cp310-win_amd64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp311-cp311-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp311-cp311-macosx_11_0_arm64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp311-cp311-musllinux_1_1_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp311-cp311-win32.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp311-cp311-win_amd64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp312-cp312-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp312-cp312-macosx_11_0_arm64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp312-cp312-musllinux_1_1_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp312-cp312-win32.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp312-cp312-win_amd64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp39-cp39-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp39-cp39-macosx_11_0_arm64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp39-cp39-musllinux_1_1_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp39-cp39-win32.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-cp39-cp39-win_amd64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-pp39-pypy39_pp73-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel numpy-1.26.0-pp39-pypy39_pp73-win_amd64.whl as this is not supported by the current environment
  • Updating numpy (1.24.3 -> 1.26.0): Installing...
  • Updating numpy (1.24.3 -> 1.26.0)
  • Updating keras (2.13.1 -> 2.14.0): Pending...
  • Installing ml-dtypes (0.3.0): Pending...
  • Updating tensorboard (2.13.0 -> 2.14.0): Pending...
  • Updating tensorflow-estimator (2.13.0 -> 2.14.0): Pending...
  • Downgrading wrapt (1.15.0 -> 1.14.1): Pending...
Skipping wheel ml_dtypes-0.3.0-cp310-cp310-macosx_10_9_universal2.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp310-cp310-win_amd64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp311-cp311-macosx_10_9_universal2.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp311-cp311-win_amd64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp312-cp312-macosx_10_9_universal2.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp312-cp312-win_amd64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp39-cp39-macosx_10_9_universal2.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel ml_dtypes-0.3.0-cp39-cp39-win_amd64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27m-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27m-manylinux1_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27m-manylinux1_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27m-manylinux2010_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27m-manylinux2010_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27mu-manylinux1_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27mu-manylinux1_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27mu-manylinux2010_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp27-cp27mu-manylinux2010_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-macosx_11_0_arm64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-musllinux_1_1_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-musllinux_1_1_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-musllinux_1_1_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-win32.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp310-cp310-win_amd64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp35-cp35m-manylinux1_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp35-cp35m-manylinux1_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp35-cp35m-manylinux2010_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp35-cp35m-manylinux2010_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp35-cp35m-win32.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp35-cp35m-win_amd64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-musllinux_1_1_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-musllinux_1_1_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-musllinux_1_1_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-win32.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp36-cp36m-win_amd64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-musllinux_1_1_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-musllinux_1_1_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-musllinux_1_1_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-win32.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp37-cp37m-win_amd64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-macosx_11_0_arm64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-musllinux_1_1_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-musllinux_1_1_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-musllinux_1_1_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-win32.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp38-cp38-win_amd64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp39-cp39-macosx_10_9_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp39-cp39-macosx_11_0_arm64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl as this is not supported by the current environment
Skipping wheel wrapt-1.14.1-cp39-cp39-musllinux_1_1_aarch64.whl as this is not supported by the current environment
  • Updating keras (2.13.1 -> 2.14.0): Installing...
  • Updating keras (2.13.1 -> 2.14.0)
  • Installing ml-dtypes (0.3.0): Pending...
  • Installing ml-dtypes (0.3.0): Installing...
  • Installing ml-dtypes (0.3.0)
  • Updating tensorboard (2.13.0 -> 2.14.0): Pending...
  • Updating tensorboard (2.13.0 -> 2.14.0): Installing...
  • Updating tensorboard (2.13.0 -> 2.14.0)
  • Updating tensorflow-estimator (2.13.0 -> 2.14.0): Pending...
  • Updating tensorflow-estimator (2.13.0 -> 2.14.0): Installing...
  • Updating tensorflow-estimator (2.13.0 -> 2.14.0)
  • Downgrading wrapt (1.15.0 -> 1.14.1): Pending...
  • Downgrading wrapt (1.15.0 -> 1.14.1): Installing...
  • Downgrading wrapt (1.15.0 -> 1.14.1)
  • Installing absl-py (2.0.0): Pending...
  • Installing absl-py (2.0.0): Skipped for the following reason: Already installed
  • Installing astunparse (1.6.3): Pending...
  • Installing astunparse (1.6.3): Skipped for the following reason: Already installed
  • Installing cachetools (5.3.1): Pending...
  • Installing cachetools (5.3.1): Skipped for the following reason: Already installed
  • Installing certifi (2023.7.22): Pending...
  • Installing certifi (2023.7.22): Skipped for the following reason: Already installed
  • Installing charset-normalizer (3.2.0): Pending...
  • Installing charset-normalizer (3.2.0): Skipped for the following reason: Already installed
  • Installing flatbuffers (23.5.26): Pending...
  • Installing flatbuffers (23.5.26): Skipped for the following reason: Already installed
  • Installing gast (0.4.0): Pending...
  • Installing gast (0.4.0): Skipped for the following reason: Already installed
  • Installing google-auth (2.23.0): Pending...
  • Installing google-auth (2.23.0): Skipped for the following reason: Already installed
  • Installing google-auth-oauthlib (1.0.0): Pending...
  • Installing google-auth-oauthlib (1.0.0): Skipped for the following reason: Already installed
  • Installing google-pasta (0.2.0): Pending...
  • Installing google-pasta (0.2.0): Skipped for the following reason: Already installed
  • Installing grpcio (1.58.0): Pending...
  • Installing grpcio (1.58.0): Skipped for the following reason: Already installed
  • Installing h5py (3.9.0): Pending...
  • Installing h5py (3.9.0): Skipped for the following reason: Already installed
  • Installing idna (3.4): Pending...
  • Installing idna (3.4): Skipped for the following reason: Already installed
  • Installing libclang (16.0.6): Pending...
  • Installing libclang (16.0.6): Skipped for the following reason: Already installed
  • Installing markdown (3.4.4): Pending...
  • Installing markdown (3.4.4): Skipped for the following reason: Already installed
  • Installing markupsafe (2.1.3): Pending...
  • Installing markupsafe (2.1.3): Skipped for the following reason: Already installed
  • Installing oauthlib (3.2.2): Pending...
  • Installing oauthlib (3.2.2): Skipped for the following reason: Already installed
  • Installing opt-einsum (3.3.0): Pending...
  • Installing opt-einsum (3.3.0): Skipped for the following reason: Already installed
  • Installing packaging (23.1): Pending...
  • Installing packaging (23.1): Skipped for the following reason: Already installed
  • Installing pyasn1 (0.5.0): Pending...
  • Installing pyasn1 (0.5.0): Skipped for the following reason: Already installed
  • Installing pyasn1-modules (0.3.0): Pending...
  • Installing pyasn1-modules (0.3.0): Skipped for the following reason: Already installed
  • Installing requests (2.31.0): Pending...
  • Installing requests (2.31.0): Skipped for the following reason: Already installed
  • Installing requests-oauthlib (1.3.1): Pending...
  • Installing requests-oauthlib (1.3.1): Skipped for the following reason: Already installed
  • Installing rsa (4.9): Pending...
  • Installing rsa (4.9): Skipped for the following reason: Already installed
  • Updating tensorflow (2.13.0 -> 2.14.0rc1): Pending...
  • Installing six (1.16.0): Pending...
  • Installing six (1.16.0): Skipped for the following reason: Already installed
  • Installing tensorboard-data-server (0.7.1): Pending...
  • Installing tensorboard-data-server (0.7.1): Skipped for the following reason: Already installed
  • Installing protobuf (4.24.3): Pending...
  • Installing protobuf (4.24.3): Skipped for the following reason: Already installed
  • Installing setuptools (68.2.2): Pending...
  • Installing setuptools (68.2.2): Skipped for the following reason: Already installed
  • Installing tensorflow-io-gcs-filesystem (0.34.0): Pending...
  • Installing tensorflow-io-gcs-filesystem (0.34.0): Skipped for the following reason: Already installed
  • Installing typing-extensions (4.5.0): Pending...
  • Installing typing-extensions (4.5.0): Skipped for the following reason: Already installed
  • Installing urllib3 (1.26.16): Pending...
  • Installing urllib3 (1.26.16): Skipped for the following reason: Already installed
  • Updating tensorflow (2.13.0 -> 2.14.0rc1): Installing...
  • Updating tensorflow (2.13.0 -> 2.14.0rc1)
  • Installing six (1.16.0): Pending...
  • Installing six (1.16.0): Skipped for the following reason: Already installed
  • Installing tensorboard-data-server (0.7.1): Pending...
  • Installing tensorboard-data-server (0.7.1): Skipped for the following reason: Already installed
  • Installing protobuf (4.24.3): Pending...
  • Installing protobuf (4.24.3): Skipped for the following reason: Already installed
  • Installing setuptools (68.2.2): Pending...
  • Installing setuptools (68.2.2): Skipped for the following reason: Already installed
  • Installing tensorflow-io-gcs-filesystem (0.34.0): Pending...
  • Installing tensorflow-io-gcs-filesystem (0.34.0): Skipped for the following reason: Already installed
  • Installing typing-extensions (4.5.0): Pending...
  • Installing typing-extensions (4.5.0): Skipped for the following reason: Already installed
  • Installing urllib3 (1.26.16): Pending...
  • Installing urllib3 (1.26.16): Skipped for the following reason: Already installed
  • Installing werkzeug (2.3.7): Pending...
  • Installing werkzeug (2.3.7): Skipped for the following reason: Already installed
  • Installing wheel (0.41.2): Pending...
  • Installing wheel (0.41.2): Skipped for the following reason: Already installed
  • Installing termcolor (2.3.0): Pending...
  • Installing termcolor (2.3.0): Skipped for the following reason: Already installed

Writing lock file
$ poetry show tensorflow
 name         : tensorflow                                                            
 version      : 2.14.0rc1                                                             
 description  : TensorFlow is an open source machine learning framework for everyone. 

dependencies
 - absl-py >=1.0.0
 - astunparse >=1.6.0
 - flatbuffers >=23.5.26
 - gast >=0.2.1,<0.5.0 || >0.5.0,<0.5.1 || >0.5.1,<0.5.2 || >0.5.2
 - google-pasta >=0.1.1
 - grpcio >=1.24.3,<2.0
 - h5py >=2.9.0
 - keras >=2.14.0rc0,<2.15
 - libclang >=13.0.0
 - ml-dtypes >=0.2.0
 - numpy >=1.23.5
 - opt-einsum >=2.3.2
 - packaging *
 - protobuf >=3.20.3,<4.21.0 || >4.21.0,<4.21.1 || >4.21.1,<4.21.2 || >4.21.2,<4.21.3 || >4.21.3,<4.21.4 || >4.21.4,<4.21.5 || >4.21.5,<5.0.0dev
 - setuptools *
 - six >=1.12.0
 - tensorboard >=2.14,<2.15
 - tensorflow-estimator >=2.14.0rc0,<2.15
 - tensorflow-io-gcs-filesystem >=0.23.1
 - termcolor >=1.1.0
 - typing-extensions >=3.6.6
 - wrapt >=1.11.0,<1.15
$ cat pyproject.toml 
[tool.poetry]
name = "foo"
version = "0.1.0"
description = ""
authors = ["<name> <email address>"]
readme = "README.md"

[tool.poetry.dependencies]
python = "^3.11,<3.12"
tensorflow = "^2.13.0"
numpy = "^1.21"


[build-system]
requires = ["poetry-core"]
build-backend = "poetry.core.masonry.api"

akeeman avatar Sep 21 '23 07:09 akeeman

👍 .. experiencing seemingly the same issue with (almost the latest) poetry version 1.8.1. .. is any resolution planned?

AndreiVoinovTR avatar Mar 07 '24 17:03 AndreiVoinovTR

Am I misunderstanding something because to me this seems to make Poetry potentially dangerous to use for production applications (unless you manually audit the lock file)?

That being said (and if I'm understanding the situation correctly), how is this not a critical issue at least worth pinning and/or prioritizing?

Lastly, are there any plans/ideas on how to implement a fix for this that we might help with or contribute to?

emil-vdw avatar Mar 12 '24 15:03 emil-vdw

Something appears to have changed recently as we're suddenly hitting this issue very frequently in the last week.

By any chance is https://github.com/python-poetry/poetry-core/pull/645 related to this, or even (fingers crossed) a possible fix?

glennmatthews avatar Aug 07 '24 13:08 glennmatthews

no

if anything has changed it is almost certainly only the set of published packages and their dependencies.

dimbleby avatar Aug 07 '24 16:08 dimbleby