Skip to content

Enforce constraints during install_package_deps #2888

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jan 25, 2023
Merged

Enforce constraints during install_package_deps #2888

merged 4 commits into from
Jan 25, 2023
+229 −17

Conversation

masenf
Copy link
Collaborator

@masenf masenf commented Jan 23, 2023

Create a constraints file based on the listed or installed deps and use it during install_package_deps to ensure the package dependencies do not override the environment's dependencies.

Adds new config keys:

  • constrain_package_deps - chicken switch to go back to the legacy behavior of allowing the package deps to override the testenv deps
  • use_frozen_constraints - a more strict mode, enforced that the package deps do not conflict in any way with the set of packages installed by deps

Fix #2386

Thanks for contribution

Please, make sure you address all the checklists (for details on how see
development documentation)!

  • ran the linter to address style issues (tox -e fix)
  • wrote descriptive pull request text
  • ensured there are test(s) validating the fix
  • added news fragment in docs/changelog folder
  • updated/extended the documentation

Sorry, something went wrong.

@masenf masenf requested a review from gaborbernat as a code owner January 23, 2023 02:42
@masenf masenf force-pushed the constrain-deps branch 2 times, most recently from 046234b to 5ebd4e4 Compare January 23, 2023 03:22
@masenf
Enforce constraints during install_package_deps
311cc33 
Create a constraints file based on the listed or installed ``deps`` and use it
during ``install_package_deps`` to ensure the package dependencies do not
override the environment's dependencies.

Adds new config keys:
  * ``constrain_package_deps`` - chicken switch to go back to the legacy
    behavior of allowing the package deps to override the testenv deps
  * ``use_frozen_constraints`` - a more strict mode, enforced that the package
    deps do not conflict in any way with the set of packages installed by
    ``deps``

Fix tox-dev#2386
gaborbernat
gaborbernat reviewed Jan 25, 2023
View reviewed changes
src/tox/tox_env/python/pip/pip_install.py Outdated
@@ -135,18 +135,14 @@ def _install_requirement_file(self, arguments: PythonDeps, section: str, of_type
raise Recreate(f"requirements removed: {' '.join(missing_requirement)}")
if old.get("constraint_options") != constraint_options:
raise Recreate(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

msg =  f"constraint options changed: old={old.get('constraint_options')} new={constraint_options}"
raise Recreate(msg)

would save you a line here 🤔

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i thought so too, but black disagreed

diff --git a/src/tox/tox_env/python/pip/pip_install.py b/src/tox/tox_env/python/pip/pip_install.py
index 640c1356..e608c2b7 100644
--- a/src/tox/tox_env/python/pip/pip_install.py
+++ b/src/tox/tox_env/python/pip/pip_install.py
@@ -134,7 +134,9 @@ class Pip(Installer[Python]):
                     if missing_requirement:
                         raise Recreate(f"requirements removed: {' '.join(missing_requirement)}")
                     if old.get("constraint_options") != constraint_options:
-                        msg = f"constraint options changed: old={old.get('constraint_options')} new={constraint_options}"
+                        msg = (
+                            f"constraint options changed: old={old.get('constraint_options')} new={constraint_options}"
+                        )
                         raise Recreate(msg)
                 args = arguments.as_root_args
                 if args:  # pragma: no branch

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i ended up making it a little cleaner by assigning old_constraint_options = old.get("constraint_options")

@gaborbernat gaborbernat merged commit 8736549 into tox-dev:main Jan 25, 2023
@mikelane mikelane mentioned this pull request Jan 26, 2023
Merged
descope bot referenced this pull request in descope/django-descope Feb 8, 2023
@descope
chore(deps): update dependency tox to v4.4.0 (#94)
ecf3c17 
This PR contains the following updates:

| Package | Type | Update | Change | Pending |
|---|---|---|---|---|
| [tox](https://togithub.com/tox-dev/tox)
([changelog](https://tox.wiki/en/latest/changelog.html)) | dev | minor |
`4.3.5` -> `4.4.0` | `4.4.5` (+4) |

---

### Release Notes

<details>
<summary>tox-dev/tox</summary>

### [`v4.4.0`](https://togithub.com/tox-dev/tox/releases/tag/4.4.0)

[Compare Source](https://togithub.com/tox-dev/tox/compare/4.3.5...4.4.0)

#### What's Changed

- Add more explanation to `list_dependencies_command` configuration
option by [@&#8203;Czaki](https://togithub.com/Czaki) in
[https://github.com/tox-dev/tox/pull/2883](https://togithub.com/tox-dev/tox/pull/2883)
- \[pre-commit.ci] pre-commit autoupdate by
[@&#8203;pre-commit-ci](https://togithub.com/pre-commit-ci) in
[https://github.com/tox-dev/tox/pull/2889](https://togithub.com/tox-dev/tox/pull/2889)
- Enforce constraints during install_package_deps by
[@&#8203;masenf](https://togithub.com/masenf) in
[https://github.com/tox-dev/tox/pull/2888](https://togithub.com/tox-dev/tox/pull/2888)
- Windows shlex fix by [@&#8203;masenf](https://togithub.com/masenf) in
[https://github.com/tox-dev/tox/pull/2895](https://togithub.com/tox-dev/tox/pull/2895)

#### New Contributors

- [@&#8203;Czaki](https://togithub.com/Czaki) made their first
contribution in
[https://github.com/tox-dev/tox/pull/2883](https://togithub.com/tox-dev/tox/pull/2883)

**Full Changelog**: tox-dev/tox@4.3.5...4.4.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xMDEuMCIsInVwZGF0ZWRJblZlciI6IjM0LjEwMS4wIn0=-->

Co-authored-by: descope[bot] <descope[bot]@users.noreply.github.com>
@renovate renovate bot mentioned this pull request Mar 20, 2023
Merged
1 task
@lafrech lafrech mentioned this pull request Apr 11, 2023
Closed
@stefan6419846 stefan6419846 mentioned this pull request May 9, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gaborbernat gaborbernat

Assignees
No one assigned
Labels
bot:chronographer:provided
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Handle version conflicts between deps and package deps
2 participants
@masenf @gaborbernat