Reputation: 1538
Make Existing Package Version in Virtual Environment Stick
I have a utility called backup-tool (fictional). This has a direct dependency
on a third-party library called security-utils (fictional, again). And this
dependency has a dependency on cryptography (a real dependency). So,
backup-tool has a transitive dependency on cryptography. No particular
versions are demanded neither from backup-tool nor from security-utils.
Now I have two servers: one running Linux, and one running FreeBSD. I create a
virtual environment on Linux and run pip install backup-tool under it.
Everything works fine.
On FreeBSD, cryptography with the version 2.9.2 can be installed without any
issues. Other versions, however, cause a build failure. (Workarounds could be
found, for sure, but this is not the point.)
Now I setup a virtual environment and pre-install the right version using pip install cryptography==2.9.2. Later on—this is all setup in an automated
pipeline, and I cannot join those two steps—my tool is installed using pip install backup-tool. The transient dependency to cryptography is resolved as
a version 3.x, which doesn't work.
However, if I run pip install backup-tool cryptography==2.9.2 in a single
step, everything works. This means that backup-tool is compatible to
cryptography in the version 2.9.2.
My question: Is it possible to hint to pip within the virtual environment that
no other version of cryptography should be installed, if it is already
there? The dependency tree could as well be resolved to match the version
already installed, but the latest version is picked instead.
I could further specify the (transient) dependency cryptography==2.9.2 in the
requirements.txt or setup.py of backup-tool. But since this is rather an
environment than a software constraint, it would be useless restriction for most
setups.
Upvotes: 0
Views: 132
Answers (1)
Reputation: 5601
You can use a constraints file to limit the range of package versions pip should try when the package is being installed. The syntax is that of a requirements file.
e.g. constraints.txt:
cryptography==2.9.2
For the pip to always read this constraints file you can set environment variable:
export PIP_CONSTRAINT=constraints.txt
Or, under virtual environment, create config at $VIRTUAL_ENV/pip.conf:
[install]
constraint = constraints.txt
(paths are relative to your app root)
Upvotes: 2
Related Questions
- Specify Python Version for Virtualenv in Requirements.txt
- How to import 2 versions of a package in Python?
- Python packages with conflicting dependencies
- Upgrade package without upgrading dependencies using pip?
- Virtual environment pip points to older version
- Virtualenv installing modules with multiple Python versions
- Managing custom python module dependencies through virtualenv
- How to make virtualenv to use the last version of distribute by default?
- Installing a package in Python virtualenv still causes it to be installed globally
- How do I use a virtualenv-based deployment method without upgrading to each and every upstream version?