Python dependencies updated version not supported by the python version #25576
-
How are you running Renovate?Mend Renovate hosted app on github.com If you're self-hosting Renovate, tell us what version of Renovate you run.No response If you're self-hosting Renovate, select which platform you are using.None Was this something which used to work for you, and then stopped?I never saw this working Wanted end result.I am investigating migrating from Dependabot to Renovate. One "regression" I see is that when updating python dependencies, Renovate will upgrade a dependency pinned to a specific version of Python, to a version of the dependency which is not actually supported by that version of python. An example in a backports.datetime-timestamp==1.2;python_version<"3.8"
backports.datetime-timestamp==1.3.0;python_version>="3.8" The 1.2 version is updated to 1.3.0, but as you can see on pypi (https://pypi.org/project/backports.datetime-timestamp/1.3.0/) this version is not compatible with < Python 3.8. What you tried so far.Searched docs, issues, discussions, but might have missed something. Found #12727 but my understanding is that the python version is ignored? Is there any config option or workaround to handle this? Relevant debug logsLogs
|
Beta Was this translation helpful? Give feedback.
Replies: 7 comments 8 replies
-
I'm not familiar enough with this code base (otherwise I would put up a PR), but the I think you could do something along these lines.
Note: The
|
Beta Was this translation helpful? Give feedback.
-
try this |
Beta Was this translation helpful? Give feedback.
-
Hi there,
Thanks, the Renovate team |
Beta Was this translation helpful? Give feedback.
-
If you restrict every dependency to Possible approaches:
|
Beta Was this translation helpful? Give feedback.
-
I will convert this to a feature request issue once we have a better idea of the logic to use. Here is a draft: Support Simple example:
The above means "if you're using python before 3.8, install version 1.2, otherwise if you're using python 3.8 or later then use version 1.3.0. In this case the top line should not be updated unless somehow there was a newer version of the package which still supports <3.8 python. Most likely the only one of those to ever be updated is the second line, if e.g. 1.3.1 or 1.4.0 were to be released. v1.2 requires Python >= 2.7 v1.3.0 requires Python >= 3.8 This likely can reuse some of the logic in constraintsFiltering but might need a new value with behavior different than strict because in the above case the user is not after a full subset. For example >=2.7 is not a subset of <3.8. This algorithm remains to be decided. To use the above example, what should happen if there's a version 1.2.1 released which require Python >=3.7? Technically that has an overlap with <3.8, but in reality you probably want Python 2.7 support. I think the cause of this confusion is that you are not using lower bounded ranges, e.g. you really should say |
Beta Was this translation helpful? Give feedback.
-
I'm hitting a similar issue but not exactly the same. The requirements.txt file is used for installing packages in a container image. The expectation is that the identified versions should take into consideration the python version used in the container image during build time. |
Beta Was this translation helpful? Give feedback.
-
Converted to feature request issue: #26310 |
Beta Was this translation helpful? Give feedback.
Converted to feature request issue: #26310