-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Re-consider use of pins to encourage leaving dependencies unpinned #24
Comments
#11 is pretty relevant too. I think we have to have some control over jupyterhub-singleuser and nbgitpuller, and the default python version on repo2docker was far too old. Perhaps one way to deal with this is to specify minimum required versions here rather than pin as we have? |
I concur about maintaining control of some specific packages (like the ones mentioned by @yuvipanda). For any others, let'em fly free, IMHO. |
We have pins to the patch version in our environment.yml file, and when users clone that and make changes, I think that sets a bad precedence for them.
I've maintained docker images for several years, and having things pinned and not pinned has pro's and con's, but I'm a firm believer that we and people cloning this repo will end up benefiting from not pinning dependencies overall.
Action point
Indicate disagreement or agreement to take the action of unpinning the following dependencies entirely
jupyter_contrib_nbextensions==0.5.1
jupyterhub-singleuser>=3.0,<4.0
nbgitpuller=1.1.*
hub-user-image-template/environment.yml
Lines 7 to 14 in f9aff1e
The text was updated successfully, but these errors were encountered: