uv pip compile adds setuptools (and pip) to requirements.txt
#1353
Labels
Comments
ThiefMaster
changed the title
uv pip compile adds setuptools to requirements.txtuv pip compile adds setuptools (and pip) to requirements.txt
charliermarsh
added
the
compatibility
|
FWIW,
|
|
Thanks for the additional context. If |
|
(We do already "include" these by default, unless I'm misunderstanding your comment.) |
|
(edited to clarify) |
|
In my opinion, |
|
Yeah, agreed. |
|
Closing as "working as intended". |
toofar
added a commit
to qutebrowser/qutebrowser
that referenced
this issue
Aug 10, 2024
This is to match the `pip freeze` requirements compilation method. It's not clear to me if we actually want this behaviour or not. If seems `pip freeze` will exclude dependencies of itself: https://pip.pypa.io/en/stable/cli/pip_freeze/#cmdoption-all Even if there are other packages installed that depend on those dependencies. `uv pip compile`, and now the original `pip-compile` both have decided to include setuptools in generated requirements files: astral-sh/uv#1353 jazzband/pip-tools#989 (comment) So I'm not sure if we have a reason for going against this here or if they were just being excluded because that's what pip freeze does. Hopefully we can drop this commit and use the default behaviour in the future. For now when I'm trying to provide the new backend it's here to make the diff of generated files more precise. This message prefix to identify a pip compile comment was taken from these examples: # The following packages were excluded from the output: # setuptool # The following packages are considered to be unsafe in a requirements file: # setuptools==41.4.0 # via protobuf
toofar
added a commit
to qutebrowser/qutebrowser
that referenced
this issue
Aug 10, 2024
This is to match the `pip freeze` requirements compilation method. It's not clear to me if we actually want this behaviour or not. If seems `pip freeze` will exclude dependencies of itself: https://pip.pypa.io/en/stable/cli/pip_freeze/#cmdoption-all Even if there are other packages installed that depend on those dependencies. `uv pip compile`, and now the original `pip-compile` both have decided to include setuptools in generated requirements files: astral-sh/uv#1353 jazzband/pip-tools#989 (comment) So I'm not sure if we have a reason for going against this here or if they were just being excluded because that's what pip freeze does. Hopefully we can drop this commit and use the default behaviour in the future. For now when I'm trying to provide the new backend it's here to make the diff of generated files more precise. This message prefix to identify a pip compile comment was taken from these examples: # The following packages were excluded from the output: # setuptool # The following packages are considered to be unsafe in a requirements file: # setuptools==41.4.0 # via protobuf
toofar
added a commit
to qutebrowser/qutebrowser
that referenced
this issue
Aug 12, 2024
This is to match the `pip freeze` requirements compilation method. It's not clear to me if we actually want this behaviour or not. If seems `pip freeze` will exclude dependencies of itself: https://pip.pypa.io/en/stable/cli/pip_freeze/#cmdoption-all Even if there are other packages installed that depend on those dependencies. `uv pip compile`, and now the original `pip-compile` both have decided to include setuptools in generated requirements files: astral-sh/uv#1353 jazzband/pip-tools#989 (comment) So I'm not sure if we have a reason for going against this here or if they were just being excluded because that's what pip freeze does. Hopefully we can drop this commit and use the default behaviour in the future. For now when I'm trying to provide the new backend it's here to make the diff of generated files more precise. This message prefix to identify a pip compile comment was taken from these examples: # The following packages were excluded from the output: # setuptool # The following packages are considered to be unsafe in a requirements file: # setuptools==41.4.0 # via protobuf
This was referenced Aug 18, 2024
toofar
added a commit
to qutebrowser/qutebrowser
that referenced
this issue
Sep 7, 2024
This is to match the `pip freeze` requirements compilation method. It's not clear to me if we actually want this behaviour or not. If seems `pip freeze` will exclude dependencies of itself: https://pip.pypa.io/en/stable/cli/pip_freeze/#cmdoption-all Even if there are other packages installed that depend on those dependencies. `uv pip compile`, and now the original `pip-compile` both have decided to include setuptools in generated requirements files: astral-sh/uv#1353 jazzband/pip-tools#989 (comment) So I'm not sure if we have a reason for going against this here or if they were just being excluded because that's what pip freeze does. Hopefully we can drop this commit and use the default behaviour in the future. For now when I'm trying to provide the new backend it's here to make the diff of generated files more precise. This message prefix to identify a pip compile comment was taken from these examples: # The following packages were excluded from the output: # setuptool # The following packages are considered to be unsafe in a requirements file: # setuptools==41.4.0 # via protobuf
toofar
added a commit
to qutebrowser/qutebrowser
that referenced
this issue
Sep 18, 2024
This is to match the `pip freeze` requirements compilation method. It's not clear to me if we actually want this behaviour or not. If seems `pip freeze` will exclude dependencies of itself: https://pip.pypa.io/en/stable/cli/pip_freeze/#cmdoption-all Even if there are other packages installed that depend on those dependencies. `uv pip compile`, and now the original `pip-compile` both have decided to include setuptools in generated requirements files: astral-sh/uv#1353 jazzband/pip-tools#989 (comment) So I'm not sure if we have a reason for going against this here or if they were just being excluded because that's what pip freeze does. Hopefully we can drop this commit and use the default behaviour in the future. For now when I'm trying to provide the new backend it's here to make the diff of generated files more precise. This message prefix to identify a pip compile comment was taken from these examples: # The following packages were excluded from the output: # setuptool # The following packages are considered to be unsafe in a requirements file: # setuptools==41.4.0 # via protobuf
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
pip-compileconsiders dependencies onsetuptools(andpip) unsafe and mentions this at the end of the generated file:or
When using
uv pip compile, this is not the case and I getpipadded to the requirements.txt (thepipdep is coming frompip-toolsandsetuptoolsfrom packages likebabel,pycountryandpip-tools). But both are packages that you generally never want in a requirements.txt (except maybe in VERY specific circumstances - and in those case you probably want to vendor the versions you require instead of having them as package dependencies).The text was updated successfully, but these errors were encountered: