Handle multiple dependency specification sources

[CommonCrisis]

Hi,

is there a way to handle dependencies from different sources. I have a repo let's call it app-lib that is used in other repos as submodule.
If I change some dependencies in app-lib, I have to adjust the pyproject.toml files in all other repos.
There should be a way to tell poetry to merge the dependencies in the app-lib pyproject.toml file and the ones in the root repo.
Or is there another way this can be handled?

Thanks

[ponytailer]

so, supported?

[finswimmer]

Hello,

can you please add more information about what this feature should do? Until now it's unclear to me.

fin swimmer

[ponytailer]

Thanks for your reply.
Some libs in open pypi source, some libs in private source.
And pipenv support it.
For example:

   [[source]]
    url = "public source url"
    name = "pypi"
   [[source]]
    url = "private source url"
    name = "private-pypi"

[Eduard-gan]

Hi, first of all i want to apologize in advance for my english :D

The author asks actually different question as to me. The problem is not in sources of actual binary data of the different
packages.

Say we're in microservices environment. We trying to not duplicate our code and have some common code in separate repository that has its dependencies(for example i need aiohttp for this code to work) and this is defined in pyproject.toml in this "common" repository.

The problem comes when we start a new microservice in separate repo. We link as submodule the "common" repo(it has its own pyproject.toml) an then we make another pyproject.toml specific to this microservice.

Stupid solution is when a build step begins install everything in one virtualenv inside docker cotainer in two steps
RUN cd /app/common && poetry install && cd /app
RUN poetry install --no-dev

But it's obviously doesn't work if you have cross dependencies between two .lock files ant it leads us to unmanaged updates of packages.

How can we use solver of poetry to make it install packages in one context but from multiple files(not necessarily pyproject.toml files). Different files are crucial here because they come from different repos from different teams.

[abn]

@CommonCrisis @Eduard-gan the solution proposed in #2270 might address the scenarios you are referring to. However, note that this intended for mono-repo cases. Which might be better suited for the cases described above. If not, please do let us know what the gap is.

@Eduard-gan in your case, it might also be prudent to consider that it might be better to build wheels (optionally publish them to a private index) outside the container and install them within a container using pip, and with it's new resolver, pip should handle the versions correctly since the wheels contain accurate metadata thanks to poetry ;).

@huangxiaohen2738 I think you are looking for a different feature from the one the OP is referring to. Poetry allows the use of multiple repositories as described here. You can specify the use of a defined source in a dependency as name = { version = "^1.0", source = "private-pypi"}.

[neersighted]

Closing in favor of #2270 -- this issue is unclear overall (every comment is talking about something different), but the closest thing to the original issue body is better support for monorepo scenarios.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.