Docs build: Add upper bounds to transitive dependencies #103860
Conversation
AlexWaygood
added
skip issue
skip news
awaiting core review
and removed
awaiting core review
labels
There was a problem hiding this comment.
LGTM, thanks @AlexWaygood . We should presumably backport this as well, so backport PRs that are automerged can be treated similarly
CAM-Gerlach
added
docs
Yes, that SGTM! |
There was a problem hiding this comment.
Seems a good idea in principle -- my questions would be how we ensure that new transitive dependencies are always added (including dependencies of dependencies, etc), and when we consider it appropriate to update the upper-bounds (security certainly, new feature releases -- maybe?).
A
I don't have fully formed answers to these questions, but I agree that we will need to work these things out :) What's the current process for updating our |
@JulienPalard is probably the man for the 'policy' answer here, though my guess is ad-hoc PRs as needed (as with many other things!). In which case pragmatism seems the best approach as you suggest -- hopefully reviewers notice / remember the constraints file, but fundamentally if we make a mistake it's just a quick PR to fix! Thanks for the quick response -- more appreciated than usual as it's past midnight British time! A |
|
At this point, maybe worth just using something like Also, is this going to get picked up by the build server infra? |
JelleZijlstra
added
the
🔨 test-with-refleak-buildbots
This comment was marked as resolved.
This comment was marked as resolved.
bedevere-bot
removed
the
🔨 test-with-refleak-buildbots
This comment was marked as resolved.
This comment was marked as resolved.
I'd be okay with that. I also feel like the maintainability here isn't really going to be a problem though. We'll probably only need to update it whenever
No idea, I don't know anything about the build server infra 😃 Who do I ask about that? |
It will be! See docsbuild-scripts: https://github.com/python/docsbuild-scripts/blob/main/build_docs.py#L105 and https://github.com/python/docsbuild-scripts/blob/main/build_docs.py#L123 A |
There was a problem hiding this comment.
LGTM. I would go ahead and merge and we can adjust as needed. @pradyunsg may have some additional insights on dependencies.
|
Great, thanks everybody! Feels like we have consensus that this is a good idea and that this is good enough for now, so I'll go ahead and merge. Followup PRs to improve our workflow around this are welcome :) |
|
Thanks @AlexWaygood for the PR 🌮🎉.. I'm working now to backport this PR to: 3.11. |
|
Sorry @AlexWaygood, I had trouble checking out the |
AlexWaygood
added
needs backport to 3.11
|
Thanks @AlexWaygood for the PR 🌮🎉.. I'm working now to backport this PR to: 3.11. |
|
GH-103887 is a backport of this pull request to the 3.11 branch. |
) (cherry picked from commit 81cf94c) Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
Our immediate requirements for the docs build are already pinned pretty tightly in our
Doc/requirements.txtfile. However, our transitive dependencies are currently entirely unpinned. This means our CI can be unexpectedly broken by a new release of a transitive dependency, as recently happened when Pygments==2.15.0 was released: see #103421.Previously it wasn't so much of a big deal if the Docs build got broken briefly. However, with the recent move to use GitHub automerge instead of @miss-islington's merging capabilities, it's now important that we make the Docs workflow a "required" check, so that PRs with broken ReST syntax don't accidentally get automerged into the
mainbranch. Making the docs workflow a "required" check means it is more important to make sure that the Docs build is very resilient.This PR adds upper bounds to various transitive dependencies by using a
constraints.txtfile.