On 13 June 2018 at 10:23, <alex.gronh...@nextday.fi> wrote: > I recently stumbled into a worrying problem with pip. I found out that doing > "pip install pusher requests" installs urllib3 v1.23 as a dependency even > though requests specifically restricts the version to lower than 1.23. Then > if instead I do "pip install requests pusher" it installs urllib3 v1.22 as > expected. As I recall, pip has long had a problem with combining version > specifiers and extras when the same target has been required from multiple > sources. What I wanted to ask was, is this a simple bug, or a larger > unresolved design problem? Should pip also take into consideration the > requirements from existing installed packages so pip won't end up installing > upgrades they're incompatible with?
It's a known issue - pip doesn't do full dependency resolution at the moment. It's being tracked in https://github.com/pypa/pip/issues/988 Paul -- Distutils-SIG mailing list -- distutils-sig@python.org To unsubscribe send an email to distutils-sig-le...@python.org https://mail.python.org/mm3/mailman3/lists/distutils-sig.python.org/ Message archived at https://mail.python.org/mm3/archives/list/distutils-sig@python.org/message/MQJXV7BVFHR2V7L5FJ75KTVACYVZU3WJ/