john-bodley commented on code in PR #24129:
URL: https://github.com/apache/superset/pull/24129#discussion_r1240994557
##########
requirements/testing.txt:
##########
@@ -85,6 +101,8 @@ parameterized==0.9.0
# via -r requirements/testing.in
pathable==0.4.3
# via jsonschema-spec
+prophet==1.1.3
Review Comment:
The issue you describe is true for any package (or sub-package) which is not
explicitly pinning.
Note we (Airbnb) typically install Superset as a service by:
1. Defining a `requirements/production.in` file which includes the lines
```
-e .[prophet,…]
ddtrace
…
```
2. Running `pip-compile-multi` to compile the dependencies—taking into
account the `prophet`, `ddtrace`, etc. production dependencies.
3. Installing Superset via,
```
python3 -m pip install -r requirements/production.txt
python3 -m pip install -e .
```
which ensures we always install Superset in a deterministic manner which is
super critical.
Why doesn’t Superset explicitly pin every package (and sub-package) in
`setup.py`? Though packages should provide flexibility, one could argue this is
valid for a service—given it typically isn’t used as a dependency—however we
run into the issue of creating an infeasible dependency space when installation
dependent requirements are added. By relaxing constraints (by way of removing
explicit pins) we allow `pip-compile-multi` to solve this somewhat difficult
problem on our behalf.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
