-
-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider fixating mypy to <0.990 instead #40
Comments
Bugfixes shouldn't break anything, but anything is possible. I think having a single version of mypy is a bit restrictive, though allowing a range of mypy versions which are tested for compatibility with Refurb would be ideal. Setting the version to To summarize, we should allow a range of mypy versions, but not future/bug-fix releases via |
I would generally recommend not capping, but rather using a lock file or other locking mechanism (like pre-commit). |
@henryiii , what do you think the best path forwards would be in this regard? Refurb's only hard constraint upon users is the Mypy package (and it's dependencies), and given that Refurb uses the internals of Mypy as opposed to using it the way most users will be using Mypy (solely as a type-checker), I feel it is more important to test that each new Mypy version works. As I have gathered from your post on the matter, you feel like it should be the users decision whether or not a package should be pinned or not. Is that correct? This is my first major Python project, and so getting versioning right for the end-user sake is paramount, though I still want to maintain some confidence in Refurb's stability. From what I can tell, there are 3 contexts where Mypy is being used in relation to Refurb:
Sorry if that was a lot, but there is a lot to consider when talking about Mypy versioning, and I want to get it right. Curious what suggestions you might have given the situation! |
Ahh, this is more complex than I thought - I wasn't expecting referb to use mypy internals. If users are using a proper tool like pipx or "environment per check" tools like pre-commit, nox, tox, or hatch, then a strict pin here isn't too bad, and it's very much in the "allowed" pins - no pin is nice, but some are basically required, and using an internal private API is a good reason to. Of course, users wanting to install this in a shared "dev" environment (like Poetry pushes), then this is problematic, but probably unavoidable. Quickly releasing after mypy releases (and maybe also checking against the master branch in your CI too) is probably the best you can do. You might have to judge from experience about allowing new patch releases. With internal usage, you are justified in not allowing it. Also be sure to test your whole range! Also, please do not use I'd recommend using pre-commit for type checking the code with mypy. Then you just don't care what version(s) of mypy you support when you install refurb, because you aren't installing it in the pre-commit environment. (I'd recommend looking at https://scikit-hep.org/developer/style, that sort of mechanism is used on a lot of projects very successfully). Pre-commit pins the mypy version and can auto-update it, much like dependabot (but runnable manually or with pre-commit.ci). Other options are nox, tox, or hatch - basically you shouldn't have one "dev" environment, but only install what's needed for each task. Don't think mypyc would complicate anything. You'd just be providing pre-compiled binaries, but you'd have the same requirements - it only compiles the Python parts of your code, you'd still be making calls to a mypy dependency, I think. |
To be honest, Poetry just generated the Since you seem more familiar with Python packaging as a whole, what would be the recommended way to consolidate the |
The caret in Poetry does "semantic version capping" (as if that's actually a real thing in Python, which it's not, it's invented by Poetry). So So I'd either replace the hard pin with an obvious hard pin ( The package manager doesn't care what the the build backend tells it the requirements or the extras are. From PyPI, you aren't installing from either one (wheels don't contain pyproject.toml and shoudlnt'l contain requirements.txt), but instead the package manager is reading it from the wheel metadata. The main reason to have a I don't remember if poetry exports or provides a way to export the dev requirements into a dev extra; I usually do that (and usually avoid mega dev environments anyway, especially in poetry, which can take forever to upgrade the lock if it gets large). PS: Poetry also caps the dev requirements, which is ridiculous, you are manually updating a lock file anyway, so why keep "poetry upgrade" from upgrading? If something breaks you are supposed to not commit the changed lock file. 🤷 |
I removed the poetry lock file and the requirements.txt file, since this is a library, and the exact versions of the installed packages do not matter for the end user, just that the correct range is in place. In addition, proper version ranges have been added for `mypy` and `type_extentions`. Closes #40.
I also removed the poetry lock file and the requirements.txt file, since this is a library, and the exact versions of the installed packages do not matter for the end user, just that the correct range is in place. In addition, proper version ranges have been added for `mypy` and `type_extentions`. Closes #40.
Thank you @quantumpacket , I will go ahead and bump this sometime before the end of the day. |
mypy
released version 0.982, presumably a bugfix. We should consider fixating the mypy version here to be <0.990 instead, since bugfixes shouldn't break anything, or am I incorrect?The text was updated successfully, but these errors were encountered: