friendica.vrije-mens.org
In a requirements-*.in file, at the top of the file, are lines with -c and -r flags followed by a requirements-*.in file. Uses relative paths (ignoring URLs).
Say have docs/requirements-pip-tools.in
-r ../requirements/requirements-prod.in
-c ../requirements/requirements-pins-base.in
-c ../requirements/requirements-pins-cffi.in
...docs/requirements-pip-tool.txtBut there is confusion as to which flag to use. It's non-obvious.
constraint
Subset of requirements features. Intended to restrict package versions. Does not necessarily (might not) install the package!
Does not support:
Personal preference
requirements-, just doing it here
Requirements are literally the packages your project requires to run,down to a specific version if you wish.
Constraints specifies what version of a package to install IF the package is required by your requirements, or by transitive requirement (required by packages you require). If package is not required, the constraint is not used.
I tend to use requirements file to list direct dependencies of my project and their versions. Constraints is useful to pin down and transitive dependencies to make sure they're not accidentally upgraded (repeatable builds) . Also if the 3rd party package drops a requirement you don't have to worry that it'll still be installed if it's still on your constraints. It'll simply not be installed.
My biggest achievement in life has been helping my wife grow into her confidence and become the best Shellie she could be.
I'm just a worn out grumpy old fella, but that one thing I got right.
I cannot relate to billionaires who spend their waking hours trying to find the next billion. I can't imagine it makes them feel the slightest bit more happy about themselves. Or maybe it really does and my brain just works totally differently. Or maybe they never learned what it feels like to be loved.
Long day at work, come home to Sunshine Kitty greeting me with a #blep as he knows I'm going to open a can o tuna.
The blep is a cat's way of saying thanks for this wonderful meal.
Diventare spettatori sui social
Dietro il boom di BlueSky si nasconde un modo nuovo di fruire i social network: solo 1.4 milioni di utenti hanno infatti postato un contenuto, la maggior parte degli utenti utilizza il BlueSky per leggere contributi postati da altri.
https://www.avvenire.it/rubriche/pagine/il-boom-di-bluesky-l-anti-x-non-e-come-lo-raccontano
Vite digitali | di Gigio RancilioGigio Rancilio (Avvenire)
Netflix released a new documentary called "Buy Now!" and it is very very good.
I don't know how it got funded, because it actually tells the truth about a lot of controversial topics, such as: illegal dumping of hazardous waste, greenwashing fraud schemes, planned obsolescence, tech worker's personal responsibility to not help their employer cause harm in the world, & the importance of pushing through the pain of neoliberal cognitive dissonance.
Go watch it. Thanks.
https://www.youtube.com/watch?v=OVfZw_eqJW8
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.www.youtube.com
Am Ende geht es natürlich nur um die nationale Sicherheit, weil der normale Bürger hat doch noch nie eine Rolle gespielt... 😳
#politik #werbung #handy #Problem #Bundeswehr #nato #Militär #Spionage #Überwachung #Freiheit #marketing
Kommerziell gehandelte Standortdaten von Militärangehörigen sind ein Sicherheitsrisiko, wie Recherchen von BR, netzpolitik.org mit dem US-Medium WIRED zeigen. EU- und US-Politiker fordern eine Einschränkung des Handels mit diesen Daten.Katharina Brunner, Rebecca Ciesielski und Maximilian Zierer, BR (tagesschau.de)
Linda McMahon, who ran World Wrestling Entertainment for decades, was accused in the lawsuit of not preventing one of the organization’s employees from victimizing children who helped set up wrestling rings.
Linda McMahon, #GOPGroomer . Trump’s choice for education secretary, has been accused in a recent lawsuit of failing to stop a ringside announcer for World Wrestling Entertainment from grooming and sexually abusing children in the 1980s and 1990s.
https://www.nytimes.com/2024/11/21/us/linda-mcmahon-sexual-abuse-lawsuit-trump-education-secretary.html#
#GOPPedoRing
A 6th Century AD, Byzantine gold bracelet adorned with various gemstones and pearls. Currently part of the Toledo Museum of Art Collection, Ohio, USA.
Siehe: https://www.tagesschau.de/inland/innenpolitik/parteien-neumitglieder-100.html
Leider regnet kein Hirn vom Himmel 😭
Ich hoffe doch, dass es zum Lindner-Aus reicht nach der Neuwahl... 😐
#fdp #Problem #politik #Ampel #Regierung #zukunft #Perspektive #Gesellschaft #system #wahl #Lindner
Viele Parteien melden seit dem Ampel-Aus deutlich mehr Eintritte. Die angespannte politische Lage scheint die Menschen nicht davon abzuschrecken, sich zu engagieren. Wie stark ist der Zulauf? Und was motiviert die Neuen?Florian Doetsch, ARD-Hauptstadtstudio (tagesschau.de)
The Music of Physics by George N. Gibson, 2024
Music is an excellent medium to introduce physics to novice scientists, as it provides an intuitive understanding of the physics of waves.The book is not restricted to purely musical topics. Each topic is carefully chosen to relate to broader principles applicable to other areas of physics or technology. This is not meant to be a highly technical treatise on sound and musical instruments.
@bookstodon
#books
#nonfiction
#physics
#music
Waarschuwing inhoud: Ahoi Piraten, hiermit laden wir Dich herzlich zum ordentlichen Bundesparteitag 2025.1 der Piratenpartei Deutschland ein. Dieser findet online statt. Ort der Versammlung: Zirkelschmiedsgasse 5, 90402 NürnbergHier trifft sich die Versammlungsleitung und tec
Florida health official advises communities to stop adding fluoride to drinking water
https://www.npr.org/sections/shots-health-news/2024/11/22/nx-s1-5203114/florida-surgeon-general-ladapo-rfk-fluoride-drinking-water?utm_source=flipboard&utm_medium=activitypub
Posted into Health @health-npr
MAKE PHONE CALLS!! The 15 Traitorous Democrats Who Voted to Give Trump Insane New Fascist Powers Against the Forth Estate and Social justice Groups
#StopMAGAFascistState
On Thursday, the House passed a bill that would allow the president to wipe out any nonprofit organizations he opposes with the flick of a pen. He had bipartisan support.
https://newrepublic.com/post/188693/15-democrats-give-trump-powers
A package's requirements are left unlocked
An app's requirements are locked
This doesn't excuse app devs if an
requirements.infile is not providede.g.
pip freeze > requirements.txtand forgetThis produces a lock file. Including indirect packages. The direct packages info is lost if a
requirements.inis not provided.Was working under the assumption that everyone considered constraints (-c) to be non-negotiable required feature.
If only have requirements (-r), in a centralized pyproject.toml, then how to tackle multiple specific dependency hell issues without causing a huge amount of interconnected clutter?
Within the context of resolving dependency conflicts, poetry decided pyproject.toml is a great place to put requirements.
This is what people know.
pyproject.toml or venv management should otherwise never come into the conversation.
My personal opinion is: venv, pip, pyenv, pip-tools, and tox are sufficient to manage venvs.
venvs are not required to manage requirement files. It's a convenience so dev tools are accessible.
Currently the options are: poetry or uv.
With honorable mention to pip-compile-multi, which locks dependencies.
poetry and uv manage venvs... Why?
pip-compile-multi
PyPIare you really asking why use 1 tool instead of 5?
venvs and dependency management are such interconnected concepts, I don't even know how you could sustainably handle them separately.
UNIX philosophy. One tool that does one thing well
Best to have a damn good reason when breaking this principle (e.g. vendoring) or be funded by Money McBags
requirements files are requirements files, not venvs. They may install into venv, but they are not venvs themselves. The only thing a venv provides that is of interest to ur requirements files are: the relative folder path (e.g. '.venv') and python interpreter path. Nothing more. When using tox, the py version is hardcoded, so only need to provide the relative folder path.
The venv management tools we have are sufficient. the problem is not the venv, it's managing the requirements files.
Your 1 tool suacks just as much as my 5 tools when it comes to managing requirement files. None of them do the job.
The Python env has been trying this multiple tools approach for decades and consistently delivering a worse experience than languages that pack most things in one tool.
Rust is a bliss to use, largely thanks to cargo that takes care of build, dependencies, locking, tests, publishing etc. You say do one thing and do it well. In my experience they often do one thing in a mediocre way, while forcing users to understand which and how to combine dozens of possible tools in a development environment that keeps changing. It's messy, slow, error prone, and requires constant developer attention.
Most languages don't support packages containing multiple languages (C/C++, Cython, and Python). So Python situation is much more complex.
distutils
setuptools is complex
pip is complex
requirements files are complex
space aliens wrote pytest (and pluggy)
publishing and dependencies are super centralized, depending on pypi.org way too much.
Comparing Rust vs Python is nonsense. Rust is a stricter compiler on top of C. It has to deal with legacy C libraries. It has it very very easy.
I totally agree with you. So not the best champion of the poetry approach. Someone else would need to step forward, even as devils advocate, and champion poetry. Even if tongue in cheek. Anyone?
Normally, there is no connection between constraint files and pyproject.toml
Python appears to be forever stuck with plain text requirement|constraint files. So putting them into pyproject.toml is just adding an extra layer of complexity.
That almost sounds like you might consider to jump on polymarket, initiate the prediction, put money down on that prediction creating a position, but need a little nudge.
Are you willing to make that bet? The size of the bet reflects how strongly you feel. Are you going to make this interesting?
The other side of that bet would be:
Could become that guy who extends the theory, makes a better way of doing it, and creates and publishes the package and docs.
And the world+dog recognizes the package amongst the other tools in this genre, rather than i conforming to existing tools (uv or poetry or pip-compile-multi).
In your favor, there are three tools. So three people/teams on this planet have presented a solution. Can count that on one hand with fingers to spare!
On the other hand, lets keep in mind, this is a Python specific forum and everyone here are skilled super talented coders and probably full on freak'n geniuses (lifts hand, pinky to
... toon meerThat almost sounds like you might consider to jump on polymarket, initiate the prediction, put money down on that prediction creating a position, but need a little nudge.
Are you willing to make that bet? The size of the bet reflects how strongly you feel. Are you going to make this interesting?
The other side of that bet would be:
Could become that guy who extends the theory, makes a better way of doing it, and creates and publishes the package and docs.
And the world+dog recognizes the package amongst the other tools in this genre, rather than i conforming to existing tools (uv or poetry or pip-compile-multi).
In your favor, there are three tools. So three people/teams on this planet have presented a solution. Can count that on one hand with fingers to spare!
On the other hand, lets keep in mind, this is a Python specific forum and everyone here are skilled super talented coders and probably full on freak'n geniuses (lifts hand, pinky to closest edge of mouth, everyone looks around at one another and copies, then looks back at you with an errie almost coordinated synchronized eye brow raise). And i oddly posted about this exact topic. Literally anyone and everyone who has commented could be that guy.
scratches head
looks up with one eye to check star positions
rubs chin
occasional alternating strong eye brow movements ...
(with hand on chin) who is this guy, should i call his bluff by taking a position? Whats the likelihood he's secretly a closet poetry user and just some poser?
If you won, could you be sad?
If you lost, not get upset or ego hurt instead be much happier with the published tool over the money?
What are the odds looking like on this particular prediction?
Looking forward to you posting the URL to the prediction on polymarket then promoting the market to maximize your returns. First in and clean house. Rinse wash and repeat with this blowhard wannabe (referring to myself).
Here is another prediction: the volume of that bet would be nowhere near where it needs to be to make the bet interesting.
Disagree? Create the bet yourself and prove me wrong.
That's a loaded question. Would like to avoid answering atm. Would lead to a package release announcement which this post is not; not prepared to right right now.
Instead here is an admittedly unsatisfactory response which i apologize for.
Wish to have the option to, later, take it back and give the straight exact answer which your question deserves.
my use case is your use case and everyone else's use case.
Avoiding dependency hell while keeping things easily manageable. Breaking up complexity into smallest pieces possible. And having a CLI tool to fix what's fixable while reporting on what's not.
My preference is to do this beforehand.
Woah! Was giving the benefit of the doubt. You blow my mind.
The locking is very very specific to apps and dev environment.
But lacking constraints is like cutting off an arm.
my position is it's not messy enough
Lets start off by admitting what the goal is.
We all want to avoid dependency hell.
Our primary interest is not merely cleaning up the mess of requirements files.
Cleaning up the mess results in some unintended consequences:
noise
All the requirements information is in one place. Sounds great until want to tackle and document very specific issues.
Like when Sphinx dropped support for py39, myst-parser restricted the Sphinx upper bound version, fixed it in a commit, but did not create a release.
Or cffi, every single commit just blows our mind. Adding support for things we all want. So want to set a lower bound cffi version.
My point being, these are all specific issues and should be dealt with separately. And when it's no longer relevant, know exactly what to remove. Zero noise.
complexity
When things go horribly wrong, the wrapper gets in the way. So now have to deal wi
... toon meermy position is it's not messy enough
Lets start off by admitting what the goal is.
We all want to avoid dependency hell.
Our primary interest is not merely cleaning up the mess of requirements files.
Cleaning up the mess results in some unintended consequences:
noise
All the requirements information is in one place. Sounds great until want to tackle and document very specific issues.
Like when Sphinx dropped support for py39, myst-parser restricted the Sphinx upper bound version, fixed it in a commit, but did not create a release.
Or cffi, every single commit just blows our mind. Adding support for things we all want. So want to set a lower bound cffi version.
My point being, these are all specific issues and should be dealt with separately. And when it's no longer relevant, know exactly what to remove. Zero noise.
complexity
When things go horribly wrong, the wrapper gets in the way. So now have to deal with both the wrapper and the issue. So there is both a learning curve, an API interface, and increased required know how.
The simple answer here is, do not do that.
confusion
When a dependency hell issue arises, have to deal with that and find ourselves drawn to poetry or uv documentation. The issue has nothing to do with either. But we are looking towards them to see how others solve it, in the poetry or uv way.
The only know-how that should be needed is whats in the pip docs.
Whats ur suggestion?
Would prefer to deal with dependency hell before it happens. To do this, the requirements files are broken up, so they are easier to deal with.
Centralizing everything into pyproject.toml does the opposite.
Rather than dealing with the issue beforehand, get to deal with it good and hard afterwards.