when should I pin deps: never and always! (intermediate) anthony explains
HTML-код
- Опубликовано: 4 окт 2024
- fine I'll make a video about it -- here's my stance on pinning dependencies and why I do what I do in the different scenarios.
playlist: • anthony explains
==========
twitch: / anthonywritescode
dicsord: / discord
twitter: / codewithanthony
github: github.com/aso...
stream github: github.com/ant...
I won't ask for subscriptions / likes / comments in videos but it really helps the channel. If you have any suggestions or things you'd like to see please comment below!
Across all languages/platforms I’ve always followed the same rule: Don’t pin while in active new development; do pin for stable releases/branches/deployments. While in development you want to use the latest & greatest, and dealing with changes in underlying libs isn’t a huge deal. For stable releases you want to ensure that it will continue working exactly as-is, and underlying libs are only updated when you can ensure they fix bugs without anything in your app/deployment breaking.
poetry for sure spread the python_requires upper bound thing by defaulting to it.
Finally my favorite topic!
Looking at the title, I was kinda expecting this to be a RUclips Short with you just yelling "YES" 😂
All kidding aside, this was a great and very informative video! Thank you!
Thanks for this straightforward explanation!
This was very informative, thanks!
Thank you for video. It's interesting oppinion.
At 6:17 - pip-chill kind of does what you have in mind, I think.
yeah I'm not looking for tool suggestions -- I've already written what I have in mind once and when I actually need to solve the problem for myself again I'll rewrite it
Well I appreciate the comment, definitely going to have a look at the project.
What's the advantage of including third party dependencies in your requirements for apps/microservices? Doesn't just including your first-party deps and pinning each to its version have the same effect, since it won't bump the third-party dep versions if first-party dep versions are not bumped?
if transitive dependencies are not pinned pip will satisfy them with the newest version possible
@@anthonywritescode Interesting! Great video.
I'm curious why you didn't chose poetry or pipenv to have transitive dependencies locked?
(I'm not familiar with piptools, so maybe it boils down to taste preferences)
why use a broken chainsaw when a screwdriver works fine
ruclips.net/video/Gr9o8MW_pb0/видео.html
I can present a few reasons from my experience as to why I prefer piptools instead of poetry:
- piptools pulls in 6 dependencies when installed. poetry pulls in 44.
- piptools can live in the same environment as the dependencies it manages (actually it’s designed to be like this). poetry must live *outside* your environment, otherwise it’s going to remove a few of its many dependencies and commit sudoku in the process
- poetry has changed their recommended installation method a few times and it’s still iffy, plus the fiasco of the intentional 5% chance to break when using the unsupported installation method
That’s why I pick piptools
I’ve never heard anything good about poetry - especially when a single setup.cfg file does everything so much simpler without needing to learn a random bloated tool
I know this is unrelated to the video, but have you seen PEP 703? And if so, what are your thoughts on it?
yeah I covered it long before it became a PEP: ruclips.net/video/6g79qGQo2-Q/видео.html
what keyboard is that?
Hey Anthony 👋🏻, don't do that! Don't do the thumbnail face!, RUclips is full of that and believe me most of thumbnail face videos have a shitty content but your content is valuable, pleas reconsider videos thumbnail
It’s well noted that they tend to attract more clicks than other thumbnail designs (go listen to Linus Sebastian talk about them - he hates them but still uses them because they generate more money)
it tripled my metrics
@@anthonywritescode wow so people are really in to the shocked! faces 😶🌫️