Oh, what a fun journey.
jsonschema < 3.10 relies on pkg_resources, which was removed in setuptools 82
so we bump lower versions of jsonschema. in some cases we get 4.17.3, haven't checked why yet. some other dependency keeps it down. that version works fine.
in one case (one repo) we get 4.26.0, and it breaks because referencing==0.36.0 relies on TypeVar in typing-extensions having a keyword argument 'default'. that came in typing-extensions 4.4 and the repo is on 4.1.
referencing==0.36.1 depends on typing-extensions>=4.4 to ensure it has the keyword argument, but that's exactly why pip-compile picked 0.36.0 instead. π
There's no bug to report on anyone, everything has been fixed in recent versions, and old versions can't be fixed retroactively. But if you're trying to do a normal, conservative bump, it's a little murder mystery.
Hypolite Petovan likes this.
clacke: exhausted pixie dream boy πΈπͺππ°ππ
in reply to clacke: exhausted pixie dream boy πΈπͺππ°ππ • • •Hypolite Petovan likes this.
Hypolite Petovan
in reply to clacke: exhausted pixie dream boy πΈπͺππ°ππ • • •clacke: exhausted pixie dream boy πΈπͺππ°ππ
in reply to Hypolite Petovan • • •@Hypolite Petovan This is pip-compile, a separate tool. The way I usually check why something was held back is to ask it to explicitly upgrade further and see what changes that would pull in.
When it has conflicts that prevent it from doing what I ask, the error message is usually awful, and then I double-check its work with uv pip install.
uv pip install, basically a drop-in replacement for pip, has gloriously informative error messages and also helpful success messages, a diff output of what packages it would install and uninstall.
Hypolite Petovan likes this.