Contributors mailing list archives

contributors@odoo-community.org

Browse archives

Avatar

Re: 14.0 branches

by
Acsone SA/NV, Stéphane Bidoul
- 13/10/2020 10:24:05
On Tue, Oct 13, 2020 at 9:36 AM Pedro M. Baeza (Tecnativa)
<pedro.baeza@tecnativa.com> wrote:

> Stéphane, how to pin specific Python libraries versions in this workflow in the generated requirements.txt? We have several places with this requirement.

First a word about version pinning in general.

As much as possible we must avoid *strict* pins in OCA repos, because
it creates a risk of conflicts when installing other repos requiring
the same libraries, or downstream projects.
If there is a minimum version we need to support, we can say libN >=
x.y. And if there is a need to declare a maximum version, we can also
say "libN >= x.y, <= z.t" (see PEP 440 [3] for details).
We need to keep in mind that the more constraint we place (especially
on upper versions), the more risk we have to create downstream version
conflicts.

Of course the above applies to OCA repos only. In customer projects,
it is highly recommended to pin as strictly as possible, of course.

As to where these constraints have to be declared, it would be in
- setup.py, as it is already the case today
(external_dependencies_override [1]), because unfortunately Odoo does
not allow specifying constraints in the manifest (I opened the
discussion with Odoo without much success so far [2])
- or in test-requirements.txt if these are dependencies that cannot be
declared in the addon manifests for some reason

-sbi

[1] https://pypi.org/project/setuptools-odoo/2.5.10/#controlling-setuptools-odoo-behaviour
[2] https://github.com/odoo/odoo/pull/35800
[3] https://www.python.org/dev/peps/pep-0440/

Reference