Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Thirdparty pip dependencies override root project's pip dependencies #1791

Open
finn-ball opened this issue Mar 7, 2024 · 2 comments
Open

Thirdparty pip dependencies override root project's pip dependencies #1791

finn-ball opened this issue Mar 7, 2024 · 2 comments

Comments

@finn-ball
Copy link

finn-ball commented Mar 7, 2024
edited
Loading

🐞 bug report

Affected Rule

use_extension("@rules_python//python/extensions:pip.bzl", "pip")

Is this a regression?

Between old WORKSPACE rules and bzlmod, potentially yes - so long as you knew the order you were defining dependencies.

Description

A third party project called foo uses rules_python and bzlmod to bring in pip dependencies:

pip = use_extension("@rules_python//python/extensions:pip.bzl", "pip")
pip.parse(
    hub_name = "foo_pip_deps",
    python_version = "3.11",
    requirements_lock = "@foo//:requirements_lock.txt",
)
use_repo(pip, "foo_pip_deps")

This dependency is implicitly used as part of a library this third party defines. This requirements_lock.txt uses a pip module matplotlib at v1.

load("@foo_pip_deps//:requirements.bzl", "requirement")
py_library(
    name = "foo",
    srcs = ["foo.py"],
    imports = ["."],
    visibility = ["//visibility:public"],
    deps = [requirement("matplotlib")], #v1
)

My root project uses the pip extension and its own requirements_lock.txt file to bring in matplotlib at v2.

If I depend on the @foo project:

load("@bar_pip_deps//:requirements.bzl", "requirement")
py_binary(
    name = "main",
    srcs = ["main.py"],
    deps = [
        "@foo",
        requirement("matplotlib"), #v2
    ],
)

The target will now use matplotlib at v1. Even though my root project specifically asks for v2.

🔬 Minimal Reproduction

Follow the examples in here

🔥 Exception or Error

🌍 Your Environment

Operating System:

  
linux

Output of bazel version:

  
7.0.2

Rules_python version:

  
0.31.0

Anything else relevant?
@finn-ball finn-ball changed the title Ability to define your own requirements lock file or python version for third party pip dependencies Thirdparty pip dependencies override root project's pip dependencies Mar 11, 2024
@finn-ball finn-ball mentioned this issue Mar 31, 2024
Open
@aignas aignas mentioned this issue Aug 6, 2024
Closed
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 7, 2024

This issue has been automatically marked as stale because it has not had any activity for 180 days. It will be closed if no further activity occurs in 30 days.
Collaborators can add an assignee to keep this open indefinitely. Thanks for your contributions to rules_python!

@github-actions github-actions bot added the Can Close? Will close in 30 days if there is no new activity label Sep 7, 2024
@hofbi
Copy link

hofbi commented Sep 8, 2024
edited
Loading

Please keep this open. The discussion is taking place in the PR providing the solution: #1829

@aignas A kind reminder to follow up on our discussion here.

@aignas aignas removed the Can Close? Will close in 30 days if there is no new activity label Sep 8, 2024
@mvukov mvukov mentioned this issue Sep 29, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aignas @hofbi @finn-ball