I feel like I mostly see hard version equality in Python module requirements.txt files. Am I mistaken? Or is there a good reason that >= isn't more common?


I kind of thing dependency management is such a mess that the == version requirement is a helpful nudge forcing the use of isolated virtual environments, but that seems suboptimal

· · Web · 2 · 0 · 2

@xor I think the big thing is that pip doesn't have a lockfile. After a few times of getting burned by problems from new patch or minor versions (happened to me!) I figure people settle on that so they can at least ensure what they tested is what they deploy.

@xor I'm much less worried about the state of dependency management since adopting Guix. It is not ready for prime time in many areas (Python is actually one of its best) but it points so clearly towards the future that it's killed my despair about dependency management as a problem.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!