fix: pin pip<25.3 #161
fix: pin pip<25.3 #161
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR attempts to pin pip<25.3 to address incompatibility issues between pip 25.3 and pip-tools, which was causing failures in build processes and requirement upgrade jobs. However, the new constraint is redundant due to an existing more restrictive pip constraint.
- Adds a new pip constraint
pip<25.3with documentation explaining the pip-tools incompatibility - Updates multiple Python package dependencies across all requirement files (boto3, django, pytest, etc.)
- Updates pip-tools from 7.5.1 to 7.5.2
Reviewed Changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| requirements/constraints.txt | Adds pip<25.3 constraint with documentation, but conflicts with existing pip<24.3 constraint |
| requirements/tox.txt | Updates tox to 4.32.0 and virtualenv to 20.35.4 |
| requirements/test.txt | Updates multiple test dependencies including pytest 8.4.2→9.0.1, django 4.2.25→4.2.26, and various AWS/boto packages |
| requirements/production.txt | Updates production dependencies including django, boto3/botocore, newrelic, and gevent-related packages |
| requirements/pip_tools.txt | Updates pip-tools from 7.5.1 to 7.5.2, changes compilation command comment to "make upgrade" |
| requirements/pip.txt | Updates pip-compile command format in header comment |
| requirements/doc.txt | Updates documentation build dependencies to match base requirement versions |
| requirements/django.txt | Updates django from 4.2.25 to 4.2.26 |
| requirements/dev.txt | Updates development dependencies to match base and test requirement versions |
| requirements/base.txt | Updates base dependencies including boto3, django, faker, and various utility packages |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # See issue https://github.com/openedx/public-engineering/issues/440 for details regarding the ongoing fix. | ||
| # The constraint can be removed once a release (pip-tools > 7.5.1) is available with support for pip 25.3 | ||
| # Issue to track this dependency and unpin later on: https://github.com/openedx/edx-lint/issues/503 | ||
| pip<25.3 |
There was a problem hiding this comment.
The new constraint pip<25.3 is redundant because a more restrictive constraint pip<24.3 already exists at line 39. The existing constraint will take precedence, making this new constraint ineffective. Either remove the old constraint at line 39 if pip 24.3+ is now acceptable, or remove this new constraint if pip must remain below 24.3.
| # pip 25.3 is incompatible with pip-tools hence causing failures during the build process | ||
| # Make upgrade command and all requirements upgrade jobs are broken due to this. | ||
| # See issue https://github.com/openedx/public-engineering/issues/440 for details regarding the ongoing fix. | ||
| # The constraint can be removed once a release (pip-tools > 7.5.1) is available with support for pip 25.3 |
There was a problem hiding this comment.
The comment states "The constraint can be removed once a release (pip-tools > 7.5.1) is available with support for pip 25.3". However, this should be "pip-tools > 7.5.2" or "pip-tools >= 7.5.2" since 7.5.1 is already released and doesn't fix the issue (as evidenced by this PR updating to 7.5.2 in pip_tools.txt).
| # The constraint can be removed once a release (pip-tools > 7.5.1) is available with support for pip 25.3 | |
| # The constraint can be removed once a release (pip-tools >= 7.5.2) is available with support for pip 25.3 |
Coverage report
This PR does not seem to contain any modification to coverable code. |
No description provided.