ci: Pin transitive dependencies for tests suites on Python>=3.8#6437
Draft
alexander-alderman-webb wants to merge 3 commits into
Draft
ci: Pin transitive dependencies for tests suites on Python>=3.8#6437alexander-alderman-webb wants to merge 3 commits into
alexander-alderman-webb wants to merge 3 commits into
Conversation
Contributor
Codecov Results 📊✅ 28 passed | Total: 28 | Pass Rate: 100% | Execution Time: 8.34s 📊 Comparison with Base Branch
✨ No test changes detected All tests are passing successfully. ✅ Patch coverage is 100.00%. Project has 17056 uncovered lines. Coverage diff@@ Coverage Diff @@
## main #PR +/-##
==========================================
- Coverage 26.24% 24.44% -1.8%
==========================================
Files 190 189 -1
Lines 22890 22573 -317
Branches 7834 8559 +725
==========================================
+ Hits 6007 5517 -490
- Misses 16883 17056 +173
- Partials 506 483 -23Generated by Codecov Action |
Comment on lines
+1189
to
+1202
| for python_version in release.python_versions: | ||
| if python_version < ThreadedVersion("3.8"): | ||
| continue | ||
| try: | ||
| deps = _get_transitive_dependencies( | ||
| integration, package, release, python_version | ||
| ) | ||
| except DryRunFailed as error: | ||
| print( | ||
| f"\npip dry run failed for version {release} of {package} on Python {python_version}:\n{error}" | ||
| ) | ||
| continue | ||
| if deps: | ||
| release.transitive_dependencies.append(deps) |
Contributor
There was a problem hiding this comment.
Transitive-dependency cache ignores Python version, so all but the first iteration return stale results
The inner loop calls _get_transitive_dependencies once per python_version, but fetch_package_dependencies caches results keyed only on package+version (no Python version). After the first iteration resolves deps on, say, Python 3.8, every subsequent iteration (3.9, 3.10, 3.11…) returns those same cached Python 3.8 pins while labelling them with the later Python version in the tox env name.
Evidence
_fetch_package_dependencies_from_cache(package, version)at line 204 ignorespython_version; cache hit returns immediately._save_to_package_dependencies_cache(package, version, ...)at line 247 also omitspython_version, so the first call's result is stored under justpackage+version.- The new loop (lines 1189–1202) iterates over all
release.python_versions; for a release supporting 3.8–3.11 the second through fourth calls will all hit the cache entry written by the first call. - The dep strings embed the current
python_versionin the tox env name (e.g.3.11-django-v4.2: …) but the pinned package versions came from the Python 3.8 resolution, which can differ (e.g.tzdata,asgiref, or other conditional deps). _get_dependency_probe_constraintsat lines 167–193 also varies bypython_version, so even the constraints used differ per iteration, yet the cached result from the first call ignores this.
Identified by Warden code-review · VCG-BDE
Contributor
Author
There was a problem hiding this comment.
oh that's not good
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Add transitive dependencies to all test groups that are generated by
populate_tox.py.Dependency versions are resolved via a dry run of pip through uv on the relevant Python version.
Pins one set of dependencies per Python version and per library version.
Issues
Reminders
tox -e linters.feat:,fix:,ref:,meta:)