Commit f852b12
committed
Work around pip 23.0.1 dependency resolution bug
pip is resolving a Poetry dependency to a version that isn’t the one we have pinned. Luckily, `--require-hashes` still catches it.
Both `-c requirements.txt` and `--no-deps` can work around the issue.
This was fixed at some point between pip 23.0.1 and the current pip 25.1.1, but I don’t want to add an additional Poetry-style lockfile for a pip upgrade and further bloat the image besides.
We should be able to upgrade to a fresher base image soon enough anyway.1 parent 9fd2ac8 commit f852b12
2 files changed
Lines changed: 2 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
61 | 61 | | |
62 | 62 | | |
63 | 63 | | |
64 | | - | |
| 64 | + | |
65 | 65 | | |
66 | 66 | | |
67 | 67 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
113 | 113 | | |
114 | 114 | | |
115 | 115 | | |
116 | | - | |
| 116 | + | |
117 | 117 | | |
118 | 118 | | |
119 | 119 | | |
| |||
0 commit comments