[openstack-dev] DevStack hacks requirements.txt et al

Clark Boylan clark.boylan at gmail.com
Wed Jun 18 05:57:44 UTC 2014

On Tue, Jun 17, 2014 at 10:33 PM, Mike Spreitzer <mspreitz at us.ibm.com> wrote:
> I have noticed that lately DevStack has been hacking requirements.txt in
> most projects and test-requirements.txt in many.  Why is this being done?
> Thanks,
> Mike
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

This is being done to ensure that all projects are tested with a
common reproduceable dependency list. Without doing this every project
can install different versions of things based on the way pip resolves
dependencies. It isn't intuitive and can cause us to not actually work
with the dependencies advertised in requirements.txt.

For example since we don't make requirements syncs happen in lockstep
project A may depend on an older version of some dependency that is
shared with project B. Pip will then install this older version for us
and this older version is what gets tested. Then we update the
dependency in project A and everything breaks because we actually
needed the older version. It is also possible that project B
absolutely requires the newer version that we have stated in
requirements.txt (perhaps this is why requirements.txt says what it
says), but if it gets the old version from project A now project B is


More information about the OpenStack-dev mailing list