[openstack-dev] [all] fix latency on requirements breakage

Mathieu Gagné mgagne at iweb.com
Tue Nov 18 01:22:13 UTC 2014


Sean Dague, thanks for bringing up the subject.

This is highly relevant to my interests. =)

On 2014-11-17 7:10 PM, Robert Collins wrote:
> Most production systems I know don't run with open ended dependencies.
> One of our contributing issues IMO is that we have the requirements
> duplicated everywhere - and then ignore them for many of our test runs
> (we deliberately override the in-tree ones with global requirements).
> Particularly, since the only reason unified requirements matter is for
> distro packages, and they ignore our requirements files *anyway*, I'm
> not sure our current aggregate system is needed in that light.
>
> That said, making requirements be capped and auto adjust upwards would
> be extremely useful IMO, but its a chunk of work;
>   - we need the transitive dependencies listed, not just direct dependencies
>   - we need a thing to find possible upgrades and propose bumps

I recently found this blog post which suggests using pip-review:
http://nvie.com/posts/pin-your-packages/#pip-review

Could it be run once in a while against global requirements and a change 
proposed to gerrit to review new updates?

>   - we would need to very very actively propogate those out from global
> requirements
>
> For now I think making 'react to the situation faster and easier' is a
> good thing to push on.
>
> -Rob


-- 
Mathieu



More information about the OpenStack-dev mailing list