Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only a subset of lockfiles being updated #9963

Open
1 task done
bmerry opened this issue Jun 11, 2024 · 0 comments
Open
1 task done

Only a subset of lockfiles being updated #9963

bmerry opened this issue Jun 11, 2024 · 0 comments
Labels
L: git:submodules Git submodules L: github:actions GitHub Actions L: python T: bug 🐞 Something isn't working

Comments

@bmerry
Copy link

bmerry commented Jun 11, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

pip-compile

Package manager version

pip-compile 7.4.1

Language version

Python 3.8

Manifest location and content before the Dependabot update

https://github.com/ska-sa/spead2/blob/14739439cd000ca7d83085d6073ad62968e2576e/requirements.in
https://github.com/ska-sa/spead2/blob/14739439cd000ca7d83085d6073ad62968e2576e/requirements.txt
https://github.com/ska-sa/spead2/blob/14739439cd000ca7d83085d6073ad62968e2576e/requirements-3.12.txt

dependabot.yml content

version: 2
updates:
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"
  - package-ecosystem: "pip"
    directory: "/"
    schedule:
      interval: "weekly"
    groups:
      production-group:
        dependency-type: "production"
      development-group:
        dependency-type: "development"

Updated dependency

No response

What you expected to see, versus what you actually saw

I have a single source requirements.in, from which I generate two lockfiles: requirements.txt for Python 3.8, and requirements-3.12 for Python 3.12. When Dependabot opens a PR such as ska-sa/spead2#324, it's only updating the latter.

I expected to see updates to requirements.txt as well (whether in the same or a separate PR).

Native package manager behavior

Running pip-compile -U requirements.in in a Python 3.8 environment produces the following diff:

diff --git a/requirements.txt b/requirements.txt
index 6f21686..6bd0eee 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -21,11 +21,11 @@ numpy==1.24.4
     #   -r requirements.in
     #   numba
     #   scipy
-packaging==24.0
+packaging==24.1
     # via pytest
 pluggy==1.5.0
     # via pytest
-pytest==8.2.1
+pytest==8.2.2
     # via
     #   -r requirements.in
     #   pytest-asyncio
@@ -41,5 +41,5 @@ scipy==1.10.1
     # via -r requirements.in
 tomli==2.0.1
     # via pytest
-zipp==3.19.0
+zipp==3.19.2
     # via importlib-metadata

Images of the diff or a link to the PR, issue, or logs

ska-sa/spead2#324

Smallest manifest that reproduces the issue

No response
@bmerry bmerry added the T: bug 🐞 Something isn't working label Jun 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
L: git:submodules Git submodules L: github:actions GitHub Actions L: python T: bug 🐞 Something isn't working
Projects
Dependabot
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bmerry