The alpha or beta release of pip with its new dependency resolver should
be out in May.
I just posted
which discusses what is going to change in the pip resolver, when, and
how you can help (including some low-effort things you can do right now).
I didn't mention this in the blog post because ordinary Python users
shouldn't try it, but: As of right now, people who install pip from
GitHub master will have the ability to run `pip install
--unstable-feature=resolver` and test the new resolver code. And less
than half of the test suite fails! Expect errors and missing features,
but it’s there! [Celebratory trumpet honk here.]
Hope all of you, and all the people you are close to, are healthy and
staying that way.
pip project manager (contracting with Python Software Foundation)
I searched PyPi for "flaskmigrate" and this came up:
flaskmigrate - A package to prevent exploit
Seems strange to me so I wanted to make you aware, I was advised to report in this mailing list.
what is the recommended to solution to declare dependencies which are only
required to run tests?
In the past there was "tests_require" but as far as I know this is deprecated.
I tried to read obvious github issues but maybe I missed something so please
bear with me if this has come up way too often. I appreciate pointers.
The project I am working on now needs to include license files for all of the 3rd party code that it includes. Since license files are not included in distribution packages, the process for doing this is exceedingly complex, error prone, and in some cases, impossible. The build process builds URLs to license files in package source code repositories based on version number, but this is dependent upon several things…
1. The source code repository is accessible via the Internet and still exists.
2. There is a tag for each version (not always true).
3. Tags follow a consistent naming pattern with respect to version numbers (not always true).
I believe that it makes sense to provide a standard means for distribution packages to include license files and then encourage package authors to use it.