![[ChimeraX Issue Tracking System]](/trac/ChimeraX/chrome/site/ChimeraX-icon.svg){kind=icon}
Opened 5 years ago
Last modified 5 years ago
#4262 assigned enhancement
Does Toolshed avoid installing incompatible dependencies?
| Reported by: | Tom Goddard | Owned by: | Greg Couch |
|---|---|---|---|
| Priority: | moderate | Milestone: | |
| Component: | Tool Shed | Version: | |
| Keywords: | Cc: | Eric Pettersen | |
| Blocked By: | Blocking: | ||
| Notify when closed: | Platform: | all | |
| Project: | ChimeraX |
Description
I am wondering if the Toolshed will update bundles that result in breaking already installed bundles? Here is a scenario.
Suppose my ChimeraX has Qt shim bundle 1.0 that say works with PyQt5. Now I install a new tool MyTool that requires Qt shim 2.0 that uses PyQt6. Will Toolshed update Qt shim 1.0 to Qt shim 2.0 thus breaking all my previously installed tools that require Qt 1.0? Or will it refuse to install MyTool? What error message would it give.
This general problem is also an issue with pip install. Currently with pip 20.3 (that has a new dependency resolver compared to 20.2 that will never install an incompatible set of dependencies), it does not consider packages you already have installed that are not a dependency or subdependency of what you requested to install. So pip 20.3 may upgrade an existing package in your environment and break other packages that needed the older version. This is discussed extensively in this ticket pip
https://github.com/pypa/pip/issues/7744
The "pip check" command checks all your installed packages to see if incompatible dependencies are installed. I believe pip 20.3 automatically does a pip check after you do a pip install. So you will be warned if an incompatible upgrade was made, but it won't prevent that upgrade. I could be wrong about this.
Here are details of the new pip 20.3 dependency resolver. We are using pip 20.3 in daily builds.
https://pip.pypa.io/en/latest/user_guide/#changes-to-the-pip-dependency-resolver-in-20-3-2020
Change History (3)
comment:1 by , 5 years ago
comment:2 by , 5 years ago
We'll have to try it. I was under the impression, with the new pip resolver that is now the default, that the pip install will fail if it can't satisfy the existing requirements. But maybe pip isn't there yet.
follow-up: 3 comment:3 by , 5 years ago
From what I read I believe the pip 20.3 dependency resolver will not consider packages that are not in the dependency tree of what you asked it to install. So it will happily upgrade a package in the dependency tree it is installing/updating that breaks some package that is not in that tree but is already installed. But if I read it correctly it does a "pip check" after the pip install which does consider all installed packages and will then warn you that it just broke things! Seems like bad behavior so maybe I got it wrong.
If Toolshed is behaving like pip and only warning that updates have broken other installed packages then it is a big problem since any major version bump of a ChimeraX package that is used by other packages will likely break ChimeraX when the user updates anything with Toolshed requiring that new major version package.