You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In current JSON output, the top package has further packages and dependencies. Dependencies have further nested dependencies. Packages in packages is not the SCTK way, neither are deps in deps, nor packages in deps. We should adopt and eventually revamp the way to report dependencies in SCTK
The text was updated successfully, but these errors were encountered:
For backgrounders here are some notes wrt the different dependency contexts we face
Contexts:
With a MANIFEST: 1. package manifest: setup.py, csproj
we collect only first level direct dependencies
With a LOCKFILE: 2. lock file: requirements.txt with pinned versions
we collect flat or nested data structure where all deps are present with pinned versions
for example NuGet: project-assets.json
With an inspector RESOLUTION 3. dependency resolution: inspectors
The input is a list of direct dependencies from 1. (or from a lock file in 2.)
The output is a tree or flat list of deps
Today we handle:
A. A flat list of dependencies for a package if found in 1. MANIFEST
B. A flat list of dependencies not for a package if found only in a 2. LOCKFILE (say a solo requirements.txt) even Though some LOCKFILE are nested
C. We optionally track the "resolved_package" metadata in a dependency
* Enable cloning of BasePackage and Party
* The top level dependencies list is a flat list and does not contain
further nested "dependencies"
Reference: #24
Signed-off-by: Philippe Ombredanne <[email protected]>
In current JSON output, the top package has further packages and dependencies. Dependencies have further nested dependencies. Packages in packages is not the SCTK way, neither are deps in deps, nor packages in deps. We should adopt and eventually revamp the way to report dependencies in SCTK
The text was updated successfully, but these errors were encountered: