Description
One limitation with the current implementation for package installation is that two different requirements.txt
can list the same package with different version requirements that may not be compatible (e.g. pkg==0.0.1
and pkg==1.0.0
), and the package will be installed multiple times in the order that it was parsed which could lead to potential issues down the line. What should the right behavior be? There are a couple of decisions to make:
- Do we try to resolve this at all or do we let it happen with a caveat in the documentation?
- If we try to resolve this, we can make a best effort to find a version that matches all of the requirements, but if we can't, does the newer version or the older version take precedence?
The step to find a version that matches all of the requirements would normally be achieved by passing a constraints file to pip
, but we are using Home Assistant's installation mechanism which uses its own constraints file, so that's not a valid option for us. We would have to essentially implement our own version of this, which we may be able to use pkg_resources
to do, I just haven't had a chance to look into it yet, and I wanted to get your thoughts @craigbarratt before I spend any time on this