Moto: Moto's dependencies are locked to specific versions, makes it hard to install

Created on 23 Mar 2020  路  8Comments  路  Source: spulec/moto

As of https://github.com/spulec/moto/commit/00134d2df37bb4dcd5f447ef951d383bfec0903c some of the dependencies in setup.py are specified to exact (and outdated) versions. This makes it hard to install moto.

For example more-itertools==5.0.0 is now over two years old, they're now on version 8.2... I am using version 8.2 in my project. I can no longer update moto to the latest on master in my project without doing some hackage to force my package manager (poetry) to ignore the dependency on _exactly_ 5.0.0

More details here python-poetry/poetry#697

Would moving python 2 support to a separate branch be a possibility? Or doing a version check on major python version in setup.py so there can effectively be a install_requires_py2 and a install_requires_py3 ?

Most helpful comment

FYI: This should now be fixed in moto>=1.3.15.dev772.

Feel free to open a new issue if anything is still broken.

All 8 comments

Thanks for raising this @mfogel.
A version check in setup.py sounds like the best way forward IMO.

Do you have an opinion on the best way to handle this @spulec ?

Hi, this also affects me. I can help if needed to implement this.

I'm also wondering why support Python 2?

I'm also affected by this.

I think the current solution (apply a version pin on a dependency) is worse than the problem itself (the dependency does not support Python 2). I can think of several alternatives that are better in my opinion:

  1. Drop moto support for Python 2.7 (that version of Python is no longer officially supported as of Jan 2020). You probably have lots of Py2.7 that won't be too happy with this, but they can continue to use previous versions of moto by applying a version pin on their side. You'll find that moving away from Py2.7 simplifies life for your developers and maintainers significantly.
  2. Pin conditionally. So, if the user is running Py2.7, then they must have more-itertools version 5.0.0 or below.
  3. Remove the pin. Let the user deal with it.

Can anyone think of other solutions?

Version check in setup.py sounds good to me.

@spulec Will you accept PRs, or do you prefer to deal with this yourself?

PR's are always welcome, @mpenkov!

FYI: This should now be fixed in moto>=1.3.15.dev772.

Feel free to open a new issue if anything is still broken.

Was this page helpful?
0 / 5 - 0 ratings