Adding a non-metadata installer-only `dev-dependencies` table to pyproject.toml

ofek · October 25, 2022, 10:54pm

Woah that’s a great way to articulate it. I fully agree.

brettcannon · October 25, 2022, 11:41pm

So is “concentrated” to you having a single tool to do this, or coming up with a single way to specify development dependencies that all tools use?

Definitely not that link as that’s the spec, not a tutorial or guide. I think you’re looking for Packaging Python Projects - Python Packaging User Guide .

ketozhang · October 26, 2022, 1:36am

Yes, That looks great! I didn’t realize this page changed so much. It used to be a land of outdated information.

Neither, I’m on the camp that the pyproject.toml status quo for dev dependencies is fine — mixing them with project.optional-dependencies is fine. “Concentrated”, to me, is for Python to add one example of the development workflow of a python ~~package~~ project.

Preferably, the example is tool-agnostic. Here’s one for pyproject.toml file,

[project]
name = "myproject"
version = "0.0.1"
requires-python = ">=3.7"

[project.optional-dependencies]
tests = ["pytest", "rich"]

, and then maybe a few example of installing for development (e.g., pip install -e .[tests], pdm install -G tests).

No reason to make this specific to packaging projects either. Applications need development dependencies too (I know lockfile specification is missing, but let’s not go there ).

pradyunsg · October 26, 2022, 3:01am

We don’t have a tool-agnostic way to do what I’m trying to achieve – that’s basically why I created this thread.

Anyway, this is digressing strongly into “what are the recommendations for Python development workflows” and “we need better docs” – so I’m gonna step away from this to avoid going into that rabbit hole.

Fair enough!

uranusjr · October 28, 2022, 12:16pm

I’m wondering if there’s another way. Since the original intention is to have a dependency group that does not show up as extras, maybe we should instead provide a way to declare an optional dependency group as (air-quotes) non-public?

Say

[project.optional-dependencies]
auth = ["cryptography"]
tests = ["pytest"]

[project]
extras = ["auth"]

If the extras key is missing, the default is to populate the value with all keys in optional-dependencies. If it’s explicitly given, it lists the extras that’d go into metadata.

brettcannon · October 28, 2022, 10:14pm

I personally like that solution a lot. It makes it opt-in while also making it explicit once you have opted in. Plus it’s a good mapping to Provides-Extra.

ofek · October 29, 2022, 1:32pm

That’s a fantastic, pragmatic proposal. What’s the next step, a PEP to update PEP 621?

pradyunsg · October 29, 2022, 11:53pm

I like it too. A PEP to update the project table to add this additional key, yes.

pradyunsg · October 29, 2022, 11:56pm

At the risk of being a cookie licker on this… I’ll pick this up.

update: I am not writing this PEP – Adding a non-metadata installer-only `dev-dependencies` table to pyproject.toml - #58 by pradyunsg

sbidoul · October 30, 2022, 7:41am

At first sight I like it. But if these optional dependencies don’t end up in metadata, how should an installer deal with them?

uranusjr · October 30, 2022, 9:10am

I’d expect those optional-dependencies entries not listed in extras to be completely ignored by the wheel builder. The wheel installer would never see those and thus doesn’t need any additional logic to deal with them.

pf_moore · October 30, 2022, 12:46pm

So how would something like pip install foo[not-an-extra] work? Would pip need to unpack the sdist and parse the data out of pyproject.toml? What if there was a wheel for foo? Would not-an-extra be rejected or would we be expected to check the sdist just in case?

The idea seems nice in principle, but there are a lot of questions with no obvious answer…

layday · October 30, 2022, 1:09pm

I don’t think it makes sense to co-opt dependency specifiers for installer-only extras. You’d probably want to have a new option for these in pip or overload -r.

uranusjr · October 30, 2022, 1:44pm

Since not-an-extra is not an extra, the command would not “work”. The behaviour currently implemented by pip is (IIRC) to install foo without any extras.

pf_moore · October 30, 2022, 2:19pm

I thought the point of the dev-dependencies idea was that pip would be able to install them? If that’s not the case, and we simply say that pip will ignore anything in project.optional-dependencies that’s not carried forward into the wheel metadata, then I’m OK with that. Although I suspect we’ll get requests to add support, and we’ll go through the same debate then - only with “but it’s a standard” as an argument that we should support it.

Let me go on record then that I’m fine with the proposal to use project.extras for this, as long as it’s intended only for build tools and there’s no expectation or implication that pip will support optional dependencies that aren’t listed in extras (either explicitly or implicitly by the omission of the extras key).

If there’s an expectation that pip will support this, my questions stand. And in particular, I don’t think we can behave differently depending on “whether a wheel exists”.

layday · October 30, 2022, 2:45pm

The idea is for pip to install dependencies directly from project.optional-dependencies as an alternative to requirements.txts. pip shouldn’t have to care about the hypothetical project.extras - that’s for the backends’ benefit only. It tells them which extras, i.e. which dependency groups, to omit from the distribution metadata. Distribution-less dependency groups are not extras and you would not expect to be able to install them using install x[y]. You’d need some other way to invoke install, e.g. with pip install -d dev, where dev might be:

[project.optional-dependencies]
dev = ["black"]

I’m personally not a fan of re-using optional-dependencies for this - it’s the sort of thing that’s alluring for its apparent elegance but semantically ambiguous.

pf_moore · October 30, 2022, 3:19pm

Hmm, yes. If that’s the intention, then I agree, it’s ambiguous and confusing (it certainly confused me!)

pradyunsg · December 9, 2022, 2:56pm

I ended up down the same line of reasoning as @pf_moore above, and I don’t see a way to make a project.extras key work with the tooling model that we have today.

barry · January 28, 2023, 12:09am

Dropping into this topic from elsewhere, I wonder if dependency groups and environments really need to be tightly connected. Like, if I can just specify dependency groups easily, then if I were to say use pdm+tox, I could just install the right group into the right environment with pdm install -G mygroup and if I was using hatch, I would just say [tools.hatch.envs.<blah>]features = ['mygroup'].

ofek · January 28, 2023, 12:53am

I don’t have the heart nor time to go back into this topic but the only proposal that I’ve heard that I am in favor of is the one from @uranusjr Adding a non-metadata installer-only `dev-dependencies` table to pyproject.toml - #47 by ofek

Topic		Replies	Views
Development Dependencies In pyproject.toml Packaging	25	9949	April 25, 2023
Manually adding dependencies to pyproject.toml Packaging	14	9397	August 28, 2022
PEP 621: how to specify dependencies? Packaging	220	14523	September 17, 2020
Pyproject.toml optional dependencies redundancy aka DRY extras Packaging	10	13487	August 24, 2021
Please reconsider using [project] table for "project not meant to be a wheel" specification Standards	17	1520	March 6, 2024

Adding a non-metadata installer-only `dev-dependencies` table to pyproject.toml

Related Topics