Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not vendorize third-party packages #848

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Do not vendorize third-party packages #848

wants to merge 1 commit into from

Commits on May 9, 2022

  1. Do not vendorize third-party packages 

    - Vendorizing your dependencies forces the consumers of your API to
  include these dependencies as well (or to fork your project), which is
  not good practice in case they have a more sane/programmatic/automated
  way of handling runtime dependencies (eg: conda, rez, etc.).
  Good common practice is to have a "recipe" of your dependencies (eg: a
  requirements.txt, an environment.yaml, a pyproject.toml) etc. so that
  your consumers can easily integrate these dependencies into their own
  workflow for dependency management, instead of forcing them to use
  whatever version you chose. Even if they don't end up in their
  PYTHONPATH, consumers of the API still have to deal with breaking
  changes in these dependecies. For example, I (as a vfx studio) need to
  update our tk-core to a version that has merged
  shotgunsoftware#818  in order to have
  pyaml run fine in python3. A problem that I wouldn't have to deal with
  at all f youd didn't vendorize it in the first place.
- Some interesting ideas: https://gist.github.com/datagrok/8577287
- Shameless plug: https://valerioviperino.me/conda/for-pipeline-tds
    Valerio Viperino committed May 9, 2022
    Configuration menu
    Copy the full SHA
    1df7f16 View commit details
    Browse the repository at this point in the history