Pipenv 2022.10.25 does not appear to correctly prune obsolete dependencies #5456
Closed
Description
Issue description
When updating packages in a Pipfile to versions that vendor away certain dependencies, these dependencies are not pruned from the Pipfile.lock
Expected result
The Pipfile.lock doesn't contain dependencies that are not listed in the Pipfile and not depended on by any (sub-)dependencies of listed packages, either. Pipenv version 2022.6.7 does this correctly.
Actual result
Obsoleted package dependencies remain in the Pipfile.lock
Steps to replicate
We start with a Pipfile containing
[packages]
pytest = "==7.1.2"
pytest-xdist = "==2.5.0"The lock file generated with those dependencies contains, among others, py and pytest-forked. After updating the Pipfile's contents to
[packages]
pytest = "==7.2.0"
pytest-xdist = "==3.0.2"and running pipenv lock, the packages mentioned above are still listed in the lock file, despite not being depended on any more by either package (as evidenced by pipenv graph).
$ pipenv --support
Pipenv version: '2022.10.25'
Pipenv location: '/usr/local/lib/python3.10/site-packages/pipenv'
Python location: '/usr/local/bin/python'
OS Name: 'posix'
User pip version: '22.3'
user Python installations found:
3.10.5:/usr/local/bin/python3.10.5:/usr/local/bin/python33.9.2:/usr/bin/python3.93.9.2:/usr/bin/python3
PEP 508 Information:
{'implementation_name': 'cpython',
'implementation_version': '3.10.5',
'os_name': 'posix',
'platform_machine': 'x86_64',
'platform_python_implementation': 'CPython',
'platform_release': '5.15.0-10052-tuxedo',
'platform_system': 'Linux',
'platform_version': '#58tux1 SMP Thu Oct 20 16:29:39 UTC 2022',
'python_full_version': '3.10.5',
'python_version': '3.10',
'sys_platform': 'linux'}
System environment variables:
SHELLCOLORTERMTERM_PROGRAM_VERSIONHOSTNAMEPYTHON_VERSIONSSH_AUTH_SOCKREMOTE_CONTAINERS_IPCPWDPYTHON_SETUPTOOLS_VERSIONHOMELANGREMOTE_CONTAINERSGPG_KEYPYTHONPATHTERMREMOTE_CONTAINERS_SOCKETSSHLVLPYTHON_PIP_VERSIONPYTHON_GET_PIP_SHA256PYTHON_GET_PIP_URLBROWSERPATHPIP_NO_CACHE_DIRTERM_PROGRAMVSCODE_IPC_HOOK_CLI_PIP_DISABLE_PIP_VERSION_CHECKPIP_PYTHON_PATHPYTHONDONTWRITEBYTECODEPYTHONFINDER_IGNORE_UNSUPPORTED
Pipenv–specific environment variables:
Debug–specific environment variables:
PATH:/vscode/vscode-server/bin/linux-x64/8fa188b2b301d36553cbc9ce1b0a146ccb93351f/bin/remote-cli:/root/.local/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/binSHELL:/bin/bashLANG:C.UTF-8PWD:/workspaces/pipenv-break
Contents of Pipfile ('/workspaces/pipenv-break/Pipfile'):
[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"
[packages]
pytest = "==7.2.0"
pytest-xdist = "==3.0.2"
[requires]
python_version = "3.10"
[pipenv]
allow_prereleases = true
Contents of Pipfile.lock ('/workspaces/pipenv-break/Pipfile.lock'):
{
"_meta": {
"hash": {
"sha256": "513621fbfbc31236089e939f4c8c8079530cf7a18514d593e9cfece60d5c947f"
},
"pipfile-spec": 6,
"requires": {
"python_version": "3.10"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.org/simple",
"verify_ssl": true
}
]
},
"default": {
"attrs": {
"hashes": [
"sha256:29adc2665447e5191d0e7c568fde78b21f9672d344281d0c6e1ab085429b22b6",
"sha256:86efa402f67bf2df34f51a335487cf46b1ec130d02b8d39fd248abfd30da551c"
],
"markers": "python_version >= '3.5'",
"version": "==22.1.0"
},
"exceptiongroup": {
"hashes": [
"sha256:4d6c0aa6dd825810941c792f53d7b8d71da26f5e5f84f20f9508e8f2d33b140a",
"sha256:73866f7f842ede6cb1daa42c4af078e2035e5f7607f0e2c762cc51bb31bbe7b2"
],
"markers": "python_version < '3.11'",
"version": "==1.0.1"
},
"execnet": {
"hashes": [
"sha256:8f694f3ba9cc92cab508b152dcfe322153975c29bda272e2fd7f3f00f36e47c5",
"sha256:a295f7cc774947aac58dde7fdc85f4aa00c42adf5d8f5468fc630c1acf30a142"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==1.9.0"
},
"iniconfig": {
"hashes": [
"sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3",
"sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32"
],
"version": "==1.1.1"
},
"packaging": {
"hashes": [
"sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb",
"sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522"
],
"markers": "python_version >= '3.6'",
"version": "==21.3"
},
"pluggy": {
"hashes": [
"sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159",
"sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3"
],
"markers": "python_version >= '3.6'",
"version": "==1.0.0"
},
"py": {
"hashes": [
"sha256:51c75c4126074b472f746a24399ad32f6053d1b34b68d2fa41e558e6f4a98719",
"sha256:607c53218732647dff4acdfcd50cb62615cedf612e72d1724fb1a0cc6405b378"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==1.11.0"
},
"pyparsing": {
"hashes": [
"sha256:2b020ecf7d21b687f219b71ecad3631f644a47f01403fa1d1036b0c6416d70fb",
"sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc"
],
"markers": "python_full_version >= '3.6.8'",
"version": "==3.0.9"
},
"pytest": {
"hashes": [
"sha256:892f933d339f068883b6fd5a459f03d85bfcb355e4981e146d2c7616c21fef71",
"sha256:c4014eb40e10f11f355ad4e3c2fb2c6c6d1919c73f3b5a433de4708202cade59"
],
"index": "pypi",
"version": "==7.2.0"
},
"pytest-forked": {
"hashes": [
"sha256:8b67587c8f98cbbadfdd804539ed5455b6ed03802203485dd2f53c1422d7440e",
"sha256:bbbb6717efc886b9d64537b41fb1497cfaf3c9601276be8da2cccfea5a3c8ad8"
],
"markers": "python_version >= '3.6'",
"version": "==1.4.0"
},
"pytest-xdist": {
"hashes": [
"sha256:688da9b814370e891ba5de650c9327d1a9d861721a524eb917e620eec3e90291",
"sha256:9feb9a18e1790696ea23e1434fa73b325ed4998b0e9fcb221f16fd1945e6df1b"
],
"index": "pypi",
"version": "==3.0.2"
},
"tomli": {
"hashes": [
"sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc",
"sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f"
],
"markers": "python_version < '3.11'",
"version": "==2.0.1"
}
},
"develop": {}
}