dependency conflict on v.0.22.3 installation

[ftarrega]

Project board link

Hello there.

It seems to me you got a dependency conflict on the virtualenv module version that poetry requires with what's in the poetry.lock file. I've tried installing v.0.22.3 today and it failed. Here's a few log snippets from such attempt:

12:19:26 Collecting virtualenv<21.0.0,>=20.26.6 (from poetry)
12:19:26 Downloading virtualenv-20.26.6-py3-none-any.whl.metadata (4.5 kB)
(...)
12:19:28 Downloading trove_classifiers-2024.10.13-py3-none-any.whl (13 kB)
12:19:28 Downloading virtualenv-20.26.6-py3-none-any.whl (6.0 MB)
12:19:28 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 6.0/6.0 MB 144.8 MB/s eta 0:00:00
(...)
12:19:28 Installing collected packages: trove-classifiers, ptyprocess, fastjsonschema, distlib, zipp, urllib3, tomlkit, shellingham, rapidfuzz, pyproject-hooks, pycparser, poetry-core, platformdirs, pkginfo, pexpect, packaging, msgpack, more-itertools, jeepney, installer, idna, filelock, crashtest, charset-normalizer, certifi, virtualenv, requests, jaraco.classes, importlib-metadata, dulwich, cleo, cffi, build, requests-toolbelt, cryptography, cachecontrol, SecretStorage, keyring, poetry-plugin-export, poetry
12:19:32 Successfully installed SecretStorage-3.3.3 build-1.2.2.post1 cachecontrol-0.14.0 certifi-2024.8.30 cffi-1.17.1 charset-normalizer-3.4.0 cleo-2.1.0 crashtest-0.4.1 cryptography-43.0.1 distlib-0.3.9 dulwich-0.21.7 fastjsonschema-2.20.0 filelock-3.16.1 idna-3.10 importlib-metadata-8.5.0 installer-0.7.0 jaraco.classes-3.4.0 jeepney-0.8.0 keyring-24.3.1 more-itertools-10.5.0 msgpack-1.1.0 packaging-24.1 pexpect-4.9.0 pkginfo-1.11.2 platformdirs-4.3.6 poetry-1.8.4 poetry-core-1.9.1 poetry-plugin-export-1.8.0 ptyprocess-0.7.0 pycparser-2.22 pyproject-hooks-1.2.0 rapidfuzz-3.10.0 requests-2.32.3 requests-toolbelt-1.0.0 shellingham-1.5.4 tomlkit-0.13.2 trove-classifiers-2024.10.13 urllib3-2.2.3 virtualenv-20.26.6 zipp-3.20.2
12:19:33 Installing dependencies from lock file
12:19:33
12:19:33 Package operations: 73 installs, 14 updates, 0 removals
12:19:33
12:19:33 - Downgrading cffi (1.17.1 -> 1.16.0)
12:19:34 - Downgrading certifi (2024.8.30 -> 2024.2.2)
(...)
12:19:38 - Downgrading virtualenv (20.26.6 -> 20.25.3)
12:19:54 Collecting virtualenv==20.25.3 (from -r requirements.txt (line 109))
12:19:54 Downloading virtualenv-20.25.3-py3-none-any.whl.metadata (4.4 kB)
12:19:55 Collecting yarl==1.9.4 (from -r requirements.txt (line 110))
12:19:55 Downloading yarl-1.9.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (31 kB)
12:19:55 Collecting zipp==3.20.2 (from -r requirements.txt (line 111))
12:19:55 Using cached zipp-3.20.2-py3-none-any.whl.metadata (3.7 kB)
12:19:55 Collecting zope.event==5.0 (from -r requirements.txt (line 112))
12:19:55 Using cached zope.event-5.0-py3-none-any.whl.metadata (4.4 kB)
12:19:55 Collecting zope.interface==6.3 (from -r requirements.txt (line 113))
12:19:55 Downloading zope.interface-6.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (42 kB)
12:19:56 Collecting setuptools (from grpcio-tools==1.58.0->-r requirements.txt (line 46))
12:19:56 Downloading setuptools-75.1.0-py3-none-any.whl.metadata (6.9 kB)
12:19:56 INFO: pip is looking at multiple versions of poetry to determine which version is compatible with other requirements. This could take a while.
12:19:56 ERROR: Cannot install -r requirements.txt (line 72) and virtualenv==20.25.3 because these package versions have conflicting dependencies.
12:19:56
12:19:56 The conflict is caused by:
12:19:56 The user requested virtualenv==20.25.3
12:19:56 poetry 1.8.4 depends on virtualenv<21.0.0 and >=20.26.6
12:19:56
12:19:56 To fix this you could try to:
12:19:56 1. loosen the range of package versions you've specified
12:19:56 2. remove package versions to allow pip to attempt to solve the dependency conflict
12:19:56
12:19:56 ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts

From these snippets we can see poetry calls for virtualenv<21.0.0,>=20.26.6 (Collecting virtualenv<21.0.0,>=20.26.6 (from poetry), Downloading virtualenv-20.26.6-py3-none-any.whl.metadata) whereas poetry.lock forces virtualenv 20.25.3, and we can see poetry run downgrades virtualenv version because of it:

12:19:38 - Downgrading virtualenv (20.26.6 -> 20.25.3)

12:19:56 The conflict is caused by:
12:19:56 The user requested virtualenv==20.25.3
12:19:56 poetry 1.8.4 depends on virtualenv<21.0.0 and >=20.26.6

┆Issue is synchronized with this Jira Story by Unito
┆Issue Number: MED-101

[ftarrega]

I've noticed that a few weeks back the latest version of poetry was 1.8.3. The installation works fine with it. We get an issue now because of the latest poetry, which's now 1.8.4