requirements.txt should specify redis version #2835

New Issue

Closed

opened 2025-12-29 18:22:37 +01:00 by adam · 16 comments

adam commented 2025-12-29 18:22:37 +01:00

Owner

Copy Link

Originally created by @candlerb on GitHub (Aug 28, 2019).

Environment

• Python version: 3.5.2
• NetBox version: 2.6.2

Steps to Reproduce

On upgrading from netbox 2.6.1 to 2.6.2 I observed the following output from upgrade.sh:

...
Requirement already satisfied, skipping upgrade: urllib3<1.25,>=1.21.1 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (1.24.1)
Requirement already satisfied, skipping upgrade: idna<2.8,>=2.5 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.7)
django-rq 2.1.0 has requirement redis>=3, but you'll have redis 2.10.6 which is incompatible.
Installing collected packages: Django
  Found existing installation: Django 2.2.2
...
...

Expected Behavior

No errors on upgrade

Observed Behavior

pip3 complains that the currently installed version of redis is not usable, but does not offer to upgrade it.

Given that redis is now a mandatory dependency, I think that requirements.txt should list it, with a specific version. I added this to the end of requirements.txt:

redis==3.3.8

On re-running upgrade.sh, the redis version was updated and no errors were reported.

Originally created by @candlerb on GitHub (Aug 28, 2019). ### Environment * Python version: 3.5.2 * NetBox version: 2.6.2 ### Steps to Reproduce On upgrading from netbox 2.6.1 to 2.6.2 I observed the following output from `upgrade.sh`: ``` ... Requirement already satisfied, skipping upgrade: urllib3<1.25,>=1.21.1 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (1.24.1) Requirement already satisfied, skipping upgrade: idna<2.8,>=2.5 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.7) django-rq 2.1.0 has requirement redis>=3, but you'll have redis 2.10.6 which is incompatible. Installing collected packages: Django Found existing installation: Django 2.2.2 ... ... ``` ### Expected Behavior No errors on upgrade ### Observed Behavior pip3 complains that the currently installed version of redis is not usable, but does not offer to upgrade it. Given that redis is now a mandatory dependency, I think that requirements.txt should list it, with a specific version. I added this to the end of requirements.txt: ``` redis==3.3.8 ``` On re-running upgrade.sh, the redis version was updated and no errors were reported.

adam added the status: acceptedtype: feature labels 2025-12-29 18:22:37 +01:00

adam closed this issue 2025-12-29 18:22:37 +01:00

adam commented 2025-12-29 18:22:38 +01:00

Author

Owner

Copy Link

@jeremystretch commented on GitHub (Aug 28, 2019):

As a rule, we don't list indirect dependencies in requirements.txt because they are redundant. What is preventing pip from upgrading the installed redis package in this instance?

@jeremystretch commented on GitHub (Aug 28, 2019): As a rule, we don't list indirect dependencies in `requirements.txt` because they are redundant. What is preventing pip from upgrading the installed `redis` package in this instance?

adam commented 2025-12-29 18:22:38 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Aug 28, 2019):

I don't know, but a similar issue was raised 3 months ago on stackoverflow

The affected system is Ubuntu 16.04, and has pip version 19.0.2 (newer than the 8.1.1 supplied by default, but older than the latest 19.2.3)

Trying to reproduce in a fresh Ubuntu 16.04 lxd container:

apt-get update
apt-get install python3-pip
pip3 install --upgrade pip==19.0.2
<< exit and enter container again, so that new pip3 works >>
pip3 install redis==2.10.6
pip3 install django-rq

But this is successful!

root@temp1:~# pip3 install django-rq
Collecting django-rq
  Downloading https://files.pythonhosted.org/packages/83/d4/c24642daa43b627612fe55fbfedace727e6cc27094d1e1853fc5dffb563d/django_rq-2.1.0-py2.py3-none-any.whl (45kB)
    100% |████████████████████████████████| 51kB 563kB/s
Collecting django>=1.8.0 (from django-rq)
  Downloading https://files.pythonhosted.org/packages/d6/57/66997ca6ef17d2d0f0ebcd860bc6778095ffee04077ca8985928175da358/Django-2.2.4-py3-none-any.whl (7.5MB)
    100% |████████████████████████████████| 7.5MB 1.8MB/s
Collecting rq>=1.0 (from django-rq)
  Downloading https://files.pythonhosted.org/packages/8a/22/e49d976266012d5e800d5500b3eaabbb40d286d67cea775a4b87d1de52b8/rq-1.1.0-py2.py3-none-any.whl (55kB)
    100% |████████████████████████████████| 61kB 901kB/s
Collecting redis>=3 (from django-rq)
  Downloading https://files.pythonhosted.org/packages/bd/64/b1e90af9bf0c7f6ef55e46b81ab527b33b785824d65300bb65636534b530/redis-3.3.8-py2.py3-none-any.whl (66kB)
    100% |████████████████████████████████| 71kB 906kB/s
Collecting sqlparse (from django>=1.8.0->django-rq)
  Downloading https://files.pythonhosted.org/packages/ef/53/900f7d2a54557c6a37886585a91336520e5539e3ae2423ff1102daf4f3a7/sqlparse-0.3.0-py2.py3-none-any.whl
Collecting pytz (from django>=1.8.0->django-rq)
  Downloading https://files.pythonhosted.org/packages/87/76/46d697698a143e05f77bec5a526bf4e56a0be61d63425b68f4ba553b51f2/pytz-2019.2-py2.py3-none-any.whl (508kB)
    100% |████████████████████████████████| 512kB 629kB/s
Collecting click>=5.0 (from rq>=1.0->django-rq)
  Downloading https://files.pythonhosted.org/packages/fa/37/45185cb5abbc30d7257104c434fe0b07e5a195a6847506c074527aa599ec/Click-7.0-py2.py3-none-any.whl (81kB)
    100% |████████████████████████████████| 81kB 975kB/s
Installing collected packages: sqlparse, pytz, django, click, redis, rq, django-rq
  Found existing installation: redis 2.10.6
    Uninstalling redis-2.10.6:
      Successfully uninstalled redis-2.10.6
Successfully installed click-7.0 django-2.2.4 django-rq-2.1.0 pytz-2019.2 redis-3.3.8 rq-1.1.0 sqlparse-0.3.0
You are using pip version 19.0.2, however version 19.2.3 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

So I suspect it's something to do with recursive dependencies, or two different packages specifying different redis dependencies.

FWIW, here is the complete log of the original failed upgrade, while it's still in my terminal buffer.

root@netbox:/opt/netbox# ./upgrade.sh
Removing old Python packages (pip3 uninstall -r old_requirements.txt -y)...
Skipping psycopg2 as it is not installed.
Skipping pycrypto as it is not installed.
Skipping django-rest-swagger as it is not installed.
Updating required Python packages (pip3 install -r requirements.txt --upgrade)...
Collecting Django<2.3,>=2.2 (from -r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/d6/57/66997ca6ef17d2d0f0ebcd860bc6778095ffee04077ca8985928175da358/Django-2.2.4-py3-none-any.whl (7.5MB)
    100% |████████████████████████████████| 7.5MB 1.9MB/s
Requirement already up-to-date: django-cacheops==4.1 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 2)) (4.1)
Requirement already up-to-date: django-cors-headers==3.0.2 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 3)) (3.0.2)
Django>=2.2,<2.3
django-cacheops==4.1
django-cors-headers==3.0.2
django-debug-toolbar==2.0
django-filter==2.1.0
django-mptt==0.9.1
django-prometheus==1.0.15
django-rq==2.1.0
django-tables2==2.0.6
django-taggit==1.1.0
django-taggit-serializer==0.1.7
django-timezone-field==3.0
djangorestframework==3.9.4
drf-yasg[validation]==1.16.0
graphviz==0.10.1
Jinja2==2.10.1
Markdown==2.6.11
netaddr==0.7.19
Pillow==6.0.0
psycopg2-binary==2.8.3
py-gfm==0.1.4
pycryptodome==3.8.2
...skipping...
Requirement already up-to-date: django-debug-toolbar==2.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 4)) (2.0)
Requirement already up-to-date: django-filter==2.1.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 5)) (2.1.0)
Requirement already up-to-date: django-mptt==0.9.1 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 6)) (0.9.1)
Requirement already up-to-date: django-prometheus==1.0.15 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 7)) (1.0.15)
Requirement already up-to-date: django-rq==2.1.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 8)) (2.1.0)
Requirement already up-to-date: django-tables2==2.0.6 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 9)) (2.0.6)
Requirement already up-to-date: django-taggit==1.1.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 10)) (1.1.0)
Requirement already up-to-date: django-taggit-serializer==0.1.7 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 11)) (0.1.7)
Requirement already up-to-date: django-timezone-field==3.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 12)) (3.0)
Requirement already up-to-date: djangorestframework==3.9.4 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 13)) (3.9.4)
Requirement already up-to-date: drf-yasg[validation]==1.16.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 14)) (1.16.0)
Requirement already up-to-date: graphviz==0.10.1 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 15)) (0.10.1)
Requirement already up-to-date: Jinja2==2.10.1 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 16)) (2.10.1)
Requirement already up-to-date: Markdown==2.6.11 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 17)) (2.6.11)
Requirement already up-to-date: netaddr==0.7.19 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 18)) (0.7.19)
Requirement already up-to-date: Pillow==6.0.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 19)) (6.0.0)
Requirement already up-to-date: psycopg2-binary==2.8.3 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 20)) (2.8.3)
Requirement already up-to-date: py-gfm==0.1.4 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 21)) (0.1.4)
Requirement already up-to-date: pycryptodome==3.8.2 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 22)) (3.8.2)
Requirement already satisfied, skipping upgrade: sqlparse in /usr/local/lib/python3.5/dist-packages (from Django<2.3,>=2.2->-r requirements.txt (line 1)) (0.2.4)
Requirement already satisfied, skipping upgrade: pytz in /usr/local/lib/python3.5/dist-packages (from Django<2.3,>=2.2->-r requirements.txt (line 1)) (2018.7)
Requirement already satisfied, skipping upgrade: redis>=2.9.1 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r requirements.txt (line 2)) (2.10.6)
Requirement already satisfied, skipping upgrade: funcy<2.0,>=1.8 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r requirements.txt (line 2)) (1.12)
Requirement already satisfied, skipping upgrade: six>=1.4.0 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r requirements.txt (line 2)) (1.11.0)
Requirement already satisfied, skipping upgrade: django-js-asset in /usr/local/lib/python3.5/dist-packages (from django-mptt==0.9.1->-r requirements.txt (line 6)) (1.1.0)
Requirement already satisfied, skipping upgrade: prometheus-client>=0.0.21 in /usr/local/lib/python3.5/dist-packages (from django-prometheus==1.0.15->-r requirements.txt (line 7)) (0.7.1)
Requirement already satisfied, skipping upgrade: rq>=1.0 in /usr/local/lib/python3.5/dist-packages (from django-rq==2.1.0->-r requirements.txt (line 8)) (1.0)
Requirement already satisfied, skipping upgrade: coreschema>=0.0.4 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (0.0.4)
Requirement already satisfied, skipping upgrade: inflection>=0.3.1 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (0.3.1)
Requirement already satisfied, skipping upgrade: coreapi>=2.3.3 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.3.3)
Requirement already satisfied, skipping upgrade: ruamel.yaml>=0.15.34 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (0.15.76)
Requirement already satisfied, skipping upgrade: uritemplate>=3.0.0 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (3.0.0)
Requirement already satisfied, skipping upgrade: swagger-spec-validator>=2.1.0; extra == "validation" in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.4.1)
Requirement already satisfied, skipping upgrade: MarkupSafe>=0.23 in /usr/local/lib/python3.5/dist-packages (from Jinja2==2.10.1->-r requirements.txt (line 16)) (1.1.0)
Requirement already satisfied, skipping upgrade: setuptools in /usr/local/lib/python3.5/dist-packages (from py-gfm==0.1.4->-r requirements.txt (line 21)) (40.5.0)
Requirement already satisfied, skipping upgrade: click>=5.0 in /usr/local/lib/python3.5/dist-packages (from rq>=1.0->django-rq==2.1.0->-r requirements.txt (line 8)) (6.7)
Requirement already satisfied, skipping upgrade: requests in /usr/local/lib/python3.5/dist-packages (from coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.20.0)
Requirement already satisfied, skipping upgrade: itypes in /usr/local/lib/python3.5/dist-packages (from coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (1.1.0)
Requirement already satisfied, skipping upgrade: pyyaml in /usr/local/lib/python3.5/dist-packages (from swagger-spec-validator>=2.1.0; extra == "validation"->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (3.13)
Requirement already satisfied, skipping upgrade: jsonschema in /usr/local/lib/python3.5/dist-packages (from swagger-spec-validator>=2.1.0; extra == "validation"->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.6.0)
Requirement already satisfied, skipping upgrade: chardet<3.1.0,>=3.0.2 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (3.0.4)
Requirement already satisfied, skipping upgrade: certifi>=2017.4.17 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2018.10.15)
Requirement already satisfied, skipping upgrade: urllib3<1.25,>=1.21.1 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (1.24.1)
Requirement already satisfied, skipping upgrade: idna<2.8,>=2.5 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.7)
django-rq 2.1.0 has requirement redis>=3, but you'll have redis 2.10.6 which is incompatible.
Installing collected packages: Django
  Found existing installation: Django 2.2.2
    Uninstalling Django-2.2.2:
      Successfully uninstalled Django-2.2.2
Successfully installed Django-2.2.4
You are using pip version 19.0.2, however version 19.2.3 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Applying database migrations (python3 netbox/manage.py migrate)...
Operations to perform:
  Apply all migrations: admin, auth, circuits, contenttypes, dcim, extras, ipam, secrets, sessions, taggit, tenancy, users, virtualization
Running migrations:
  No migrations to apply.
Collecting static files (python3 netbox/manage.py collectstatic --no-input)...

120 static files copied to '/opt/netbox/netbox/static', 224 unmodified.
root@netbox:/opt/netbox#

AFAICS, django-rq's requirements are defined in setup.py:

    install_requires=['django>=1.8.0', 'rq>=1.0', 'redis>=3'],

@candlerb commented on GitHub (Aug 28, 2019): I don't know, but a similar issue was raised 3 months ago [on stackoverflow](https://stackoverflow.com/questions/56096643/pip3-installs-a-version-of-dependency-that-violates-requirement-specifiers) The affected system is Ubuntu 16.04, and has pip version 19.0.2 (newer than the 8.1.1 supplied by default, but older than the latest 19.2.3) Trying to reproduce in a fresh Ubuntu 16.04 lxd container: ``` apt-get update apt-get install python3-pip pip3 install --upgrade pip==19.0.2 << exit and enter container again, so that new pip3 works >> pip3 install redis==2.10.6 pip3 install django-rq ``` But this is successful! ``` root@temp1:~# pip3 install django-rq Collecting django-rq Downloading https://files.pythonhosted.org/packages/83/d4/c24642daa43b627612fe55fbfedace727e6cc27094d1e1853fc5dffb563d/django_rq-2.1.0-py2.py3-none-any.whl (45kB) 100% |████████████████████████████████| 51kB 563kB/s Collecting django>=1.8.0 (from django-rq) Downloading https://files.pythonhosted.org/packages/d6/57/66997ca6ef17d2d0f0ebcd860bc6778095ffee04077ca8985928175da358/Django-2.2.4-py3-none-any.whl (7.5MB) 100% |████████████████████████████████| 7.5MB 1.8MB/s Collecting rq>=1.0 (from django-rq) Downloading https://files.pythonhosted.org/packages/8a/22/e49d976266012d5e800d5500b3eaabbb40d286d67cea775a4b87d1de52b8/rq-1.1.0-py2.py3-none-any.whl (55kB) 100% |████████████████████████████████| 61kB 901kB/s Collecting redis>=3 (from django-rq) Downloading https://files.pythonhosted.org/packages/bd/64/b1e90af9bf0c7f6ef55e46b81ab527b33b785824d65300bb65636534b530/redis-3.3.8-py2.py3-none-any.whl (66kB) 100% |████████████████████████████████| 71kB 906kB/s Collecting sqlparse (from django>=1.8.0->django-rq) Downloading https://files.pythonhosted.org/packages/ef/53/900f7d2a54557c6a37886585a91336520e5539e3ae2423ff1102daf4f3a7/sqlparse-0.3.0-py2.py3-none-any.whl Collecting pytz (from django>=1.8.0->django-rq) Downloading https://files.pythonhosted.org/packages/87/76/46d697698a143e05f77bec5a526bf4e56a0be61d63425b68f4ba553b51f2/pytz-2019.2-py2.py3-none-any.whl (508kB) 100% |████████████████████████████████| 512kB 629kB/s Collecting click>=5.0 (from rq>=1.0->django-rq) Downloading https://files.pythonhosted.org/packages/fa/37/45185cb5abbc30d7257104c434fe0b07e5a195a6847506c074527aa599ec/Click-7.0-py2.py3-none-any.whl (81kB) 100% |████████████████████████████████| 81kB 975kB/s Installing collected packages: sqlparse, pytz, django, click, redis, rq, django-rq Found existing installation: redis 2.10.6 Uninstalling redis-2.10.6: Successfully uninstalled redis-2.10.6 Successfully installed click-7.0 django-2.2.4 django-rq-2.1.0 pytz-2019.2 redis-3.3.8 rq-1.1.0 sqlparse-0.3.0 You are using pip version 19.0.2, however version 19.2.3 is available. You should consider upgrading via the 'pip install --upgrade pip' command. ``` So I suspect it's something to do with recursive dependencies, or two different packages specifying different redis dependencies. FWIW, here is the complete log of the original failed upgrade, while it's still in my terminal buffer. ``` root@netbox:/opt/netbox# ./upgrade.sh Removing old Python packages (pip3 uninstall -r old_requirements.txt -y)... Skipping psycopg2 as it is not installed. Skipping pycrypto as it is not installed. Skipping django-rest-swagger as it is not installed. Updating required Python packages (pip3 install -r requirements.txt --upgrade)... Collecting Django<2.3,>=2.2 (from -r requirements.txt (line 1)) Downloading https://files.pythonhosted.org/packages/d6/57/66997ca6ef17d2d0f0ebcd860bc6778095ffee04077ca8985928175da358/Django-2.2.4-py3-none-any.whl (7.5MB) 100% |████████████████████████████████| 7.5MB 1.9MB/s Requirement already up-to-date: django-cacheops==4.1 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 2)) (4.1) Requirement already up-to-date: django-cors-headers==3.0.2 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 3)) (3.0.2) Django>=2.2,<2.3 django-cacheops==4.1 django-cors-headers==3.0.2 django-debug-toolbar==2.0 django-filter==2.1.0 django-mptt==0.9.1 django-prometheus==1.0.15 django-rq==2.1.0 django-tables2==2.0.6 django-taggit==1.1.0 django-taggit-serializer==0.1.7 django-timezone-field==3.0 djangorestframework==3.9.4 drf-yasg[validation]==1.16.0 graphviz==0.10.1 Jinja2==2.10.1 Markdown==2.6.11 netaddr==0.7.19 Pillow==6.0.0 psycopg2-binary==2.8.3 py-gfm==0.1.4 pycryptodome==3.8.2 ...skipping... Requirement already up-to-date: django-debug-toolbar==2.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 4)) (2.0) Requirement already up-to-date: django-filter==2.1.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 5)) (2.1.0) Requirement already up-to-date: django-mptt==0.9.1 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 6)) (0.9.1) Requirement already up-to-date: django-prometheus==1.0.15 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 7)) (1.0.15) Requirement already up-to-date: django-rq==2.1.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 8)) (2.1.0) Requirement already up-to-date: django-tables2==2.0.6 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 9)) (2.0.6) Requirement already up-to-date: django-taggit==1.1.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 10)) (1.1.0) Requirement already up-to-date: django-taggit-serializer==0.1.7 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 11)) (0.1.7) Requirement already up-to-date: django-timezone-field==3.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 12)) (3.0) Requirement already up-to-date: djangorestframework==3.9.4 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 13)) (3.9.4) Requirement already up-to-date: drf-yasg[validation]==1.16.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 14)) (1.16.0) Requirement already up-to-date: graphviz==0.10.1 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 15)) (0.10.1) Requirement already up-to-date: Jinja2==2.10.1 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 16)) (2.10.1) Requirement already up-to-date: Markdown==2.6.11 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 17)) (2.6.11) Requirement already up-to-date: netaddr==0.7.19 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 18)) (0.7.19) Requirement already up-to-date: Pillow==6.0.0 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 19)) (6.0.0) Requirement already up-to-date: psycopg2-binary==2.8.3 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 20)) (2.8.3) Requirement already up-to-date: py-gfm==0.1.4 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 21)) (0.1.4) Requirement already up-to-date: pycryptodome==3.8.2 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 22)) (3.8.2) Requirement already satisfied, skipping upgrade: sqlparse in /usr/local/lib/python3.5/dist-packages (from Django<2.3,>=2.2->-r requirements.txt (line 1)) (0.2.4) Requirement already satisfied, skipping upgrade: pytz in /usr/local/lib/python3.5/dist-packages (from Django<2.3,>=2.2->-r requirements.txt (line 1)) (2018.7) Requirement already satisfied, skipping upgrade: redis>=2.9.1 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r requirements.txt (line 2)) (2.10.6) Requirement already satisfied, skipping upgrade: funcy<2.0,>=1.8 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r requirements.txt (line 2)) (1.12) Requirement already satisfied, skipping upgrade: six>=1.4.0 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r requirements.txt (line 2)) (1.11.0) Requirement already satisfied, skipping upgrade: django-js-asset in /usr/local/lib/python3.5/dist-packages (from django-mptt==0.9.1->-r requirements.txt (line 6)) (1.1.0) Requirement already satisfied, skipping upgrade: prometheus-client>=0.0.21 in /usr/local/lib/python3.5/dist-packages (from django-prometheus==1.0.15->-r requirements.txt (line 7)) (0.7.1) Requirement already satisfied, skipping upgrade: rq>=1.0 in /usr/local/lib/python3.5/dist-packages (from django-rq==2.1.0->-r requirements.txt (line 8)) (1.0) Requirement already satisfied, skipping upgrade: coreschema>=0.0.4 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (0.0.4) Requirement already satisfied, skipping upgrade: inflection>=0.3.1 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (0.3.1) Requirement already satisfied, skipping upgrade: coreapi>=2.3.3 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.3.3) Requirement already satisfied, skipping upgrade: ruamel.yaml>=0.15.34 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (0.15.76) Requirement already satisfied, skipping upgrade: uritemplate>=3.0.0 in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (3.0.0) Requirement already satisfied, skipping upgrade: swagger-spec-validator>=2.1.0; extra == "validation" in /usr/local/lib/python3.5/dist-packages (from drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.4.1) Requirement already satisfied, skipping upgrade: MarkupSafe>=0.23 in /usr/local/lib/python3.5/dist-packages (from Jinja2==2.10.1->-r requirements.txt (line 16)) (1.1.0) Requirement already satisfied, skipping upgrade: setuptools in /usr/local/lib/python3.5/dist-packages (from py-gfm==0.1.4->-r requirements.txt (line 21)) (40.5.0) Requirement already satisfied, skipping upgrade: click>=5.0 in /usr/local/lib/python3.5/dist-packages (from rq>=1.0->django-rq==2.1.0->-r requirements.txt (line 8)) (6.7) Requirement already satisfied, skipping upgrade: requests in /usr/local/lib/python3.5/dist-packages (from coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.20.0) Requirement already satisfied, skipping upgrade: itypes in /usr/local/lib/python3.5/dist-packages (from coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (1.1.0) Requirement already satisfied, skipping upgrade: pyyaml in /usr/local/lib/python3.5/dist-packages (from swagger-spec-validator>=2.1.0; extra == "validation"->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (3.13) Requirement already satisfied, skipping upgrade: jsonschema in /usr/local/lib/python3.5/dist-packages (from swagger-spec-validator>=2.1.0; extra == "validation"->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.6.0) Requirement already satisfied, skipping upgrade: chardet<3.1.0,>=3.0.2 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (3.0.4) Requirement already satisfied, skipping upgrade: certifi>=2017.4.17 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2018.10.15) Requirement already satisfied, skipping upgrade: urllib3<1.25,>=1.21.1 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (1.24.1) Requirement already satisfied, skipping upgrade: idna<2.8,>=2.5 in /usr/local/lib/python3.5/dist-packages (from requests->coreapi>=2.3.3->drf-yasg[validation]==1.16.0->-r requirements.txt (line 14)) (2.7) django-rq 2.1.0 has requirement redis>=3, but you'll have redis 2.10.6 which is incompatible. Installing collected packages: Django Found existing installation: Django 2.2.2 Uninstalling Django-2.2.2: Successfully uninstalled Django-2.2.2 Successfully installed Django-2.2.4 You are using pip version 19.0.2, however version 19.2.3 is available. You should consider upgrading via the 'pip install --upgrade pip' command. Applying database migrations (python3 netbox/manage.py migrate)... Operations to perform: Apply all migrations: admin, auth, circuits, contenttypes, dcim, extras, ipam, secrets, sessions, taggit, tenancy, users, virtualization Running migrations: No migrations to apply. Collecting static files (python3 netbox/manage.py collectstatic --no-input)... 120 static files copied to '/opt/netbox/netbox/static', 224 unmodified. root@netbox:/opt/netbox# ``` AFAICS, django-rq's requirements are defined in [setup.py](https://github.com/rq/django-rq/blob/master/setup.py): ``` install_requires=['django>=1.8.0', 'rq>=1.0', 'redis>=3'], ```

adam commented 2025-12-29 18:22:38 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Aug 28, 2019):

OK, I think I have it.

• django-cacheops depends on redis>=2.9.1
• django-rq depends on redis>=3

The following sequence reproduces it:

pip3 install redis==2.10.6
pip3 install --upgrade -r r.txt

where r.txt contains:

django-cacheops==4.1
django-rq==2.1.0

(those are two lines out of Netbox's requirements.txt)

Result:

root@temp1:~# pip3 install redis==2.10.6
Collecting redis==2.10.6
  Using cached https://files.pythonhosted.org/packages/3b/f6/7a76333cf0b9251ecf49efff635015171843d9b977e4ffcf59f9c4428052/redis-2.10.6-py2.py3-none-any.whl
Installing collected packages: redis
Successfully installed redis-2.10.6
You are using pip version 19.0.2, however version 19.2.3 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
root@temp1:~# pip3 install --upgrade -r r.txt
Collecting django-cacheops==4.1 (from -r r.txt (line 1))
  Using cached https://files.pythonhosted.org/packages/d8/ab/1a68554727571e3c31b8606859e7133042d0113b27cc08a6457f35077fbb/django_cacheops-4.1-py2.py3-none-any.whl
Collecting django-rq==2.1.0 (from -r r.txt (line 2))
  Using cached https://files.pythonhosted.org/packages/83/d4/c24642daa43b627612fe55fbfedace727e6cc27094d1e1853fc5dffb563d/django_rq-2.1.0-py2.py3-none-any.whl
Requirement already satisfied, skipping upgrade: six>=1.4.0 in /usr/lib/python3/dist-packages (from django-cacheops==4.1->-r r.txt (line 1)) (1.10.0)
Requirement already satisfied, skipping upgrade: funcy<2.0,>=1.8 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r r.txt (line 1)) (1.13)
Requirement already satisfied, skipping upgrade: redis>=2.9.1 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r r.txt (line 1)) (2.10.6)
Collecting django>=1.8 (from django-cacheops==4.1->-r r.txt (line 1))
  Using cached https://files.pythonhosted.org/packages/d6/57/66997ca6ef17d2d0f0ebcd860bc6778095ffee04077ca8985928175da358/Django-2.2.4-py3-none-any.whl
Collecting rq>=1.0 (from django-rq==2.1.0->-r r.txt (line 2))
  Using cached https://files.pythonhosted.org/packages/8a/22/e49d976266012d5e800d5500b3eaabbb40d286d67cea775a4b87d1de52b8/rq-1.1.0-py2.py3-none-any.whl
Collecting sqlparse (from django>=1.8->django-cacheops==4.1->-r r.txt (line 1))
  Using cached https://files.pythonhosted.org/packages/ef/53/900f7d2a54557c6a37886585a91336520e5539e3ae2423ff1102daf4f3a7/sqlparse-0.3.0-py2.py3-none-any.whl
Requirement already satisfied, skipping upgrade: pytz in /usr/local/lib/python3.5/dist-packages (from django>=1.8->django-cacheops==4.1->-r r.txt (line 1)) (2019.2)
Collecting click>=5.0 (from rq>=1.0->django-rq==2.1.0->-r r.txt (line 2))
  Using cached https://files.pythonhosted.org/packages/fa/37/45185cb5abbc30d7257104c434fe0b07e5a195a6847506c074527aa599ec/Click-7.0-py2.py3-none-any.whl
django-rq 2.1.0 has requirement redis>=3, but you'll have redis 2.10.6 which is incompatible.
rq 1.1.0 has requirement redis>=3.0.0, but you'll have redis 2.10.6 which is incompatible.
Installing collected packages: sqlparse, django, django-cacheops, click, rq, django-rq
Successfully installed click-7.0 django-2.2.4 django-cacheops-4.1 django-rq-2.1.0 rq-1.1.0 sqlparse-0.3.0
You are using pip version 19.0.2, however version 19.2.3 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
root@temp1:~#

@candlerb commented on GitHub (Aug 28, 2019): OK, I think I have it. - django-cacheops depends on redis>=2.9.1 - django-rq depends on redis>=3 The following sequence reproduces it: ``` pip3 install redis==2.10.6 pip3 install --upgrade -r r.txt ``` where r.txt contains: ``` django-cacheops==4.1 django-rq==2.1.0 ``` (those are two lines out of Netbox's [requirements.txt](https://github.com/netbox-community/netbox/blob/develop/requirements.txt)) Result: ``` root@temp1:~# pip3 install redis==2.10.6 Collecting redis==2.10.6 Using cached https://files.pythonhosted.org/packages/3b/f6/7a76333cf0b9251ecf49efff635015171843d9b977e4ffcf59f9c4428052/redis-2.10.6-py2.py3-none-any.whl Installing collected packages: redis Successfully installed redis-2.10.6 You are using pip version 19.0.2, however version 19.2.3 is available. You should consider upgrading via the 'pip install --upgrade pip' command. root@temp1:~# pip3 install --upgrade -r r.txt Collecting django-cacheops==4.1 (from -r r.txt (line 1)) Using cached https://files.pythonhosted.org/packages/d8/ab/1a68554727571e3c31b8606859e7133042d0113b27cc08a6457f35077fbb/django_cacheops-4.1-py2.py3-none-any.whl Collecting django-rq==2.1.0 (from -r r.txt (line 2)) Using cached https://files.pythonhosted.org/packages/83/d4/c24642daa43b627612fe55fbfedace727e6cc27094d1e1853fc5dffb563d/django_rq-2.1.0-py2.py3-none-any.whl Requirement already satisfied, skipping upgrade: six>=1.4.0 in /usr/lib/python3/dist-packages (from django-cacheops==4.1->-r r.txt (line 1)) (1.10.0) Requirement already satisfied, skipping upgrade: funcy<2.0,>=1.8 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r r.txt (line 1)) (1.13) Requirement already satisfied, skipping upgrade: redis>=2.9.1 in /usr/local/lib/python3.5/dist-packages (from django-cacheops==4.1->-r r.txt (line 1)) (2.10.6) Collecting django>=1.8 (from django-cacheops==4.1->-r r.txt (line 1)) Using cached https://files.pythonhosted.org/packages/d6/57/66997ca6ef17d2d0f0ebcd860bc6778095ffee04077ca8985928175da358/Django-2.2.4-py3-none-any.whl Collecting rq>=1.0 (from django-rq==2.1.0->-r r.txt (line 2)) Using cached https://files.pythonhosted.org/packages/8a/22/e49d976266012d5e800d5500b3eaabbb40d286d67cea775a4b87d1de52b8/rq-1.1.0-py2.py3-none-any.whl Collecting sqlparse (from django>=1.8->django-cacheops==4.1->-r r.txt (line 1)) Using cached https://files.pythonhosted.org/packages/ef/53/900f7d2a54557c6a37886585a91336520e5539e3ae2423ff1102daf4f3a7/sqlparse-0.3.0-py2.py3-none-any.whl Requirement already satisfied, skipping upgrade: pytz in /usr/local/lib/python3.5/dist-packages (from django>=1.8->django-cacheops==4.1->-r r.txt (line 1)) (2019.2) Collecting click>=5.0 (from rq>=1.0->django-rq==2.1.0->-r r.txt (line 2)) Using cached https://files.pythonhosted.org/packages/fa/37/45185cb5abbc30d7257104c434fe0b07e5a195a6847506c074527aa599ec/Click-7.0-py2.py3-none-any.whl django-rq 2.1.0 has requirement redis>=3, but you'll have redis 2.10.6 which is incompatible. rq 1.1.0 has requirement redis>=3.0.0, but you'll have redis 2.10.6 which is incompatible. Installing collected packages: sqlparse, django, django-cacheops, click, rq, django-rq Successfully installed click-7.0 django-2.2.4 django-cacheops-4.1 django-rq-2.1.0 rq-1.1.0 sqlparse-0.3.0 You are using pip version 19.0.2, however version 19.2.3 is available. You should consider upgrading via the 'pip install --upgrade pip' command. root@temp1:~# ```

adam commented 2025-12-29 18:22:38 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Aug 28, 2019):

In case it's helpful, there's a pip3 check command which can test for this condition.

root@temp1:~# pip3 check
django-rq 2.1.0 has requirement redis>=3, but you have redis 2.10.6.
rq 1.1.0 has requirement redis>=3.0.0, but you have redis 2.10.6.
root@temp1:~# echo $?
1
root@temp1:~#

@candlerb commented on GitHub (Aug 28, 2019): In case it's helpful, there's a [pip3 check](https://pip.pypa.io/en/stable/reference/pip_check/) command which can test for this condition. ``` root@temp1:~# pip3 check django-rq 2.1.0 has requirement redis>=3, but you have redis 2.10.6. rq 1.1.0 has requirement redis>=3.0.0, but you have redis 2.10.6. root@temp1:~# echo $? 1 root@temp1:~# ```

adam commented 2025-12-29 18:22:39 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Sep 8, 2019):

@jeremystretch wrote:

What is preventing pip from upgrading the installed redis package in this instance?

To summarise: this is a known issue with pip, which does not implement dependency resolution properly. Specifically: "'first found wins' behavior for dependency requirements/constraints, which results in not respecting all constraints"

The suggested workaround is "specifying the constraints for the dependency on the top level", which is what I proposed.

@candlerb commented on GitHub (Sep 8, 2019): @jeremystretch wrote: > What is preventing pip from upgrading the installed `redis` package in this instance? To summarise: this is a known [issue](https://github.com/pypa/pip/issues/988) with pip, which does not implement dependency resolution properly. Specifically: *"'first found wins' behavior for dependency requirements/constraints, which results in not respecting all constraints"* The suggested workaround is *"specifying the constraints for the dependency on the top level"*, which is what I proposed.

adam commented 2025-12-29 18:22:39 +01:00

Author

Owner

Copy Link

@kobayashi commented on GitHub (Sep 28, 2019):

Thanks to your suggestion for this issue.
IMO, requirements.txt should be the list of dependencies for "this package" without nested dependencies. If dependencies' dependencies are included in requirements.txt, it make unclear the content. Also the file will have to continue to follow up the nested dependencies.

@kobayashi commented on GitHub (Sep 28, 2019): Thanks to your suggestion for this issue. IMO, requirements.txt should be the list of dependencies for "this package" without nested dependencies. If dependencies' dependencies are included in requirements.txt, it make unclear the content. Also the file will have to continue to follow up the nested dependencies.

adam commented 2025-12-29 18:22:39 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Sep 28, 2019):

To summarise, the problem is:

• Application A depends on libraries B and C
• B depends on library D version >= 1
• C depends on library D version >= 2
• Library D version 1.x is already installed (e.g. from installing an older version of A which depended on B but not C)
• User installs latest version of application A
• Pip only notices the first constraint on D (>= 1) and considers the installed version of D acceptable

The solution given here is to make A depend on D >= 2 explicitly. This has been the situation since 2013.

Do you have a different solution?

@candlerb commented on GitHub (Sep 28, 2019): To summarise, the problem is: * Application A depends on libraries B and C * B depends on library D version >= 1 * C depends on library D version >= 2 * Library D version 1.x is already installed (e.g. from installing an older version of A which depended on B but not C) * User installs latest version of application A * Pip only notices the first constraint on D (>= 1) and considers the installed version of D acceptable The solution given [here](https://github.com/pypa/pip/issues/988#issuecomment-19237603) is to make A depend on D >= 2 explicitly. This has been the situation since 2013. Do you have a different solution?

adam commented 2025-12-29 18:22:39 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Sep 28, 2019):

Note: the official documentation for pip says the same explicitly about requirements.txt:

2. Requirements files are used to force pip to properly resolve dependencies. As it is now, pip doesn’t have true dependency resolution, but instead simply uses the first specification it finds for a project. E.g. if pkg1 requires pkg3>=1.0 and pkg2 requires pkg3>=1.0,<=2.0, and if pkg1 is resolved first, pip will only use pkg3>=1.0, and could easily end up installing a version of pkg3 that conflicts with the needs of pkg2. To solve this problem, you can place pkg3>=1.0,<=2.0 (i.e. the correct specification) into your requirements file directly along with the other top level requirements. Like so:

pkg1
pkg2
pkg3>=1.0,<=2.0

Alternatively, you could put this in a separate constraints file if you wish to keep it out of requirements.txt

@candlerb commented on GitHub (Sep 28, 2019): Note: the [official documentation for pip](https://pip.pypa.io/en/latest/user_guide/#requirements-files) says the same explicitly about requirements.txt: > 2. Requirements files are used to force pip to properly resolve dependencies. As it is now, pip [doesn’t have true dependency resolution](https://github.com/pypa/pip/issues/988), but instead simply uses the first specification it finds for a project. E.g. if pkg1 requires pkg3>=1.0 and pkg2 requires pkg3>=1.0,<=2.0, and if pkg1 is resolved first, pip will only use pkg3>=1.0, and could easily end up installing a version of pkg3 that conflicts with the needs of pkg2. To solve this problem, you can place pkg3>=1.0,<=2.0 (i.e. the correct specification) into your requirements file directly along with the other top level requirements. Like so: > > ``` > pkg1 > pkg2 > pkg3>=1.0,<=2.0 > ``` Alternatively, you could put this in a separate [constraints file](https://pip.pypa.io/en/latest/user_guide/#constraints-files) if you wish to keep it out of requirements.txt

adam commented 2025-12-29 18:22:39 +01:00

Author

Owner

Copy Link

@kobayashi commented on GitHub (Sep 29, 2019):

This happens only some upgrading situation if redis<3, so how about including simple redis version cehcker in upgrade.sh file to prevent this case?

django-rq 2.1.0 has requirement redis>=3

so like this

CMD=$(pip3 freeze |grep redis |awk -F '==' '{print $2}')

if [ ${CMD:0:1} -lt 3 ]; then
        pip uninstall redis
fi

@kobayashi commented on GitHub (Sep 29, 2019): This happens only some upgrading situation if redis<3, so how about including simple redis version cehcker in upgrade.sh file to prevent this case? `django-rq 2.1.0 has requirement redis>=3` so like this ``` CMD=$(pip3 freeze |grep redis |awk -F '==' '{print $2}') if [ ${CMD:0:1} -lt 3 ]; then pip uninstall redis fi ```

adam commented 2025-12-29 18:22:39 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Sep 29, 2019):

I guess that will work - just seems a lot messier to me than adding one line to requirements.txt (plus a comment explaining why it's there) which is the official way of dealing with this problem

@candlerb commented on GitHub (Sep 29, 2019): I guess that will work - just seems a lot messier to me than adding one line to requirements.txt (plus a comment explaining why it's there) which is the official way of dealing with this problem

adam commented 2025-12-29 18:22:40 +01:00

Author

Owner

Copy Link

@kobayashi commented on GitHub (Oct 1, 2019):

Yeah, that's true and pip docs describes for sub dependencies as you said.
Let me think about this case again. This happens only when upgrading for the users installed redis version < 3, right? Even if an user install v2.6.1 right now then upgrade to v2.6.2, that will not happen because netbox v2.6.1 requires django-rq v2.1.0 which already requires redis version >=3. I tried that. So this is the special case.

@jeremystretch, you told us no duplication in the requirements.txt. how do you think about this case.

@kobayashi commented on GitHub (Oct 1, 2019): Yeah, that's true and pip docs describes for sub dependencies as you said. Let me think about this case again. This happens only when upgrading for the users installed redis version < 3, right? Even if an user install v2.6.1 right now then upgrade to v2.6.2, that will not happen because netbox v2.6.1 requires django-rq v2.1.0 which already requires redis version >=3. I tried that. So this is the special case. @jeremystretch, you told us no duplication in the requirements.txt. how do you think about this case.

adam commented 2025-12-29 18:22:40 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Oct 1, 2019):

Even if an user install v2.6.1 right now then upgrade to v2.6.2, that will not happen because netbox v2.6.1 requires django-rq v2.1.0 which already requires redis version >=3.

That's not exactly the reason.

django-cacheops depends on redis>=2.9.1, and django-rq depends on redis>=3. pip is broken, so it only attempts to meet the first requirement seen (redis>=2.9.1).

However, if redis is not currently installed, the >= requirement means that pip installs the latest version available, which happens to meet both requirements.

@candlerb commented on GitHub (Oct 1, 2019): > Even if an user install v2.6.1 right now then upgrade to v2.6.2, that will not happen because netbox v2.6.1 requires django-rq v2.1.0 which already requires redis version >=3. That's not exactly the reason. django-cacheops depends on redis>=2.9.1, and django-rq depends on redis>=3. pip is broken, so it only attempts to meet the first requirement seen (redis>=2.9.1). However, if redis is not currently installed, the `>=` requirement means that pip installs the latest version available, which happens to meet both requirements.

adam commented 2025-12-29 18:22:40 +01:00

Author

Owner

Copy Link

@jeremystretch commented on GitHub (Oct 1, 2019):

pip is broken

I get what you're saying, but this seems pretty clearly outside the scope of NetBox to address. We can't assume the burden for tracking dependencies of dependencies. Literally every project which utilizes pip will run into this sort of issue if it's a bug in pip. It also seems like a fairly niche case, and doesn't occur on new installations (or at least I haven't run into it).

@jeremystretch commented on GitHub (Oct 1, 2019): > pip is broken I get what you're saying, but this seems pretty clearly outside the scope of NetBox to address. We can't assume the burden for tracking dependencies of dependencies. Literally every project which utilizes pip will run into this sort of issue if it's a bug in pip. It also seems like a fairly niche case, and doesn't occur on new installations (or at least I haven't run into it).

adam commented 2025-12-29 18:22:40 +01:00

Author

Owner

Copy Link

@candlerb commented on GitHub (Oct 1, 2019):

Well, it did happen to me, and I had to spend time working out why it was broken. I do understand why you don't want to trace the dependency tree to put the necessary dependencies in requirements.txt.

You could just add something like this to upgrade.sh:

pip3 check || (
  echo "******** PLEASE FIX THE DEPENDENCIES BEFORE CONTINUING ********"
  echo "* Manually install newer version(s) of the highlighted packages"
  echo "* so that 'pip3 check' passes. For more information see:"
  echo "* https://github.com/pypa/pip/issues/988"
  exit 1
)

@candlerb commented on GitHub (Oct 1, 2019): Well, it did happen to me, and I had to spend time working out why it was broken. I do understand why you don't want to trace the dependency tree to put the necessary dependencies in requirements.txt. You could just add something like this to `upgrade.sh`: ``` pip3 check || ( echo "******** PLEASE FIX THE DEPENDENCIES BEFORE CONTINUING ********" echo "* Manually install newer version(s) of the highlighted packages" echo "* so that 'pip3 check' passes. For more information see:" echo "* https://github.com/pypa/pip/issues/988" exit 1 ) ```

adam commented 2025-12-29 18:22:40 +01:00

Author

Owner

Copy Link

@kobayashi commented on GitHub (Oct 5, 2019):

I think this is good idea to run pip check in upgrade.sh. This may prevent for a similar case in the future not only for this case.

@kobayashi commented on GitHub (Oct 5, 2019): I think this is good idea to run `pip check` in upgrade.sh. This may prevent for a similar case in the future not only for this case.

adam commented 2025-12-29 18:22:40 +01:00

Author

Owner

Copy Link

@kobayashi commented on GitHub (Oct 16, 2019):

pip3 check approach is accepted. Can you make PR for this? @candlerb

@kobayashi commented on GitHub (Oct 16, 2019): `pip3 check` approach is accepted. Can you make PR for this? @candlerb

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

update-changelog-comments-docs

feature-removal-issue-type

20911-dropdown

20239-plugin-menu-classes-mutable-state

21097-graphql-id-lookups

feature

fix_module_substitution

20923-dcim-templates

20044-elevation-stuck-lightmode

feature-ip-prefix-link

v4.5-beta1-release

20068-import-moduletype-attrs

20766-fix-german-translation-code-literals

20378-del-script

7604-filter-modifiers-v3

circuit-swap

12318-case-insensitive-uniqueness

20637-improve-device-q-filter

20660-script-load

19724-graphql

20614-update-ruff

14884-script

02496-max-page

19720-macaddress-interface-generic-relation

19408-circuit-terminations-export-templates

20203-openapi-check

fix-19669-api-image-download

7604-filter-modifiers

19275-fixes-interface-bulk-edit

fix-17794-get_field_value_return_list

11507-show-aggregate-and-rir-on-api

9583-add_column_specific_search_field_to_tables

v4.5.0

v4.4.10

v4.4.9

v4.5.0-beta1

v4.4.8

v4.4.7

v4.4.6

v4.4.5

v4.4.4

v4.4.3

v4.4.2

v4.4.1

v4.4.0

v4.3.7

v4.4.0-beta1

v4.3.6

v4.3.5

v4.3.4

v4.3.3

v4.3.2

v4.3.1

v4.3.0

v4.2.9

v4.3.0-beta2

v4.2.8

v4.3.0-beta1

v4.2.7

v4.2.6

v4.2.5

v4.2.4

v4.2.3

v4.2.2

v4.2.1

v4.2.0

v4.1.11

v4.1.10

v4.1.9

v4.1.8

v4.2-beta1

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.11

v4.0.10

v4.0.9

v4.1-beta1

v4.0.8

v4.0.7

v4.0.6

v4.0.5

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v3.7.8

v3.7.7

v4.0-beta2

v3.7.6

v3.7.5

v4.0-beta1

v3.7.4

v3.7.3

v3.7.2

v3.7.1

v3.7.0

v3.6.9

v3.6.8

v3.6.7

v3.7-beta1

v3.6.6

v3.6.5

v3.6.4

v3.6.3

v3.6.2

v3.6.1

v3.6.0

v3.5.9

v3.6-beta2

v3.5.8

v3.6-beta1

v3.5.7

v3.5.6

v3.5.5

v3.5.4

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.10

v3.4.9

v3.5-beta2

v3.4.8

v3.5-beta1

v3.4.7

v3.4.6

v3.4.5

v3.4.4

v3.4.3

v3.4.2

v3.4.1

v3.4.0

v3.3.10

v3.3.9

v3.4-beta1

v3.3.8

v3.3.7

v3.3.6

v3.3.5

v3.3.4

v3.3.3

v3.3.2

v3.3.1

v3.3.0

v3.2.9

v3.2.8

v3.3-beta2

v3.2.7

v3.3-beta1

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.11

v3.1.10

v3.2-beta2

v3.1.9

v3.2-beta1

v3.1.8

v3.1.7

v3.1.6

v3.1.5

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1.0

v3.0.12

v3.0.11

v3.0.10

v3.1-beta1

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.11.12

v3.0-beta2

v2.11.11

v2.11.10

v3.0-beta1

v2.11.9

v2.11.8

v2.11.7

v2.11.6

v2.11.5

v2.11.4

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.10

v2.10.9

v2.11-beta1

v2.10.8

v2.10.7

v2.10.6

v2.10.5

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.11

v2.10-beta2

v2.9.10

v2.10-beta1

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.9-beta2

v2.8.9

v2.9-beta1

v2.8.8

v2.8.7

v2.8.6

v2.8.5

v2.8.4

v2.8.3

v2.8.2

v2.8.1

v2.8.0

v2.7.12

v2.7.11

v2.7.10

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.12

v2.6.11

v2.6.10

v2.6.9

v2.7-beta1

Solcon-2020-01-06

v2.6.8

v2.6.7

v2.6.6

v2.6.5

v2.6.4

v2.6.3

v2.6.2

v2.6.1

v2.6.0

v2.5.13

v2.5.12

v2.6-beta1

v2.5.11

v2.5.10

v2.5.9

v2.5.8

v2.5.7

v2.5.6

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.9

v2.5-beta2

v2.4.8

v2.5-beta1

v2.4.7

v2.4.6

v2.4.5

v2.4.4

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.7

v2.4-beta1

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.10

v2.3-beta2

v2.2.9

v2.3-beta1

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.6

v2.2-beta2

v2.1.5

v2.2-beta1

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.10

v2.1-beta1

v2.0.9

v2.0.8

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v2.0-beta3

v1.9.6

v1.9.5

v2.0-beta2

v1.9.4-r1

v1.9.3

v2.0-beta1

v1.9.2

v1.9.1

v1.9.0-r1

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.7.3

v1.7.2-r1

v1.7.1

v1.7.0

v1.6.3

v1.6.2-r1

v1.6.1-r1

1.6.1

v1.6.0

v1.5.2

v1.5.1

v1.5.0

v1.4.2

v1.4.1

v1.4.0

v1.3.2

v1.3.1

v1.3.0

v1.2.2

v1.2.1

v1.2.0

v1.1.0

v1.0.7-r1

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3-r1

v1.0.3

1.0.0

Labels

Clear labels

beta

breaking change

complexity: high

complexity: low

complexity: medium

needs milestone

netbox

pending closure

plugin candidate

pull-request

Mirrored from GitHub Pull Request

severity: high

severity: low

severity: medium

status: accepted

status: backlog

status: blocked

status: duplicate

status: needs owner

status: needs triage

status: revisions needed

status: under review

topic: GraphQL

topic: Internationalization

topic: OpenAPI

topic: UI/UX

topic: cabling

topic: event rules

topic: htmx navigation

topic: industrialization

topic: migrations

topic: plugins

topic: scripts

topic: templating

topic: testing

type: bug

type: deprecation

type: documentation

type: feature

type: housekeeping

type: translation

No Label status: accepted type: feature

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/netbox#2835