[Fixed]-Can I prevent pip from downgrading packages implicitly?

6👍

Actually there is in newer (ok, since long long ago, pip 7.1) pip versions, although it’s not exactly documented like that:

Pip constraint files

So the following commands (you need to run them in your project directory and potentially customize them):

pip freeze | grep == | sed 's/==/>=/' >constraints.txt
pip install -c constraints.txt whatever-you-want-to-install

will install whatever-you-want-to-install without downgrading anything. Caveat: whatever-you-want-to-install actually requires a lower version “sometoy”, whatever-you-want-to-install will be broken, at least in relation to it’s usage of “sometoy”.

In some cases the breakage might be acceptable (e.g. it happens in some optional areas of the package that you do not use), in some cases no actual breakage might happen (e.g. the downgrade causing version constraint is not needed anymore), in some cases really bad things will happen and they are on you.

1👍

You need to install both packages at the same time (with only one command) and specify the number version of the package

pip install django==1.10.5 djblets

As a rule of thumb, rather than installing your packages one-by-one, I’d recommand using a requirements.txt file.

For your example, your file requirements.txt will have (at least):

django==1.10.5
djblets==1.0.2

Then, you can install all packages in one time using the option [--requirements, -r] of pip:

pip install -r requirements.txt

Why?

Unless told excplicitly so, pip will try to install the best dependencies for a given module (the ones describe in the package itself) and that could even downgrade a package!

Oftentimes, you will not have a choice to downgrade NOR upgrade a package to make it work. That’s why it is very important to put a version number in each packages you need in order to avoid regression!

Tips

(OK because update option works only with packages having unspecified version number)

  • You can also install a package with no dependencies at all with option [--no-deps] of pip:

    pip install --no-deps djblets
    

But this method is only valid if you have already all the dependencies installed.

Bonus

To answer the question you did not ask, you can make a “snapshot” of all your packages install if you are scared of doing wrong manipulations, using pip freeze

pip freeze > requirements.txt

Leave a comment