Pdm 2.22.0 Regression: Pdm Update Removes Group Metadata Of Group Containing `include-group` From Other Packages In Lockfile

by ADMIN 125 views

pdm 2.22.0 Regression: pdm update removes group metadata of group containing include-group from other packages in lockfile

As a developer, you rely on package managers to efficiently manage your project's dependencies. However, recent updates to the Python package manager, pdm, have introduced a regression that affects the behavior of the pdm update command. Specifically, when updating a dependency group containing an include-group statement, pdm 2.22.0 incorrectly removes the group metadata from other packages in the lockfile. In this article, we will delve into the details of this issue, explore the reproduction steps, and discuss the expected behavior.

The bug in question occurs when attempting to update a dependency group containing an include-group statement using the pdm update command. The command fails to preserve the group metadata of the group being updated, resulting in its removal from all packages other than the one being updated. This behavior is unexpected and can lead to inconsistencies in the project's lockfile.

Reproducing this issue requires a minimal setup, which can be found in the following GitHub pull request:

https://github.com/pdm-project/pdm-build-locked/pull/25/files

To reproduce the issue, follow these steps:

  1. Clone the repository and navigate to the pdm-build-locked directory.
  2. Run the following command to update the ruff dependency while preserving the lint group:
pdm update ruff -G lint --no-sync
  1. Observe the changes made to the lockfile, which should include the removal of the lint group from all packages except ruff itself.

The incorrect changes introduced by the pdm update command can be seen in the following commit:

https://github.com/pdm-project/pdm-build-locked/pull/25/commits/cb26097bc4a5b10a3fd28329c218f94ca6c2a951

These changes demonstrate the removal of the lint group from all packages other than ruff, which is the expected behavior when updating a dependency group containing an include-group statement.

The expected behavior of the pdm update command is to preserve the group metadata of the group being updated, ensuring that the lockfile remains unchanged. In this case, the lint group should remain intact, and the ruff version should be updated to the specified version.

The issue was encountered using the latest version of pdm, which is 2.22.4.

Unfortunately, the verbose command output is not available for this issue.

No additional context is available for this issue.

Yes, I would like to submit a PR to fix this bug.

The regression introduced in pdm 2.22.0 affects the behavior of the pdm update command when updating a dependency group containing an include-group statement. The issue results in the removal of the group metadata from other packages in the lockfile, leading to inconsistencies. To resolve this issue, a pull request should be submitted to fix the bug and restore the expected behavior of the pdm update command.
pdm 2.22.0 Regression: pdm update removes group metadata of group containing include-group from other packages in lockfile

Q: What is the issue with pdm 2.22.0?

A: The issue with pdm 2.22.0 is that it incorrectly removes the group metadata of a group containing an include-group statement from other packages in the lockfile when updating a dependency.

Q: What is an include-group statement?

A: An include-group statement is a way to include another group of dependencies in a project's dependencies. It allows you to reuse a group of dependencies in multiple places in your project.

Q: What is the expected behavior of the pdm update command?

A: The expected behavior of the pdm update command is to preserve the group metadata of the group being updated, ensuring that the lockfile remains unchanged.

Q: What happens when I run pdm update ruff -G lint --no-sync?

A: When you run pdm update ruff -G lint --no-sync, the lint group is removed from all packages other than ruff itself.

Q: Why does this issue occur?

A: This issue occurs because of a regression in pdm 2.22.0. The regression affects the behavior of the pdm update command when updating a dependency group containing an include-group statement.

Q: How can I reproduce this issue?

A: You can reproduce this issue by following the steps outlined in the "To Reproduce" section of this article.

Q: What is the impact of this issue?

A: The impact of this issue is that it can lead to inconsistencies in the project's lockfile. This can cause problems when trying to manage dependencies in your project.

Q: How can I fix this issue?

A: To fix this issue, a pull request should be submitted to fix the bug and restore the expected behavior of the pdm update command.

Q: Is this issue specific to pdm 2.22.0?

A: No, this issue is not specific to pdm 2.22.0. It can occur in any version of pdm that contains the regression.

Q: Can I use a workaround to fix this issue?

A: Yes, you can use a workaround to fix this issue. One possible workaround is to unpin the dependency and then update it. However, this may not be a suitable solution for all projects.

Q: How can I stay up-to-date with the latest information on this issue?

A: You can stay up-to-date with the latest information on this issue by following the pdm project on GitHub and checking for updates on the issue tracker.

The regression introduced in pdm 2.22.0 affects the behavior of the pdm update command when updating a dependency group containing an include-group statement. The issue results in the removal of the group metadata from other packages in the lockfile, leading to inconsistencies. To resolve this issue, a pull request should be submitted to fix the bug and restore the expected behavior of the pdm update command.