-
-
Notifications
You must be signed in to change notification settings - Fork 503
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
psycopg2-binary: Why? #674
Comments
Thanks for the context! This is super helpful. If you are affected by that particular issue, compiling from source is one of the more appropriate fixes and pip has a command line flag for it (which psycopg2 itself documented in various places including this issue tracker). I understand the desire to fix the issue (as I said, I'm affected by it), but I don't think this really fixes anything:
I think the "solution" really is the --no-binary pip flag. Unless I completely misunderstand something, that has the same effect as moving the wheels to a different package, except that for this package the wheels will not have added issues. |
I fully agree with @jleclanche. Creating of psycopg2-binary is not a solution for end users. On the contrary, it is a new problem for users whom uses many third-party libraries depended from psycopg2. Now one half of this libraries depends from psycopg2 (e.g. sqlalchemy), and other half - from psycopg2-binary (e.g. pgcli). Which version of psycopg2 package will be installed and used in that situation? |
psycopg2-binary has not resolved problem with libssl. Imagine, what if near future all python libraries will be depends from psycopg2-binary instead of psycopg2. What will this situation be different from when there was only one version of psycopg2? |
@Cykooz use psycopg2 and forget the wheel for your use. Let the other decide for theirs. If they are writing multithread programs using ssh they better use psycopg2. Otherwise they are fine with -wheels. The libssl one is not a solvable problem. If it is a problem for you forget the wheels. |
But not all depends from me. I use different third-party packages which already has By default If I install
then if I uninstall
this will completely remove the code of
But
All of this is not very well. |
Third-party packages should not determine which version of the psycopg2 distributive should be used. Because they do not know in what environment they will be used. Version of distributive of psycopg2 should be determined solely by external tools. For example, with help of the |
@Cykooz What third party package depend on psycopg2-binary? |
@dvarrazzo |
@Cykooz |
Oh, maybe you are in something right. I'm just afraid that not only standalone applications will include |
@Cykooz I appreciate your concern. And it highlights the fact that if some library started depending on that package it may cause interdependencies problem: it's something to highlight very clearly in the docs. We are a bit into uncharted waters here: we are trying to figure out if the idea behind the psycopg2-binary is any good or if it's just the case of giving up with it. |
This is a problematic solution for the reasons already mentioned - Pip already had a way to avoid using the wheel distribution - that should be the mechanism to go for a source installation, not a new package which clobbers the namespace of another. |
Until PyPA adds the new "Provides" metadata there is just no good solution here that involves splitting the packages. PEP 426 actually touched on this but that PEP was since withdrawn and work on it has stalled. This means we just do not have a way to have two distributions claim the same virtual distribution name. The options in the context of the current packaging tooling are simply
There are several packages including the |
Can the |
However the |
You can specify which packages you don't want to install from wheels, e.g. For example: $ PIP_NO_CACHE_DIR=off pip install --no-binary=click click flask
Collecting click
Downloading https://files.pythonhosted.org/packages/95/d9/c3336b6b5711c3ab9d1d3a80f1a3e2afeb9d8c02a7166462f6cc96570897/click-6.7.tar.gz (279kB)
100% |████████████████████████████████| 286kB 6.6MB/s
Collecting flask
Downloading https://files.pythonhosted.org/packages/7f/e7/08578774ed4536d3242b14dacb4696386634607af824ea997202cd0edb4b/Flask-1.0.2-py2.py3-none-any.whl (91kB)
100% |████████████████████████████████| 92kB 13.5MB/s
Collecting itsdangerous>=0.24 (from flask)
Downloading https://files.pythonhosted.org/packages/dc/b4/a60bcdba945c00f6d608d8975131ab3f25b22f2bcfe1dab221165194b2d4/itsdangerous-0.24.tar.gz (46kB)
100% |████████████████████████████████| 51kB 12.2MB/s
Collecting Jinja2>=2.10 (from flask)
Downloading https://files.pythonhosted.org/packages/7f/ff/ae64bacdfc95f27a016a7bed8e8686763ba4d277a78ca76f32659220a731/Jinja2-2.10-py2.py3-none-any.whl (126kB)
100% |████████████████████████████████| 133kB 43.8MB/s
Collecting Werkzeug>=0.14 (from flask)
Downloading https://files.pythonhosted.org/packages/20/c4/12e3e56473e52375aa29c4764e70d1b8f3efa6682bef8d0aae04fe335243/Werkzeug-0.14.1-py2.py3-none-any.whl (322kB)
100% |████████████████████████████████| 327kB 11.3MB/s
Collecting MarkupSafe>=0.23 (from Jinja2>=2.10->flask)
Downloading https://files.pythonhosted.org/packages/4d/de/32d741db316d8fdb7680822dd37001ef7a448255de9699ab4bfcbdf4172b/MarkupSafe-1.0.tar.gz
Installing collected packages: click, itsdangerous, MarkupSafe, Jinja2, Werkzeug, flask
Running setup.py install for click ... done
Running setup.py install for itsdangerous ... done
Running setup.py install for MarkupSafe ... done
Successfully installed Jinja2-2.10 MarkupSafe-1.0 Werkzeug-0.14.1 click-6.7 flask-1.0.2 itsdangerous-0.24 |
I don't understand anything about all that stuff neither really want to dive into it, I don't know what wheels are, I just know I had a working project using psycopg2, which now displays warning about being renamed, so I thought I had to migrate to psycopg2-binary, but if I remove psycopg2 then it fails connecting to my postgre DB. Kinda lost as people mentionned earlier... Should I keep both? Should I not care and keep using psycopg2 and ignore that warning? How do I automate Okay, found a solution using the following in my requirements.txt: |
@dvarrazzo you mentioned that you are "trying to figure out if the idea behind the psycopg2-binary is any good or if it's just the case of giving up with it", but you never commented on the alternative "--no-binary" approach. What are your thoughts? |
For more details, see psycopg/psycopg2#674
For more details, see psycopg/psycopg2#674
A lot of projects are affected by this change and it wasn't clear to me what happened. Thanks to this issue I know what to do. |
On Ubuntu 20.04 this answer worked for me. sudo apt-get install gcc libpq-dev -y
sudo apt-get install python-dev python-pip -y
sudo apt-get install python3-dev python3-pip python3-venv python3-wheel -y
pip3 install wheel None of the above suggestions fixed my issue. |
This closes biocommons#623 Per the authors of the `psycopg2` package, `psycopg2-binary` "is meant for beginners to start playing with Python and PostgreSQL without the need to meet the build requirements." However, it's preferable to depend on `psycopg2` for production software. Issues in flight which should make this change irrelevant --------------------------------------------------------- - [make data provider dependencies optional][hgvs-optional-deps] - [replace psycopg2 with asyncpg][hgvs-asyncpg] - [use a REST interface, eliminating libpq dependency][hgvs-rest] ------------------------------------------------------------------------ Why move away from `psycopg2-binary`? ===================================== The psycopg2 project makes two recommendations in the [psycopg2 vs psycopg2-binary][psycopg2-vs-psycopg2-binary] docs: > If you are the maintainer of a published package depending on `psycopg2` you > shouldn’t use `psycopg2-binary` as a module dependency. Secondarily: > **For production use you are advised to use the source distribution.** This means that any production software depending on `hgvs` will have to install `psycopg2-binary`. History of the two packages =========================== Starting with Psycopg2 2.8, there are now two packages (explained in the [2.7.4 release notes][psycopg2-274]): - `psycopg2`: source distribution, advised for production. - `psycopg2-binary`: "quickest way to install" (a "pre-compiled binary version") There is substantial discussion in [an issue on the `psycopg2` project][gh-thread], which I won't re-summarize here, but one takeaway is that many Python packages now depend on `psycopg2-binary`, and others on `psycopg2`. Ideally, all libraries just depend on `psycopg2`. Alternate solutions to the split exist (like [`Provides-Dist` from PEP 345][provides-dist]). However, the [`Provides-Dist` field is "rarely used"][provides-dist-rarely-used] and thus ignored most of the time. [`hgvs` switched to `psycopg2-binary`][hgvs-switch-to-binary] shortly after the 2.7.4 release. [gh-thread]: psycopg/psycopg2#674 [hgvs-asyncpg]: biocommons#603 [hgvs-optional-deps]: biocommons#199 [hgvs-rest]: biocommons#199 (comment) [hgvs-switch-to-binary]: biocommons@4c75a4e5 [provides-dist-rarely-used]: https://packaging.python.org/specifications/core-metadata/#provides-dist-multiple-use [provides-dist]: https://www.python.org/dev/peps/pep-0345/#provides-dist-multiple-use [psycopg2-274]: https://www.psycopg.org/articles/2018/02/08/psycopg-274-released/ [psycopg2-vs-psycopg2-binary]: https://www.psycopg.org/docs/install.html#psycopg-vs-psycopg-binary
This closes #623 Per the authors of the `psycopg2` package, `psycopg2-binary` "is meant for beginners to start playing with Python and PostgreSQL without the need to meet the build requirements." However, it's preferable to depend on `psycopg2` for production software. Issues in flight which should make this change irrelevant --------------------------------------------------------- - [make data provider dependencies optional][hgvs-optional-deps] - [replace psycopg2 with asyncpg][hgvs-asyncpg] - [use a REST interface, eliminating libpq dependency][hgvs-rest] ------------------------------------------------------------------------ Why move away from `psycopg2-binary`? ===================================== The psycopg2 project makes two recommendations in the [psycopg2 vs psycopg2-binary][psycopg2-vs-psycopg2-binary] docs: > If you are the maintainer of a published package depending on `psycopg2` you > shouldn’t use `psycopg2-binary` as a module dependency. Secondarily: > **For production use you are advised to use the source distribution.** This means that any production software depending on `hgvs` will have to install `psycopg2-binary`. History of the two packages =========================== Starting with Psycopg2 2.8, there are now two packages (explained in the [2.7.4 release notes][psycopg2-274]): - `psycopg2`: source distribution, advised for production. - `psycopg2-binary`: "quickest way to install" (a "pre-compiled binary version") There is substantial discussion in [an issue on the `psycopg2` project][gh-thread], which I won't re-summarize here, but one takeaway is that many Python packages now depend on `psycopg2-binary`, and others on `psycopg2`. Ideally, all libraries just depend on `psycopg2`. Alternate solutions to the split exist (like [`Provides-Dist` from PEP 345][provides-dist]). However, the [`Provides-Dist` field is "rarely used"][provides-dist-rarely-used] and thus ignored most of the time. [`hgvs` switched to `psycopg2-binary`][hgvs-switch-to-binary] shortly after the 2.7.4 release. [gh-thread]: psycopg/psycopg2#674 [hgvs-asyncpg]: #603 [hgvs-optional-deps]: #199 [hgvs-rest]: #199 (comment) [hgvs-switch-to-binary]: 4c75a4e5 [provides-dist-rarely-used]: https://packaging.python.org/specifications/core-metadata/#provides-dist-multiple-use [provides-dist]: https://www.python.org/dev/peps/pep-0345/#provides-dist-multiple-use [psycopg2-274]: https://www.psycopg.org/articles/2018/02/08/psycopg-274-released/ [psycopg2-vs-psycopg2-binary]: https://www.psycopg.org/docs/install.html#psycopg-vs-psycopg-binary
For more details, see psycopg/psycopg2#674
For more details, see psycopg/psycopg2#674
For more details, see psycopg/psycopg2#674
Patch Set 1: > Right, but that means coinstallability is going to be difficult. > Unless we switch globally this means all non-containerized > deployments have to edit requirements to.match one of them > globally. Hmm, so there's a more detailed discussion on GitHub [1] and from the looks of things, this package split was intended to work issues with SSL libraries. Unfortunately they don't discuss a resolution to potential clobbering issues, likely because there isn't one. I've started a discussion on the mailing list [2] but at this time it seems we might be better off just requiring the installation of libpq once again. I'm going to abandon this until we have a better idea of how to approach this. [1] psycopg/psycopg2#674 [2] http://lists.openstack.org/pipermail/openstack-dev/2018-May/130497.html Patch-set: 1 Reviewer: Gerrit User 15334 <15334@4a232e18-c5a9-48ee-94c0-e04e7cca6543> Label: Verified=0
For more details, see psycopg/psycopg2#674
Forgive the blunt question but I cannot find discussion on why the split of psycopg2 and psycopg2-binary is happening. The current (2.7) way of doing wheel+source distribution works exactly how it's supposed to. Splitting into a separate -binary distribution actually breaks any library that depends on psycopg2=>2.x, which includes for example sqlalchemy's postgres bindings, because setuptools will complain the dependency is not matched.
The text was updated successfully, but these errors were encountered: