I think this naturally calls for a video on piptools now

As someone who continually has to deal with issues that only happen intermittently and seemingly with the same inputs having different behavior, this would 100% annoy the heck out of me. I can't believe that a fellow developer would think that this is an acceptable behavior to add, ESPECIALLY in a CI environment.

That random in CI stuff is... something. Shows that the people behind this project haven't got a good understanding of how people build stuff in the wild, which is indeed disconcerting

BROWNOUT_CHANCE = 5 GET_RID_OF_POETRY_CHANCE = 95

A 5% chance to randomly fail in CI is ridiculous, as is the overnight deprecation and removal. I was looking into using poetry but your thoughts have definitely made me reconsider.

As someone who's dabbled in Poetry and really liked it, I found your video so informative that it got you my subscription. I'm really looking forward to watching some of your other videos!

I had not heard of pip-tools but a brief look at it makes me think it could solve some problems I've had with dependency management. Thanks for introducing me to it!

Great video Anthony, thanks! It would be nice to watch a video about pip-tools

I'm still a big fan of Poetry and will keep using it; However, your arguments here are very good, and I actually agree with them - it's bad to automatically update deps within major versions by default (because it's quite common to reach breaking changes between different minor versions), and it's SUPER BAD to introduce random breakages in CI builds just to "force" people to stop using some deprecated feature. Thanks for the video, you got a new subscriber 🙂

wow, best breakdown I've seen thus far on actual technical reasons as to why not to use poetry. Great job! Loving your vids

Interesting way to tell users that it’s time to fork or find something else

Wow, ty for sharing this! Not that long ago we've just dealt with flask lib, that had something similar where they simply changed the default behavior, although wasn't even intended to be removed at the end. I went crazy about it. You should do another video about how flask.request.json changed from version ~1.X -> 2.2.X it's default behav.

I thought the video was clickbait and you were actually going to like it in the end but wow ok. I just started looking at poetry this morning because setuptools which i build pypi wheels in is so hard to manage. So what is the best practice to make pypi projects?

Adding randomness is pure evil. Must have caused so much head-scratching and aggravation to people who were on this version. Edit: thanks about the pip-tools suggestion :)

After watching this video, another video about pip-tools is must right?

Hi, I have a small question. My project has quite too many dependencies and of course I would want to decrease the number of dependencies but right now every time a package I am using is getting upgraded and it breaks my Code the I need to lock its version. What would you advise me to do? Lock all versions of outside packages so I my code wont have problems so often? Or is it better to always upgrade the external packages? Thanks!

Thanks for doing this one, now I can send others asking about poetry to your video. Much easier than having endless debates about why some feel the need for Vogon poetry. There are also other reasons, but if I remember well they would fit in the same category as your example regarding making deliberate decisions that disconsider the user-base. That kind of aggressiveness around deprecations I unacceptable, at least in my view. I was even upset about how aggressive was pip around reporting that is outdated, but what poetry did took it a new level.

Ekk. I did use setup-py-upgrade as part of converting 10's of poetry pyproject.toml's to setup.cfg's so thanks for making that.

Sorry this is off topic, it's my first time seeing a video of yours. I just gotta know, what keyboard is that?

The greatest value for me in poetry is how it helps manage and hence democratize the use of pyproject.toml. This really helped set our team on a journey to sane packaging and dependency management. The randomness in CI is wild though and we've definitely ran into weird stuff with poetry also the change in how hashes are handled before 1.2 compared to after which also broke our CI.

Did you need to install poetry inside a venv? Isn't it designed to be installed at system level, and then it effectively creates a venv?

Thanks Anthony for all of your great videos. As a new Python coder, I find Poetry is easier than Venv or pip-tools. Poetry documentation is easier to follow. Maybe when I am more advance user, things will change.

I typically watch videos at 2x speed, but this time I'm watching at 0.5x speed.

I'd love to hear your opinion on PDM. It's PEP standards friendly and it's dependency resolver is much more robust.

What about pipenv? Have you tried it, is the experience any different?

Why do you use virtualenv and not venv? habbit, or actual reasons?

What happened to easy install?

It's a very WTF decision. I moved away from poetry as well. now I need to convince work to do the same, but it'll be... hard given we migrated into poetry not that long ago...

true! what about pipenv?

I'd be interested in your take on PDM as I swapped from poetry to PDM ages ago and still use it

As someone whose primary language is not Python, I found poetry makes project maintenance a lot easier. Having to manually manage venv and fiddle with requirements.txt just to bump minor versions for security patches is too much overhead.

I thought the "percent change to randomly fail" was just a hyperbole for the thumbnail. But they actually did it for real... wtf

I can think of some shenanigans based on the implementation 😂 since they are using the global implicit random instance, what if I set random.seed to something that would never cause a brownout failure.

they did... what......

It is best practice to make changes to the interface just in major version changes, so it makes absolut sense to default to be compatible just to the same major version of a dependency

Easy ("temp") fix for poetry: pin the version to something pre-1.2.0

Going from completely fine to breaking due to safety reasons is not that bad, but adding 5% chance error is comic and overthetop! Hahaha that is mess up!! Hahah

There were some serious red flags, in the poetry issues page, and this just cements my decision to undo a weeks worth of work in converting my projects to poetry. I hate python.

Thank you for the detailed video, not going to use poetry.

What about pipenv?

after 1year, do you think this is still true please ?

Anthony, what's up with the thumbnails😚? Looks good though 😎

something to manage tons of packages, cannot be a tons of packages itself

PDM is the way

WTF is going on with 5 percent chance of throwing an error?!? Did they ever justify or provided their thought process?

Poetry is still pretty good for mono-repo projects where you have 100 independent venvs; v1.2 has a lot of breaking changes; I agree they had to communicate better, but I guess poetry plays a big role in the future; especially in ML/DS world where side projects like `poetry-kernel` makes the venv management way easier

I don't have any issues with that tbh

What does "poetry"? i can't tell by the name at all. and all "beautiful soup"?

I've heard a lot of good things about poetry, but have had a stack of problems when using it that made me avoid it for all my projects.

Wait, did I understand correctly that this was only ever added to an alpha? This appears to make this a non-issue to me

Wait this guy works for docker??? That is unsettling!!

I love/hate poetry. It is great until it is suddenly terrible.

Hi Antony, after one year of your video, still thinking you will not use poetry?

I agree, but my pro-poetry colleague won the argument, considering hashing and sources URI

Seems that the problem is the requests library, not poetry

I feel your pain!

5% chance to fail XDD tf is this Pokemon??

I certainly agree that on deprecation, there should be a grace period to allow people to migrate, and this doesn't appear to allow for that. Regarding the 5% failure, I kinda get where they were coming from, the likely hood of people looking at deprecation warnings in succeeding CI jobs is pretty slim, so they wanted to make a little noise, to draw people's attention to the fact that some thing has been deprecated, but not cause an outright failure suggesting code breakage. That being said, I can certainly see why that would irk some one.

how disgusting...

Nice video, I am for giving people their choices. As a developer, I want a dependency manager that is opinionated and does not stray too far from selected apis. For me pip freeze bundles dependencies of dependencies, ignores missing/broken dependencies. Chances I no longer want to use that library as it is not well maintained or old. For projects like ansible-lint to deliberately break poetry support 100% of the time is childish.

pipenv vs poetry makes my head hurt

poetry is xxxx trash for sure dont run it so many bug