1

I have a website based off Mezzanine of which Bleach is installed as a dependency. Bleach 2.0 is incompatible with my version of Mezzanine. I tried specifying Bleach's version as ==1.5 in my requirements.txt file but every pip install still upgrades the version. I'm thinking another dependency keeps forcing the upgrade.

Is there a way to tell pip to lockdown a package's version, or barring that a way to see a dependency tree? Worst case the OS's python is forcing Bleach 2.0.

stakolee
  • 893
  • 1
  • 7
  • 20
  • will pip's `--no-deps` flag do what you want? – MoxieBall May 17 '18 at 19:54
  • 3
    Install `pipdeptree` to build and print the dependency tree: `pipdeptree -r -p bleach` will show you all packages requiring `bleach`, also printing the dependency version range. At least it will give you some info. Python itself does not need `bleach` for sure, so you can safely omit that. Most probably it's `parso` which is pulled by `ipython`. – hoefling May 17 '18 at 20:08

0 Answers0