poetry build --frozen-wheel

[gsemet]

Hi,

I have applications with lot of dependencies, and it makes it hard to cover all combinaisons of version of dependencies during testing (it is not possible actually), and relying of package authors to strictly follow semver is not enough. Some mistakes are made, breaking changes can enter bugfixes releases, even for some serious packages.

So, I wonder if it wouldn't be possible for poetry to build from the lockfile AND lock all dependencies in it generated wheel? As of today, I dump the locked requirements .txt and recommend users to install through a pip install --user mywheel.whl -r requirements.txt, which is not ideal (it may break install app).

My "ideal" solution would be a combination of frozen wheel + pipx, so that user can really envoy my application the way I have validated it while still not breaking their env.

$ poetry build --frozen-wheel
=> generates dist/myapp.whl

...

# on users machine
$ pipx install myapp
-> all dependences are exactly like when I have validated on my CI

[dimbleby]

duplicate #5449

[BrandonLWhite]

Same as #2331

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.