Declare packaging as install requirement (fixes #2022)#2024
Declare packaging as install requirement (fixes #2022)#2024dirkkul merged 2 commits intoweaviate:mainfrom
packaging as install requirement (fixes #2022)#2024Conversation
`weaviate.exceptions` and `weaviate.proto.v1.__init__` import `from packaging import version` at module load. The dependency was previously satisfied transitively through `deprecation`, which was removed in v4.20.5 (weaviate#1999). Slim Python images that don't pre-install `packaging` now fail with `ModuleNotFoundError: No module named 'packaging'` on the first `import weaviate`. Adds `packaging>=21.0` to install_requires. Closes weaviate#2022.
![orca-security-eu[bot]](https://avatars.githubusercontent.com/in/276244?s=60&v=4){kind=small}
There was a problem hiding this comment.
Orca Security Scan Summary
| Status | Check | Issues by priority | |
|---|---|---|---|
 Passed |
Infrastructure as Code |  0  0  0  0 |
View in Orca |
| Passed |
SAST | 0 0 0 0 |
View in Orca |
| Passed |
Secrets | 0 0 0 0 |
View in Orca |
| Passed |
Vulnerabilities | 0 0 0 0 |
View in Orca |
|
To avoid any confusion in the future about your contribution to Weaviate, we work with a Contributor License Agreement. If you agree, you can simply add a comment to this PR that you agree with the CLA so that we can merge. |
|
Thank you! Can you also add it here: requirements-devel.txt - I will then merge after you've agreed to the CLA! |
|
Done — added Picked 26.2 since it's the version currently resolved in our own deploy chain and aligns with your existing pins; happy to adjust to whatever version your CI standardises on. |
|
I agree to the Weaviate CLA. |
3 participants
Adds
packaging>=21.0toinstall_requiresinsetup.cfg.Why
weaviate-clientimportsfrom packaging import versionat module load in two places:weaviate/exceptions.py:9weaviate/proto/v1/__init__.py:12Until v4.20.4 the dependency was satisfied transitively through
deprecation, which was removed in v4.20.5 (#1999, "remove unmaintaineddeprecationpackage, use stdlib instead"). On environments that don't getpackagingfrom somewhere else — slim Python container images are the canonical case — the firstimport weaviatenow fails withModuleNotFoundError: No module named 'packaging'. Reproducible on every release from 4.20.5 onwards.Reproduction (no longer fails after this PR)
Version pin
>=21.0is conservative —packaging.version.Versionhas been stable since v17.0. Happy to widen or tighten if you have a preferred lower bound.Notes
packagingwithout declaring it as a dependency #2022.