Surplus pinned dependencies?

[tombola]

There are a lot of pinned dependencies in the created django project, most of which I cannot identify in use.

This seems a bit of a heavy handed pre-optimisation as the requirements file then does not communicate (to a developer) what genuine dependencies the project has.

As an example, the wagtail section of base.txt:

anyascii==0.3.0
beautifulsoup4==4.9.3
django-filter==21.1
django-modelcluster==5.2
django-taggit==1.5.1
django-treebeard==4.5.1
djangorestframework==3.12.4
draftjs-exporter==2.1.7
et-xmlfile==1.1.0
html5lib==1.1
l18n==2021.3
openpyxl==3.0.9
soupsieve==2.3.1
tablib==3.1.0
telepath==0.2
webencodings==0.5.1
Willow==1.4
xlrd==2.0.1
XlsxWriter==3.0.2
xlwt==1.3.0

I acknowledge I may have missed the point here, so posting issue to be corrected as much as to improve the template.

If the intent was just to ensure that all package versions are pinned if they are used, maybe we could use piptools to compile the base requirements.txt from a requirements.in? That way the genuine requirements would remain visible.

[danthedeckie]

If the intent was just to ensure that all package versions are pinned if they are used, maybe we could use piptools to compile the base requirements.txt from a requirements.in? That way the genuine requirements would remain visible.

I really like that idea. @tomkins ?

[tomkins]

Personally I was waiting for Poetry. I think we dodged a bullet by avoiding Pipenv though!

If pip-tools does the job and everyone is happy with it - go for it.

[danthedeckie]

What would we need for poetry still? Is there something blocking that, or do we just need some investigation / setup time?