[awaythrowact]

Doesn’t pip freeze > requirements.txt capture exact versions of dependencies of dependencies?

[smitty1e]

> dependencies you use has an unrestrictive version in their requirements.txt

It's the other guy causing the ruckus.

[awaythrowact]

I pip install foo, and foo depends on bar. I pip freeze > lock.txt. My lock file has foo v1 and bar v1, right? Later bar upgrades to v2. I then try to rebuild the container image from lock.txt. My pip freeze lock file will still keep me on foo v1 and bar v1, even though foo has unpinned dependency on bar and bar has new version.

Is pip freeze not solving this scenario? Or is poetry solving a different scenario?

Not trying to flame war, just not sure I’m grokking.