Bug fix
- Do not install dependencies outside the `setup.py`
- Dependencies installed outside the `setup.py` are not taken into account by
`pip`'s dependency resolver.
- In case of conflicting transient dependencies, the last library installed
will "impose" its dependency version.
- This makes the installation and build of the library non-deterministic and
prone to unforeseen bugs caused by external changes in dependencies'
versions.
Note
A definite way to solve this issue is to clearly separate library dependencies
(with a `virtualenv`) and a universal dependency installer for CI requirements
(like `pipx`), taking care of:
- Always running tests inside the `virtualenv` (for example with `nox`).
- Always building outside of the `virtualenv` (for example with `poetry`
installed by `pipx`).
Moreover, it is indeed even better to have a lock file for dependencies,
using `pip freeze`) or with tools providing such features (`pipenv`, etc.).