How to resolve dependency issues

When we install a package say pandas we also install various dependent packages which are not version bound.

Example: When you install pandas you implicitly install numpy too.

Recently, at work we have an application whose pandas requirement was locked at pandas==0.25.3 so whenever we build our docker image and downloaded the requirements via:

pip install -r /test-requirements.txt

We downloaded pandas==0.25.3 but as the numpy distribution was not locked pip resolved it to the latest version numpy==1.20.0 which made it incompatible with pandas dataframe such that.

import pandas as pd
df= pd.DataFrame(columns=['col_a','col_b']

resolved to the following error.

Browsing STACKOVERFLOW for the error led me to, oh I just need to update the the pandas package to the latest pandas==1.2.1 YAY!!!

I happily ran a subset of the tasks to check and put the code on staging.