Apologies, as the question is more on the grey area. Here is the concrete scenario.
I am using darts (the downstream library) for time-series forecasting, which uses scikit-learn to build and train some machine learning models internally.
Now, when building the virtual environment for my inference pipeline, I run this command inside my docker container
python3 -m pip install --user darts==0.27.2 # Latest as of this question
and it installs scikit-learn==1.4.0
by itself, without me needing to pin that down as a dependency. But eventual code execution throws an error with the following traceback.
Traceback (most recent call last):
File "/app/src/main.py", line 8, in <module>
from gbm import get_catboost_prediction, Dict, Sequence, logging, simulation_date_from_history
File "/app/src/gbm.py", line 10, in <module>
from darts.models import CatBoostModel
File "/app/.venv/lib/python3.11/site-packages/darts/models/__init__.py", line 22, in <module>
from darts.models.forecasting.linear_regression_model import LinearRegressionModel
File "/app/.venv/lib/python3.11/site-packages/darts/models/forecasting/linear_regression_model.py", line 15, in <module>
from darts.models.forecasting.regression_model import (
File "/app/.venv/lib/python3.11/site-packages/darts/models/forecasting/regression_model.py", line 55, in <module>
from darts.utils.multioutput import MultiOutputRegressor
File "/app/.venv/lib/python3.11/site-packages/darts/utils/multioutput.py", line 5, in <module>
from sklearn.utils.validation import _check_fit_params, has_fit_parameter
ImportError: cannot import name '_check_fit_params' from 'sklearn.utils.validation' (/app/.venv/lib/python3.11/site-packages/sklearn/utils/validation.py)
To avoid the war, I modified my Dockerfile to build like this, and it works fine.
python3 -m pip install --user scikit-learn==1.3.2 darts==0.27.2 # Pin down the sklearn version
While I try to use the latest stable versions of libraries, in this case seems they do not play with each other without a downgrade.
I am not appropriating blame, but asking out of curiosity, which maintainers should upgrade their codes here according to community funded open source best practices? Or is it a wild west, as in no rule?