Open
Description
We are seeing a bunch of issues because we don't have lockfiles:
- With fuzzy versions, e.g. loose versioning inside flask-base, different versions of the site can be running different versions of a module
- The order in which you put dependencies in requirements.txt matters, when it shouldn't, as you'll end up with different versions of sub-dependencies depending on what was installed first
On the other hand:
- We need to check it works in dotrun and docker.