Update all pip packages?

Hi,

I currently run a working 0.76.2 installation but I was wondering about updating pip packages. If I run “pip --list outdated”, I have the following :

Package                  Version     Latest    Type 
------------------------ ----------- --------- -----
alabaster                0.7.10      0.7.11    wheel
Babel                    2.5.3       2.6.0     wheel
beautifulsoup4           4.6.0       4.6.3     wheel
certifi                  2018.4.16   2018.8.13 wheel
GitPython                0.3.6       2.1.11    wheel
googlemaps               2.5.1       3.0.2     sdist
idna                     2.6         2.7       wheel
idna-ssl                 1.0.1       1.1.0     sdist
multidict                4.2.0       4.3.1     sdist
mutagen                  1.41.0      1.41.1    sdist
mysqlclient              1.3.12      1.3.13    sdist
netdisco                 1.4.0       2.0.0     wheel
netifaces                0.10.6      0.10.7    sdist
protobuf                 3.5.2.post1 3.6.1     wheel
psutil                   5.4.6       5.4.7     sdist
PyChromecast             2.1.0       2.2.0     wheel
pyfttt                   0.3         0.3.2     wheel
pyhydroquebec            2.2.2       2.3.0     sdist
python-dateutil          2.7.2       2.7.3     wheel
python-pushover          0.3         0.4       sdist
pytz                     2018.4      2018.5    wheel
setuptools               39.0.1      40.2.0    wheel
simplejson               3.14.0      3.16.0    sdist
Sphinx                   1.7.2       1.7.7     wheel
sphinx-rtd-theme         0.3.0       0.4.1     wheel
sphinxcontrib-websupport 1.0.1       1.1.0     wheel
SQLAlchemy               1.2.10      1.2.11    sdist
tqdm                     4.23.0      4.25.0    wheel
urllib3                  1.22        1.23      wheel
wakeonlan                1.0.0       1.1.6     wheel
websocket-client         0.47.0      0.51.0    wheel
wheel                    0.31.0      0.31.1    wheel
yarl                     1.2.1       1.2.6     sdist 

Should I go ahead and update all of them? I see that in some case, they are many version behind (netdisco, idna, GitPython, etc)

Thanks,

How did you install HA?

Hassbian, python virtual enviroment, etc.?

I used a manual python virtualenv installation.

It’s my understanding that most packages don’t need to be updated when running in a virtual environment. That is the benefit of running in a venv because it contains all of the requirements in the venv so changes to the host OS won’t break HA.

The only change I have heard was necessary was updating to a new version of Python but since you are running a new version of HA that shouldn’t be necessary because it’s already included in the new versions.

And it’s possible that I’m completely wrong but at least that’s my understanding.

Don’t do upgrade. Most of package used in HA has pinned version, we keep tracking them, testing and updating along with HA release. You need modify source code if you want to manual upgrade single package.

This is exactly what I want to know. When I first installed HA in my virtualenv, it pulled down these packages. But since then, it does not update them at all. From what I can see, some packages are pinned to a specific version :

Requirement already satisfied, skipping upgrade: requests==2.19.1 in /opt/homeassistant/lib/python3.6/site-packages (from homeassistant) (2.19.1)

But other simply has minimum version specified (idna version 2.7 is available and I have 2.6 installed) :

Requirement already satisfied, skipping upgrade: idna>=2.1 in /opt/homeassistant/lib/python3.6/site-packages (from cryptography==2.3.1->homeassistant) (2.6)

For theses packages, they are never updated after a HA installation but if I do a new installation, HA would install the new version.

Anyone has any idea on this? This could present a security risk if some python packages are never updated after the initial installation.