This is important (though I'm oddly yet to run into this issue with pip; I've only had conflicts with npm and composer before). Freezing dependency sources in Docker images and using (pip install --require-hashes -r requirements.txt) for development seems to cover everything.

yeah, i was going to say the same: i never had that issue in ~7y of python work.

nowadays, requirements + docker solves 99% of everything i do.

maybe it's because i'm not using numpy and the likes?