Cleanup deps

[multimeric]

• Refactor various database dependencies into optional dependencies, since they aren't imported by the package. This makes the default installation smaller and more robust
• Add dependencies on various packages that are imported in the package, but aren't mentioned in the pyproject.toml
• Re-lock dependencies

Much of this is following the report from fawltydeps.

[sierra-moxon]

Thank you so much! This is terrific. What do you think about adding a GH action, Makefile target, and dependency stanza in the pyproject.toml with https://deptry.com/ in the loop? @multimeric @dalito

e.g.
pyproject.toml would look like this: https://github.com/linkml/linkml-map/blob/b3be278b6ad50dc18ad41f0d1bf59469033b9ba4/pyproject.toml#L48

makefile target would look like this:

.PHONY: check-dependencies
check-dependencies:
	$(RUN) deptry schema_automator --known-first-party schema_automator

GH action addition to "check-pull-request.yaml" would look like this:

      - name: Check project dependencies
        run: make check-dependencies

thank you to @pkalita-lbl for pointing out deptry to us.

I won't block this PR on this, but it might be a great next step! :) thanks again.

[dalito]

@multimeric - All changes look fine to me.

@sierra-moxon I have no experience yet with deptry but saw that you or Patrick(?) started using it. I am not sure if it would have caught the unused mkdocs here because we had another superfluous file that used mkdocs.

[multimeric]

Okay, I've done all the above. Current output is:

pyproject.toml: DEP002 'psycopg2-binary' defined as a dependency but not used in the codebase
pyproject.toml: DEP002 'duckdb' defined as a dependency but not used in the codebase
pyproject.toml: DEP002 'mariadb' defined as a dependency but not used in the codebase
pyproject.toml: DEP002 'ruamel-yaml' defined as a dependency but not used in the codebase
pyproject.toml: DEP002 'numpy' defined as a dependency but not used in the codebase
Found 5 dependency issues.

I assume all the database packages are there to facilitate SQL import. I would have no issue removing them, but I can add a DEP002 exception if you'd rather.

Numpy is a bit different because it's being pinned at <2 so probably needs to stay. I'll add an exception for that.

[multimeric]

I've added all the above warnings to the ignore list.

[dalito]

I would suggest to not make the deptry dependency check an action that fails the PR-checks.

I tried it in other projects and it was proposing to remove dependencies which should definitely stay. For example openpyxl requires pillow to support images. However, deptry suggested to remove it. I have not checked if this is an issue with deptry or with the dependency specification in openpyxl but it shows that you may not want to block PR checks based on the deptry check or act on the results without thorough checking.

[multimeric]

I don't mind it failing. If you don't import pillow directly then it possibly shouldn't be listed as a dependency. The one exception is where you're pinning a transitive dependency like we do here with numpy. But then you can add an exception and explain the issue with a comment, which I should really do here.