Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pants 2.19 fails to download WHLs with URL-escaped chars #20474

Closed
lowvoltage opened this issue Jan 31, 2024 · 4 comments · Fixed by #20496
Closed

Pants 2.19 fails to download WHLs with URL-escaped chars #20474

lowvoltage opened this issue Jan 31, 2024 · 4 comments · Fixed by #20496
Labels
backend: Python Python backend-related issues bug
Milestone

Comments

@lowvoltage
Copy link
Contributor

Describe the bug
Pants 2.19 fails to download WHL files hosted on URLs that contain URL-escaped characters. This applies to both URLs already present in the lockfile and to URLs retrieved during generate-lockfiles.

For example, instead of:
https://download.pytorch.org/whl/cpu/torch-2.0.1%2Bcpu-cp311-cp311-linux_x86_64.whl
it attempts (and fails) to download:
https://download.pytorch.org/whl/cpu/torch-2.0.1+cpu-cp311-cp311-linux_x86_64.whl

Seems to be related to the v2.1.148 PEX version, as downgrading to v2.1.137 resolves the issue

Pants version
2.19.0

OS
Both MacOS and Linux

Additional info
Minimalist example to reproduce:

python_requirement(
    requirements=["torch==2.0.1+cpu"],
)
[GLOBAL]
pants_version = "2.19.0"

backend_packages = [
  "pants.backend.python",
]

[python]
interpreter_constraints = ["==3.11.*"]
enable_resolves = true

[python-repos]
find_links = [
    "https://download.pytorch.org/whl/torch_stable.html",
]

# Workaround: Downgrade to a previous PEX version
#[pex-cli]
#known_versions = [
#  "v2.1.137|macos_arm64|faad51a6a108fba9d40b2a10e82a2646fccbaf8c3d9be47818f4bffae02d94b8|4098329",
#  "v2.1.137|macos_x86_64|faad51a6a108fba9d40b2a10e82a2646fccbaf8c3d9be47818f4bffae02d94b8|4098329",
#  "v2.1.137|linux_x86_64|faad51a6a108fba9d40b2a10e82a2646fccbaf8c3d9be47818f4bffae02d94b8|4098329",
#  "v2.1.137|linux_arm64|faad51a6a108fba9d40b2a10e82a2646fccbaf8c3d9be47818f4bffae02d94b8|4098329"
#]
#version = "v2.1.137"
@lowvoltage lowvoltage added the bug label Jan 31, 2024
@cburroughs
Copy link
Contributor

I tried to bisect with:

$ python3.10 -m pex.cli lock create --interpreter-constraint $'CPython==3.11.*' --style=universal --pip-version=23.1.2 --resolver-version pip-2020-resolver --find-links=https://download.pytorch.org/whl/torch_stable.html  "torch==2.0.1+cpu" -o tmp/tmp.lock

and ended up at pex-tool/pex@45eea4b

@tgolsson
Copy link
Contributor

tgolsson commented Jan 31, 2024

Thanks @cburroughs. Wonder if this is something Pants does wrong when invoking Pex or if it's a Pex issue. I see a few added unquote f.ex., which would lead to the issues observed if not quoted on-use.

For clarity, can you show the same regression with extra-indexes as well? Or is this find-links specific code paths?

@tgolsson tgolsson added this to the 2.19.x milestone Jan 31, 2024
@tgolsson tgolsson added the backend: Python Python backend-related issues label Jan 31, 2024
@cburroughs
Copy link
Contributor

For clarity, can you show the same regression with extra-indexes as well? Or is this find-links specific code paths?

If someone knows of a package on PyPi that uses the + syntax I'm happy to try to concoct a test, but I didn't know that was valid before today.

@tgolsson
Copy link
Contributor

tgolsson commented Feb 1, 2024

It's a local version specifier, and I don't think PyPi would accept them -- they're meant for distro patches, primarily. Torch using them for API spec is... a stretch, semantically. I did a test myself using torch's extra index and couldn't repro, so seems like find-links is the issue.

cburroughs added a commit to cburroughs/pants that referenced this issue Feb 6, 2024
Changelogs:
 * https://github.com/pantsbuild/pex/releases/tag/v2.1.160
 * https://github.com/pantsbuild/pex/releases/tag/v2.1.161
 * https://github.com/pantsbuild/pex/releases/tag/v2.1.162

```
Lockfile diff: 3rdparty/python/user_reqs.lock [python-default]

==                    Upgraded dependencies                     ==

  certifi                        2023.11.17   -->   2024.2.2
  cryptography                   41.0.7       -->   42.0.2
  pex                            2.1.159      -->   2.1.162
  pluggy                         1.3.0        -->   1.4.0
  pydantic                       1.10.13      -->   1.10.14
  python-dotenv                  1.0.0        -->   1.0.1
  urllib3                        2.1.0        -->   2.2.0
```

Further support relative to pantsbuild#15704
Fixes pantsbuild#20474
@huonw huonw closed this as completed in 30058b7 Feb 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backend: Python Python backend-related issues bug
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants