Implement pep 503 data-requires-python #3877
Conversation
This allows pip to understand the `data-requires-python` metadata
information that can be set on a simple repository. This allows pip to
ignore any release or file that would not be compatible with the current
Python version even before trying to download and install this version.
Relevant extract of pep 503 at the time of this writing.
A repository MAY include a data-requires-python attribute on a file
link. This exposes the Requires-Python metadata field, specified in PEP
345 , for the corresponding release. Where this is present, installer
tools SHOULD ignore the download when installing to a Python version
that doesn't satisfy the requirement. For example:
<a href="..." data-requires-python=">=3">...</a>
In the attribute value, < and > have to be HTML encoded as < and >
, respectively.
This can mostly be used to, for example, mark a new sdist of a new
package version as requires-python >3.4, and not fail to install or
upgrade on users systems.
This will require extra patches to PyPI-legacy and warehouse to be
usable. Though releasing a version of pip that understand this feature
is necessary to have wide adoption at the time when these metadata get
actually published.
| @@ -828,7 +836,8 @@ def links(self): | |||
| url = self.clean_link( | |||
| urllib_parse.urljoin(self.base_url, href) | |||
| ) | |||
| yield Link(url, self) | |||
| pyrequire = anchor.get('data-requires-python') | |||
| yield Link(url, self, requires_python=pyrequire) | |||
There was a problem hiding this comment.
I would put the unescape here since we are already dealing with html here
|
Thanks for jumping on this; I'm keen to get it into pip as soon as possible so it can start getting to users before we rely on it. There are still a few Travis failures in running PEP-8. |
move the unescape outside of Link class. reraise using raise that is available on Python 2.6
Carreau
force-pushed
the
implement-pep-503-data-requires
branch
from
c8433b8
to
1d10fca
Compare
Yep, saw that, should be fixed as well.
This is the exact reason why I did that. Thank for pushing the fixes to pep 503. |
| @@ -828,7 +841,8 @@ def links(self): | |||
| url = self.clean_link( | |||
| urllib_parse.urljoin(self.base_url, href) | |||
| ) | |||
| yield Link(url, self) | |||
| pyrequire = unescape(anchor.get('data-requires-python')) | |||
There was a problem hiding this comment.
We need to check that the attribute is not None before passing it to unescape, because unescape doesn't like None.
|
A few tests would also be nice. |
Should be done. Waiting for test to finish, but the one I wrote seems to pass. |
| @@ -365,6 +366,27 @@ def test_finder_only_installs_stable_releases(data): | |||
| assert link.url == "https://foo/bar-1.0.tar.gz" | |||
|
|
|||
|
|
|||
| def test_finder_only_installs_data_require(data): | |||
| """ | |||
| """ | |||
There was a problem hiding this comment.
No need for empty docstring ;)
There was a problem hiding this comment.
Oops, likely did not commit the description of the tests.
|
Docstring fixed, and added an item to CHANGES.txt. |
|
Is there anything I can do ? |
|
This looks good to me. |
|
Gentle nudge to know if there is anything I can do... |
|
I've checked the code and it LGTM. @xavfernandez did you want to wait for @dstufft to OK this? |
|
@pfmoore I wanted to wait for a second check but yours is fine too :) |
|
@Carreau Thanks again 👍 |
|
Thanks for landing this :-). Now we just need to implement the server-side part. |
|
Thanks a lot ! I'm trying to get a fix on PyPI-legacy, but I can't figure out how to run it locally... if any of you have insights... I would appreciate help there. |
|
I was just about to say that maybe we should focus on making Warehouse respect it and hope that it fully takes over as PyPI soon, but it sounds like you're making some progress with getting legacy PyPI running. |
Yes, I have an ugly patch running, I need to comment a bunch of code that try to access EC2, but once you get what's wrong it's not that hard to run locally. I'll document what I'm doing, but we can also implement the simple repo on warehouse. I'll be low bandwidth until next monday so It will take me time to clean things up; you can see the branch there though. |
|
We will eventually replace this with a newer API, but that is a longer term effort. Right now that is out of scope of any current efforts. Sent from my iPhone
|
lock
bot
added
the
auto-locked
Allows pip to understand the
data-requires-pythonmetadatainformation that can be set on a simple repository. This allows pip to
ignore any release or file that would not be compatible with the current
Python version even before trying to download and install this version.
Relevant extract of pep 503 at the time of this writing.
This can mostly be used to, for example, mark a new sdist of a new
package version as requires-python >3.4, and not fail to install or
upgrade on users systems.
This will require extra patches to PyPI-legacy and warehouse to be
usable. Though releasing a version of pip that understand this feature
is necessary to have wide adoption at the time when these metadata get
actually published.
This will partially replace #3847 (from @takluyver ) once pypi-legacy and warehouse support exposing this metadata as well. I suppose this will be of interest for @astrofrog.
@michaelpacer and I are trying to get a the data-requires-python into pypi-legacy, though we have issue to run it locally. So we tested with a "Fake" local PyPI that just exposes static webpages that we editted by hand to include 'date-requires-python'.