1.0.0b4 updates private repo dependencies every time

[dbanty]

• I am on the latest Poetry version.

• I have searched the issues of this repo and believe that this is not a duplicate.

• If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

• OS version and name: macOS 10.14.6 Mojave

• Poetry version: 1.0.0b4

Issue

For every project I have which includes dependencies from a private repo (Gemfury), when installing with poetry install every private repo dep shows that it's "updating" when there are no changes. For example - Updating s3-profiler (0.1.0 -> 0.1.0). This only happens with dependencies from my private repo, and it happens every time.

In my pyproject.toml:

[[tool.poetry.source]]
name = "triaxtec"
url = "https://pypi.fury.io/triaxtec/"

[tool.poetry.dependencies]
s3-profiler = "^0.1.0"

In my poetry.lock:

[[package]]
category = "main"
description = "For profiling code and uploading the results to s3"
name = "s3-profiler"
optional = false
python-versions = ">=3.7.0,<4.0.0"
version = "0.1.0"

[package.source]
reference = "triaxtec"
type = "legacy"
url = "https://pypi.fury.io/triaxtec"

...

s3-profiler = [
    {file = "s3_profiler-0.1.0-py3-none-any.whl", hash = "md5:f727c6e99216af72d8dc4f9db24ef5bb"},
]

[sdispater]

This has already been fixed in #1563 and the fix will be available in the next beta release which should be out today or tomorrow.

[danyeaw]

I can reproduce this issue in Poetry 1.0.0b5

[sdispater]

@danyeaw You might need to update your lock file.

[danyeaw]

Thanks for your response @sdispater. Environment is MSYS2 in Windows for a GTK app. I'm not using a private repo, so maybe I should open a new issue, but I am getting all dependencies update every time with the latest version. Version 1.0.0b3 worked fine.

1. I updated to requires = ["poetry==1.0.0b5"] in my pyproject.toml.
2. pip install -U poetry==1.0.0b5
3. poetry update

Using virtualenv: C:\tools\msys64\home\DYEAW\gaphor\.venv
Updating dependencies
Resolving dependencies...

Package operations: 0 installs, 71 updates, 0 removals

  - Updating certifi (2019.9.11 C:\tools\msys64\home\DYEAW\gaphor\.venv\lib\python3.8\site-packages -> 2019.9.11)
...

If I run poetry update or poetry install again it does the same thing all over again.

[dbanty]

My issue is resolved with 1.0.0b5 as @sdispater said. I’ll leave this open for now but @danyeaw should probably open a new issue with a more accurate title.

[dbanty]

@sdispater I think this fix may have caused #1602 which stops export from working with private repo dependencies.

[dbanty]

@danyeaw have you seen #1612 ? Might be closer to your issue.

I’m closing this one since 1.0.0b5 fixed it and 1.0.0b8 fixed #1602 mentioned above.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.