Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release with build number is not included as installation option in lock file #5543

Closed
3 tasks done
huonw opened this issue May 5, 2022 · 5 comments
Closed
3 tasks done
Labels
area/repo Meta-issues for the repository/forge itself

Comments

@huonw
Copy link

huonw commented May 5, 2022

  • I am on the latest Poetry version.
  • I have searched the issues of this repo and believe that this is not a duplicate.
  • If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

Issue

The pytest-asyncio project has two wheels for 0.18.3: https://pypi.org/project/pytest-asyncio/0.18.3/#files

  • pytest_asyncio-0.18.3-py3-none-any.whl
  • pytest_asyncio-0.18.3-1-py3-none-any.whl

Note the extra build tag -1 in the second one (https://packaging.python.org/en/latest/specifications/binary-distribution-format/#file-name-convention). The second one was released because the first was missing a file (pytest-dev/pytest-asyncio#314).

It seems poetry is ignoring the second one: with a requirement like pytest-asyncio = "0.18.3", poetry generates a lock file that contains only the sdist and the first wheel:

pytest-asyncio = [
    {file = "pytest-asyncio-0.18.3.tar.gz", hash = "sha256:7659bdb0a9eb9c6e3ef992eef11a2b3e69697800ad02fb06374a210d85b29f91"},
    {file = "pytest_asyncio-0.18.3-py3-none-any.whl", hash = "sha256:8fafa6c52161addfd41ee7ab35f11836c5a16ec208f93ee388f752bea3493a84"},
]

This is forcing us to pin to this dev to 0.18.2, because we need the missing file.

(Thanks for poetry!)

@huonw huonw added kind/bug Something isn't working as expected status/triage This issue needs to be triaged labels May 5, 2022
@radoering
Copy link
Member

Probably, a caching issue. Try clearing your cache (at least for pytest-asyncio 0.18.3).

@huonw
Copy link
Author

huonw commented May 9, 2022

Ah, cool. poetry cache clear pypi:pytest-asyncio:0.18.3 followed by poetry lock again does pick up the new file 👍

Some other members on my team must've had only the newer versions, and we found that if I ran poetry lock or similar on my machine, the poetry lock file was reverted back to use the older versions. An improvement might be to have poetry notice the inconsistency, invalidate its cache and recheck PyPI. Thoughts?

@abn
Copy link
Member

abn commented May 19, 2022

Trying to solve for inconsistencies like that might be more effort than worth it. Happy to review PRs if folks have ideas how best to tackle this without introducing new issues. Poetry does rely on the Cache-Control header to manage HTTP cache at present. So, this could have just been a timing issue.

As an interim mitigation, folks can use poetry --no-cache lock --no-update in a ci environment maybe?

Closing for now. But as mentioned above, happy to review PR for improving status quo.

@abn abn closed this as completed May 19, 2022
@abn abn added area/repo Meta-issues for the repository/forge itself Cache and removed kind/bug Something isn't working as expected status/triage This issue needs to be triaged labels May 19, 2022
@huonw
Copy link
Author

huonw commented May 19, 2022

Makes sense, and no worries about the difficulties solving this.

Unfortunately we cannot do poetry lock --no-update with or without --no-cache, and then check for any changes in CI. We find some of our deps are updated anyway: #3739 (I'll put more details into that issue).

Copy link

github-actions bot commented Mar 2, 2024

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
area/repo Meta-issues for the repository/forge itself
Projects
None yet
Development

No branches or pull requests

3 participants