Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

repository/legacy: calculate sha256 if unavailable #2958

Merged
merged 1 commit into from
Mar 22, 2021
Merged

repository/legacy: calculate sha256 if unavailable #2958

merged 1 commit into from
Mar 22, 2021

Conversation

abn
Copy link
Member

@abn abn commented Sep 25, 2020

In some cases, legacy repositories might not provide a checksum as a
url fragment or use a deprecated algorithm. In these scenarios, this
change ensures that poetry downloads and calculates the sha256 checksum
for the file.

Resolves: #1631 #1553

@abn abn requested a review from a team September 25, 2020 00:21
@abn abn marked this pull request as ready for review September 25, 2020 13:51
@aidan-melen
Copy link

Hey @abn, when is this slotted to be released? Is there a beta with this functionality that I can test with?

@aidan-melen
Copy link

nvm. i just did pipx install git+http://github.com/abn/poetry.git@issue/1631

@abn
Copy link
Member Author

abn commented Nov 19, 2020

No fixed plans; the release after when this is reviewed as this is not in the roadmap explicitly.

@abn
Copy link
Member Author

abn commented Nov 19, 2020

@finswimmer can you take a peek at this?

@abn
repository/legacy: calculate sha256 if unavailable
cd47280 
In some cases, legacy repositories might not provide a checksum as a
url fragment or use a deprecated algorithm. In these scenarios, this
change ensures that poetry downloads and calculates the sha256 checksum
for the file.

Resolves: python-poetry#1631 python-poetry#1553
@kasteph kasteph merged commit 3b340b2 into python-poetry:master Mar 22, 2021
@abn abn deleted the issue/1631 branch March 22, 2021 10:00
@abn abn mentioned this pull request Mar 22, 2021
Closed
3 tasks
@paulmelnikow paulmelnikow mentioned this pull request Jul 8, 2021
Closed
3 tasks
@paulmelnikow
Copy link

Hi! Is it possible this change could have caused a regression when installing from legacy repositories which return md5 checksums? #4085 (comment)

@ITProKyle ITProKyle mentioned this pull request Mar 17, 2022
Closed
2 tasks
@radoering radoering mentioned this pull request Jun 23, 2023
Closed
3 tasks
@github-actions GitHub Actions
Copy link

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kasteph kasteph kasteph approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Private repository dependency isn't exported with sha256 hash
4 participants
@abn @aidan-melen @paulmelnikow @kasteph