Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Package update not found when name contains . #15782

Closed
wwuck opened this issue May 30, 2022 · 3 comments · Fixed by #15867
Closed

Package update not found when name contains . #15782

wwuck opened this issue May 30, 2022 · 3 comments · Fixed by #15867
Labels
datasource:pypi priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality

Comments

@wwuck
Copy link
Contributor

wwuck commented May 30, 2022
edited
Loading

How are you running Renovate?

Self-hosted

If you're self-hosting Renovate, tell us what version of Renovate you run.

renovate/renovate:32.68.1-slim

Please select which platform you are using if self-hosting.

Bitbucket Server

If you're self-hosting Renovate, tell us what version of the platform you run.

7.21.1

Was this something which used to work for you, and then stopped?

I never saw this working

Describe the bug

Renovate is not finding any python package updates where the package name contains . but the wheel .whl filename has the . replaced with _.

The relevant spec: https://packaging.python.org/specifications/binary-distribution-format/#escaping-and-unicode

I have a python PEP420 namespace package with the name testing.test-namespace-package and I can upload it successfully to our internal private Nexus repository.

If I follow the URL that renovate is looking at on our Nexus instance, I get these filenames:

testing_test_namespace_package-1.0.0-py3-none-any.whl
testing_test_namespace_package-1.0.1-py3-none-any.whl
testing_test_namespace_package-1.0.2-py3-none-any.whl
testing_test_namespace_package-1.0.3-py3-none-any.whl

Looking at

renovate/lib/modules/datasource/pypi/index.ts

Line 170 in 13d0255

private static extractVersionFromLinkText(
it seems like extractVersionFromLinkText is correctly replacing - with _ but is not replacing the . with _ in the filename as per the packaging spec.

Reproduction repository: https://github.com/wwuck/renovate-pep420-namespace-package
This repository is an example PEP420 namespace package that contains . in the package name but when built into a .whl file the . are replaced with _ in the filename.

There is currently a bug on pypi.org warehouse software that prevents uploading of packages in this format, but we are using them successfully with our internal private Nexus repository, so I can't link to any test package on https://test.pypi.org for this bug.

pypi/warehouse#10072
pypa/flit#442
pypa/flit#473

Relevant debug logs

Logs 
DEBUG: Found no results from datasource that look like a version (repository=RT/test-renovate-bug, dependency=testing.test-namespace-package)
       "result": {"releases": [], "isPrivate": true}

...

DEBUG: packageFiles with updates (repository=RT/test-renovate-bug)
       "config": {
         "pip_requirements": [
           {
             "packageFile": "requirements-dev.txt",
             "deps": [
               {
                 "depName": "testing.test-namespace-package",
                 "currentValue": "==1.0.0",
                 "datasource": "pypi",
                 "currentVersion": "1.0.0",
                 "depIndex": 0,
                 "updates": [],
                 "warnings": [],
                 "versioning": "pep440"
               }
             ],
             "registryUrls": ["https://nexus.example.com/repository/pypi-group/simple"]
           }
         ]
       }

Have you created a minimal reproduction repository?

I have linked to a minimal reproduction repository in the bug description
@wwuck wwuck added priority-5-triage status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality labels May 30, 2022
@Gabriel-Ladzaretti Gabriel-Ladzaretti added reproduction:provided priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others and removed priority-5-triage labels May 30, 2022
@Gabriel-Ladzaretti Gabriel-Ladzaretti added versioning:pep440 PEP440 versioning scheme and removed versioning:pep440 PEP440 versioning scheme labels May 30, 2022
@wwuck
Copy link
Contributor Author

wwuck commented Jun 2, 2022

There are some packages on pypi.org that still have . in the package name section of the filename, such as https://pypi.org/project/backend.ai/#files, so the current check for wheelPrefix will need to handle all cases of substituting or not substituting ..

From the spec linked above:

Tools consuming wheels must be prepared to accept . (FULL STOP) and uppercase letters, however, as these were allowed by an earlier version of this specification.

@wwuck
Copy link
Contributor Author

wwuck commented Jun 2, 2022

Would it be better to change the check to a regex, or to compare against two different wheelPrefix values (eg. (wheelText.startsWith(wheelPrefixDot) || wheelText.startsWith(wheelPrefixNoDot)))?

The check against two different prefix values seems simpler to me, if I'm not missing any special cases?

I can attempt a PR on this if you think that is a good way to go.

wwuck added a commit to wwuck/renovate that referenced this issue Jun 3, 2022
@wwuck
fix(pypi): package name with periods
20404e5 
detect when a period in the package name has been replaced with underscore in
the wheel filename, following the packaging spec

fixes: renovatebot#15782
@wwuck wwuck mentioned this issue Jun 3, 2022
Merged
6 tasks
viceice added a commit to wwuck/renovate that referenced this issue Jun 18, 2022
@viceice
Merge branch 'main' into feature/renovatebotGH-15782
10d403c
@renovate-release
Copy link
Collaborator

🎉 This issue has been resolved in version 32.89.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 19, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
datasource:pypi priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(pypi): package name with periods wwuck/renovate
4 participants
@wwuck @HonkingGoose @renovate-release @Gabriel-Ladzaretti