Closed cburroughs closed 9 months ago
@cburroughs I won't have time to work on this until tomorrow afternoon. The verified flag indicates whether the artifact hash has been calculated by Pex itself (verified=True
), or taken as given (verified=False
); i.e.: taken from a PyPI index artifact URL or JSON API metadata.
Noting this fixes:
$ git diff
diff --git a/pex/resolve/locked_resolve.py b/pex/resolve/locked_resolve.py
index 241cb837..c4421063 100644
--- a/pex/resolve/locked_resolve.py
+++ b/pex/resolve/locked_resolve.py
@@ -148,7 +148,7 @@ class Artifact(object):
url = attr.ib() # type: str
fingerprint = attr.ib() # type: Fingerprint
- verified = attr.ib() # type: bool
+ verified = attr.ib(eq=False) # type: bool
def __lt__(self, other):
# type: (Any) -> bool
An integration test is needed to prevent backslide though as well as a note explaining why this is right to ignore in __eq__
.
@cburroughs thanks for using the lock update feature and the bug report. the fix for this is now released in Pex 2.1.157: https://github.com/pantsbuild/pex/releases/tag/v2.1.157
Thanks for the quick fix!
To get some more details with
PEX_VERBOSE=10
:With some dinosaur
print
debugging:Which I believe simplifies to:
Which I think shows why the assertion was triggered, but I still don't see what about this package is tickling the
verified
main
avro==1.11.3
instead ofacryl-datahub==0.12.0.5
in the originalcreate
also fails in the same way.