Poetry looking for `traitlets 5.2.2.post0` - Githubissues

python-poetry / poetry

Python packaging and dependency management made easy

https://python-poetry.org

MIT License

31.82k stars 2.28k forks source link

Poetry looking for `traitlets 5.2.2.post0` #6826

Closed neersighted closed 2 years ago

neersighted commented 2 years ago

Discussed in https://github.com/orgs/python-poetry/discussions/6825

^{Originally posted by **adam-grant-hendry** October 17, 2022} [`commitizen`](https://commitizen-tools.github.io/commitizen/) is encountering [a strange issue in its CI workflows](https://github.com/commitizen-tools/commitizen/actions/runs/3266510247/jobs/5370341870) that `poetry` cannot find a nonexistent package: ``` Package traitlets (5.2.2.post0) not found ``` `traitlets` went from `5.2.2` -> `5.2.2.post1`, but never released a `post0` (nor was a `post0` ever yanked). See the [PyPI history](https://pypi.org/project/traitlets/#history). The workflow doesn't cache virtual environments, so there is no cache to manually clear on GitHub. Has anyone experienced a similar issue? Is the dependency resolver expriencing an issue here because `traitlets` uses an extra `post` identifier in its versions and `poetry` is assuming there should be a `post0`...? Any help is welcome and would be appreciated! Thank you!

neersighted commented 2 years ago

PTAL @radoering @dimbleby

dimbleby commented 2 years ago

$ curl -s https://pypi.org/simple/traitlets/ | grep 5.2.2.post0
    <a href="https://files.pythonhosted.org/packages/30/b6/43f78c203f11e7ce353ca7ca326332f8c020863b7904cc8aedea5a415f90/traitlets-5.2.2.post0-py3-none-any.whl#sha256=7109d1daa09aaf3aefd823eadde1d81508d039c74d9bed6b1812c58bea0cfe20" data-requires-python="&gt;=3.7" >traitlets-5.2.2.post0-py3-none-any.whl</a><br />

ie pypi reports that it exists...

dimbleby commented 2 years ago

which is to say that I think you'll want to report this as a pypi bug

adam-grant-hendry commented 2 years ago

Updating with pertinent info from the Reporting bugs guidelines

Poetry version: 1.2.2
Python version: 3.6 - 3.10
- Issue is occuring on commitizen GitHub Actions CI workflow pythonpackage.yml
OS version and name: ubuntu-latest, macos-latest, windows-latest
- To date, the correspond to:
- Windows Server 2022
- Ubuntu 20.04
- macOS Big Sur 11
pyproject.toml:

pyproject.toml

```toml [tool.commitizen] version = "2.35.0" tag_format = "v$version" version_files = [ "pyproject.toml:version", "commitizen/__version__.py", ".pre-commit-config.yaml:rev:.+Commitizen" ] [tool.black] line-length = 88 include = '\.pyi?$' exclude = ''' /( \.git | \.hg | \.mypy_cache | \.tox | \.venv | _build | buck-out | build | dist # The following are specific to Black, you probably don't want those. | blib2to3 | tests/data | profiling )/ ''' [tool.poetry] name = "commitizen" version = "2.35.0" description = "Python commitizen client tool" authors = ["Santiago Fraire "] license = "MIT" keywords = ["commitizen", "conventional", "commits", "git"] readme = "docs/README.md" homepage = "https://github.com/commitizen-tools/commitizen" # See also: https://pypi.org/classifiers/ classifiers = [ "Development Status :: 5 - Production/Stable", "Environment :: Console", "Intended Audience :: Developers", "License :: OSI Approved :: MIT License", "Natural Language :: English", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", "Programming Language :: Python :: 3.10", "Programming Language :: Python :: Implementation :: CPython", ] [tool.poetry.dependencies] python = "^3.6.2" questionary = "^1.4.0" decli = "^0.5.2" colorama = "^0.4.1" termcolor = [ { "version" = "^1.1", python = "< 3.7" }, { "version" = ">= 1.1, < 3", python = ">= 3.7" }, ] packaging = ">=19,<22" tomlkit = ">=0.5.3,<1.0.0" jinja2 = ">=2.10.3" pyyaml = ">=3.08" argcomplete = ">=1.12.1,<2.1" typing-extensions = "^4.0.1" charset-normalizer = "^2.1.0" [tool.poetry.dev-dependencies] ipython = "^7.2" # test pytest = "^7.0.0" pytest-cov = "^2.6" pytest-mock = "^2.0" codecov = "^2.0" freezegun = "^0.3.15" pytest-regressions = "^2.2.0" pytest-freezegun = "^0.4.2" # code formatter black = "^21.12b0" isort = "^5.7.0" # linter flake8 = "^3.6" pre-commit = "^2.6.0" mypy = "^0.931" types-PyYAML = "^5.4.3" types-termcolor = "^0.1.1" # documentation mkdocs = "^1.0" mkdocs-material = "^4.1" pydocstyle = "^5.0.2" pytest-xdist = "^2.5.0" [tool.poetry.scripts] cz = "commitizen.cli:main" git-cz = "commitizen.cli:main" [tool.isort] profile = "black" known_first_party = ["commitizen", "tests"] [tool.coverage] [tool.coverage.report] show_missing = true exclude_lines = [ # Have to re-enable the standard pragma 'pragma: no cover', # Don't complain about missing debug-only code: 'def __repr__', 'if self\.debug', # Don't complain if tests don't hit defensive assertion code: 'raise AssertionError', 'raise NotImplementedError', # Don't complain if non-runnable code isn't run: 'if 0:', 'if __name__ == .__main__.:' ] omit = [ 'env/*', 'venv/*', '*/virtualenv/*', '*/virtualenvs/*', '*/tests/*' ] [build-system] requires = ["poetry_core>=1.0.0"] build-backend = "poetry.core.masonry.api" ```

adam-grant-hendry commented 2 years ago

ie pypi reports that it exists...

@dimbleby Interesting. Linking traitlets Issue #729 in case there is some overlap.

adam-grant-hendry commented 2 years ago

@dimbleby Why is poetry attempting to resolve 5.2.2.post0 when the latest release is 5.4.0?

adam-grant-hendry commented 2 years ago

Until PyPI responds back, are there any quick/temporary fixes to this issue?

neersighted commented 2 years ago

Presumably traitlets is a transient dependency. Add an explicit dependency on the version you want to force.

I suspect that the authors of traitlets did some slightly risky stuff (like deleting a release immediately after upload) and are running into a variant of https://github.com/pypi/warehouse/issues/12214.

adam-grant-hendry commented 2 years ago

Presumably traitlets is a transient dependency.

Yes, you are correct. commitizen depends on ipython, which depends on traitlets.

Add an explicit dependency on the version you want to force.

Good point, that would be the "quick" fix.

I suspect that the authors of traitlets did some slightly risky stuff (like deleting a release immediately after upload) and are running into a variant of pypi/warehouse#12214.

Interesting, thanks for this! I'll take a look to understand more.

neersighted commented 2 years ago

This turned out to be an upload with mismatched metadata and filenames. It was resolved through a yank.

github-actions[bot] commented 8 months ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.