-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filter available distributions using hash declarations from constraints files #10962
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome, thanks a lot !
This comment was marked as outdated.
This comment was marked as outdated.
Hmm, tests are failing. Does this break existing code…? It seems like the current hash (and specifier) forwarding logic is not good enough. Maybe we need to somehow merge the values, instead of simply replacing? |
Yes, it should somehow merge values or check if they are not None. |
@uranusjr fixed. What about #10625 (comment)
|
You can also fix that in this PR if you want to (just use your |
Thanks @q0w! ^>^ |
when running with pip 0c28452 I still get:
even though I have 3524739d76b6b3ed1132422bf9d82123cd1705086723bc3e235ca39fd21c667d in my requirements.txt |
@graingert I tried your setup project with pip install git+https://github.com/pypa/pip.git@main
pip install -c requirements.txt black |
thanks for looking into this, I'm sorry for the noise on this PR as looking into this further it seems to happen on both the legacy and regular resolver and so unrelated to this PR - I just happened to be using an alpha build of python to try out your new fix! when I run with the legacy resolver I get: $ pip install --use-deprecated=legacy-resolver -c requirements.txt black
Ignoring black: markers 'python_full_version >= "3.6.2"' don't match your environment
Ignoring click: markers 'python_version >= "3.6" and python_full_version >= "3.6.2"' don't match your environment
Ignoring colorama: markers 'python_version >= "3.6" and python_full_version >= "3.6.2" and platform_system == "Windows"' don't match your environment
Ignoring mypy-extensions: markers 'python_full_version >= "3.6.2"' don't match your environment
Ignoring pathspec: markers 'python_full_version >= "3.6.2"' don't match your environment
Ignoring platformdirs: markers 'python_version >= "3.7" and python_full_version >= "3.6.2"' don't match your environment
Ignoring tomli: markers 'python_version >= "3.7" and python_full_version >= "3.6.2"' don't match your environment
Collecting black
ERROR: In --require-hashes mode, all requirements must have their versions pinned with ==. These do not:
black from https://files.pythonhosted.org/packages/a5/59/bd6d44da2b364fd2bd7a0b2ce2edfe200b79faad1cde14ce5ef13d504393/black-22.1.0-py3-none-any.whl#sha256=3524739d76b6b3ed1132422bf9d82123cd1705086723bc3e235ca39fd21c667d which is related to how the markers are evaluated:
|
As far as I understand, this introduced a regression, see #11019. |
Closes #9243
is_pinned
implementation is fixed according to #10625 (comment).