rough-vase-83553
10/17/2022, 7:58 PMpython_requirement
. We have some requirements on boto===2.49.0a1
. I believe this is an internal boto fork that only exists in our private artifactory. However, lockfile generation turns this into boto===2.49a1
which then fails all the python_requirement
constraints. Changing the lockfile manually to boto===2.49.0a1
doesn't fix it either. Is the version number ill-formed or something?hundreds-father-404
10/17/2022, 8:00 PMrough-vase-83553
10/17/2022, 8:00 PMrough-vase-83553
10/17/2022, 10:03 PMrough-vase-83553
10/17/2022, 10:53 PM/Users/navneeth.jayendran/.pyenv/versions/3.7.13/bin/python3.7 .pex --tmpdir .tmp --jobs 2 --python-path $'/Users/navneeth.jayendran/.pyenv/versions/2.7.14/bin:/Users/navneeth.jayendran/.pyenv/versions/3.7.13/bin' --output-file requirements.pex --no-emit-warnings --manylinux manylinux2014 --python /Users/navneeth.jayendran/.pyenv/versions/3.7.13/bin/python3.7 $'--sources-directory=source_files' $'boto3>1.17.0' --layout packed
but using a built-from source Pex or somethingrough-vase-83553
10/18/2022, 4:52 PMpex --lock mylockfile
. I've noticed that the normalization that PEX gives seems to be the root cause.
LockedRequirement(pin=Pin(project_name=ProjectName(raw='boto', normalized='boto'), version=Version(raw='2.49.0a1', normalized='2.49a1')), ...
rough-vase-83553
10/18/2022, 5:18 PMrough-vase-83553
10/18/2022, 5:19 PMrough-vase-83553
10/18/2022, 5:37 PMenough-analyst-54434
10/18/2022, 7:16 PM$ pex3 lock create --style universal --resolver-version pip-2020-resolver pantsbuild.pants==2.14.0a0 --indent 2 -o lock.json --interpreter-constraint "CPython>=3.7,<3.10" --target-system linux --target-system mac
$ jq .requirements lock.json
[
"pantsbuild.pants==2.14.0a0"
]
$ jq -r '.locked_resolves[] | .locked_requirements[] | select(.project_name == "pantsbuild-pants") | .version' lock.json
2.14a0
Lock consumption works wether via implicit (resolve the whole lock) or explicit with version normalized or not:
$ pex --lock lock.json -ofull.pex --interpreter-constraint "CPython>=3.7,<3.10"
$ pex --lock lock.json pantsbuild.pants==2.14.0a0 -oexplicit-root-req.pex --interpreter-constraint "CPython>=3.7,<3.10"
$ pex --lock lock.json pantsbuild.pants==2.14a0 -oexplicit-root-req-normalized.pex --interpreter-constraint "CPython>=3.7,<3.10"
$ ls -lrt *.pex
-rwxr-xr-x 1 jsirois jsirois 158380109 Oct 18 11:53 full.pex
-rwxr-xr-x 1 jsirois jsirois 158380109 Oct 18 11:54 explicit-root-req.pex
-rwxr-xr-x 1 jsirois jsirois 158380107 Oct 18 11:55 explicit-root-req-normalized.pex
$ diff -u <(pex-tools full.pex info -i2) <(pex-tools explicit-root-req.pex info -i2)
$ diff -u <(pex-tools explicit-root-req-normalized.pex info -i2) <(pex-tools explicit-root-req.pex info -i2)
--- /dev/fd/63 2022-10-18 12:06:41.181807816 -0700
+++ /dev/fd/62 2022-10-18 12:06:41.181807816 -0700
@@ -52,11 +52,11 @@
"interpreter_constraints": [
"CPython<3.10,>=3.7"
],
- "pex_hash": "d2bcc8934d8b8eb3659333598c2878b1ad2ee50a",
+ "pex_hash": "66738a3a3a993b8c5165248e2017c8876d5dff93",
"pex_path": "",
"pex_paths": [],
"requirements": [
- "pantsbuild.pants==2.14a0"
+ "pantsbuild.pants==2.14.0a0"
],
"strip_pex_env": true,
"venv": false,
$ ./full.pex -c 'import pants.version; print(pants.version.__file__)'
/home/jsirois/.pex/installed_wheels/7bd29822f3c7d8ef101cf687dd4bee6afed808fb143fd1b15dabb8c428a50e75/pantsbuild.pants-2.14.0a0-cp37-cp37m-manylinux2014_x86_64.whl/pants/version.py
$ ./explicit-root-req.pex -c 'import pants.version; print(pants.version.__file__)'
/home/jsirois/.pex/installed_wheels/7bd29822f3c7d8ef101cf687dd4bee6afed808fb143fd1b15dabb8c428a50e75/pantsbuild.pants-2.14.0a0-cp37-cp37m-manylinux2014_x86_64.whl/pants/version.py
$ ./explicit-root-req-normalized.pex -c 'import pants.version; print(pants.version.__file__)'
/home/jsirois/.pex/installed_wheels/7bd29822f3c7d8ef101cf687dd4bee6afed808fb143fd1b15dabb8c428a50e75/pantsbuild.pants-2.14.0a0-cp37-cp37m-manylinux2014_x86_64.whl/pants/version.py
As such, I think you should file a Pants bug here. Clearly it does not handle normalized versions (https://peps.python.org/pep-0440/#normalization) / use packaging in all the right places to handle this normalization.rough-vase-83553
10/18/2022, 7:47 PMrough-vase-83553
10/18/2022, 7:49 PMspecifier.contains("2.49a1")
fails when the specifier is <SpecifierSet('===2.49.0a1')>
rough-vase-83553
10/18/2022, 7:50 PMstr(version)
does generate the normalized form, which is "2.49a1"enough-analyst-54434
10/18/2022, 7:51 PMrough-vase-83553
10/18/2022, 7:52 PMenough-analyst-54434
10/18/2022, 7:53 PMenough-analyst-54434
10/18/2022, 7:54 PMenough-analyst-54434
10/18/2022, 7:56 PM===
vs ==
? That has a very specific meaning which is - do not normalize - use literally!enough-analyst-54434
10/18/2022, 7:56 PMrough-vase-83553
10/18/2022, 7:58 PMrough-vase-83553
10/18/2022, 7:58 PMenough-analyst-54434
10/18/2022, 7:58 PMenough-analyst-54434
10/18/2022, 7:59 PMrough-vase-83553
10/18/2022, 7:59 PMrough-vase-83553
10/18/2022, 8:00 PMenough-analyst-54434
10/18/2022, 8:00 PMrough-vase-83553
10/18/2022, 8:01 PMenough-analyst-54434
10/18/2022, 8:04 PMenough-analyst-54434
10/18/2022, 8:06 PM==
is just as exact as ===
, its just that you can't spell some exact versions with ==
because they are illegal. For those, and only those, you must use ===
if the tool supports it, which, as the PEP notes, it heavily discourages.rough-vase-83553
10/18/2022, 8:07 PMenough-analyst-54434
10/18/2022, 8:08 PMrough-vase-83553
10/18/2022, 8:10 PM==
fix worksrough-vase-83553
10/18/2022, 8:30 PMenough-analyst-54434
10/18/2022, 8:30 PMenough-analyst-54434
10/18/2022, 10:08 PMrough-vase-83553
10/19/2022, 12:40 AM==
works nicely enough for now. We're still deep in exploration / POC, so nothing urgent.