PMXBOT Log file Viewer

Help | Karma | Search:

#pypa logs for Wednesday the 17th of December, 2014

(Back to #pypa overview) (Back to channel listing) (Animate logs)
[00:19:01] <tdsmith> dstufft: say, are you expecting a distlib release in time for pip 6?
[00:19:23] <dstufft> tdsmith: No idea, I haven't seen vinay around for awhile
[00:19:32] <dstufft> tdsmith: is there a distlib fix you're looking for?
[00:20:00] <tdsmith> yeah, it'd be nice to see https://bitbucket.org/vinay.sajip/distlib/commits/21824b1e4d81f22bc4208d9839884eb8ca3d2ee0 land
[00:20:00] <dstufft> tdsmith: btw, the --isolated flag in pip 6 includes isolation from ~/.pydistutils.cfg now
[00:20:13] <tdsmith> nice
[00:20:37] <tdsmith> hmmm
[00:20:49] <tdsmith> that commit does not seem to be related to that commit message
[00:21:04] <tdsmith> ugh clicked the wrong link
[00:21:19] <tdsmith> this one, sorry, bitbucket is hard: https://bitbucket.org/vinay.sajip/distlib/commits/b916ab6b9b3760096fc8a04808938f5dde089f6c
[00:36:37] <dstufft> tdsmith: I sent an email to vinay, is there a pip issue for this yet?
[00:47:13] <tdsmith> somewhere, let me find it
[00:47:39] <dstufft> I'll chuck it in the 6.0 milestone
[00:47:55] <tdsmith> it was discussed here: https://github.com/pypa/pip/issues/2031
[00:48:20] <dstufft> at the least I can see a way to work around it now that vinay has indicated that just using sys.executable is ok
[00:48:48] <tdsmith> yay, thanks
[01:01:50] <dstufft> tdsmith: do you know if those are the only issues effecting homebrew currently?
[01:02:23] <tdsmith> yep, as far as i've heard
[09:32:26] <flox> it's weird ... https://status.python.org/ says it's ok but https://pypi.python.org/pypi is broken
[09:33:27] <flox> I guess I have problem with my cookies ... if I am not logged-in, it works
[09:35:10] <flox> I confirm that the issue happen just after login to PyPI :(
[09:58:58] <mgedmin> flox, yeah, I get that too
[10:12:11] <flox> mgedmin: good, I am not alone :) the admins are probably sleeping
[10:12:57] <mgedmin> https://mail.python.org/pipermail/distutils-sig/2014-December/025370.html
[10:17:30] <flox> it was 2 days ago ?
[10:18:06] <flox> it seems it's not exactly the same today https://bitbucket.org/pypa/pypi/issue/217/upload-failed-500-internal-server-error
[10:18:10] <mgedmin> it's a recurring error
[10:18:23] <mgedmin> I think there's a server-side session timeout or something? I dunno
[10:18:41] <mgedmin> I log in, pypi works for a while (about a week) and then I start getting 503 errors until I clear the cookie
[10:18:46] <flox> I don't have the Guru meditation, and I don't have the "no-bug" period, even if I clear cookies
[10:18:59] <mgedmin> hm, then maybe your problem is different
[10:19:28] <mgedmin> oh, right! a "Something went wrong" page as soon as I tried to log in
[10:19:35] <mgedmin> yeah, it's a different bug
[10:28:52] <asbjornenge> hi there :-) recently started using dependency_links quite heavily to list private packages (git+ssh) as dependencies... but using the pip v1.5.6 warns me that the --process-dependency-links flag will be deprecated for pip 1.6 ?? Is there an alternative path for me to list private (git+ssh) dependencies?
[10:29:34] <doismellburning> asbjornenge: what's your usage context? (i.e. can you just run a private pypi)
[10:30:34] <ghickman> asbjornenge: I believe that deprecation is not going to be continuted due to folks using dependency_links in the way you are
[10:30:56] <asbjornenge> ghickman: good to hear!
[10:31:12] <asbjornenge> doismellburning: that is of course an alternative, but yet another thing for me to host :-P
[10:31:26] <asbjornenge> doismellburning: are there any good docs on doing it? perhaps even a docker image? :-P
[10:31:26] <ghickman> I'm afraid I don't have the issue to hand but if you can find it there's a discussion on keeping it in there
[10:31:37] <asbjornenge> ghickman: thanks!
[10:31:58] <asbjornenge> I'll look around...
[10:32:43] <ghickman> an apache/nginx setup serving the correct directory structure is the bare minimum you need
[10:33:30] <doismellburning> I had a puppet module for devpi somewhere
[10:33:36] <mgedmin> asbjornenge, I think the recommended way is to put a --find-links in your requirements.txt (or buildout.cfg, depending on what you use), instead of specifying dependency_links in individual setup.py
[10:39:15] <asbjornenge> mgedmin: will a find-links "index" allow git+ssh paths/links?
[10:39:59] <asbjornenge> I might misunderstand how find-links work...
[10:40:11] <mgedmin> I've no idea, I always used https://... pointing to an apache mod_autoindex page OR local directory paths
[10:40:32] <doismellburning> am I alone/weird in just using install_requires?
[10:40:45] <mgedmin> I've never used dependency_links, but I think it's the same kind of thing as --find-links so you should be able to use the same values
[10:41:30] <mgedmin> doismellburning, when you get burned by upstreams breaking backward compat ALL THE TIME you'll maybe start pinning versions in requirements.txt/buildout.cfg too :)
[10:42:01] <mgedmin> version pins in install_requires are basically evil
[10:42:09] <doismellburning> mgedmin: why basically evil?
[10:42:12] <mgedmin> (well, > or < constraints might be fine, == -> never!)
[10:42:35] <doismellburning> mgedmin: (are you treating "apps" and "libraries" as the same? because ew)
[10:42:48] <asbjornenge> doismellburning: I use install_requires too, but I can't add git+ssh uri's there... so I have "package==version" in install_requires and the I have to add the package uri to dependency_links in order for pip to find and install it...
[10:42:50] <mgedmin> because you have a package Y that depends on X == 1.2, and then X 1.2.1 comes out with an important bugfix, and I can't use X 1.2.1 with Y! even though it works! now I have to release a new version of Y just to change a version pin!
[10:42:52] <mgedmin> that's evil
[10:43:01] <doismellburning> mgedmin: that would be a "yes" then?
[10:43:18] <mgedmin> no, apps != libraries
[10:43:21] <doismellburning> asbjornenge: well yes, I guess my point would be "having a package depend on git+ssh stuff is ew
[10:43:50] <asbjornenge> doismellburning: I kind of agree, but is working fine atm :-P hosting my own pypi os also ew :-P
[10:43:57] <asbjornenge> is
[10:43:58] <mgedmin> I usually don't pin versions at all for libraries
[10:44:01] <doismellburning> asbjornenge: lots of things "work fine"
[10:44:13] <asbjornenge> work great then :-P I'm happy with it!
[10:44:34] <mgedmin> hm pinning versions in an app's setup.py is maybe not as bad, but still weird and I don't see why I'd do that...
[10:45:18] <flox> I pin versions, for my production servers, and use the same versions in my development environment
[10:45:27] <flox> it's more predictable for large apps ..
[10:45:31] <asbjornenge> okthen... I'll keep going as I am and see what happends to the flag. If it gets removed I guess I have to host my own pypi / webserver with all my deps or whatevah :-P thanks all for you help!! :-D
[10:46:10] <flox> then I run a continuous integration ( Buildbot ) without "pins" in order to detect bugs early
[10:46:30] <flox> and to upgrade the dependencies every 2 months for example
[10:47:47] <doismellburning> one day I'll sit down and write something that does the full combinatorial explosion
[10:49:36] <ghickman> asbjornenge: when you do have a look at running your own pypi check out devpi - that makes the experience very easy
[10:49:39] <flox> mgedmin: I am quite satisfied with this setup, we are up-to-date and we lower the risk of unpredictable regressions
[10:49:56] <doismellburning> I pin versions for apps; I do very little for libraries
[10:50:03] <mgedmin> a combinatorial explosion of jenkins jobs :/
[10:51:09] <doismellburning> mgedmin: yes, but I figure if you push a package with dependency ranges, thats what you've said you support, so you should actually test it
[10:51:33] <flox> I use zc.buildout for pinning version ... works good, and really convenient to inherit your configuration from multiple "*.cfg"
[12:03:55] <dstufft> https://status.python.org/incidents/y6rzslbfvqn9
[12:13:32] <flox> thanks
[12:13:57] <dstufft> I just woke up and our monitoring doesn't check for writing to the DB yet
[13:45:45] <mgedmin> oh look, a full disk again :)
[13:46:13] <mgedmin> last time this happened I recommended nagios or a simple cron script like https://github.com/ProgrammersOfVilnius/pov-check-health
[16:33:59] <tomprince> asbjornenge: All you need is a static directory full of files.
[16:39:06] <mgedmin> any idea why https://pypi.python.org/pypi/pep257 shows raw ReST source?
[16:39:14] <mgedmin> restview's --pypi-strict mode can't find any errors :/
[19:31:12] <flox> mgedmin: maybe they use an archaic version of docutils
[19:31:37] <flox> mgedmin: for example, the .. code:: directive is supported since 0.9, August 2012
[19:34:53] <flox> mgedmin: the new PyPI parses it correctly https://warehouse.python.org/project/pep257/
[20:05:24] <dstufft> tdsmith: https://github.com/pypa/pip/pull/2214
[20:06:57] <tdsmith> nice; thanks!
[22:17:27] <tdsmith> hey dstufft, know anything about this offhand? https://github.com/Homebrew/homebrew/issues/35052
[22:17:47] <dstufft> yea
[22:17:49] <dstufft> it's a pip bug
[22:17:52] <dstufft> fixed in 6
[22:18:26] <dstufft> https://github.com/pypa/pip/issues/1350
[22:19:02] <tdsmith> awesome, thanks