pmxbot IRC Log Viewer

[14:59:41] <sumanah> Thanks jaraco

[14:59:52] <jaraco> Perhaps relevant - https://superuser.com/a/187790

[15:00:42] <mgedmin> ooh, IdentitiesOnly yes, didn't know about that one!

[15:01:20] <sumanah> jaraco: I added the IdentitiesOnly option and now it's asking for "sumanah@kafka.dcpython.org's password: "

[15:01:26] <jaraco> :/

[15:02:12] <sumanah> jaraco: (this had happened on earlier iterations and I thought it was my fault but on second thought I think there's something in the config on the server end that needs tweaking?)

[15:03:10] <ngoldbaum> the switchover hapenned!

[15:03:12] <ngoldbaum> congrats :)

[15:03:26] <ngoldbaum> long live pypi.org :)

[15:05:17] <jaraco> !m sumanah

[15:05:17] <pmxbot> you're doing good work, sumanah!

[15:05:33] <jaraco> I still don’t see anything in the logs explaining why you can’t authenticate to the server.

[15:10:29] <sumanah> jaraco: HUH. I think there might be something you should turn off in sshd config saying "Password auth no"?

[15:12:08] <jaraco> Well, maybe, but that should happen after public key… and no accounts have passwords, so allowing passwords makes for a nice honeypot for would-be attackers.

[15:12:26] <jaraco> What do you get sumanah for `ssh -vvv`

[15:12:49] <jaraco> I’ve added my public key to your account and I can’t authenticate either, so I think I can use that to troublehsoot.

[15:14:39] <jaraco> Okay, figured it out. perms were too restrictive on ~sumanah/.ssh

[15:14:46] <sumanah> OH

[15:14:47] <jaraco> Changed to 755 and all’s well.

[15:14:54] <sumanah> too restrictive on your end?

[15:15:02] <jaraco> On kafka, yes.

[15:15:04] <sumanah> I'm in!! thank you jaraco

[15:15:51] <sumanah> (is it weird that I'm glad that it was partly my fault (per my intuition) and partly not?)

[15:15:57] <tos9> Hm, I'm suddenly getting TooManyRedirects errors anytime I try installing anything

[15:16:07] <sumanah> tos9: they're working on it, thanks for the report

[15:16:10] <tos9> Anything changed on the PyPI side in the past day

[15:16:14] <jaraco> not at all.

[15:16:20] <tos9> sumanah: Oh. K, thanks. Nevermind me then :)

[15:16:21] <sumanah> tos9: we're launching the new site :) right now

[15:16:30] <tos9> Ah.

[15:16:35] <tos9> Cool!

[15:16:40] <ngoldbaum> > Anything changed on the PyPI side in the past day, "yes, all of it" :)

[15:16:46] <sumanah> a reasonable question!

[15:17:22] <tos9> Hmmmm I wonder whether our prod env is blowing up, that's probably more useful than me annoying y'all

[15:17:30] <mgedmin> https://status.python.org/ tells people to join #pypi-dev on freenode, which is a channel I didn't know existed

[15:17:33] <mgedmin> and it seems strangely empty

[15:17:42] <mgedmin> typo?

[15:17:59] <sumanah> yes

[15:18:29] <mgedmin> good strategy to avoid users experiencing issues ;)

[15:18:38] <sumanah> no! not deliberate :\

[15:18:41] <di_codes> heh

[15:27:12] <bstempi> Is anyone else getting infinite redirects when trying to pull older aiohttp packages from PyPI? E.g.: https://files.pythonhosted.org/packages/a6/65/c161172c00f29a243ba6a745d7dcbf8b1193b005588f51b70d1be6fb666e/aiohttp-2.3.3.tar.gz#sha256=0a2e33e90560dacb819b095b9d9611597925d75d1b93dd9490055d3826d98a82

[15:27:18] <sumanah> Yes bstempi

[15:27:22] <sumanah> thanks for the report

[15:27:22] <sumanah> http://status.python.org/incidents/1y1f44q6srh2 you can subscribe to this incident to get an update when it's fixed

[15:27:32] <bstempi> Thank you!

[15:35:30] <Rotonen> i'm getting a 503 on https://files.pythonhosted.org/packages/03/d3/62bc2b6137fb3092d7743070bc11a57c2a012196ddea3d6a76e39f205d97/zc.buildout-2.11.3.tar.gz#sha256=f7fde2cde7b937f67e52a3e94b76f9294b73c1e9bb698430e96778f3f735544c - ideas; suggestions?

[15:35:42] <sumanah> Hi Rotonen

[15:36:11] <sumanah> I think we know about this -- http://status.python.org/incidents/1y1f44q6srh2 you can subscribe to this incident to get an update when it's fixed

[15:36:48] <Rotonen> by symptom sorta seems like some backend nodes are unhealthy, but the frontend does not aggressively stop diverting traffic to there

[15:36:55] <Rotonen> sumanah: thank you

[15:50:19] <bstempi> The fix is working for me, none of my packages (including the one I listed earlier) are misbehaving.

[15:50:33] <bstempi> Thank you guys for your hard work and your quick response!

[16:07:45] <bstempi_> !logs

[16:07:45] <pmxbot> http://kafka.dcpython.org/channel/pypa

[16:10:21] <scwizard> hey I'm trying to install dotenv and it seems to be failing, here's the log

[16:10:22] <scwizard> http://termbin.com/xhdh

[16:11:10] <scwizard> oh it's called python-dotenv

[16:11:23] <mgedmin> scwizard: it's probably https://status.python.org/incidents/1y1f44q6srh2

[16:11:55] <scwizard> i see thanks for the update

[16:12:27] <mgedmin> (perhaps the incident page should explicitly mention 503 errors as well?)

[16:13:39] <Rotonen> mgedmin: no matter how you plan that out, there is still going to be a segment of people whom hit here first before checking the status page or twitter or whatever

[16:14:15] <bstempi_> I'm guilty of that; I didn't realize there was a status page until coming here.

[16:14:28] <scwizard> well like, it doesn't occur to a lot of people that it could be on that end

[16:14:33] <scwizard> since ya'll pretty rarely have downtime

[16:14:36] <apollo13> yeah mentioning the 503 would help

[16:15:00] <apollo13> because everything else is listed, people might think the 503 is an extra "unknown" error

[16:15:49] <sumanah> apollo13: scwizard mgedmin: thanks, am suggesting that

[16:16:25] <chrisw> hey all, anyone else seeing 503's on travis trying to get files from pypi? https://travis-ci.org/cjw296/sybil/jobs/366923497

[16:16:38] <sumanah> Yes chrisw - thanks for the report

[16:16:43] <sumanah> http://status.python.org/incidents/1y1f44q6srh2 you can subscribe to this incident to get an update when it's fixed

[16:17:39] <chrisw> happy hunting!

[16:18:00] <Rotonen> also, as an extra layer of potential confusion, i think either my dns or content blocker are stripping out the subscription doohickey

[16:18:41] <Rotonen> and content blockers can be common amongst developers

[16:19:22] <sumanah> Rotonen: True! How does https://twitter.com/PythonStatus/ work for you?

[16:20:01] <apollo13> Rotonen: I use ublock and umatrix extensively and it is there ;)

[16:20:53] <Rotonen> then it might be http://someonewhocares.org/hosts/hosts

[16:21:47] <Rotonen> sumanah: what works the best is lurking here and seeing the hubbub ebb and flow

[16:22:12] <sumanah> Rotonen: understood :)

[16:23:10] <adourado> After the change from the old pypi to warehouse, is there any configuration needed to use the new server?

[16:23:24] <adourado> I'm not being able to install anything with pip since this morning =(

[16:23:26] <sumanah> adourado: here's the info: https://packaging.python.org/guides/migrating-to-pypi-org/

[16:23:38] <sumanah> adourado: sorry. we're working on it. https://packaging.python.org/guides/migrating-to-pypi-org/

[16:23:46] <sumanah> I mean, sorry, https://status.python.org/

[16:24:00] <sumanah> adourado: you can subscribe to https://status.python.org/incidents/1y1f44q6srh2 to get updates when it's fixed

[16:24:04] <mgedmin> adourado: when's morning for you? the pypi.org switchover started about an hour ago (and everything's a little bit on fire right now)

[16:24:37] <adourado> @mgedmin About 10 minutes ago, actually

[16:24:55] <adourado> @sumanah thanks for the status page =)

[16:25:16] <sumanah> adourado: https://pyfound.blogspot.com/2018/03/warehouse-all-new-pypi-is-now-in-beta.html has more info on what's new in the new PyPI

[16:25:32] <sumanah> so you can enjoy it later today -- maybe as soon as 20 min from now :)

[16:26:23] <bstempi_> It looks like package downloads are working again for me

[16:27:10] <sumanah> I haven't tried this, but -- "pip install --index-url https://legacy.pypi.org/pypi <package_name> should work temporarily" https://twitter.com/mjhoffman65/status/985908039415926786

[16:28:03] <mgedmin> there was one warehouse issue filed about a user getting the 503 error from files.pythonhosted.org while trying to use legacy.pypi.org as the index

[16:28:18] <scwizard> seems working for me too

[16:28:21] <mgedmin> (closed as duplicate of the others)

[16:28:34] <mgedmin> fwiw the status page says the issue is fixed

[16:28:37] <adourado> Also working for me, you guys are awesome =)

[16:28:40] <mgedmin> (posted 2 minutes ago)

[16:29:18] <mgedmin> well, if "stable place" means fixed

[16:29:27] <mgedmin> the icon is green again at least

[16:29:49] <mgedmin> I want to read the postmortem is there's one

[16:31:05] <ngoldbaum> it's a credit to pypi's reliability how much people complain and notice when it goes down :)

[16:32:04] <scwizard> well if it wasn't reliable it'd be sorta like

[16:32:10] <scwizard> everyone would recommend you host your own python package mirror

[16:32:22] <sumanah> https://pypi.org/help/#availability

[16:32:33] <scwizard> it's kinda best practice anyway but in practice most people don't

[16:33:01] <sumanah> chrisw: is Travis working again to get files from PyPI, now?

[16:35:59] <Rotonen> it's not *that* long ago ~every company ran a local pypi mirror / proxy

[16:36:32] <Rotonen> for a while now it's not been a bumpy ride, though

[16:36:45] <sumanah> tos9 bstempi_ Rotonen adourado how are things now? can you use PyPI, download files, etc.?

[16:37:10] <chrisw> sumanah - yeah, looks to be working

[16:37:24] <bstempi_> So far, so good.

[16:37:39] <chrisw> seeing these locally, mind:

[16:37:40] <chrisw> Could not fetch URL https://pypi.python.org/simple/certifi/: There was a problem confirming the ssl certificate: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:646) - skipping

[16:38:26] <sumanah> chrisw: ah, check this out https://mail.python.org/pipermail/python-announce-list/2018-April/011885.html

[16:38:38] <sumanah> chrisw: and you might want to try pip's -vvv option to get more verbosity

[16:38:47] <chrisw> bit chicken and egg:

[16:38:55] <Rotonen> chrisw: the CDN deprecated anything older than TLS 1.2, so you need a python, the ssl module of which is compiled against a new enough ssl implementation

[16:38:57] <chrisw> $ pip install -U pip

[16:38:57] <chrisw> Could not fetch URL https://pypi.python.org/simple/pip/: There was a problem confirming the ssl certificate: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:646) - skipping

[16:39:13] <sumanah> chrisw: https://pip.pypa.io/en/latest/installing/ lets you install without pip working :)

[16:39:26] <Rotonen> sumanah: i confirm the CI runs which brought me here in the first place now run smooth

[16:39:43] <sumanah> chrisw: I admire the cleverness of how the get-pip script addresses the bootstrap problem

[16:40:14] <chrisw> get-pip install 9.0.1...

[16:40:36] <sumanah> chrisw: ? it doesn't install pip 10.0.0 for you?

[16:40:43] <chrisw> eh, weird, 10.0.0?

[16:40:43] <sumanah> maybe I did not understand you

[16:41:28] <sumanah> chrisw: tos9 bstempi_ Rotonen adourado https://mail.python.org/mm3/mailman3/lists/pypi-announce.python.org/ in case you aren't already subscribed -- it'll give you a heads-up before other major PyPI changes

[16:42:02] <tos9> Nice.

[16:44:52] <ngoldbaum> * The default upgrade strategy has become "only-if-needed"

[16:44:54] <ngoldbaum> ^ nice

[17:11:42] <sumanah> I wonder whether Artifactory clients are holding up?

[17:54:23] <sumanah> New York City folks: consider joining us and helping improve Warehouse in a couple weeks https://www.python.org/events/python-user-group/700/

[18:23:51] <Lingyi> Hi! I just upgraded my pip to version 10.0.0. I noticed that when I did `pip install -t <dir>`, sometimes it generated `man` and `bin` directories inside the <dir>. I'm wondering what these two directories stand for. Thank you!

[19:21:19] <mitsuhiko> thanks so much for the updated pip and pypi. may i just point out that due to the ssl changes the most common googleable solution for fixing it (updating pip) does not help as pip can't update itself with the ssl problem

[19:22:27] <mitsuhiko> maybe it would be helpful to have the curl to python command for pip installation somewhere on pypi prominently

[19:30:37] <ngoldbaum> sumanah: ^

[19:30:48] <ngoldbaum> this actually came up earleir

[19:30:51] <sumanah> Hmmmm

[19:30:56] <sumanah> ngoldbaum: maybe this should be in the FAQ.

[19:31:11] <sumanah> mitsuhiko: ngoldbaum: are you interested in making a pull request? I could help guide you

[19:31:28] <mitsuhiko> sumanah: sorry i don't have the time right now to do it

[19:31:32] <sumanah> ok

[19:31:52] <mitsuhiko> if i am still up in a few hours i will have a look but right now i need to get through other items on my todo list

[19:32:15] <sumanah> mitsuhiko: I'm gonna try starting it :) if I want to ping you to review the PR, what username should I use? on GitHub?

[19:32:30] <mitsuhiko> @mitsuhiko

[19:34:10] <sumanah> Thanks mitsuhiko

[20:34:26] <slamtime> https://github.com/pypa/pip/blob/master/src/pip/_internal/req/req_install.py#L415

[20:35:01] <slamtime> Any idea why running 'pip install -r file.txt' causes my package to crash here

[20:35:09] <slamtime> during 'building wheels'

[20:35:17] <slamtime> do snakes have wheels?

[20:35:22] <slamtime> this all seems quite strange

[20:36:54] <ngoldbaum> slamtime: the nickname for pypi is cheeseshop :)

[20:37:03] <ngoldbaum> slamtime: latest pip, setuptools, etc?

[20:39:01] <slamtime> noidea

[20:39:14] <slamtime> this 'used to work'

[20:39:34] <ngoldbaum> pip --version?

[20:39:36] <slamtime> it's a build machine so I don't want to mess with it too much

[20:39:47] <ngoldbaum> "import setuptools; print(setuptools.__version__)"

[20:39:48] <slamtime> pip 10.0.0

[20:39:55] <ngoldbaum> ah pip 10

[20:40:00] <ngoldbaum> i'd open a bug on github

[20:40:05] <slamtime> :(

[20:40:12] <ngoldbaum> pip 10 was just released today

[20:40:23] <ngoldbaum> err, yesterday or the day before actually

[20:40:31] <slamtime> *flips table*

[20:40:34] <slamtime> ok

[20:40:36] <slamtime> thanks

[20:44:25] <slamtime> ngoldbaum: https://github.com/pypa/pip/issues/5251

[20:44:41] <ngoldbaum> cool, i'm not a pip dev

[20:44:46] <ngoldbaum> but that'll definitely get one's attention

[20:45:02] <slamtime> cool thanks

[20:45:29] <ngoldbaum> you can try downgrading to the last pip 9 release

[20:45:35] <ngoldbaum> that might fix it temporarily

[20:46:35] <ngoldbaum> although it does seem that egg installs are deprecated

[20:47:03] <slamtime> deleting the venv also works

[20:47:20] <slamtime> it's only for when I try to install reqs a second time

[20:47:22] <ngoldbaum> yeah, the fact that it only fails when you try to install on top of an exisiting install indicates a bug to me

[20:47:41] <ngoldbaum> at least you should get a better error message than just a failed assertion

[20:47:45] <slamtime> yeah

[20:47:47] <slamtime> tricky

[20:47:59] <slamtime> well I appreciate your help

[20:54:10] <sumanah> Hey ngoldbaum would you take a look at https://github.com/pypa/warehouse/pull/3720 ? Add user help on TLS 1.0/1.1 deprecation #3720

[21:00:29] <techalchemy> I wonder if it was intentional to disable non-editable VCS installations?

[21:00:37] <techalchemy> anyone know?

[21:05:33] <sumanah> techalchemy: maybe pradyunsg would know?

[21:10:48] <ngoldbaum> techalchemy: https://github.com/pypa/pip/issues/5251 ?

[21:11:12] <techalchemy> yeah I saw the issue

[21:12:20] <techalchemy> I'm primarily interested in knowing whether I need a long-term fix to point at pip9 for these or not

[21:12:41] <ngoldbaum> the fact that it only breaks after the initial install indicates to me it's a bug

[21:12:45] <ngoldbaum> but i don't know offhand

[21:13:44] <techalchemy> I am not really sure what that means, but I have non-vcs installations integrated in our CI process as part of the various dependency types we test

[21:14:43] <techalchemy> and it happens whether I run all of my tests or just the one that fails, and it never succeeds no matter what

[21:15:46] <vphilippon> Could it be a bug that happens when `pip` tries to warn if the user is installing a conflicting dependency?

[21:15:46] <vphilippon> Because that's why non-editable VCS installs are not supported by pip-tools (causing issue with dependency resolution)

[21:16:22] <vphilippon> Just throwing in an idea, I should actually throw that on the issue on github or something

[21:18:44] <techalchemy> vphilippon: in this case there is no conflict, so unlikely

[21:18:49] <techalchemy> our tests are isolated

[21:19:07] <techalchemy> (you should look at them sometime, you're a maintainer ;))

[21:19:29] <techalchemy> (or pr / merge the updates from piptools at least)

[21:21:54] <vphilippon> techalchemy: yeah, that's on my todo list :)

[21:22:33] <techalchemy> you can probably work out the resolver changes, I've cleaned them up since you looked at them for me a few weeks ago

[21:23:14] <techalchemy> vphilippon: https://travis-ci.org/pypa/pipenv/jobs/367322542

[21:24:28] <vphilippon> Cleaned up resolver changes: Nice, thanks!

[21:24:51] <techalchemy> yeah they were not pretty and also not working

Log file Viewer

Help | Karma | Search:

#pypa logs for Monday the 16th of April, 2018