PMXBOT Log file Viewer

Help | Karma | Search:

#pypa logs for Sunday the 5th of January, 2020

(Back to #pypa overview) (Back to channel listing) (Animate logs)
[01:28:54] <omry> I am trying to publish a package with a dependency on a github repo and I am getting this error: HTTPError: 400 Client Error: Invalid value for requires_dist. Error: Can't have direct dependency: "pyflakes @ git+git://github.com/pycqa/pyflakes.git@1911c20#egg=pyflakes ; extra == 'dev'" for url: upload.pypi.org/legacy
[01:29:09] <omry> This error kind of makes sense to me, but the package have this dependency as extra (github.com/omry/omegaconf/blob/master/setup.py)
[01:29:22] <omry> it is not a dependency for the package itself, but for development.
[01:30:44] <omry> short of hacking my workflow and CI around this limitation and removing the extra dependency, is there any other way to get this package published?
[17:26:20] <toad_polo> omry: I think you are supposed to use the PEP 508 things, right?
[17:26:33] <toad_polo> python.org/dev/peps/pep-0508
[17:28:29] <toad_polo> I didn't realize we were enforcing anything like that, though.
[17:29:37] <toad_polo> Maybe do a search in the issues for either warehouse ( github.com/pypa/warehouse ) or packaging-problems ( github.com/pypa/packaging-problems ). If you don't find anything on point, maybe raise an issue in packaging-problems.
[17:39:39] <omry> toad_polo, can you be more specific about what you mean with PEP 508?
[17:40:31] <pradyunsg> Yea, that's not a valid dependency for PyPI.
[17:40:36] <toad_polo> omry: Unfortunately not, I've never found a need to depend on a git repository and frankly find the whole thing a bit weird, so I don't really know the details.
[17:41:00] <omry> It's temporary until those repos make a proper release.
[17:41:27] <omry> the two I need are actually commonly used, isort and pyflakes. both have some issues that are solved in master but not yet released.
[17:41:35] <pradyunsg> My understand is that think a package is not permitted to directly depend on git repositories from PyPI.
[17:41:37] <toad_polo> Just that PEP 508 changed certain things about how you depend on URLs. It's not exactly a user-friendly document, but you might find information there.
[17:41:58] <toad_polo> pradyunsg: How does PyPI even know about it?
[17:42:01] <pradyunsg> *understanding (on mobile, so yay?)
[17:42:02] <toad_polo> Are extras even specified in a wheel?
[17:42:14] <omry> pradyunsg, does extra constitutes a real dependency?
[17:42:19] <pradyunsg> toad_polo: yep. Wheel has all the dependency information statically.
[17:42:39] <omry> How can users install dependencies from extra?
[17:42:42] <pradyunsg> part of why I like them. ;)
[17:42:54] <toad_polo> omry: YOu would do `pip install mypkg[dev]`
[17:43:11] <omry> oh, I see. I was using it only for local install (.[dev])
[17:43:33] <omry> now it's starting to make more sense.
[17:43:53] <toad_polo> I think that's a common pattern and one that I more or less like. Not sure how to square the circle there.
[17:44:19] <omry> maybe a better strategy would be to prevent the install from pypi (package[dev]) but not the upload.
[17:44:39] <omry> that would at least address my use case.
[17:44:46] <toad_polo> Another option is to make a `requirements-dev.txt`, or to specify something like `pyflakes > $LATEST_VERSION`
[17:45:27] <pradyunsg> omry: Well, if publishers can't upload packages with invalid dependencies, then users can't download them. :)
[17:45:35] <omry> yeah, I can work around it by not specifying those dependencies in setup.py, but its somewhat annoying.
[17:46:10] <omry> how is this an invalid dependency?
[17:46:20] <omry> especially if I depend on a specific revision.
[17:47:35] <toad_polo> Which would be annoying but you could build a wheel from the git head for your "just waiting for a release" dependencies and use `-t`, or install those from a `requirements-dev-git.txt` or something. Not ideal, of course, but neither is having to depend on unreleased projects.
[17:48:03] <toad_polo> Yeah, checking things at install time would be a bad idea.
[17:48:20] <toad_polo> Especially since that would require the change to be in `pip`, which means that you wouldn't even be able to do this for non-PyPI projects, presumably.
[17:48:56] <omry> for now I just removed those not-really-dependencies from the setup.py just before publishing.
[17:49:26] <omry> hopefully I won't have to do this for very long. I will prod those packages to make a pre-release.