PMXBOT Log file Viewer

Help | Karma | Search:

#pypa logs for Thursday the 30th of July, 2020

(Back to #pypa overview) (Back to channel listing) (Animate logs)
[04:09:34] <McSinyx[m]> use-feature is a global option IIRC, which is at least applicable to pip wheel and pip download as well
[04:10:20] <McSinyx[m]> but because of the way pip's config passing works, you can set it only for install as above
[11:06:57] <kushal> Anyone here knows how much is left for https://github.com/pypa/setuptools/pull/2136 to get in?
[16:01:18] <sumanah> pip 20.2 is out, includes a beta of the new pip dependency resolver (20.3 in October will have that behavior by default). more info: https://blog.python.org/2020/07/upgrade-pip-20-2-changes-20-3.html
[16:03:47] <sumanah> tos9: McSinyx[m]: I saw via the logs that you made a suggestion for how to start using the new resolver by default. would either of you make a quick PR to add that info to https://pip.pypa.io/en/latest/user_guide/#changes-to-the-pip-dependency-resolver-in-20-2-2020 ?
[16:11:46] <altendky> over in #python sumanah suggested i could set the beta resolver globally in pip.conf. is there any output i should check to confirm i got that enabled properly? nothing jumps out to me in the output of an install with -vvv
[16:12:19] <sumanah> pradyunsg: ^ in case you can look
[16:12:59] <sumanah> (this is based on what I saw a few people say over the past few days in the logs)
[16:13:00] <sumanah> !logs
[16:13:00] <pmxbot> http://kafka.dcpython.org/channel/pypa
[16:15:24] <dstufft> altendky: try do pip install requests>1 requests<1, see what happens :p
[16:16:37] <altendky> `ERROR: Double requirement given: requests<1 (already in requests>1, name='requests')`
[16:20:09] <dstufft> oh right, forgot about that
[16:20:12] <dstufft> rip my stupid idea
[16:49:47] <sumanah> dstufft: what did you think the new pip would say?
[16:51:26] <dstufft> sumanah: so the double requirement error is an older thing, that we should actually probably get rid of now. with the old resolver pip install requests>1 requests<1 would just silently do the wrong thing, so we attempted to detect that case and error out about it
[16:51:38] <dstufft> I suspect you'd get the same error doing ``pip install requests requests``
[16:51:47] <sumanah> pip install badger badger badger
[16:51:55] <sumanah> ERROR: mushroom mushroom
[17:13:50] <PSFSlack> <di> try: pip install diamond-dependency
[19:32:07] <pradyunsg> dstufft: the new resolver does actually handle double requirements correctly and will work with that.
[19:32:52] <alexbirsansec> Hello :) Is there anyone I can chat to about my security research packages being taken down from PyPI -- and any steps I could take in the future to ensure these are welcome on the index going forward?
[19:32:54] <sumanah> pradyunsg: you are up way too late, but while you are up, https://github.com/pypa/pip/issues/8661
[19:33:11] <sumanah> hi alexbirsansec!
[19:33:20] <sumanah> alexbirsansec: have you already tried filing an issue at https://github.com/pypa/pypi-support/issues ?
[19:33:36] <pradyunsg> sumanah: looking!
[19:34:22] <sumanah> alexbirsansec: not all the PyPI admins/moderators hang out here (plus, you know, timezones) so filing an issue there would possibly be best.
[19:34:28] <alexbirsansec> Hmm, no sumanah, I haven't. I will try that if there is nobody available to chat here :)
[19:34:41] <alexbirsansec> thank you!
[19:35:21] <sumanah> you're welcome and thanks for using PyPI!
[19:43:15] <pradyunsg> sumanah: responded -- is there anything else you'd like me to look at? :)
[19:43:31] <sumanah> pradyunsg: not urgently - IMO you should get some rest
[19:44:22] <pradyunsg> sumanah: okie; time to sleep for me. have a good <appropriate-time-of-day-for-reader> folks! :)
[19:44:28] <sumanah> :)