Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1.4.4 version released on Apr 25 is missing whl #56

Closed
awaizman1 opened this issue Apr 26, 2021 · 7 comments
Closed

1.4.4 version released on Apr 25 is missing whl #56

awaizman1 opened this issue Apr 26, 2021 · 7 comments

Comments

@awaizman1
Copy link

Hi,

On Apr 25 a new 1.4 version (1.4.4) released to PyPi (although can't see this version in changelog).
This version, as opposed to other versions is released only as a source distribution and missing whl files.

This breaks all builds that depends on lazy-object-proxy using local organization pypi proxy with SSL connection due to pip bug pypa/pip#8999 (see details below)

Would you please release also whl files?

Details:
In my organization we configure pip to connect to local index-url with SSL certificate, this prevents pip accessing external repos during our CI. The local repo is also a proxy of pypi.
some of our projects depends on lazy-object-proxy 1.4.* - since 1.4.4 is the latest 1.4.x one and released as source dist, pip downloads the tar and tries to install it. When installing lazy-object-proxy it first tries to install its build dependencies (PEP517 I guess) so pip invokes itself again (lets call it sub-pip) to download build requirements.
Due to a bug in pip, the sub-pip gets the index-url but not the certificate argument, thus failing to validate the certificate against the local repo and all build fails.

Thanks
@ionelmc
Copy link
Owner

ionelmc commented Apr 26, 2021

Aw hell - it was supposed to be a workaround for #51

I'll have to yank the 1.4.4 release @andy-maier - I now believe the proper fix for you is to take this code: https://github.com/ionelmc/python-lazy-object-proxy/releases/tag/v1.4.4 and republish it with a different name (lazy-andy-proxy or lazy-object-proxy-andry or whatever) 😐

@ionelmc
Copy link
Owner

ionelmc commented Apr 26, 2021

1.4.4 is yanked now. Note that it's still installable - @andy-maier lemme know how this works.

If this ain't enough I'll delete it.

@ionelmc
Copy link
Owner

ionelmc commented Apr 26, 2021

https://www.python.org/dev/peps/pep-0592/ for "yank"-ing details.

@awaizman1
Copy link
Author

Thanks,

will appreciate if you can delete it for now since Nexus repo (and maybe others like Antifactory) doesn't mirror the 'yanked' attribute. https://issues.sonatype.org/browse/NEXUS-25231?jql=project%20%3D%20NEXUS%20AND%20component%20%3D%20PyPi

@ionelmc
Copy link
Owner

ionelmc commented Apr 26, 2021

Deleted now.

@ionelmc ionelmc closed this as completed Apr 26, 2021
@awaizman1
Copy link
Author

Thanks a lot! all working now. sorry for bothering you.

@The-Compiler The-Compiler mentioned this issue Apr 27, 2021
Closed
@andy-maier
Copy link

@ionelmc Just wanted to provide a late response to your question above: We can live with that by not running pylint on Python 3.5, which is acceptable on such an old and meanwhile unsupported Python version. Sorry for causing the extra work for you.

This was referenced Mar 11, 2022
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ionelmc @andy-maier @awaizman1