Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prefer wheel over source packages when choosing between multiple indexes #2098

Open
andrey-klochkov-liftoff opened this issue Mar 1, 2024 · 2 comments
Open

Prefer wheel over source packages when choosing between multiple indexes #2098

andrey-klochkov-liftoff opened this issue Mar 1, 2024 · 2 comments
Labels
enhancement New feature or request

Comments

@andrey-klochkov-liftoff
Copy link

We build wheels for packages that only have a source package on pypi.org, and put them on our private pypi repo. We then do pip install --index-url https://pypi.org/simple/ --extra-index-url https://private-repo/simple/, and pip always chooses to install the wheel package if it's available in our repo.

There are two different related issues with using uv pip install in this mode.

First, if we pass --index-url and --extra-index-url, uv would always prefer the repo passed with --index-url (as explained in #2083), and so our repo contains an older version of the package only but we want to install a newer version from pypi.org, uv won't find it. If we instead pass both indexes using --extra-index-url, uv would work in this scenario but it will fail in the second (below).

The second scenario is that we have a wheel package in our private repo, and pypi.org only contains the source repo. Here uv for some reason attempts to install the source repo (and we don't want to), and there doesn't seem to be a way to make it pick the wheel. The only way is to pass our repo through the --index-url argument, but then we get the 1st scenario failing.

Sorry if this has been discussed before but I haven't found this exact issue (or a combination of two?) being discussed previously.

Thanks for such a great tool! I wish we could just switch to doing uv pip install, but these corner cases are blocking us from that for now.
@charliermarsh
Copy link
Member

Thanks for the clear issue!

One thing for clarity: in the most recent release, we switched the priority (per your link: #2083).

So, as of the most recent release, if you provide --index-url https://pypi.org/simple/ --extra-index-url https://private-repo/simple/, uv will first look in https://private-repo/simple/; if the package exists, it will stop, and return those versions. If it doesn't, it will look in PyPI.

Unlike pip, we don't currently look in both indexes and merge the versions. We're considering making that change, but it also brings with it a bunch of security issues.

Based on that, my read of the above is:

  • If you want to install a newer version from PyPI of a repo that exists in your private index -- we don't currently support that, since we'll never look in PyPI if a package exists in your private index. We may support it in the future.
  • On the second scenario: I'm not sure what this would be. uv will only look at one index. (Prior to the most recent release, it would look at PyPI, not your custom index; we just reversed that.)

@charliermarsh charliermarsh added the enhancement New feature or request label Mar 1, 2024
@andrey-klochkov-liftoff
Copy link
Author

@charliermarsh ,
Thanks! Is there an issue that tracks the 1st change from your list that I can subscribe to?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@charliermarsh @andrey-klochkov-liftoff