-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Last default dependency being marked as local and editable #4480
Comments
@patelamol and I can reproduce this with pipenv 2020.08.13. |
I experienced this bug in all the latest version until |
As @jmehnle and @patelamol commented, I've been experiencing a similar issue with some of my packages in this case "zipp": {
"editable": true,
"path": "."
}, My solution was to manually edit the pipfile lock, which is unsafe/unhealthy to the latest version "zipp": {
"hashes": [
"sha256:43f4fa8d8bb313e65d8323a3952ef8756bf40f9a5c3ea7334be23ee4ec8278b6",
"sha256:b52f22895f4cfce194bc8172f3819ee8de7540aa6d873535a8668b730b8b411f"
],
"version": "==3.2.0"
} I wonder if there's a pipenv update coming out soon with this bugfix |
@gregflynn @patelamol So does this issue exist on the master branch? I can't reproduce with the given steps |
Surely! I have not run pipenv from github before and didn't see instructions in the README so I'll be verbose about the steps:
"wrapt": {
- "hashes": [
- "sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7"
- ],
- "version": "==1.12.1"
+ "editable": true,
+ "path": "."
}
}, @frostming thank you for the suggestion and taking a look, happy to do more testing or correct this test if I've gone astray. |
Is this step critical to reproduce the bug? I create with master Pipenv and can't reproduce. A docker image would be of great help if possible |
Good eye but I made the following changes and was still able to reproduce with latest master version. For step 4 I updated my install script: -PIPENV_IGNORE_VIRTUALENVS=1 PIPENV_VENV_IN_PROJECT=1 pipenv install --deploy
+PIPENV_IGNORE_VIRTUALENVS=1 PIPENV_VENV_IN_PROJECT=1 $HOME/.pyenv/versions/pipenv/bin/pipenv install --deploy and still got: "wrapt": {
- "hashes": [
- "sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7"
- ],
- "version": "==1.12.1"
+ "editable": true,
+ "path": "."
}
}, Happy to try more things! Thanks |
Oh, I managed to reproduce it! I didn't notice the critical factor is VENV_IN_PROJECT. |
🙌 great news! sorry I neglected to give you a Dockerfile, missed that note in my first read |
2022.1.8 (2022-01-08) ===================== Bug Fixes --------- - Remove the extra parentheses around the venv prompt. `#4877 <https://github.com/pypa/pipenv/issues/4877>`_ - Fix a bug of installation fails when extra index url is given. `#4881 <https://github.com/pypa/pipenv/issues/4881>`_ - Fix regression where lockfiles would only include the hashes for releases for the platform generating the lockfile `#4885 <https://github.com/pypa/pipenv/issues/4885>`_ - Fix the index parsing to reject illegal requirements.txt. `#4899 <https://github.com/pypa/pipenv/issues/4899>`_ 2021.11.23 (2021-11-23) ======================= Bug Fixes --------- - Update ``charset-normalizer`` from ``2.0.3`` to ``2.0.7``, this fixes an import error on Python 3.6. `#4865 <https://github.com/pypa/pipenv/issues/4865>`_ - Fix a bug of deleting a virtualenv that is not managed by Pipenv. `#4867 <https://github.com/pypa/pipenv/issues/4867>`_ - Fix a bug that source is not added to ``Pipfile`` when index url is given with ``pipenv install``. `#4873 <https://github.com/pypa/pipenv/issues/4873>`_ 2021.11.15 (2021-11-15) ======================= Bug Fixes --------- - Return an empty dict when ``PIPENV_DONT_LOAD_ENV`` is set. `#4851 <https://github.com/pypa/pipenv/issues/4851>`_ - Don't use ``sys.executable`` when inside an activated venv. `#4852 <https://github.com/pypa/pipenv/issues/4852>`_ Vendored Libraries ------------------ - Drop the vendored ``jinja2`` dependency as it is not needed any more. `#4858 <https://github.com/pypa/pipenv/issues/4858>`_ - Update ``click`` from ``8.0.1`` to ``8.0.3``, to fix a problem with bash completion. `#4860 <https://github.com/pypa/pipenv/issues/4860>`_ - Drop unused vendor ``chardet``. `#4862 <https://github.com/pypa/pipenv/issues/4862>`_ Improved Documentation ---------------------- - Fix the documentation to reflect the fact that special characters must be percent-encoded in the URL. `#4856 <https://github.com/pypa/pipenv/issues/4856>`_ 2021.11.9 (2021-11-09) ====================== Features & Improvements ----------------------- - Replace ``click-completion`` with ``click``'s own completion implementation. `#4786 <https://github.com/pypa/pipenv/issues/4786>`_ Bug Fixes --------- - Fix a bug that ``pipenv run`` doesn't set environment variables correctly. `#4831 <https://github.com/pypa/pipenv/issues/4831>`_ - Fix a bug that certifi can't be loaded within ``notpip``'s vendor library. This makes several objects of ``pip`` fail to be imported. `#4833 <https://github.com/pypa/pipenv/issues/4833>`_ - Fix a bug that ``3.10.0`` can be found be python finder. `#4837 <https://github.com/pypa/pipenv/issues/4837>`_ Vendored Libraries ------------------ - Update ``pythonfinder`` from ``1.2.8`` to ``1.2.9``. `#4837 <https://github.com/pypa/pipenv/issues/4837>`_ 2021.11.5.post0 (2021-11-05) ============================ Bug Fixes --------- - Fix a regression that ``pipenv shell`` fails to start a subshell. `#4828 <https://github.com/pypa/pipenv/issues/4828>`_ - Fix a regression that ``pip_shims`` object isn't imported correctly. `#4829 <https://github.com/pypa/pipenv/issues/4829>`_ 2021.11.5 (2021-11-05) ====================== Features & Improvements ----------------------- - Avoid sharing states but create project objects on demand. So that most integration test cases are able to switch to a in-process execution method. `#4757 <https://github.com/pypa/pipenv/issues/4757>`_ - Shell-quote ``pip`` commands when logging. `#4760 <https://github.com/pypa/pipenv/issues/4760>`_ Bug Fixes --------- - Ignore empty .venv in rood dir and create project name base virtual environment `#4790 <https://github.com/pypa/pipenv/issues/4790>`_ Vendored Libraries ------------------ - Update vendored dependencies - ``attrs`` from ``20.3.0`` to ``21.2.0`` - ``cerberus`` from ``1.3.2`` to ``1.3.4`` - ``certifi`` from ``2020.11.8`` to ``2021.5.30`` - ``chardet`` from ``3.0.4`` to ``4.0.0`` - ``click`` from ``7.1.2`` to ``8.0.1`` - ``distlib`` from ``0.3.1`` to ``0.3.2`` - ``idna`` from ``2.10`` to ``3.2`` - ``importlib-metadata`` from ``2.0.0`` to ``4.6.1`` - ``importlib-resources`` from ``3.3.0`` to ``5.2.0`` - ``jinja2`` from ``2.11.2`` to ``3.0.1`` - ``markupsafe`` from ``1.1.1`` to ``2.0.1`` - ``more-itertools`` from ``5.0.0`` to ``8.8.0`` - ``packaging`` from ``20.8`` to ``21.0`` - ``pep517`` from ``0.9.1`` to ``0.11.0`` - ``pipdeptree`` from ``1.0.0`` to ``2.0.0`` - ``ptyprocess`` from ``0.6.0`` to ``0.7.0`` - ``python-dateutil`` from ``2.8.1`` to ``2.8.2`` - ``python-dotenv`` from ``0.15.0`` to ``0.19.0`` - ``pythonfinder`` from ``1.2.5`` to ``1.2.8`` - ``requests`` from ``2.25.0`` to ``2.26.0`` - ``shellingham`` from ``1.3.2`` to ``1.4.0`` - ``six`` from ``1.15.0`` to ``1.16.0`` - ``tomlkit`` from ``0.7.0`` to ``0.7.2`` - ``urllib3`` from ``1.26.1`` to ``1.26.6`` - ``zipp`` from ``1.2.0`` to ``3.5.0`` Add new vendored dependencies - ``charset-normalizer 2.0.3`` - ``termcolor 1.1.0`` - ``tomli 1.1.0`` - ``wheel 0.36.2`` `#4747 <https://github.com/pypa/pipenv/issues/4747>`_ - Drop the dependencies for Python 2.7 compatibility purpose. `#4751 <https://github.com/pypa/pipenv/issues/4751>`_ - Switch the dependency resolver from ``pip-tools`` to `pip`. Update vendor libraries: - Update ``requirementslib`` from ``1.5.16`` to ``1.6.1`` - Update ``pip-shims`` from ``0.5.6`` to ``0.6.0`` - New vendor ``platformdirs 2.4.0`` `#4759 <https://github.com/pypa/pipenv/issues/4759>`_ Improved Documentation ---------------------- - remove prefixes on install commands for easy copy/pasting `#4792 <https://github.com/pypa/pipenv/issues/4792>`_ - Officially drop support for Python 2.7 and Python 3.5. `#4261 <https://github.com/pypa/pipenv/issues/4261>`_ 2021.5.29 (2021-05-29) ====================== Bug Fixes --------- - Fix a bug where passing --skip-lock when PIPFILE has no [SOURCE] section throws the error: "tomlkit.exceptions.NonExistentKey: 'Key "source" does not exist.'" `#4141 <https://github.com/pypa/pipenv/issues/4141>`_ - Fix bug where environment wouldn't activate in paths containing & and $ symbols `#4538 <https://github.com/pypa/pipenv/issues/4538>`_ - Fix a bug that ``importlib-metadata`` from the project's dependencies conflicts with that from ``pipenv``'s. `#4549 <https://github.com/pypa/pipenv/issues/4549>`_ - Fix a bug where ``pep508checker.py`` did not expect double-digit Python minor versions (e.g. "3.10"). `#4602 <https://github.com/pypa/pipenv/issues/4602>`_ - Fix bug where environment wouldn't activate in paths containing () and [] symbols `#4615 <https://github.com/pypa/pipenv/issues/4615>`_ - Fix bug preventing use of pipenv lock --pre `#4642 <https://github.com/pypa/pipenv/issues/4642>`_ Vendored Libraries ------------------ - Update ``packaging`` from ``20.4`` to ``20.8``. `#4591 <https://github.com/pypa/pipenv/issues/4591>`_ 2020.11.15 (2020-11-15) ======================= Features & Improvements ----------------------- - Support expanding environment variables in requirement URLs. `#3516 <https://github.com/pypa/pipenv/issues/3516>`_ - Show warning message when a dependency is skipped in locking due to the mismatch of its markers. `#4346 <https://github.com/pypa/pipenv/issues/4346>`_ Bug Fixes --------- - Fix a bug that executable scripts with leading backslash can't be executed via ``pipenv run``. `#4368 <https://github.com/pypa/pipenv/issues/4368>`_ - Fix a bug that VCS dependencies always satisfy even if the ref has changed. `#4387 <https://github.com/pypa/pipenv/issues/4387>`_ - Restrict the acceptable hash type to SHA256 only. `#4517 <https://github.com/pypa/pipenv/issues/4517>`_ - Fix the output of ``pipenv scripts`` under Windows platform. `#4523 <https://github.com/pypa/pipenv/issues/4523>`_ - Fix a bug that the resolver takes wrong section to validate constraints. `#4527 <https://github.com/pypa/pipenv/issues/4527>`_ Vendored Libraries ------------------ - Update vendored dependencies: - ``colorama`` from ``0.4.3`` to ``0.4.4`` - ``python-dotenv`` from ``0.10.3`` to ``0.15.0`` - ``first`` from ``2.0.1`` to ``2.0.2`` - ``iso8601`` from ``0.1.12`` to ``0.1.13`` - ``parse`` from ``1.15.0`` to ``1.18.0`` - ``pipdeptree`` from ``0.13.2`` to ``1.0.0`` - ``requests`` from ``2.23.0`` to ``2.25.0`` - ``idna`` from ``2.9`` to ``2.10`` - ``urllib3`` from ``1.25.9`` to ``1.26.1`` - ``certifi`` from ``2020.4.5.1`` to ``2020.11.8`` - ``requirementslib`` from ``1.5.15`` to ``1.5.16`` - ``attrs`` from ``19.3.0`` to ``20.3.0`` - ``distlib`` from ``0.3.0`` to ``0.3.1`` - ``packaging`` from ``20.3`` to ``20.4`` - ``six`` from ``1.14.0`` to ``1.15.0`` - ``semver`` from ``2.9.0`` to ``2.13.0`` - ``toml`` from ``0.10.1`` to ``0.10.2`` - ``cached-property`` from ``1.5.1`` to ``1.5.2`` - ``yaspin`` from ``0.14.3`` to ``1.2.0`` - ``resolvelib`` from ``0.3.0`` to ``0.5.2`` - ``pep517`` from ``0.8.2`` to ``0.9.1`` - ``zipp`` from ``0.6.0`` to ``1.2.0`` - ``importlib-metadata`` from ``1.6.0`` to ``2.0.0`` - ``importlib-resources`` from ``1.5.0`` to ``3.3.0`` `#4533 <https://github.com/pypa/pipenv/issues/4533>`_ Improved Documentation ---------------------- - Fix suggested pyenv setup to avoid using shimmed interpreter `#4534 <https://github.com/pypa/pipenv/issues/4534>`_ 2020.11.4 (2020-11-04) ====================== Features & Improvements ----------------------- - Add a new command ``pipenv scripts`` to display shortcuts from Pipfile. `#3686 <https://github.com/pypa/pipenv/issues/3686>`_ - Retrieve package file hash from URL to accelerate the locking process. `#3827 <https://github.com/pypa/pipenv/issues/3827>`_ - Add the missing ``--system`` option to ``pipenv sync``. `#4441 <https://github.com/pypa/pipenv/issues/4441>`_ - Add a new option pair ``--header/--no-header`` to ``pipenv lock`` command, which adds a header to the generated requirements.txt `#4443 <https://github.com/pypa/pipenv/issues/4443>`_ Bug Fixes --------- - Fix a bug that percent encoded characters will be unquoted incorrectly in the file URL. `#4089 <https://github.com/pypa/pipenv/issues/4089>`_ - Fix a bug where setting PIPENV_PYTHON to file path breaks environment name `#4225 <https://github.com/pypa/pipenv/issues/4225>`_ - Fix a bug that paths are not normalized before comparison. `#4330 <https://github.com/pypa/pipenv/issues/4330>`_ - Handle Python major and minor versions correctly in Pipfile creation. `#4379 <https://github.com/pypa/pipenv/issues/4379>`_ - Fix a bug that non-wheel file requirements can be resolved successfully. `#4386 <https://github.com/pypa/pipenv/issues/4386>`_ - Fix a bug that ``pexept.exceptions.TIMEOUT`` is not caught correctly because of the wrong import path. `#4424 <https://github.com/pypa/pipenv/issues/4424>`_ - Fix a bug that compound TOML table is not parsed correctly. `#4433 <https://github.com/pypa/pipenv/issues/4433>`_ - Fix a bug that invalid Python paths from Windows registry break ``pipenv install``. `#4436 <https://github.com/pypa/pipenv/issues/4436>`_ - Fix a bug that function calls in ``setup.py`` can't be parsed rightly. `#4446 <https://github.com/pypa/pipenv/issues/4446>`_ - Fix a bug that dist-info inside ``venv`` directory will be mistaken as the editable package's metadata. `#4480 <https://github.com/pypa/pipenv/issues/4480>`_ - Make the order of hashes in resolution result stable. `#4513 <https://github.com/pypa/pipenv/issues/4513>`_ Vendored Libraries ------------------ - Update ``tomlkit`` from ``0.5.11`` to ``0.7.0``. `#4433 <https://github.com/pypa/pipenv/issues/4433>`_ - Update ``requirementslib`` from ``1.5.13`` to ``1.5.14``. `#4480 <https://github.com/pypa/pipenv/issues/4480>`_ Improved Documentation ---------------------- - Discourage homebrew installation in installation guides. `#4013 <https://github.com/pypa/pipenv/issues/4013>`_
Checked out diagnose documentation for common issues. I outlined my (possibly flawed) workflow in the steps to reproduce below. I've been fussing around with this for a couple weeks blaming myself, and would love for this to be a me-bug.
Issue description
Last external package listed in the default section of Pipfile.lock is incorrectly being marked as local and editable
Expected result
Last external package listed is still provided from pypi
Actual result
My Pipfile.lock get this diff included in it, which breaks CI and other users for obvious reasons:
Steps to replicate
(mycli has a setup.py to facilitate creating an entrypoint for python click and defines non-dev dependencies)
The project is a CLI utility and we clone the repository and install via:
PIPENV_IGNORE_VIRTUALENVS=1 PIPENV_VENV_IN_PROJECT=1 pipenv install --deploy
As a developer adding a new dependency, I edit the
setup.py
and run:pipenv lock
This generates a Pipfile.lock file that does include my new dependency, but also a malformed last default dependency (I've had the issue with multiple packages that are near the end of the alphabet in that position, specifically
wrapt
andzipp
)I am able to workaround the issue and generate a correct Pipfile.lock by:
rm -rf Pipfile.lock .venv
and
pipenv lock
I am purposefully omitting the
pipenv --support
output because the application I'm working on is proprietary and I worry about leaking details of our environment (or our security team yelling at me 😆). If there are specific snippets i can scrub and provide I would be glad to, just didn't want to scrub the whole thing up front.Thank you for reading and again, hope I'm just being dumb.
Thanks!
The text was updated successfully, but these errors were encountered: