Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

installer 0.7.0 #7671

Merged
merged 2 commits into from
Mar 18, 2023
Merged

installer 0.7.0 #7671

merged 2 commits into from
Mar 18, 2023

Conversation

dimbleby
Copy link
Contributor

Fixes #7572

explicitly declines to fix #7585, by choosing to call validate_record(), on the grounds that

installation will fail if any file in the archive is not both mentioned and correctly hashed in RECORD

  • anyone who does encounter such a package can fall back to the non-modern installer so they have options while waiting for packages to be fixed

Unless some installer starts enforcing this there'll never be any pressure for anyone to fix their packages, poetry has generally been willing to "go first" on such things (eg see insistence on pep517 builds)

as it happens, this validation also found some errors in poetry's own test fixtures

@radoering radoering added area/installer Related to the dependency installer impact/backport Requires backport to stable branch backport/1.4 labels Mar 18, 2023
@radoering radoering merged commit 8db1f00 into python-poetry:master Mar 18, 2023
@poetry-bot poetry-bot bot mentioned this pull request Mar 18, 2023
poetry-bot bot pushed a commit that referenced this pull request Mar 18, 2023
(cherry picked from commit 8db1f00)
@dimbleby dimbleby deleted the bump-installer branch March 18, 2023 13:51
radoering pushed a commit that referenced this pull request Mar 18, 2023
(cherry picked from commit 8db1f00)
Copy link

github-actions bot commented Mar 3, 2024

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 3, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
area/installer Related to the dependency installer impact/backport Requires backport to stable branch
Projects
None yet
2 participants