Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sources: allow to configure the priority of PyPI #7801

Merged
merged 1 commit into from
Apr 26, 2023

Conversation

radoering
Copy link
Member

@radoering radoering commented Apr 16, 2023

Pull Request Check List

Related to: #6713
Closes: #7430

  • Added tests for changed code.
  • Updated documentation for changed code.

Allow to configure the priority of PyPI (e.g. poetry source add pypi --priority explicit) and add a warning that PyPI will be disabled - or maybe set to explicit (the difference is only subtle) - automatically in a future version of Poetry if there is at least one custom source with another priority than explicit configured and that PyPI should be configured explicitly with a certain priority for forward compatibility in that case. (If there are no other sources configured nothing changes. You don't have to always configure PyPI explicitly.)

Target image

This goes beyond this PR, but helps to understand it.

In a future version of Poetry, PyPI will be disabled automatically if there is at least one custom source configured with another priority than explicit.

If you don't want PyPI to be disabled, you have to add it explicitly (poetry add source pypi). This adds PyPI to your pyproject.toml like any other source except that it's not allowed to define a url because its url is implicit and fix. You can set a certain priority.

Priority default will be removed since it is superfluous.

This PR

This PR allows to add PyPI explicitly via poetry add source pypi. (You can also give a certain priority.) You can make PyPI the highest priority, lowest priority or anything in between. You can also effectively disable it by adding it with priority explicit.

In pyproject.toml an explicitly configured PyPI looks the same as any other source except it has no url, e.g.:

[[tool.poetry.source]]
name = "PyPI"
priority = "primary"

If we detect a custom source with another priority than explicit and there is no source with priority default (i.e. if PyPI would be enabled implicitly despite of other sources), a deprecation warning is printed that gives the target image and what to do for now to avoid a breaking change:

                        "Warning: In a future version of Poetry, PyPI will be disabled"
                        " automatically if at least one custom source is configured"
                        " with another priority than 'explicit'. In order to avoid"
                        " a breaking change and make your pyproject.toml forward"
                        " compatible, add PyPI explicitly via 'poetry source add pypi'."
                        " By the way, this has the advantage that you can set the"
                        " priority of PyPI as with any other source."

This PR does NOT deprecate the priority default yet. Later, when we will have made the warning become true, we can deprecate default because it only influences the implicit PyPI like any other primary source and makes a source the first primary one. In other words, the priority default becomes absolutely superfluous.

I think I really like the target image (way better than #7430) and the clear transition, which should be as smooth as possible.

@@ -20,8 +20,7 @@
"type": "object",
"additionalProperties": false,
"required": [
"name",
"url"
"name"
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also tried some fancy anyOf not pattern magic, which worked correctly, but always gave the following message for invalid combinations: [source.0] {'name': 'x'} is not valid under any of the given schemas

Thus, I decided to be permissive here and check for invalid combinations in create_package_source() in factory.py. This way, we get way better error messages if there is a PyPI with a url or another source without a url.

@radoering radoering added impact/docs Contains or requires documentation changes area/sources Releated to package sources/indexes/repositories labels Apr 16, 2023
@github-actions
Copy link

github-actions bot commented Apr 16, 2023

Deploy preview for website ready!

✅ Preview
https://website-brxldqe1w-python-poetry.vercel.app

Built with commit e421c3a.
This pull request is being automatically deployed with vercel-action

Copy link
Member

@Secrus Secrus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, some small nitpicks only

src/poetry/console/commands/source/add.py Outdated Show resolved Hide resolved
src/poetry/console/commands/source/add.py Outdated Show resolved Hide resolved
tests/fixtures/with_default_source_and_pypi/pyproject.toml Outdated Show resolved Hide resolved
@radoering radoering force-pushed the explicit-pypi branch 2 times, most recently from 1dfed7e to 0f09086 Compare April 25, 2023 04:47
Add a warning that PyPI will be disabled automatically in a future version of Poetry if there is at least one custom source with another priority than `explicit` configured and that it should be configured explicitly with a certain priority for forward compatibility.
@radoering radoering merged commit 978d435 into python-poetry:master Apr 26, 2023
@radoering radoering mentioned this pull request Apr 30, 2023
mwalbeck pushed a commit to mwalbeck/docker-python-poetry that referenced this pull request May 23, 2023
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [poetry](https://python-poetry.org/) ([source](https://github.com/python-poetry/poetry), [changelog](https://python-poetry.org/history/)) | minor | `1.4.2` -> `1.5.0` |

---

### Release Notes

<details>
<summary>python-poetry/poetry</summary>

### [`v1.5.0`](https://github.com/python-poetry/poetry/blob/HEAD/CHANGELOG.md#&#8203;150---2023-05-19)

[Compare Source](python-poetry/poetry@1.4.2...1.5.0)

##### Added

-   **Introduce the new source priorities `explicit` and `supplemental`** ([#&#8203;7658](python-poetry/poetry#7658),
    [#&#8203;6879](python-poetry/poetry#6879)).
-   **Introduce the option to configure the priority of the implicit PyPI source** ([#&#8203;7801](python-poetry/poetry#7801)).
-   Add handling for corrupt cache files ([#&#8203;7453](python-poetry/poetry#7453)).
-   Improve caching of URL and git dependencies ([#&#8203;7693](python-poetry/poetry#7693),
    [#&#8203;7473](python-poetry/poetry#7473)).
-   Add option to skip installing directory dependencies ([#&#8203;6845](python-poetry/poetry#6845),
    [#&#8203;7923](python-poetry/poetry#7923)).
-   Add `--executable` option to `poetry env info` ([#&#8203;7547](python-poetry/poetry#7547)).
-   Add `--top-level` option to `poetry show` ([#&#8203;7415](python-poetry/poetry#7415)).
-   Add `--lock` option to `poetry remove` ([#&#8203;7917](python-poetry/poetry#7917)).
-   Add experimental `POETRY_REQUESTS_TIMEOUT` option ([#&#8203;7081](python-poetry/poetry#7081)).
-   Improve performance of wheel inspection by avoiding unnecessary file copy operations ([#&#8203;7916](python-poetry/poetry#7916)).

##### Changed

-   **Remove the old deprecated installer and the corresponding setting `experimental.new-installer`** ([#&#8203;7356](python-poetry/poetry#7356)).
-   **Introduce `priority` key for sources and deprecate flags `default` and `secondary`** ([#&#8203;7658](python-poetry/poetry#7658)).
-   Deprecate `poetry run <entry point>` if the entry point was not previously installed via `poetry install` ([#&#8203;7606](python-poetry/poetry#7606)).
-   Only write the lock file if the installation succeeds ([#&#8203;7498](python-poetry/poetry#7498)).
-   Do not write the unused package category into the lock file ([#&#8203;7637](python-poetry/poetry#7637)).

##### Fixed

-   Fix an issue where Poetry's internal pyproject.toml continually grows larger with empty lines ([#&#8203;7705](python-poetry/poetry#7705)).
-   Fix an issue where Poetry crashes due to corrupt cache files ([#&#8203;7453](python-poetry/poetry#7453)).
-   Fix an issue where the `Retry-After` in HTTP responses was not respected and retries were handled inconsistently ([#&#8203;7072](python-poetry/poetry#7072)).
-   Fix an issue where Poetry silently ignored invalid groups ([#&#8203;7529](python-poetry/poetry#7529)).
-   Fix an issue where Poetry does not find a compatible Python version if not given explicitly ([#&#8203;7771](python-poetry/poetry#7771)).
-   Fix an issue where the `direct_url.json` of an editable install from a git dependency was invalid ([#&#8203;7473](python-poetry/poetry#7473)).
-   Fix an issue where error messages from build backends were not decoded correctly ([#&#8203;7781](python-poetry/poetry#7781)).
-   Fix an infinite loop when adding certain dependencies ([#&#8203;7405](python-poetry/poetry#7405)).
-   Fix an issue where pre-commit hooks skip pyproject.toml files in subdirectories ([#&#8203;7239](python-poetry/poetry#7239)).
-   Fix an issue where pre-commit hooks do not use the expected Python version ([#&#8203;6989](python-poetry/poetry#6989)).
-   Fix an issue where an unclear error message is printed if the project name is the same as one of its dependencies ([#&#8203;7757](python-poetry/poetry#7757)).
-   Fix an issue where `poetry install` returns a zero exit status even though the build script failed ([#&#8203;7812](python-poetry/poetry#7812)).
-   Fix an issue where an existing `.venv` was not used if `in-project` was not set ([#&#8203;7792](python-poetry/poetry#7792)).
-   Fix an issue where multiple extras passed to `poetry add` were not parsed correctly ([#&#8203;7836](python-poetry/poetry#7836)).
-   Fix an issue where `poetry shell` did not send a newline to `fish` ([#&#8203;7884](python-poetry/poetry#7884)).
-   Fix an issue where `poetry update --lock` printed operations that were not executed ([#&#8203;7915](python-poetry/poetry#7915)).
-   Fix an issue where `poetry add --lock` did perform a full update of all dependencies ([#&#8203;7920](python-poetry/poetry#7920)).
-   Fix an issue where `poetry shell` did not work with `nushell` ([#&#8203;7919](python-poetry/poetry#7919)).
-   Fix an issue where subprocess calls failed on Python 3.7 ([#&#8203;7932](python-poetry/poetry#7932)).
-   Fix an issue where keyring was called even though the password was stored in an environment variable ([#&#8203;7928](python-poetry/poetry#7928)).

##### Docs

-   Add information about what to use instead of `--dev` ([#&#8203;7647](python-poetry/poetry#7647)).
-   Promote semantic versioning less aggressively ([#&#8203;7517](python-poetry/poetry#7517)).
-   Explain Poetry's own versioning scheme in the FAQ ([#&#8203;7517](python-poetry/poetry#7517)).
-   Update documentation for configuration with environment variables ([#&#8203;6711](python-poetry/poetry#6711)).
-   Add details how to disable the virtualenv prompt ([#&#8203;7874](python-poetry/poetry#7874)).
-   Improve documentation on whether to commit `poetry.lock` ([#&#8203;7506](python-poetry/poetry#7506)).
-   Improve documentation of `virtualenv.create` ([#&#8203;7608](python-poetry/poetry#7608)).

##### poetry-core ([`1.6.0`](https://github.com/python-poetry/poetry-core/releases/tag/1.6.0))

-   Improve error message for invalid markers ([#&#8203;569](python-poetry/poetry-core#569)).
-   Increase robustness when deleting temporary directories on Windows ([#&#8203;460](python-poetry/poetry-core#460)).
-   Replace `tomlkit` with `tomli`, which changes the interface of some *internal* classes ([#&#8203;483](python-poetry/poetry-core#483)).
-   Deprecate `Package.category` ([#&#8203;561](python-poetry/poetry-core#561)).
-   Fix a performance regression in marker handling ([#&#8203;568](python-poetry/poetry-core#568)).
-   Fix an issue where wildcard version constraints were not handled correctly ([#&#8203;402](python-poetry/poetry-core#402)).
-   Fix an issue where `poetry build` created duplicate Python classifiers if they were specified manually ([#&#8203;578](python-poetry/poetry-core#578)).
-   Fix an issue where local versions where not handled correctly ([#&#8203;579](python-poetry/poetry-core#579)).

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS44Mi4wIiwidXBkYXRlZEluVmVyIjoiMzUuODIuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->

Reviewed-on: https://git.walbeck.it/walbeck-it/docker-python-poetry/pulls/717
Co-authored-by: renovate-bot <[email protected]>
Co-committed-by: renovate-bot <[email protected]>
Copy link

github-actions bot commented Mar 3, 2024

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 3, 2024
@radoering radoering deleted the explicit-pypi branch November 24, 2024 12:47
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
area/sources Releated to package sources/indexes/repositories impact/docs Contains or requires documentation changes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants