Skip to content

pip accepts non-PEP440 version 0.1_1 in wheel file name #12914

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
1 task done
notatallshaw opened this issue Aug 15, 2024 · 1 comment · Fixed by #12918
Closed
1 task done

pip accepts non-PEP440 version 0.1_1 in wheel file name #12914

notatallshaw opened this issue Aug 15, 2024 · 1 comment · Fixed by #12918
Labels
type: bug A confirmed bug or unintended behavior

Comments

@notatallshaw
Copy link
Member

notatallshaw commented Aug 15, 2024
edited
Loading

Description

I wanted to replace pip's custom wheel filename regex with the standard parse_wheel_filename.

However I found that the old regex accepts non-PEP440 syntax and it is even tested for.

The version 0.1_1 gets coerced by pip to 0.1-1, whose canonical form is 0.1.post1.

Expected behavior

Pip shouldn't implement its own wheel filename parsing.

Assuming that is accepted, does this need to go through a depreciation cycle?

pip version

24.2

Python version

3.12

OS

Linux

How to Reproduce

  1. Install a wheel named simple-0.1_1-py2-none-any.whl

Output

No response

Code of Conduct
@notatallshaw notatallshaw added type: bug A confirmed bug or unintended behavior S: needs triage Issues/PRs that need to be triaged and removed S: needs triage Issues/PRs that need to be triaged labels Aug 15, 2024
@pradyunsg
Copy link
Member

This sounds like a good change to me.

Assuming that is accepted, does this need to go through a depreciation cycle?

Yes, probably the standard 6 month one.

@notatallshaw notatallshaw changed the title pip accepts non-PEP440 version 0.1_1 pip accepts non-PEP440 version 0.1_1 in wheel file name Aug 15, 2024
This was referenced Aug 16, 2024
Closed
Merged
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type: bug A confirmed bug or unintended behavior
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Deprecate wheel filenames that are not compliant with PEP 440 notatallshaw/pip
2 participants
@pradyunsg @notatallshaw