From f7e70d0fbf7488198026631b435b3e7faaf3dab2 Mon Sep 17 00:00:00 2001 From: Chih-Hsuan Yen Date: Fri, 25 Dec 2020 14:45:43 +0800 Subject: package_index: don't create dists with non-PEP440 versions --- setuptools/package_index.py | 25 +++++++------------------ 1 file changed, 7 insertions(+), 18 deletions(-) (limited to 'setuptools/package_index.py') diff --git a/setuptools/package_index.py b/setuptools/package_index.py index 3979b131..bc0ba7a6 100644 --- a/setuptools/package_index.py +++ b/setuptools/package_index.py @@ -152,35 +152,24 @@ def interpret_distro_name( location, basename, metadata, py_version=None, precedence=SOURCE_DIST, platform=None ): - """Generate alternative interpretations of a source distro name + """Generate the interpretation of a source distro name Note: if `location` is a filesystem filename, you should call ``pkg_resources.normalize_path()`` on it before passing it to this routine! """ - # Generate alternative interpretations of a source distro name - # Because some packages are ambiguous as to name/versions split - # e.g. "adns-python-1.1.0", "egenix-mx-commercial", etc. - # So, we generate each possible interepretation (e.g. "adns, python-1.1.0" - # "adns-python, 1.1.0", and "adns-python-1.1.0, no version"). In practice, - # the spurious interpretations should be ignored, because in the event - # there's also an "adns" package, the spurious "python-1.1.0" version will - # compare lower than any numeric version number, and is therefore unlikely - # to match a request for it. It's still a potential problem, though, and - # in the long run PyPI and the distutils should go for "safe" names and - # versions in distribution archive names (sdist and bdist). parts = basename.split('-') if not py_version and any(re.match(r'py\d\.\d$', p) for p in parts[2:]): # it is a bdist_dumb, not an sdist -- bail out return - for p in range(1, len(parts) + 1): - yield Distribution( - location, metadata, '-'.join(parts[:p]), '-'.join(parts[p:]), - py_version=py_version, precedence=precedence, - platform=platform - ) + p = len(parts) - 1 + yield Distribution( + location, metadata, '-'.join(parts[:p]), '-'.join(parts[p:]), + py_version=py_version, precedence=precedence, + platform=platform + ) # From Python 2.7 docs -- cgit v1.2.1 From a9d3576584cd9a91734dae6473ab6c3253f09f64 Mon Sep 17 00:00:00 2001 From: "Jason R. Coombs" Date: Fri, 22 Oct 2021 12:12:04 -0400 Subject: Suppress the now invalid pbr version. --- setuptools/package_index.py | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'setuptools/package_index.py') diff --git a/setuptools/package_index.py b/setuptools/package_index.py index c9254289..1300b406 100644 --- a/setuptools/package_index.py +++ b/setuptools/package_index.py @@ -283,6 +283,12 @@ class PackageIndex(Environment): self.to_scan = [] self.opener = urllib.request.urlopen + def add(self, dist): + # ignore invalid pbr version + if dist.version == '0.5.2.5.g5b3e942': + return + return super().add(dist) + # FIXME: 'PackageIndex.process_url' is too complex (14) def process_url(self, url, retrieve=False): # noqa: C901 """Evaluate a URL as a possible download, and maybe retrieve it""" -- cgit v1.2.1 From 6fc5d3099898fc3d06bcf72f1f6607d02124d60f Mon Sep 17 00:00:00 2001 From: "Jason R. Coombs" Date: Fri, 22 Oct 2021 12:44:53 -0400 Subject: Update test_egg_fragment to include a name with a dash in it. Expand on interpret_distro_name to be a tiny bit smarter about inferring the pivot separating name and version. --- setuptools/package_index.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'setuptools/package_index.py') diff --git a/setuptools/package_index.py b/setuptools/package_index.py index 1300b406..bef2ef81 100644 --- a/setuptools/package_index.py +++ b/setuptools/package_index.py @@ -165,7 +165,14 @@ def interpret_distro_name( # it is a bdist_dumb, not an sdist -- bail out return - p = len(parts) - 1 + # find the pivot (p) that splits the name from the version. + # infer the version as the first item that has a digit. + for p in range(len(parts)): + if parts[p][:1].isdigit(): + break + else: + p = len(parts) + yield Distribution( location, metadata, '-'.join(parts[:p]), '-'.join(parts[p:]), py_version=py_version, precedence=precedence, -- cgit v1.2.1