Skip to content

Pants poetry-based lockfiles fail to include hashes. #16111

New issue
New issue
Closed
#16112
Closed
Pants poetry-based lockfiles fail to include hashes.#16111
#16112
Assignees
jsirois
Labels
bug
@jsirois

Description

@jsirois
jsirois
opened on Jul 9, 2022

This was detected in a unit test in the Pants repo, but is a wider problem for all versions of Pants that support generating lockfiles using Poetry.

The proximal cause is this announcement from PyPI:
https://discuss.python.org/t/backwards-incompatible-change-to-pypi-json-api/17154

And the root cause is this Poetry code:
https://github.com/python-poetry/poetry/blob/bce13c14f73060b3abbb791dea585d8fde26eaef/poetry/repositories/pypi_repository.py#L272-L283

There was a Poetry fix released and backported to the 1.1. branch here:
python-poetry/poetry#5973

Users can fix with 2 steps:

  1. Update Pants config
[poetry]
# N.B.: Works around issue described at https://github.com/pantsbuild/pants/issues/16111
# Undo once on a Pants with this version or greater as the default.
version = "poetry==1.1.14"
  1. Clear Poetry caches with rm -rf ~/.cache/pypoetry on Linux and rm -rf ~/Library/Caches/pypoetry on Mac.

This issue tracks bumping Pants default to this fixed Poetry version.

Metadata

Metadata

Assignees

Labels

bug

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions