• I am on the latest Poetry version.

• I have searched the issues of this repo and believe that this is not a duplicate.

• If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

• OS version and name: Debian Buster

• Poetry version: 1.0.2

• Link of a Gist with the contents of your pyproject.toml file: https://gist.github.com/jrmlhermitte/bbfda76d59b820560bf2ff4a1e57d42d

Issue

This came from a discussion on issue #691

If we re-run the gist included above, poetry will try re-installing the referred library, even though the git tag has not changed.

This was discovered on the issue mentioned above. Here is the reply from @bibz

Thanks for the MRE.

I can reproduce your example now.
You found a different bug than we had, due to how git handled signed annotated tags.

To summarise:

The (annotated) tag v5.1.3 itself is a git object with the short sha 73f60e6
The tree pointed to by the tag has the short sha 4056bbb

The lock file refers to the tag object, because it is what v5.1.3 resolves to directly.
Since the checked-out tree has a different sha, poetry thinks it is not up-to-date (the references are different) and then re-install it.

I think we need a new issue for this.

Would it be possible to investigate this, and possibly change the behaviour to not re-install the package?

Thanks for the great work on this wonderful library, keep it up!