Poetry refuses to install package with correct hash #4523
Description
-
I am on the latest Poetry version.
-
I have searched the issues of this repo and believe that this is not a duplicate.
-
If an exception occurs when executing a command, I executed it again in debug mode (
-vvvoption). -
OS version and name: Debian Buster
-
Poetry version: 1.1.9
-
Link of a Gist with the contents of your pyproject.toml file: https://gist.github.com/MartinWallgren/65ffceae6b597698602afdcdae927d7f
Issue
Poetry refuses to install a package even though the checksum is correct. Looking at the output it seems as if the cheksum stored in the lock file is md5 and the checksum used during installation is sha256.
Both sha256:3ae5020d5eddabcb57db9211e3f1a46ebafa28cb31cdeb4a497189041757bb7b and md5:75dbe554e7838a35e3a5836887cf9efc are valid checksums for this package according to our index (artifactory).
❯ poetry install
Installing dependencies from lock file
Package operations: 1 install, 0 updates, 0 removals
• Installing axis-json-log-formatter (0.1.0): Failed
RuntimeError
Retrieved digest for link axis_json_log_formatter-0.1.0.tar.gz(sha256:3ae5020d5eddabcb57db9211e3f1a46ebafa28cb31cdeb4a497189041757bb7b) not in poetry.lock metadata ['md5:75dbe554e7838a35e3a5836887cf9efc']
at ~/.poetry/lib/poetry/installation/chooser.py:115 in _get_links
111│
112│ if links and not selected_links:
113│ raise RuntimeError(
114│ "Retrieved digest for link {}({}) not in poetry.lock metadata {}".format(
→ 115│ link.filename, h, hashes
116│ )
117│ )
118│
119│ return selected_links