Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

poetry lock --no-update updates dependencies if custom source specified #6335

Closed
3 tasks done
maxim-krikun opened this issue Sep 1, 2022 · 3 comments · Fixed by #6336
Closed
3 tasks done

poetry lock --no-update updates dependencies if custom source specified #6335

maxim-krikun opened this issue Sep 1, 2022 · 3 comments · Fixed by #6336
Labels
kind/bug Something isn't working as expected

Comments

@maxim-krikun
Copy link

  • I am on the latest Poetry version.
  • I have searched the issues of this repo and believe that this is not a duplicate.
  • If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).
  • OS version and name: Windows 10 (21H2)
  • Poetry version: 1.2.0
  • Link of a Gist with the contents of your pyproject.toml file:

Issue

Using Poetry 1.1.14 and lock file poetry_1.1.14.lock:

❯ poetry lock --no-update
Resolving dependencies...

The lock file remains unchanged. Then upgrade Poetry up to 1.2.0.
Using Poetry 1.2.0 and lock file poetry_1.1.14.lock:

❯ poetry lock --check
poetry.lock is consistent with pyproject.toml.
❯ poetry lock --no-update
Resolving dependencies...

Writing lock file

It produces a new lock file poetry_1.2.0.lock.
As you can see some versions of the dependencies have been updated.
That is, the changes were not only cosmetic.
I'd also like to note:

  • if you don't use a custom source (just remove source block from pyproject.toml and repeat repro steps), everything works as it should;
  • command for checking lock file returned a positive result. So there must be a bug somewhere, either in the check or in the locking.
@maxim-krikun maxim-krikun added kind/bug Something isn't working as expected status/triage This issue needs to be triaged labels Sep 1, 2022
@dimbleby
Copy link
Contributor

dimbleby commented Sep 1, 2022

poetry/src/poetry/puzzle/provider.py

Line 846 in a613347

and dependency.is_same_source_as(package)
I think is the line that refuses to acknowledge that the locked package is the same as the dependency - because the dependency has no source_type or source_url, whereas the locked package does.

poetry 1.1 used to ask a slightly different question:

poetry/poetry/mixology/version_solver.py

Line 469 in 46bf7fd

if not dependency.is_same_package_as(locked):
.

I think that it is python-poetry/poetry-core#325 which introduced the changed behaviour, though refactorings since then have made the trail not quite straightforward to follow.

I guess we need a more delicate check on the source type here.

@dimbleby dimbleby mentioned this issue Sep 1, 2022
Merged
@dimbleby
Copy link
Contributor

dimbleby commented Sep 1, 2022

(probably #6307 was the same, but it's amazing the difference a repro makes - thank you!)

@radoering radoering mentioned this issue Sep 13, 2022
Merged
@mkniewallner mkniewallner removed the status/triage This issue needs to be triaged label Sep 18, 2022
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 1, 2024

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 1, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Something isn't working as expected
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

No unwanted update of packages from legacy source dimbleby/poetry
3 participants
@dimbleby @mkniewallner @maxim-krikun