Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport #702 for 5.4: Pin Cython build constraint to < 3.0 #726

Closed
wants to merge 2 commits into from
Closed

Backport #702 for 5.4: Pin Cython build constraint to < 3.0 #726

wants to merge 2 commits into from

Conversation

idanmiara
Copy link

@idanmiara idanmiara commented Jul 18, 2023
edited
Loading

This is a backport of #702 + release of 5.4.2
Also closes #724

I'm not sure if release/5.4.1 is the correct branch to rebase this, but I didn't find a v5.4 branch or similar.

@nitzmahone @idan-miara
block Cython 3.0+ as a build dep (yaml#702)
f02cb50 
* keeps libyaml extension build functional once Cython 3.0 releases; stopgap measure until we can rewrite the extension build to eliminate all the ancient deprecated distutils magic
@idanmiara idanmiara changed the title Backport #702 for 5.4.1: Pin Cython build constraint to < 3.0 Backport #702 for 5.4: Pin Cython build constraint to < 3.0 Jul 18, 2023
@idan-miara idan-miara force-pushed the fix/5.4.2_cython_build_constraint branch from c354143 to 99b5657 Compare July 18, 2023 13:29
@idanmiara
Copy link
Author

@nitzmahone please review😁

@nitzmahone
Copy link
Member

After the fire-drill required to rebuild all the 6.0 wheels, I'm not planning to touch the 5.x codebases or packages. The packaging metadata is the easy part- the hard part is rebuilding and re-releasing all the same wheels without risking breakage (esp since a number of the worker images have been discontinued). If we release a new 5.x sdist, we have to re-release all the wheels or we've broken everyone else that was still working fine with those old versions.

For folks that need to build 5.x from sdist, I'd suggest using some combo of PIP_CONSTRAINTS or the git clone + sed hackery someone else mentioned to get the existing 5.x sdists to build while constraining the Cython version.

@nitzmahone nitzmahone closed this Jul 18, 2023
@idanmiara
Copy link
Author

@nitzmahone thanks for looking into this and for your detailed response.
I'm thinking that since the binaries are unchanged maybe another solution could be to download them all, unpack them, change the version to 5.4.2 and repack. I can suggest a python script to do so.

@idanmiara idanmiara mentioned this pull request Jul 18, 2023
Closed
@MrMino
Copy link

MrMino commented Jul 18, 2023

@nitzmahone IIUC re-releasing the sdist to PyPI wouldn't require re-releasing wheels. Am I missing something?

The issue with PIP_CONSTRAINTS and building from checkouts is that it doesn't really work for people who don't have control over transitive dependencies.

@idanmiara
Copy link
Author

@nitzmahone IIUC re-releasing the sdist to PyPI wouldn't require re-releasing wheels. Am I missing something?

I also think so, assuming one didn't change their requirements, if pip fails to install 5.4.2 from source it should backtrack to 5.4.1 and install without a problem.

@MrMino
Copy link

MrMino commented Jul 18, 2023

What I'm talking about is re-releasing 5.4.1 sdist with the single Cython < 3.0 change added to pyproject.toml and build/macos.sh.

Right now the 5.4.1 sdist is basically unusable, but the rest of the wheels are fine.

@idanmiara
Copy link
Author

What I'm talking about is re-releasing 5.4.1 sdist with the single Cython < 3.0 change added to pyproject.toml and build/macos.sh.

Right now the 5.4.1 sdist is basically unusable, but the rest of the wheels are fine.

Not possible. pypi refuses to reuse a version name.

@chlndh
Copy link

chlndh commented Jul 18, 2023

but e.g. docker-compose is requiring PyYAML < 6 and existing 5.4.1 is broken for me

@etomkova
Copy link

etomkova commented Jul 19, 2023
edited
Loading

It's a bit unfortunate that this issue got closed because the problem with building the package essentially means that we're unable to build our application the usual way (poetry with a lock file - because the build dependencies of transitive dependencies are not locked).

EDIT: I now have an ugly workaround. As part of the dockerfile:

RUN \
  poetry run pip install "cython<3" && \
  poetry run pip install --no-build-isolation "pyyaml==5.4.1" # the exact version from poetry.lock

@etomkova
Copy link

Would it be possible to release pre-built wheels for Python 3.10? That would solve the issue for us because then we wouldn't have to build the wheel. Thank you kindly for considering this.

@aeurielesn aeurielesn mentioned this pull request Jul 19, 2023
Closed
@jremmet jremmet mentioned this pull request Jul 19, 2023
Closed
@Iain-S Iain-S mentioned this pull request Jul 19, 2023
Closed
@fa9r fa9r mentioned this pull request Jul 19, 2023
Merged
8 tasks
@dictcp dictcp mentioned this pull request Jul 19, 2023
Closed
@mrossi2023
Copy link

Hi guys,
we use 5.4.1 in our codebase and we have a PROD release early next week. We cannot upgrade to 6.0.1 . When will this version 5.4.1 be fixed?

@shmsr shmsr mentioned this pull request Jul 19, 2023
Closed
6 tasks
@mcdonnnj mcdonnnj mentioned this pull request Jul 20, 2023
Merged
7 tasks
@idanmiara
Copy link
Author

Hi @nitzmahone
I see that many people are effected by this bug, see the amount of reaction to all the related issues and PRs.
Would you please reconsider my proposal #726 (comment) or otherwise explain what's the problem with just releasing a new sdist with or without re-releasing the same wheels with with a new version ?

@jsirois jsirois mentioned this pull request Jul 20, 2023
Merged
@idanmiara
Copy link
Author

Another idea is to release 5.4.2 as Python3.10+ sdist package so it wouldn't effect Python<=3.9 users and will fix the installation for Python 3.10+ users.

@noffsh noffsh mentioned this pull request Jul 23, 2023
Closed
@juagargi juagargi mentioned this pull request Jul 25, 2023
Merged
@Uzume Uzume mentioned this pull request Jul 26, 2023
Closed
@Uzume
Copy link

Uzume commented Jul 26, 2023

@idanmiara: I think a 5.4.2 Python3.10+ sdist is a great idea but I would prefer a #731 (formerly #602) style fix instead of a #702 workaround port.

@idanmiara
Copy link
Author

@Uzume
Any fix that that is agreed by the maintainers is fine by me, I just think that in order for this to be relevant we should seek a quick fix first.
I think that maybe a minimal fix i.e. pin Cython could be used for 5.4.2 and if needed, 5.5.0 or 5.4.3 could propose a proper longer term fix.
Are there any other maintainers for this project who might want to share their opinion on that matter?

@Uzume
Copy link

Uzume commented Jul 26, 2023

@idanmiara: By "other maintainers" I assume you are referring to @ingydotnet or @perlpunk? Those are the only other users listed as maintainers at PyPI (and mapping usernames to GH).

@perlpunk
Copy link
Member

For the record, no opinion from me, because I'm not familiar enough with python releases and especially not cython. I concentrate mainly on YAML related stuff.

@Uzume
Copy link

Uzume commented Jul 26, 2023

@perlpunk: Thanks for the response. What you said may be true, however, you three are the only ones at PyPI that seem to have access to releases there (despite the greater number of people here in the GH org) and thus are the only ones capable to affecting changes there (besides PyPI admins themselves taking a direct hand in something).

@slazicoicr slazicoicr mentioned this pull request Jul 27, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@idanmiara @nitzmahone @MrMino @chlndh @etomkova @mrossi2023 @Uzume @perlpunk