Description
Description
If we'll use pip to install a package which resides in VCS, it will try to upgrade the dependency every time we perform pip install (even if we'll not use the -U flag). Note that it includes cloning the repository every time.
Important note: While using the deprecated resolver this bug doesn't reproduce(I am currently using the deprecated legacy resolver in order to avoid re-cloning every time).
The original ticket that was opened on this subject (#10829) was closed with reference to #5780
I have reviewed this issue and I suspect there was some misunderstanding.
The updated sample setup.py provided has an explicit tag. What I would want to see is that if a an explicit tag or commit is used, there is no reason to re-clone the repo unless -U is used.
#5780 is a very different subject (related to VCS, this is true).
Expected behavior
The expected behavior is that when using pip install without the -U flag i want to avoid upgrading already-existing packages. In addition I wouldn't like to clone them all over again to save time.
Much like when I reinstall an existing package I already have :
$> pip install requests==2.28.2
Requirement already satisfied: requests==2.28.2 ... I expect to see "Requirement already satisfied" in the exact same way, Instead a repo clone and remote introspection of the tag is going on.
If I update a tag on my local pydev (I delete the tag and update the package with a new package) I will still get a "Requirement already satisfied" ad only if I use a -U a new install will take place.
In this case, I'd expect to have the same behavior, the installed VCS SHA is already installed, Why would this behave any different ?
pip version
22.3.1
Python version
3.9.5
OS
Ubuntu 22.10
How to Reproduce
from setuptools import setup
setup(
name="testing-git",
install_requires=[
"requests @ git+ssh://[email protected]/psf/requests.git@15585909c3dd3014e4083961c8a404709450151c"
]
)Output
$> pip install .
Processing ~/Code/testpip
Preparing metadata (setup.py) ... done
Collecting requests@ git+ssh://[email protected]/psf/requests.git@15585909c3dd3014e4083961c8a404709450151c
Cloning ssh://****@github.com/psf/requests.git (to revision 15585909c3dd3014e4083961c8a404709450151c) to /private/var/folders/tb/p73wb8qd2tv4j00t2cy1fgh40000gn/T/pip-install-raidz3xp/requests_ccefa6bb3b304eb1a2875dc637372d86
Running command git clone --filter=blob:none --quiet 'ssh://****@github.com/psf/requests.git' /private/var/folders/tb/p73wb8qd2tv4j00t2cy1fgh40000gn/T/pip-install-raidz3xp/requests_ccefa6bb3b304eb1a2875dc637372d86
Running command git rev-parse -q --verify 'sha^15585909c3dd3014e4083961c8a404709450151c'
Running command git fetch -q 'ssh://****@github.com/psf/requests.git' 15585909c3dd3014e4083961c8a404709450151c
Resolved ssh://****@github.com/psf/requests.git to commit 15585909c3dd3014e4083961c8a404709450151c
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing metadata (pyproject.toml) ... done
Requirement already satisfied: charset-normalizer<4,>=2 in ~/.virtualenvs/testpip/lib/python3.9/site-packages (from requests@ git+ssh://[email protected]/psf/requests.git@15585909c3dd3014e4083961c8a404709450151c->testing-git==0.0.0) (3.0.1)
Requirement already satisfied: idna<4,>=2.5 in ~/.virtualenvs/testpip/lib/python3.9/site-packages (from requests@ git+ssh://[email protected]/psf/requests.git@15585909c3dd3014e4083961c8a404709450151c->testing-git==0.0.0) (3.4)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in ~/.virtualenvs/testpip/lib/python3.9/site-packages (from requests@ git+ssh://[email protected]/psf/requests.git@15585909c3dd3014e4083961c8a404709450151c->testing-git==0.0.0) (1.26.14)
Requirement already satisfied: certifi>=2017.4.17 in ~/.virtualenvs/testpip/lib/python3.9/site-packages (from requests@ git+ssh://[email protected]/psf/requests.git@15585909c3dd3014e4083961c8a404709450151c->testing-git==0.0.0) (2022.12.7)
Installing collected packages: testing-git
Attempting uninstall: testing-git
Found existing installation: testing-git 0.0.0
Uninstalling testing-git-0.0.0:
Successfully uninstalled testing-git-0.0.0
DEPRECATION: testing-git is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
Running setup.py install for testing-git ... done
Successfully installed testing-git-0.0.0
Code of Conduct
- I agree to follow the PSF Code of Conduct.