Open
Description
Issue description
When installing package from private PYPi and this package has same private dependency which perfectly builded by setuptools, Pipenv fails to install it. For some reason dependency links like this:
pip @ https://github.com/pypa/pip/archive/1.3.1.zip#sha1=da9234ee9982d4bbb3c72346a6de940a148ea686
Are not working on deeper type of package. But when installing private packages in first place: it works.
Expected result
Package installed perfectly fine
Actual result
Here all mentions of private repositories are replaced and credentials are also replaced
Installing dependencies from Pipfile.lock (8d5c47)...
Writing supplied requirement line to temporary file: "harmony-entities==0.0.3; python_version >= '3.12' --hash=sha256:7135bee506d6f017b53d276f8f2a7e0fbfbeaa1918292286bdad4908634ba149 --hash=sha256:eb2901b727dcd3e10283df0ae097d814019031a14968279f11675d85ed0af30a"
Writing supplied requirement line to temporary file: "harmony-protocols; python_full_version >= '3.12.8' --hash=sha256:17c8e0b18a93d18a6910f2a2a3b8b12604f89b9b39c4c5233abfe506361c1da7 --hash=sha256:2820be47e5d52a9cd6f94e7ccc5d56d0cf3ef096de51fbcc54b1f49d198b9ea9
--hash=sha256:68626f76764b115447e7a918897f904639bad7a2d1c541c005b4b1f5d5d26bb7 --hash=sha256:97966bea7e289f88dd9eb3ce8bec39a9250e6866f050762f7288d6f02bd38eef --hash=sha256:cf6724d7e1273fc9a96f70f0243c95395c32c4434c205ab011e2b5e3a9de5c9b
--hash=sha256:fc3f3a3d83f50cf7b030c6419fcfe74458afd32df118c33e598f0849d8778f32"
Install Phase: Standard Requirements
Preparing Installation of "harmony-entities==0.0.3; python_version >= '3.12' --hash=sha256:7135bee506d6f017b53d276f8f2a7e0fbfbeaa1918292286bdad4908634ba149 --hash=sha256:eb2901b727dcd3e10283df0ae097d814019031a14968279f11675d85ed0af30a"
Preparing Installation of "harmony-protocols; python_full_version >= '3.12.8' --hash=sha256:17c8e0b18a93d18a6910f2a2a3b8b12604f89b9b39c4c5233abfe506361c1da7 --hash=sha256:2820be47e5d52a9cd6f94e7ccc5d56d0cf3ef096de51fbcc54b1f49d198b9ea9
--hash=sha256:68626f76764b115447e7a918897f904639bad7a2d1c541c005b4b1f5d5d26bb7 --hash=sha256:97966bea7e289f88dd9eb3ce8bec39a9250e6866f050762f7288d6f02bd38eef --hash=sha256:cf6724d7e1273fc9a96f70f0243c95395c32c4434c205ab011e2b5e3a9de5c9b
--hash=sha256:fc3f3a3d83f50cf7b030c6419fcfe74458afd32df118c33e598f0849d8778f32"
$ /Users/assertionbit/Work/xxx/.local/python/xxx/bin/python /Users/assertionbit/.asdf/installs/python/3.12.8/lib/python3.12/site-packages/pipenv/patched/pip/__pip-runner__.py install -i
'http://assertionbit:xxx@xxx/api/packages/xxx/pypi/simple/' --trusted-host xxx --no-input --upgrade --no-deps -r /var/folders/bq/138tb2lx02s0m_byxycrnj_h0000gn/T/pipenv-km8g7mvc-requirements/pipenv-omtlkmbe-hashed-reqs.txt
Using source directory: '/Users/assertionbit/Work/xxx/.local/python/xxx/src'
Looking in indexes: http://assertionbit:****@xxx/api/packages/xxx/pypi/simple/
Collecting harmony-entities==0.0.3 (from -r /var/folders/bq/138tb2lx02s0m_byxycrnj_h0000gn/T/pipenv-km8g7mvc-requirements/pipenv-omtlkmbe-hashed-reqs.txt (line 1))
Downloading http://xxx/api/packages/xxx/pypi/files/harmony-entities/0.0.3/harmony_entities-0.0.3-py3-none-any.whl (7.8 kB)
Collecting harmony-protocols (from -r /var/folders/bq/138tb2lx02s0m_byxycrnj_h0000gn/T/pipenv-km8g7mvc-requirements/pipenv-omtlkmbe-hashed-reqs.txt (line 2))
Install Phase: Editable Requirements
Preparing Installation of "harmony-entities==0.0.3; python_version >= '3.12' --hash=sha256:7135bee506d6f017b53d276f8f2a7e0fbfbeaa1918292286bdad4908634ba149 --hash=sha256:eb2901b727dcd3e10283df0ae097d814019031a14968279f11675d85ed0af30a"
Preparing Installation of "harmony-protocols; python_full_version >= '3.12.8' --hash=sha256:17c8e0b18a93d18a6910f2a2a3b8b12604f89b9b39c4c5233abfe506361c1da7 --hash=sha256:2820be47e5d52a9cd6f94e7ccc5d56d0cf3ef096de51fbcc54b1f49d198b9ea9
--hash=sha256:68626f76764b115447e7a918897f904639bad7a2d1c541c005b4b1f5d5d26bb7 --hash=sha256:97966bea7e289f88dd9eb3ce8bec39a9250e6866f050762f7288d6f02bd38eef --hash=sha256:cf6724d7e1273fc9a96f70f0243c95395c32c4434c205ab011e2b5e3a9de5c9b
--hash=sha256:fc3f3a3d83f50cf7b030c6419fcfe74458afd32df118c33e598f0849d8778f32"
$ /Users/assertionbit/Work/xxx/.local/python/xxx/bin/python /Users/assertionbit/.asdf/installs/python/3.12.8/lib/python3.12/site-packages/pipenv/patched/pip/__pip-runner__.py install -i
'http://assertionbit:xxx@xxx/api/packages/xxx/pypi/simple/' --trusted-host xxx --no-input --upgrade --no-deps -r /var/folders/bq/138tb2lx02s0m_byxycrnj_h0000gn/T/pipenv-km8g7mvc-requirements/pipenv-9oexga7e-reqs.txt
Using source directory: '/Users/assertionbit/Work/xxx/.local/python/xxx/src'
Looking in indexes: http://assertionbit:****@xxx/api/packages/xxx/pypi/simple/
ERROR: In --require-hashes mode, all requirements must have their versions pinned with ==. These do not:
harmony-protocols from http://xxx/api/packages/xxx/pypi/files/harmony-protocols/0.0.3/harmony_protocols-0.0.3-py3-none-any.whl#sha256=97966bea7e289f88dd9eb3ce8bec39a9250e6866f050762f7288d6f02bd38eef (from -r
/var/folders/bq/138tb2lx02s0m_byxycrnj_h0000gn/T/pipenv-km8g7mvc-requirements/pipenv-omtlkmbe-hashed-reqs.txt (line 2))
: ERROR: In --require-hashes mode, all requirements must have their versions pinned with ==. These do not:
: harmony-protocols from http://xxx/api/packages/xxx/pypi/files/harmony-protocols/0.0.3/harmony_protocols-0.0.3-py3-none-any.whl#sha256=97966bea7e289f88dd9eb3ce8bec39a9250e6866f050762f7288d6f02bd38eef (from -r
/var/folders/bq/138tb2lx02s0m_byxycrnj_h0000gn/T/pipenv-km8g7mvc-requirements/pipenv-omtlkmbe-hashed-reqs.txt (line 2))
ERROR: Couldn't install package: [1m{}[0m
[33mPackage installation failed...[0m
Steps to replicate
- Create sample project (example package
A) - Write small package
- Publish to private index
- Write second package (example package
B) - Replicate steps 2 and 3
- Add first package (package
A) - Write third package
- Attempt to install second package (package
B)
Results of support
Could not be provided, due big and private content... If required, will provide pastebin link here.
Metadata
Metadata
Assignees
Labels
No labels