Cannot install version 3.8.0 with pip

[h3llrais3r]

I use requires.io for monitoring my dependencies. (https://requires.io/github/h3llrais3r/Auto-Subliminal/requirements/?branch=development)
It keeps complaining about configparser being outdated because there is a newer version 3.8.0.
However it's not possible to install it through pip.
Any idea how we can can rid of this version, as it seems to be the same release as 3.7.3?

[jaraco]

That's by design.

I originally accidentally released the code as 3.8.0 before I remembered the unusual scheme for versions in the configparser project. To conform to the scheme, I removed the 3.8.0 release from PyPI. The tag still remains on the repo, however, as a reminder that a 3.8.0 was published momentarily and to prevent attempting a release of that same version again.

So in some sense, the issue lies with requires.io not having the sophistication to understand that the tags are not authoritative, but the versions in PyPI are. I don't really blame it though, as I suspect there's no formal spec about what makes a release authoritative (tags on the repo vs. artifacts in a repository). In practice, though, I think requires.io should really defer to artifacts in PyPI as the canonical reference for which releases are available to be installed.

Short of waiting for requires.io to respect my intentions, I see a couple of other options:

1. Merge the changes from CPython 3.8.0a1 (or master) and cut a 3.8.1 release from it.
2. Change the versioning scheme to semver (something I'd already almost done in What's the version scheme? #25) and just rely on the documentation to reference the relevant changes from upstream.

Any other ideas?

[h3llrais3r]

I just wanted to know why requires.io was always complaining about a release that I could not find.
After your explanation it seems to be related to the 3.8.0 tag.
Why not deleting the tag 3.8.0? Can't you release a new version later on with the same tag, since the release 3.8.0 has actually been deleted?
If not, I would say switch to semver, although I can also understand the reasoning about the current version scheme, but I'm leaving the decision to you.

PS: I can also live with the fact that I'm having an 'outdated' requirement until a new release, while it's not actually outdated. 😉

[jaraco]

I can delete the tag, but I cannot release a new version later on the same tag. PyPI forbids changing the contents of a published version (for security reasons). Yes, I think I'll just delete the tag. If I or someone else attempts later to publish 3.8.0 and it fails, they'll find this ticket and know to just go to 3.8.1. That sounds easy enough.

configparser master $ git push origin :3.8.0                                                                                                                                                             
To https://github.com/jaraco/configparser
 - [deleted]         3.8.0

Let me know if requires.io doesn't pick up the change. I estimate a 30% chance it will cache the value for up to 24 hours and a smaller chance it will cache the tag indefinitely.

[h3llrais3r]

Still showing the old 3.8.0... so I raised issue at requires.io.

[jaraco]

Let me know what they say.

[h3llrais3r]

Still no feedback... 😞