Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

index-url extra-index-url install priority order #5045

Closed
feluxe opened this issue Mar 1, 2018 · 5 comments
Closed

index-url extra-index-url install priority order #5045

feluxe opened this issue Mar 1, 2018 · 5 comments
Labels
auto-locked Outdated issues that have been locked by automation

Comments

@feluxe
Copy link

feluxe commented Mar 1, 2018

  • Pip version: 9.0.1
  • Python version: 3.6
  • Operating system: Linux

Description:

I have this in my pip.conf:

[global]
index-url = https://myregistry-xyz.com
extra-index-url = https://pypi.python.org/pypi

Let's assume packageX exists in both registries and I run pip install packageX.

I expect pip to install packageX from https://myregistry-xyz.com, but pip will use https://pypi.python.org/pypi instead.

If I switch the values for index-url and extra-index-url I get the same result. pypi is always prioritized.
@benoit-pierre
Copy link
Member

Is that for the same distributions for packageX? As in same format and version?

Because, if for example both indexes provide packageX-1.0-py3-none-any.whl, than there's is no reason for pip to prefer one over the other: they are supposed to be the same.

@feluxe
Copy link
Author

feluxe commented Mar 1, 2018

Thanks for your reply!

These are two different packages maintained by two different parties. packageX on https://myregistry-xyz.com is a private package. The only thing they have in common is the name and maybe (coincidentally) the version.

Because, if for example both indexes provide packageX-1.0-py3-none-any.whl, than there's is no reason for pip to prefer one over the other: they are supposed to be the same.

Downside with this: I have to register a lot of empty placeholder-packages on pypi to make sure none of my private package names is registered by someone else. I'm afraid this might lead to some pollution on pypi in general. Not sure if this is a big deal though...

@pfmoore
Copy link
Member

pfmoore commented Mar 1, 2018

Packages are expected to be unique up to name and version, so two wheels with the same package name and version are treated as indistinguishable by pip. This is a deliberate feature of the package metadata, and not likely to change.

Rather than registering a whole load of empty packages on PyPI (which as you say, isn't that friendly, although probably OK if you use a unique prefix like mycompany.XXX), you might want to look at using devpi as a local package cache. I believe that allows you to hold your private packages locally, but "pass through" to PyPI for anything not held in your devpi instance. Then you'd use --index-url to point to your local devpi as the package index, and skip using PyPI at all.

@feluxe
Copy link
Author

feluxe commented Mar 1, 2018

I think this clears it all, at least on my side. I'll just prefix all private packages. Thanks for the infos! :)

@feluxe feluxe closed this as completed Mar 1, 2018
@lock
Copy link

lock bot commented Jun 2, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot added the auto-locked Outdated issues that have been locked by automation label Jun 2, 2019
@lock lock bot locked as resolved and limited conversation to collaborators Jun 2, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
auto-locked Outdated issues that have been locked by automation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pfmoore @benoit-pierre @feluxe