Lock file markers order is non-deterministic

[giorgiosironi]

Issue description

Python 3.6.6
pipenv, version 2018.7.1
Docker image python:3.6.6-alpine3.8

Sample Pipfile and Pipfile.lock

Re-running pipenv install && pipenv lock may produce a different result for the markers field of the lock file.

Expected result

Would expect the Pipfile.lock to be stable.

Actual result

diff --git a/Pipfile.lock b/Pipfile.lock
index f75cb81..82f92ae 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -107,7 +107,7 @@
                 "sha256:6e3836e39f4d36ae72840833db137f7b7d35105079aee6ec4a62d9f80d594dd1",
                 "sha256:95eb8364a4708392bae89035f45341871286a333f749c3141c20573d2b3876e1"
             ],
-            "markers": "python_version != '3.0.*' and python_version != '3.2.*' and python_version != '3.1.*' and python_version >= '2.7' and python_version != '3.3.*'",
+            "markers": "python_version >= '2.7' and python_version != '3.0.*' and python_version != '3.1.*' and python_version != '3.3.*' and python_version != '3.2.*'",
             "version": "==0.7.1"
         },
         "py": {
@@ -115,7 +115,7 @@
                 "sha256:3fd59af7435864e1a243790d322d763925431213b6b8529c6ca71081ace3bbf7",
                 "sha256:e31fb2767eb657cbde86c454f02e99cb846d3cd9d61b318525140214fdc0e98e"
             ],
-            "markers": "python_version != '3.0.*' and python_version != '3.2.*' and python_version != '3.1.*' and python_version >= '2.7' and python_version != '3.3.*'",
+            "markers": "python_version >= '2.7' and python_version != '3.0.*' and python_version != '3.1.*' and python_version != '3.3.*' and python_version != '3.2.*'",
             "version": "==1.5.4"
         },
         "pytest": {

Steps to replicate

Looks like an ordering problem, but difficult to replicate. There may be some subtlety in Pipfile that leads to the lock having this slight difference, but the combination of packages and versions is the same as before.

---

Courtesy Notice: Pipenv found itself running within a virtual environment, so it will automatically use that environment, instead of creating its own for any project. You can set PIPENV_IGNORE_VIRTUALENVS=1 to force pipenv to ignore that environment and create its own instead.

$ pipenv --support

Pipenv version: '2018.7.1'

Pipenv location: '/usr/local/lib/python3.6/site-packages/pipenv'

Python location: '/usr/local/bin/python'

Other Python installations in PATH:

• 3.6: /usr/local/bin/python3.6m

• 3.6: /usr/local/bin/python3.6

• 3.6: /usr/local/bin/python3.6

• 3.6.6: /.venv/bin/python

• 3.6.6: /usr/local/bin/python

• 3.6.6: /usr/local/bin/python

• 3.6.6: /.venv/bin/python3

• 3.6.6: /usr/local/bin/python3

• 3.6.6: /usr/local/bin/python3

PEP 508 Information:

{'implementation_name': 'cpython',
 'implementation_version': '3.6.6',
 'os_name': 'posix',
 'platform_machine': 'x86_64',
 'platform_python_implementation': 'CPython',
 'platform_release': '4.15.0-32-generic',
 'platform_system': 'Linux',
 'platform_version': '#35~16.04.1-Ubuntu SMP Fri Aug 10 21:54:34 UTC 2018',
 'python_full_version': '3.6.6',
 'python_version': '3.6',
 'sys_platform': 'linux'}

System environment variables:

• HOSTNAME
• PYTHON_PIP_VERSION
• SHLVL
• HOME
• GPG_KEY
• TERM
• PATH
• LANG
• PYTHONUSERBASE
• PYTHON_VERSION
• VIRTUAL_ENV
• PWD
• PYTHONDONTWRITEBYTECODE
• PIP_PYTHON_PATH

Pipenv–specific environment variables:

Debug–specific environment variables:

• PATH: /.venv/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
• LANG: C.UTF-8
• PWD: /pipfiles
• VIRTUAL_ENV: /.venv

---

Contents of Pipfile ('/pipfiles/Pipfile'):

[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[dev-packages]
pytest = "~=3.7.1"

[packages]
flask = "~=1.0.2"
flask-sqlalchemy = "~=2.3.2"
uwsgi = "~=2.0.17"

[requires]
python_version = "3.6"

Contents of Pipfile.lock ('/pipfiles/Pipfile.lock'):

{
    "_meta": {
        "hash": {
            "sha256": "de5e82391048034cd85b5f62f886bc8032eb874e0bc902c200263bcc9ac191b6"
        },
        "pipfile-spec": 6,
        "requires": {
            "python_version": "3.6"
        },
        "sources": [
            {
                "name": "pypi",
                "url": "https://pypi.org/simple",
                "verify_ssl": true
            }
        ]
    },
    "default": {
        "click": {
            "hashes": [
                "sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d",
                "sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b"
            ],
            "version": "==6.7"
        },
        "flask": {
            "hashes": [
                "sha256:2271c0070dbcb5275fad4a82e29f23ab92682dc45f9dfbc22c02ba9b9322ce48",
                "sha256:a080b744b7e345ccfcbc77954861cb05b3c63786e93f2b3875e0913d44b43f05"
            ],
            "index": "pypi",
            "version": "==1.0.2"
        },
        "flask-sqlalchemy": {
            "hashes": [
                "sha256:3bc0fac969dd8c0ace01b32060f0c729565293302f0c4269beed154b46bec50b",
                "sha256:5971b9852b5888655f11db634e87725a9031e170f37c0ce7851cf83497f56e53"
            ],
            "index": "pypi",
            "version": "==2.3.2"
        },
        "itsdangerous": {
            "hashes": [
                "sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519"
            ],
            "version": "==0.24"
        },
        "jinja2": {
            "hashes": [
                "sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd",
                "sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4"
            ],
            "version": "==2.10"
        },
        "markupsafe": {
            "hashes": [
                "sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665"
            ],
            "version": "==1.0"
        },
        "sqlalchemy": {
            "hashes": [
                "sha256:72325e67fb85f6e9ad304c603d83626d1df684fdf0c7ab1f0352e71feeab69d8"
            ],
            "version": "==1.2.10"
        },
        "uwsgi": {
            "hashes": [
                "sha256:d2318235c74665a60021a4fc7770e9c2756f9fc07de7b8c22805efe85b5ab277"
            ],
            "index": "pypi",
            "version": "==2.0.17.1"
        },
        "werkzeug": {
            "hashes": [
                "sha256:c3fd7a7d41976d9f44db327260e263132466836cef6f91512889ed60ad26557c",
                "sha256:d5da73735293558eb1651ee2fddc4d0dedcfa06538b8813a2e20011583c9e49b"
            ],
            "version": "==0.14.1"
        }
    },
    "develop": {
        "atomicwrites": {
            "hashes": [
                "sha256:240831ea22da9ab882b551b31d4225591e5e447a68c5e188db5b89ca1d487585",
                "sha256:a24da68318b08ac9c9c45029f4a10371ab5b20e4226738e150e6e7c571630ae6"
            ],
            "version": "==1.1.5"
        },
        "attrs": {
            "hashes": [
                "sha256:4b90b09eeeb9b88c35bc642cbac057e45a5fd85367b985bd2809c62b7b939265",
                "sha256:e0d0eb91441a3b53dab4d9b743eafc1ac44476296a2053b6ca3af0b139faf87b"
            ],
            "version": "==18.1.0"
        },
        "more-itertools": {
            "hashes": [
                "sha256:c187a73da93e7a8acc0001572aebc7e3c69daf7bf6881a2cea10650bd4420092",
                "sha256:c476b5d3a34e12d40130bc2f935028b5f636df8f372dc2c1c01dc19681b2039e",
                "sha256:fcbfeaea0be121980e15bc97b3817b5202ca73d0eae185b4550cbfce2a3ebb3d"
            ],
            "version": "==4.3.0"
        },
        "pluggy": {
            "hashes": [
                "sha256:6e3836e39f4d36ae72840833db137f7b7d35105079aee6ec4a62d9f80d594dd1",
                "sha256:95eb8364a4708392bae89035f45341871286a333f749c3141c20573d2b3876e1"
            ],
            "markers": "python_version >= '2.7' and python_version != '3.0.*' and python_version != '3.1.*' and python_version != '3.3.*' and python_version != '3.2.*'",
            "version": "==0.7.1"
        },
        "py": {
            "hashes": [
                "sha256:3fd59af7435864e1a243790d322d763925431213b6b8529c6ca71081ace3bbf7",
                "sha256:e31fb2767eb657cbde86c454f02e99cb846d3cd9d61b318525140214fdc0e98e"
            ],
            "markers": "python_version >= '2.7' and python_version != '3.0.*' and python_version != '3.1.*' and python_version != '3.3.*' and python_version != '3.2.*'",
            "version": "==1.5.4"
        },
        "pytest": {
            "hashes": [
                "sha256:3459a123ad5532852d36f6f4501dfe1acf4af1dd9541834a164666aa40395b02",
                "sha256:96bfd45dbe863b447a3054145cd78a9d7f31475d2bce6111b133c0cc4f305118"
            ],
            "index": "pypi",
            "version": "==3.7.2"
        },
        "six": {
            "hashes": [
                "sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9",
                "sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb"
            ],
            "version": "==1.11.0"
        }
    }
}

[uranusjr]

I vaguely remember this has been reported before, but can’t find the issue, so I’m keeping this open.

Sorry for the inconvenience. We are already working on correcting this. Thanks for the report!

[techalchemy]

I think we sort now? Will check

[uranusjr]

I found the report I was thinking about, #2662. Closing this to keep the discussion in one place.

[uranusjr]

Wait I misread this one… sorry about the noise.

[giorgiosironi]

Thank you for the effort and fast feedback, this is just an inconvenience in git diff but not a showstopper bug.

[DrMeers]

is this closed because it's fixed?

I'm still experiencing the issue in 2018.11.26

and it can result in redundant container rebuilding where Docker assumes something has changed