Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wildcard version dependency pins wildcard instead of specific version #4278

Closed
GPHemsley opened this issue May 28, 2020 · 2 comments · Fixed by #4283
Closed

Wildcard version dependency pins wildcard instead of specific version #4278

GPHemsley opened this issue May 28, 2020 · 2 comments · Fixed by #4283
Labels
Type: Bug 🐛

Comments

@GPHemsley
Copy link
Contributor

GPHemsley commented May 28, 2020

Spun off from #4263. This is a regression from 2018.11.26.

Issue description

Dependencies with wildcards get locked with a wildcard version instead of a specific version.

Steps to replicate

  • Run pipenv install 'example-test-package==1.0.*'

Expected result

Pipfile.lock contains:

        "example-test-package": {
            "hashes": [
                "sha256:0b164142f6adbef9d719de6885db0ead7b8af66bed3b0a2145dad75420e18a25",
                "sha256:54fec966dab3f3d4f2f5aa6d237bcd30af09a3dc7a0602da0306f39d8c625ec7"
            ],
            "index": "pypi",
            "version": "==1.0.0"
        }

Actual result

Pipfile.lock contains:

        "example-test-package": {
            "hashes": [
                "sha256:0b164142f6adbef9d719de6885db0ead7b8af66bed3b0a2145dad75420e18a25",
                "sha256:54fec966dab3f3d4f2f5aa6d237bcd30af09a3dc7a0602da0306f39d8c625ec7"
            ],
            "index": "pypi",
            "version": "==1.0.*"
        }
@GPHemsley
Copy link
Contributor Author

GPHemsley commented May 28, 2020

Updated with minimal steps to reproduce.

@GPHemsley
Copy link
Contributor Author

GPHemsley commented May 29, 2020

The problem is in pipenv.utils.get_locked_dep here:

pipenv/pipenv/utils.py

Lines 1186 to 1197 in b5becd8

lockfile_entry = clean_resolved_dep(dep, **cleaner_kwargs)
if entry and isinstance(entry, Mapping):
version = entry.get("version", "") if entry else ""
else:
version = entry if entry else ""
lockfile_name, lockfile_dict = lockfile_entry.copy().popitem()
lockfile_version = lockfile_dict.get("version", "")
# Keep pins from the lockfile
if prefer_pipfile and lockfile_version != version and version.startswith("=="):
lockfile_dict["version"] = version
lockfile_entry[lockfile_name] = lockfile_dict
return lockfile_entry

Looks like this was introduced by 552d127, which activated the (unused) changes made much earlier in a08a2da.

GPHemsley added a commit to GPHemsley/pipenv that referenced this issue May 29, 2020
Fixes bug introduced by 552d127,
which activated the (unused) changes made much earlier in
a08a2da.
frostming added a commit that referenced this issue May 29, 2020
#4278: Don't pin wildcard versions in lockfile
@techalchemy techalchemy added the Type: Bug 🐛 label May 29, 2020
@frostming frostming added this to the 2020.6.x bugfix release milestone Jun 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Type: Bug 🐛
Projects
None yet
3 participants