poetry 1.2.0 solves extra dependencies incorrectly

[gabriel-ss]

• I am on the latest Poetry version.

• I have searched the issues of this repo and believe that this is not a duplicate.

• If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

• OS version and name: openSUSE Tumbleweed 20220630 on WSL

• Poetry version: 1.2.0b

• Link of a Gist with the contents of your pyproject.toml file: Dependency Example

Issue

When installing a package with optional dependencies that are present in multiple extras, the generated lock ends missing dependencies of dependencies. For example, when attempting to install a lib with the provided pyproject including the "api" extra, the project ends with fastapi in the lock, but misses starlette, which is a dependency of fastapi. Removing line 15 of the pyproject makes poetry resolve dependencies correctly again.

This behavior was observed only in the 1.2.0x versions of poetry. In 1.1.x everything works correctly.

[dimbleby]

works fine for me, given the provided pyproject.toml:

$ poetry install -E api
Updating dependencies
Resolving dependencies... (0.2s)

Writing lock file

Package operations: 7 installs, 0 updates, 0 removals

  • Installing idna (3.3)
  • Installing sniffio (1.2.0)
  • Installing anyio (3.6.1)
  • Installing typing-extensions (4.3.0)
  • Installing pydantic (1.9.1)
  • Installing starlette (0.16.0)
  • Installing fastapi (0.70.1)

starlette is installed as expected

@gabriel-ss did I misunderstand the repro?

[gabriel-ss]

@dimbleby Thanks for the quick response!

The issue does not occur in the package itself, but when you try to add it with poetry to another project. For example, if I try to add this package dep-with-extras-0.1.0.tar.gz — which was generated from the example pyproject — using poetry add ./dep-with-extras-0.1.0.tar.gz -E api I get:

Updating dependencies
Resolving dependencies... (1.0s)

Writing lock file

Package operations: 2 installs, 0 updates, 0 removals

  • Installing fastapi (0.70.1)
  • Installing dep-with-extras (0.1.0 /home/gabriel/projects/poetry-test/app/dep-with-extras-0.1.0.tar.gz)
poetry add ./dep-with-extras-0.1.0.tar.gz -E api  5.54s user 0.60s system 80% cpu 7.602 total

generating this lock:

[[package]]
name = "dep-with-extras"
version = "0.1.0"
description = "dep-with-extras"
category = "main"
optional = false
python-versions = ">=3.9,<3.10"

[package.dependencies]
fastapi = {version = ">=0.70.1,<0.71.0", optional = true, markers = "extra == \"api\" or extra == \"backend\""}

[package.extras]
auth = ["PyJWT (>=2.3.0,<3.0.0)"]
backend = ["PyJWT (>=2.3.0,<3.0.0)", "fastapi (>=0.70.1,<0.71.0)"]
api = ["fastapi (>=0.70.1,<0.71.0)"]

[package.source]
type = "file"
url = "dep-with-extras-0.1.0.tar.gz"

[[package]]
name = "fastapi"
version = "0.70.1"
description = "FastAPI framework, high performance, easy to learn, fast to code, ready for production"
category = "main"
optional = false
python-versions = ">=3.6.1"

[package.extras]
all = ["requests (>=2.24.0,<3.0.0)", "jinja2 (>=2.11.2,<4.0.0)", "python-multipart (>=0.0.5,<0.0.6)", "itsdangerous (>=1.1.0,<3.0.0)", "pyyaml (>=5.3.1,<6.0.0)", "ujson (>=4.0.1,<5.0.0)", "orjson (>=3.2.1,<4.0.0)", "email_validator (>=1.1.1,<2.0.0)", "uvicorn[standard] (>=0.12.0,<0.16.0)"]
dev = ["python-jose[cryptography] (>=3.3.0,<4.0.0)", "passlib[bcrypt] (>=1.7.2,<2.0.0)", "autoflake (>=1.4.0,<2.0.0)", "flake8 (>=3.8.3,<4.0.0)", "uvicorn[standard] (>=0.12.0,<0.16.0)"]
doc = ["mkdocs (>=1.1.2,<2.0.0)", "mkdocs-material (>=7.1.9,<8.0.0)", "mdx-include (>=1.4.1,<2.0.0)", "mkdocs-markdownextradata-plugin (>=0.1.7,<0.3.0)", "typer-cli (>=0.0.12,<0.0.13)", "pyyaml (>=5.3.1,<6.0.0)"]
test = ["pytest (>=6.2.4,<7.0.0)", "pytest-cov (>=2.12.0,<4.0.0)", "mypy (==0.910)", "flake8 (>=3.8.3,<4.0.0)", "black (==21.9b0)", "isort (>=5.0.6,<6.0.0)", "requests (>=2.24.0,<3.0.0)", "httpx (>=0.14.0,<0.19.0)", "email_validator (>=1.1.1,<2.0.0)", "sqlalchemy (>=1.3.18,<1.5.0)", "peewee (>=3.13.3,<4.0.0)", "databases[sqlite] (>=0.3.2,<0.6.0)", "orjson (>=3.2.1,<4.0.0)", "ujson (>=4.0.1,<5.0.0)", "python-multipart (>=0.0.5,<0.0.6)", "flask (>=1.1.2,<3.0.0)", "anyio[trio] (>=3.2.1,<4.0.0)", "types-ujson (==0.1.1)", "types-orjson (==3.6.0)", "types-dataclasses (==0.1.7)"]

[package.source]
type = "legacy"
url = "https://gitlab.milenio.capital/api/v4/groups/6/-/packages/pypi/simple"
reference = "milenio"

[metadata]
lock-version = "1.1"
python-versions = "~3.9"
content-hash = "c102796ea691de5c773009bbb02e4729ad8e1dfe5a943dc05644f24f000bc6f6"

[metadata.files]
dep-with-extras = [
    {file = "dep-with-extras-0.1.0.tar.gz", hash = "sha256:d045d6348f110aa0c5d5e721e3a729f72dc5b977f166c2e4322c98096af4fc10"},
]
fastapi = [
    {file = "fastapi-0.70.1-py3-none-any.whl", hash = "sha256:5367226c7bcd7bfb2e17edaf225fd9a983095b1372281e9a3eb661336fb93748"},
    {file = "fastapi-0.70.1.tar.gz", hash = "sha256:21d03979b5336375c66fa5d1f3126c6beca650d5d2166fbb78345a30d33c8d06"},
]

This only occurs if there are multiple extras using the same optional dependecy.

[dimbleby]

Nice.

The issue is that whereas if we apply without_extras() to the marker extra == "foo" we get AnyMarker(): if we instead apply it to extra == "foo" or extra == "bar" we get EmptyMarker().

[gabriel-ss]

Awesome, just tested with the new fix and everything works flawlessly, thank you very much!

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.