Comments (3)
I hand-downloaded and checked, the artifact on PyPI matches the hash. This may be a network issue in the CI environment that corrupts the download.
from parse.
There must be some bug in pip, pip-tools, or pipenv.
9ff82852bcb65d139813e2a5197627a94966245c897796760a3a2a8eb66f020b is the correct sha256 for parse-1.19.0.tar.gz
6ce007645384a91150cb7cd7c8a9db2559e273c2e2542b508cd1e342508c2601 is the correct sha256 for parse-1.19.0-py2.py3-none-any.whl
The tooling should not be comparing the hash of an sdist with the hash of a wheel.
@uranusjr I doubt it is a network issue - someone else saw the same thing in #156
Are you familiar with the code in https://github.com/pypa/pip/blob/main/src/pip/_internal/utils/hashes.py ? How would it handle this case:
- A project creates/uploads a release with only an sdist
- Then, someone creates their requirements.txt file with hashes
- Sometime later the project from 1. puts a whl to PyPI with the same version number as the sdist (which will be preferred by pip)
When it's doing hash checking, does pip understand that there are two files for parse==1.19.0
and it's normal for them to have different hashes? How does it distinguish between parse==1.19.0 being satisfied by wheel vs by sdist in a requirements file? Could it check all files satisfying the requirement and then just choose the one with matching hash, rather than always try to grab the wheel?
Related: pypa/pipenv#3893
from parse.
Closing because there's nothing actionable for parse here.
from parse.
Related Issues (20)
- Move to `pyproject.toml` instead of `setup.py` for packaging HOT 3
- Add documentation for usage of "extra_types" HOT 3
- Length specification is not properly handled with 'x' format character HOT 1
- strftime formatting HOT 1
- Still maintained? Want help to maintain parse? HOT 1
- Binary hash in pypy changed for release 1.19.0 HOT 7
- Floating point with zero digits after the comma
- Use patterns inductively doesn't seem to work HOT 1
- Where is located the split between two zones when there is more than one possibility? HOT 2
- Timestamp can be stored differently than parsed
- A very weird performance problem while parsing HOT 2
- Allow using a Parser as a formatter HOT 4
- what is the unused match arg in multiple functions? HOT 1
- Found a possible security concern
- Usage with pandas df.str.extract and .match? HOT 1
- compile and parse return different results HOT 1
- Cardinality support HOT 2
- Search for a certain pattern error at the end of a string HOT 1
- How do I match in the middle of a string? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from parse.