Remove deprecated support for VCS pseudo URLs #9436
Merged
+26 −46
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
xavfernandez approved these changes Jan 13, 2021
| '(beginning with svn+, git+, hg+, or bzr+).'.format(editable_req) | ||
| f'{editable_req} is not a valid editable requirement. ' | ||
| f'It should either be a path to a local project or a VCS URL ' | ||
| f'(beginning with {backends}).' |
There was a problem hiding this comment.
I'm wondering if we should not simply show vcs.all_schemes directly.
Otherwise, we might crash on someone using git+ftp (or something else) and tell him to use a VCS URL beginning with git+ which is already the case.
Yes, it seems far fetched ^^
There was a problem hiding this comment.
Two possible issues with that are
1/ the list of all schemes is very long
2/ it still contains git, svn, etc (without +)
Regarding 2/, VCS schemes without + such as git:// are supported in editable mode only (see a few lines above), and I think it's not something we want to encourage. I suspect we could remove the schemes without + from all_schemes without changing behaviour, but I'm not 100% sure.
There was a problem hiding this comment.
@xavfernandez I've double checked and I don't see a reason for having the schemes without + in the list of all VCS schemes. So I removed them and did as you suggested to show the full list of supported schemes in the error message.
| schemes = ( | ||
| 'bzr', 'bzr+http', 'bzr+https', 'bzr+ssh', 'bzr+sftp', 'bzr+ftp', | ||
| 'bzr+lp', | ||
| 'bzr+lp', 'bzr+file' |
There was a problem hiding this comment.
Suggested change
| 'bzr+lp', 'bzr+file' | |
| 'bzr+lp', 'bzr+file', |
Now that we don't need to support git@ pseudo-urls, we can simplify the test for valid VCS URLs based on link.is_vcs, which is turns is based on the URL scheme. This also means we fail earlier if a git@ pseudo URL is used. Since VCS requirements are not validated to be URLs in Requirement constructors, we can simplify update_editable.
Co-authored-by: Xavier Fernandez <xav.fernandez@gmail.com>
These schemes without + are support in an ad-hoc fashion in parse_editable_requirement.
When an editable requirement is neither a local directory nor a URL with a supported VCS scheme, we show the full list of supported VCS schemes in the error message.
xavfernandez approved these changes Jan 18, 2021
uranusjr approved these changes Jan 19, 2021
| Thanks for the reviews @xavfernandez and @uranusjr. |
aalexanderr added a commit to aalexanderr/fetchcode that referenced this pull request Aug 23, 2021
WARNING: fetchcode's vcs will not work on this commit. This is result of separating pip's code from changes made in scope of this repository. This should make it easier to track potentially replicated issues from pip when taking their vcs pkg. It also made cleaning up easier, due to some maintenance activities done in pip: - dropping Python 2 & 3.5 support pypa/pip#9189 - modernized code after above - partially done, tracked in: pypa/pip#8802 - added py3.9 support - updated vendored libraries (e.g. fixing CVE-2021-28363) multiple PRs pip._internal.vcs (and related code) changes: - Fetch resources that are missing locally: pypa/pip#8817 - Improve SVN version parser (Windows) pypa/pip#8665 - Always close stderr after subprocess completion: pypa/pip#9156 - Remove vcs export feature: pypa/pip#9713 - Remove support for git+ssh@ scheme in favour of git+ssh:// pypa/pip#9436 - Security fix in git tags parsing (CVE-2021-3572): pypa/pip#9827 - Reimplement Git version parsing: pypa/pip#10117 In next commits, most of pip's internals will be removed from fetchcode, leaving only vcs module with supporting code (like utils functions, tests (which will be added & submitted with this change)) This will allow for changes such as ability to add return codes (probably via futures) from long running downloads and other features. Switching to having own vcs module might also be a good call due to pip._internal.vcs close integration with pip's cli in vcs module (some pip code has been commented out in commit mentioned below) While generally copy-pasting code without history is bad idea, this commit follows precedence set in this repo by: 8046215 with exception that all changes to pip's code will be submitted as separate commits. It has been agreed with @pombredanne & @TG1999 that history from pip will be rebased on fetchcode by @pombredanne (thanks!). It will be done only for the files that are of concern for fetchcode to limit noise in git history. I'm leaving this commit without SoB intentionally, as this is not my work, but that of the many pip's authors: https://github.com/pypa/pip/blob/21.2.4/AUTHORS.txt License of pip: MIT (https://pypi.org/project/pip/)
aalexanderr added a commit to aalexanderr/fetchcode that referenced this pull request Oct 1, 2021
Please note that fetchcode's vcs might not work on this branch. Initially pip was commited without it's history and with few changes applied. This update approaches this differently- by commiting pip code in a single commit & applying changes on top of it in separate commits. While much of pip's code will be stripped from this repository, the goal of this is to make it easier to take changes from upstream, even after the code will be modified. While git-subtree could be used it brings it's own set of issues. Update should make it easier to track potentially replicated issues from pip when taking their vcs pkg. It also made cleaning up easier, due to some maintenance activities done in pip: - dropping Python 2 & 3.5 support pypa/pip#9189 - modernized code after above - partially done, tracked in: pypa/pip#8802 - added py3.9 support - updated vendored libraries (e.g. fixing CVE-2021-28363) multiple PRs pip._internal.vcs (and related code) changes between 20.1.1 and 21.2.4 - Fetch resources that are missing locally: pypa/pip#8817 - Improve SVN version parser (Windows) pypa/pip#8665 - Always close stderr after subprocess completion: pypa/pip#9156 - Remove vcs export feature: pypa/pip#9713 - Remove support for git+ssh@ scheme in favour of git+ssh:// pypa/pip#9436 - Security fix in git tags parsing (CVE-2021-3572): pypa/pip#9827 - Reimplement Git version parsing: pypa/pip#10117 In next commits, most of pip's internals will be removed from fetchcode, leaving only vcs module with supporting code (like utils functions, tests (which will be submitted alongside this change)) This will allow for changes such as ability to add return codes (probably via futures) from long running downloads and other features. Switching to having own vcs module might also be a good call due to pip._internal.vcs integration with pip's cli in vcs module (some pip code has been commented out in commit mentioned below) While generally copy-pasting code (rather than using submodules/subtrees etc) makes it harder to track, my git-foo is not great enough for me to attempt regrafting subset of pips history that is of note from fetchcode perspective. It has been agreed with @pombredanne & @TG1999 that history from pip will be regrafted on fetchcode by @pombredanne (thanks!). It will be done only for the files that are of concern for fetchcode to limit noise in git history. The code submitted in scope of this commit is work of many pip's authors that can bee seen here: https://github.com/pypa/pip/blob/21.2.4/AUTHORS.txt Pip is licensed under MIT (https://pypi.org/project/pip/) Signed-off-by: Alexander Mazuruk <a.mazuruk@samsung.com>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
3 participants
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
This transforms the deprecation introduced in pip 20.0 into an error, simplifying the code and enabling easier reasoning about editable requirements (which are now guaranteed to be URLs or local directories).
In #7554, there was one user comment about the
git+locadir#egg=...syntax which found a satisfactory alternative.Closes #7554