Python
/
uv
mirror of https://github.com/astral-sh/uv
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,063 Commits 563 Branches 239 Tags 209 MiB
Commit Graph

5354 Commits

Author SHA1 Message Date
konsti c22c7cad4c
Add parsed URL fields to `Dist` variants (#3429) 
Avoid reparsing urls by storing the parsed parts across resolution on
`Dist`.

Part 2 of https://github.com/astral-sh/uv/issues/3408 and part of #3409

Closes #3408
 2024-05-14 01:23:27 +00:00
konsti 0010954ca7
Add parsed URL to `PubGrubPackage` (#3426) 
Avoid reparsing urls by storing the parsed parts across resolution on
`PubGrubPackage`.

Part 1 of #3408
 2024-05-14 00:55:21 +00:00
Charlie Marsh 5132c6a6e2
Bump version to v0.1.43 (#3564) 2024-05-14 00:38:11 +00:00
Charlie Marsh 8cec217eff
Avoid attempting to build editables when fetching metadata (#3563) 
## Summary

If we see an editable as a dependency, we currently attempt to fetch its
metadata, when we shouldn't.

Closes https://github.com/astral-sh/uv/issues/3562.
 2024-05-14 00:03:53 +00:00
Zanie Blue 88069e1c43
Add test case demonstrating failure with `--only-binary` and dependent editables (#3561) 
As discussed at
https://github.com/astral-sh/uv/issues/3513#issuecomment-2108572246

See https://github.com/astral-sh/uv/issues/3562
 2024-05-13 19:55:28 -04:00
Charlie Marsh 7ed14fa124
Make isolated a global argument (#3558) 
Closes https://github.com/astral-sh/uv/issues/3557.
 2024-05-13 17:51:32 +00:00
Charlie Marsh 44363d25c2
Respect constraints on editable dependencies (#3554) 
## Summary

Ensures that constraints are enforced for editable requirements.

Closes #3548.
 2024-05-13 17:06:27 +00:00
Charlie Marsh 10ec48299e
Add a `PubGrubRequirement` struct (#3553) 
## Summary

Formalize some of the patterns in here. No behavior changes, just moving
this method onto a struct.
 2024-05-13 16:59:10 +00:00
Charlie Marsh eb8e733790
Rename "constraints" to "dependencies" in resolver (#3552) 
## Summary

It's confusing that we use `constraints` here because constraints mean
something else for us (e.g., `--constraint constraints.txt`). These are
really the dependencies of a given `PubGrubPackage` -- the type is even
called `PubGrubDependencies`.
 2024-05-13 16:30:16 +00:00
Bas Schoenmaeckers 1218766ea5
Clone individual files on windows ReFS (#3551) 
Windows does not support cloning whole directories so clone each file
instead.

closes #3547 

## Test Plan

Ran ` uv pip install setuptools --link-mode=clone` manually
 2024-05-13 12:03:39 -04:00
Zanie Blue b596b460a8
Increase verbosity of credential fetch logs (#3550) 
So users do not need to turn on trace logging to see fetch results e.g.
https://github.com/astral-sh/uv/issues/3542

This is more reasonable now that we cache fetches.
 2024-05-13 15:55:57 +00:00
Charlie Marsh 9a92a3ad37
Apply advisory locks when building source distributions (#3525) 
## Summary

I don't love this, but it turns out that setuptools is not robust to
parallel builds: https://github.com/pypa/setuptools/issues/3119. As a
result, if you run uv from multiple processes, and they each attempt to
build the same source distribution, you can hit failures.

This PR applies an advisory lock to the source distribution directory.
We apply it unconditionally, even if we ultimately find something in the
cache and _don't_ do a build, which helps ensure that we only build the
distribution once (and wait for that build to complete) rather than
kicking off builds from each thread.

Closes https://github.com/astral-sh/uv/issues/3512.

## Test Plan

Ran:

```sh
#!/bin/bash
make_venv(){
    target/debug/uv venv $1
    source $1/bin/activate
    target/debug/uv pip install opentracing --no-deps --verbose
}

for i in {1..8}
do
   make_venv ./$1/$i &
done
```
 2024-05-13 10:42:20 -04:00
Charlie Marsh 42c3bfa351
Make `Directory` its own distribution kind (#3519) 
## Summary

I think this is overall good change because it explicitly encodes (in
the type system) something that was previously implicit. I'm not a huge
fan of the names here, open to input.

It covers some of https://github.com/astral-sh/uv/issues/3506 but I
don't think it _closes_ it.
 2024-05-13 10:03:14 -04:00
Zanie Blue 6bbfe555be
Add test case for `--only-binary` with editable requirement (#3521) 2024-05-13 14:00:11 +00:00
Dimitri Papadopoulos Orfanos d2ee567fe7
Fix a few typos found by codespell (#3543) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

Just fix typos.

While `alpha-numeric` is not really a misspelling:
- it is missing from mainstream curated dictionaries, all of them
suggest `alphanumeric`;
- it is less used than `alphanumeric` (more than ⨉10 less) according to
the Google [Ngram
Viewer](https://books.google.com/ngrams/graph?content=alpha-numeric%2Calphanumeric&year_start=1900&year_end=2019&corpus=en-2019);
- it is [missing from
SCOWL](http://app.aspell.net/lookup?dict=en_US-large;words=alpha-numeric).

## Test Plan

CI jobs.
 2024-05-13 11:55:10 +00:00
Charlie Marsh 106c3b583c
Add HTTPS and SSH hints to scheme error (#3536) 
Closes https://github.com/astral-sh/uv/issues/3483.
 2024-05-13 02:14:58 +00:00
Charlie Marsh b6f6f58831
Fix `cfg_attr` ignore for macOS (#3535) 2024-05-13 01:53:04 +00:00
Charlie Marsh e0da977fc9
Get `cargo shear` passing (#3533) 
## Summary

Remove a few unused deps, and ignore `flate2` (which we include for
feature control).
 2024-05-13 01:43:45 +00:00
Fred Stober 457d4526fa
Update activate_this.py to use runpy instead of exec in the docstring (#3442) 
## Summary

runpy.run_path was added in python 2.7 and 3.2 - and every python that
is not EOL supports it.

It is arguably nicer to read and the path is only given once in the
command.

At least right now, runpy - unlike exec with S102 - is not flagged by
any bandit-derived ruff check.
(I guess because it loads from a file instead of a simple string...)

Because of the import, it is also not a one-liner anymore. (But that
could be fixed with an __import__('runpy').run_path...)

## Test Plan

import runpy
runpy.run_path('/path/to/venv/bin/activate_this.py')
 2024-05-13 01:21:24 +00:00
Charlie Marsh c2452957f9
Remove unused dependencies (#3527) 
Surfaced with `cargo shear`.
 2024-05-11 13:33:49 -04:00
Charlie Marsh 2c3a6796aa
Remove unused `seek` methods (#3526) 2024-05-11 17:31:32 +00:00
Charlie Marsh 3b728c16cc
Make cache clearing robust to directories without read permissions (#3524) 
## Summary

If you run the script included in the linked issue, then `uv cache
clean`, we hit permissions errors on certain directories created by
`setuptools`. The permissions on those directories look like:

```
❯ sudo ls -l /Users/crmarsh/Library/Caches/uv/built-wheels-v3/pypi/opentracing/2.4.0/M-fYsaHAaQQvedmPMUl9D/opentracing-2.4.0.tar.gz/build/bdist.macosx-14.2-arm64/wheel/opentracing
Password:
total 0
drwxr-xr-x  3 crmarsh  staff  96 May 11 12:51 harness
```

This PR adds logic to make those directories readable by the current
user.

Closes https://github.com/astral-sh/uv/issues/3515.
 2024-05-11 17:02:25 +00:00
Charlie Marsh 1ba3414dd6
Avoid keyword arguments for PEP 517 build hooks (#3517) 
## Summary

pip passes these as positional arguments, and at least one build backend
relies on that. My personal opinion is that it's a spec violation, and
the build backend should be updated, but I'd prefer to favor
compatibility over strictness here.

Closes https://github.com/astral-sh/uv/issues/3509.

## Test Plan

`cargo run pip install cryptacular==1.6.2`
 2024-05-10 17:15:08 -04:00
konsti 45a2594de6
Allow unknown pyproject.toml fields (#3511) 
Fixes #3510, we use typo error messages though.

Tested manually by adding `[tool.uv.pip]`, we should add proper tests
for this feature.
 2024-05-10 18:50:24 +00:00
Ibraheem Ahmed 783df8f657
Consolidate concurrency limits (#3493) 
## Summary

This PR consolidates the concurrency limits used throughout `uv` and
exposes two limits, `UV_CONCURRENT_DOWNLOADS` and
`UV_CONCURRENT_BUILDS`, as environment variables.

Currently, `uv` has a number of concurrent streams that it buffers using
relatively arbitrary limits for backpressure. However, many of these
limits are conflated. We run a relatively small number of tasks overall
and should start most things as soon as possible. What we really want to
limit are three separate operations:
- File I/O. This is managed by tokio's blocking pool and we should not
really have to worry about it.
- Network I/O.
- Python build processes.

Because the current limits span a broad range of tasks, it's possible
that a limit meant for network I/O is occupied by tasks performing
builds, reading from the file system, or even waiting on a `OnceMap`. We
also don't limit build processes that end up being required to perform a
download. While this may not pose a performance problem because our
limits are relatively high, it does mean that the limits do not do what
we want, making it tricky to expose them to users
(https://github.com/astral-sh/uv/issues/1205,
https://github.com/astral-sh/uv/issues/3311).

After this change, the limits on network I/O and build processes are
centralized and managed by semaphores. All other tasks are unbuffered
(note that these tasks are still bounded, so backpressure should not be
a problem).
 2024-05-10 12:43:08 -04:00
Andrew Gallant eab2b832a6
uv-resolver: make hashes optional (#3505) 
This only makes hashes optional for wheels/sdists that come from
registires or direct URLs. For wheels/sdists that come from other
sources, a hash should not be present.

For path dependencies, a hash should not be present because the state of
the path dependency is not intended to be tracked in the lock file. This
is consistent with how other tools deal with path dependencies, and if
it were otherwise, the hash would I believe need to be updated for every
change to the path dependency.

For git dependencies (source dists only), a hash should not be present
because the lock will contain the specific commit revision hash. This is
functionally equivalent to a hash, and so a hash is redundant.

As part of this change, we validate the presence or absence of a hash
based on the dependency source. We also add our first regression tests.
 2024-05-10 10:32:30 -04:00
Charlie Marsh 835ebe60c6
Create virtualenv if it doesn't exist in project API (#3499) 
## Summary

This doesn't yet respect `--python` or the `requires-python` in the
project itself.

Closes #3449.
 2024-05-10 14:10:13 +00:00
konsti 5f8c3b7e45
Re-add dummy serde feature to pep440-rs and pep508-rs (#3501) 
This keeps us in sync with the published pep440-rs and pep508-rs crates
for prefix.
 2024-05-10 13:46:29 +00:00
Chan Kang 76a39c76f5
add `sys_path` to `Interpreter` struct (#3500) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary
likely necessary to resolve https://github.com/astral-sh/uv/issues/2500

made this a separate PR in an attempt to make the changes as small as
possible; let me know if it's preferred to keep them as a single PR.
<!-- What's the purpose of the change? What does it do, and why? -->

## Test Plan
- edited the test in `interpreter.rs`
- tested manually via `println!` 

```
$ cargo run --quiet pip show test
["/Users/chankang/Library/Caches/uv/.tmpKzNEPN", "/Users/chankang/.pyenv/versions/3.12.2/lib/python312.zip", "/Users/chankang/.pyenv/versions/3.12.2/lib/python3.12", "/Users/chankang/.pyenv/versions/3.12.2/lib/python3.12/lib-dynload", "/Users/chankang/repos/uv/.venv/lib/python3.12/site-packages"]
warning: Package(s) not found for: test
chankang@chans-Air ~/repos/uv -  (syspath)
$ git diff
diff --git a/crates/uv-interpreter/src/environment.rs b/crates/uv-interpreter/src/environment.rs
index 33b785ce..8ebf0864 100644
--- a/crates/uv-interpreter/src/environment.rs
+++ b/crates/uv-interpreter/src/environment.rs
@@ -106,6 +106,7 @@ impl PythonEnvironment {
     /// Some distributions also create symbolic links from `purelib` to `platlib`; in such cases, we
     /// still deduplicate the entries, returning a single path.
     pub fn site_packages(&self) -> impl Iterator<Item = &Path> {
+        println!("{:?}", self.interpreter.sys_path());
         if let Some(target) = self.interpreter.target() {
             Either::Left(std::iter::once(target.root()))
         } else {
chankang@chans-Air ~/repos/uv -  (syspath)
$ python -c "import sys; print(sys.path)"
['', '/Users/chankang/.pyenv/versions/3.12.2/lib/python312.zip', '/Users/chankang/.pyenv/versions/3.12.2/lib/python3.12', '/Users/chankang/.pyenv/versions/3.12.2/lib/python3.12/lib-dynload', '/Users/chankang/.pyenv/versions/3.12.2/lib/python3.12/site-packages']
chankang@chans-Air ~/repos/uv -  (syspath)
```

<!-- How was it tested? -->
 2024-05-10 08:41:32 +02:00
Charlie Marsh d68b740af7
Read and write `uv.lock` based on project root (#3497) 
## Summary

The `uv.lock` location is no longer based on the current working
directory, but rather, on the discovered project name.
 2024-05-09 19:54:10 +00:00
Charlie Marsh 3dd34e218a
Read package name from `pyproject.toml` in `uv run` (#3496) 
## Summary

Right now, the project name is hard-coded.

Closes https://github.com/astral-sh/uv/issues/3491.
 2024-05-09 19:42:53 +00:00
Charlie Marsh 51f4ab1c8d
Use defaults in `RequirementsSpecification` constructors (#3495) 2024-05-09 19:27:59 +00:00
Charlie Marsh 3bd89ce5b3
Discover `uv run` projects hierarchically (#3494) 
## Summary

Ensures that running `uv run` in a subdirectory of a project behaves
just as-if in the project root.

Closes https://github.com/astral-sh/uv/issues/3490.
 2024-05-09 19:16:07 +00:00
Andrew Gallant ad01a768bc
uv-resolver: push resolver state to its own type (#3492) 
This still keeps the resolver state on the stack, but it organizes it
into a more structured representation. This is a precursor to
implementing resolver forking, where we will ultimately put this state
on the heap. The idea is that this will let us maintain multiple
independent resolver states that will all produce their own resolution
(and potentially other forked states).

Closes #3354
 2024-05-09 14:16:43 -04:00
Charlie Marsh 2d70303d56
Rebrand workspace API as project API (#3489) 
## Summary

I've started to refer to this as the "project" API in various places, it
seems less duplicative than the "workspace" API which is a little
different.
 2024-05-09 13:05:31 -04:00
Zanie Blue 7585c8be5d
Add test case for authenticated index url from requirements file (#3485) 
Investigating https://github.com/astral-sh/uv/issues/3471
 2024-05-09 11:33:15 -05:00
Charlie Marsh f342d39f8c
Change error value detection for glibc (#3487) 
## Summary

See: #3486. This just fixes the error message, not the underlying bug.
 2024-05-09 15:24:03 +00:00
Andrew Gallant 58d1cd2acb pep508: use Arc inside of MarkerEnvironment 
Now that the type is fully encapsulated, we can pretty easily
migrate to using an Arc inside of a MarkerEnvironment.

It looks like the pyo3 macros can't deal with an Arc, so we
write out the getter methods by hand.
 2024-05-09 10:06:02 -04:00
Andrew Gallant 7d67b7bb49 pep508: un-export fields for MarkerEnvironment 
We now use the getters and setters everywhere.

There were some places where we wanted to build a `MarkerEnvironment`
out of whole cloth, usually in tests. To facilitate those use cases, we
add a `MarkerEnvironmentBuilder` that provides a convenient constructor.
It's basically like a `MarkerEnvironment::new`, but with named
parameters. That's useful here because there are so many fields (and
they many have the same type).
 2024-05-09 10:06:02 -04:00
Andrew Gallant be12cfb2b8 pep508: add getters and setters to MarkerEnvironment 
This preps a change over to a world where MarkerEnvironment is fully
encapsulated. To facilitate this, we add getters and setters for each
field.
 2024-05-09 10:06:02 -04:00
Andrew Gallant 342cac8b18 pep508: fix pyo3 related failing test 
This test was failing on master. I guess we don't test
this crate with the pyo3 feature enabled? I think this
regression was due to a recent change in the error reporting
of the pep440 crate.
 2024-05-09 10:06:02 -04:00
Charlie Marsh b6bb2ac548
Remove `Optional` from `with_origin` API (#3482) 2024-05-09 13:40:51 +00:00
Charlie Marsh 3e4365301e
Track origin for setup.py files and friends (#3481) 
## Summary

Ensures that we track the origins for requirements regardless of whether
they come from `pyproject.toml` or `setup.py` or `setup.cfg`.

Closes #3480.
 2024-05-09 09:30:40 -04:00
Andrew Gallant 8b0fad3560 uv-resolver: make MarkerEnvironment optional 
This commit touches a lot of code, but the conceptual change here is
pretty simple: make it so we can run the resolver without providing a
`MarkerEnvironment`. This also indicates that the resolver should run in
universal mode. That is, the effect of a missing marker environment is
that all marker expressions that reference the marker environment are
evaluated to `true`. That is, they are ignored. (The only markers we
evaluate in that context are extras, which are the only markers that
aren't dependent on the environment.)

One interesting change here is that a `Resolver` no longer needs an
`Interpreter`. Previously, it had only been using it to construct a
`PythonRequirement`, by filling in the installed version from the
`Interpreter` state. But we now construct a `PythonRequirement`
explicitly since its `target` Python version should no longer be tied to
the `MarkerEnvironment`. (Currently, the marker environment is mutated
such that its `python_full_version` is derived from multiple sources,
including the CLI, which I found a touch confusing.)

The change in behavior can now be observed through the
`--unstable-uv-lock-file` flag. First, without it:

```
$ cat requirements.in
anyio>=4.3.0 ; sys_platform == "linux"
anyio<4 ; sys_platform == "darwin"
$ cargo run -qp uv -- pip compile -p3.10 requirements.in
anyio==4.3.0
exceptiongroup==1.2.1
    # via anyio
idna==3.7
    # via anyio
sniffio==1.3.1
    # via anyio
typing-extensions==4.11.0
    # via anyio
```

And now with it:

```
$ cargo run -qp uv -- pip compile -p3.10 requirements.in --unstable-uv-lock-file
  x No solution found when resolving dependencies:
  `-> Because you require anyio>=4.3.0 and anyio<4, we can conclude that the requirements are unsatisfiable.
```

This is expected at this point because the marker expressions are being
explicitly ignored, *and* there is no forking done yet to account for
the conflict.
 2024-05-09 09:24:37 -04:00
Andrew Gallant 21f5999b57 pep508: provide extra-only marker evaluation 
We provide a new API on a `Requirement` that specifically
ignores the marker environment and only evaluates a requirement's
marker expression with respect to extras. Any marker expressions
that reference the marker environment automatically evaluate to
true.

Instead of duplicating the evaluation code, we just make a marker
environment optional on the lower level APIs. In theory, we could
just writer a separate evaluation routine that ignores everything
except extras, but the evaluator has a fair bit of other stuff in it
(such as emitting warnings) that would be good to keep DRY IMO.
 2024-05-09 09:24:37 -04:00
Andrew Gallant 624f92b3f8 pep508: fix doc test 
This doc test seems to fail due to the recent change making
`Requirement` generic on its URL type. While the type parameter
was given a default of `VerbatimUrl`, this default doesn't always
apply. For example, the `FromStr` impl on `Requirement` is still
generic on any URL type, and so callers must indicate the type
of the URL to return. (An alternative would be to define the
`FromStr` impl for just the default URL type.)
 2024-05-09 09:24:37 -04:00
Charlie Marsh 3d7a0a2ba1
Filter irrelevant requirements from source annotations (#3479) 
## Summary

If a requirement is omitted due to a marker expression, we shouldn't
include it as the "source" of a package in the output.

For example, if your constraints include `pathspec ; python_version <
'3.12'`, and you're on Python 3.12, we should _not_ include the
constraint file as a "source" in the output annotations.
 2024-05-09 04:51:23 +00:00
Charlie Marsh f16cbfda7e
Add a dedicated struct for source annotations (#3478) 2024-05-09 04:40:35 +00:00
Charlie Marsh d131055d18
Clean up and document some requirements.txt filters (#3477) 2024-05-08 23:55:54 -04:00
Charlie Marsh 5ad373b2ec
Skip Python 2 versions when locating Python (#3476) 
## Summary

Unfortunately, the `-I` flag was added in Python 3.4. So if we query a
Python version prior to 3.4 (e.g., Python 2.7), we can't run our script
at all, and lose the ability to match against our structured error.

This PR adds an additional check against the stderr output for these
cases.

Closes https://github.com/astral-sh/uv/issues/3474.

## Test Plan

Installed Python 2.7, and verified that it was skipped (and that we
instead found my `python3`).
 2024-05-09 03:25:21 +00:00
Tom Parker-Shemilt bc963d13cb
Annotate sources of requirements (#3269) 
## Summary

Fixes https://github.com/astral-sh/uv/issues/1343. This is kinda a first
draft at the moment, but does at least mostly work locally (barring some
bits of the test suite that seem to not work for me in general).

## Test Plan

Mostly running the existing tests and checking the revised output is
sane

## Outstanding issues

Most of these come down to "AFAIK, the existing tools don't support
these patterns, but `uv` does" and so I'm not sure there's an existing
good answer here! Most of the answers so far are "whatever was easiest
to build"

- [x] ~~Is "-r pyproject.toml" correct? Should it show something else or
get skipped entirely~~ No it wasn't. Fixed in
3044fa8b86
- [ ] If the requirements file is stdin, that just gets skipped. Should
it be recorded?
- [ ] Overrides get shown as "--override<override.txt>". Correct?
- [x] ~~Some of the tests (e.g.
`dependency_excludes_non_contiguous_range_of_compatible_versions`) make
assumptions about the order of package versions being outputted, which
this PR breaks. I'm not sure if the text is fairly arbitrary and can be
replaced or whether the behaviour needs fixing?~~ - fixed by removing
the custom pubgrub PartialEq/Hash
- [ ] Are all the `TrackedFromStr` et al changes needed, or is there an
easier way? I don't think so, I think it's necessary to track these sort
of things fairly comprehensively to make this feature work, and this
sort of invasive change feels necessary, but happy to be proved wrong
there :)
- [x] ~~If you have a requirement coming in from two or more different
requirements files only one turns up. I've got a closed-source example
for this (can go into more detail if needed), mostly consisting of a
complicated set of common deps creating a larger set. It's a rarer case,
but worth considering.~~ 042432b200
- [ ] Doesn't add annotations for `setup.py` yet
- This is pretty hard, as the correct location to insert the path is
`crates/pypi-types/src/metadata.rs`'s `parse_pkg_info`, which as it's
based off a source distribution has entirely thrown away such matters as
"where did this package requirement get built from". Could add "`built
package name`" as a dep, but that's a little odd.
 2024-05-08 23:19:22 -04:00
Charlie Marsh 367958e6b2
Bump version to v0.1.42 (#3472) 2024-05-08 17:47:16 -04:00
Charlie Marsh fa4328880b
Use environment layering for `uv run --with` (#3447) 
## Summary

This PR takes a different approach to `--with` for `uv run`. Now,
instead of merging the requirements and re-resolving, we have two
phases: (1) sync the workspace requirements to the workspace
environment; then (2) sync the ephemeral `--with` requirements to an
ephemeral environment. The two environments are then layered by setting
the `PATH` and `PYTHONPATH` variables appropriately.

I think this approach simplifies a few things:

1. Once we have a lockfile, the semantics are much clearer, and we can
actually reuse it for the workspace. If we had to add arbitrary
dependencies via `--with`, then it's not really clear how the lockfile
would/should behave.
2. Caching becomes simpler, because we can just cache the ephemeral
environment based on the requirements.

The current version of this PR loses a few behaviors though that I need
to restore:

- `--python` support -- but I'm not yet sure how this is supposed to
behave within projects? It's also left unclear in `uv sync` and `uv
lock`.
- The "reuse the workspace environment if it already satisfies the
ephemeral requirements" behavior.

Closes #3411.
 2024-05-08 21:24:24 +00:00
Charlie Marsh 7d41e7d260
Respect `MACOSX_DEPLOYMENT_TARGET` in `--python-platform` (#3470) 
## Summary

This is universal environment variable used to determine the mac OS
deployment target. We now respect it in `--python-platform` -- so we
default to 12.0, but users can override it as needed.
 2024-05-08 20:03:41 +00:00
Charlie Marsh ca809addf8
Use last non-EOL version for `--python-platform` macOS (#3469) 
## Summary

I think, as a a rule, we can just use the last non-EOL version here for
x86 and ARM.

Closes https://github.com/astral-sh/uv/issues/3454.
 2024-05-08 19:54:40 +00:00
Charlie Marsh a3c98e8e52
Disallow `pyproject.toml` files for non-project configuration (#3463) 
## Summary

We already _don't_ discover a `pyproject.toml` in `~/.config/uv` -- it
must be `uv.toml`. This PR makes the same change for `--config-file` --
it _has_ to be a `uv.toml`.

I think this is reasonable and more consistent, though I'm not sure. A
`pyproject.toml` "means" something -- it defines a project itself, in
which case we should be using project configuration. But creating a
`pyproject.toml` outside the project and passing it via `--config-file`
seems like an anti-pattern.
 2024-05-08 14:49:52 -04:00
Charlie Marsh 1aa8ff8268
Merge user and workspace settings (#3462) 
## Summary

This PR follows Cargo's strategy for merging configuration, albeit in a
more limited way (we don't support as many configuration locations).
Specifically, we merge the user configuration with the workspace
configuration if both are present. The workspace configuration has
priority, such that we take values from the workspace configuration and
ignore those in the user configuration if both are specified for a given
setting -- with the exception of arrays and maps, which are
concatenated.

For now, if a user provides a configuration file with `--config-file`,
we _don't_ merge in the user settings.

See:
https://doc.rust-lang.org/cargo/reference/config.html#hierarchical-structure.

Closes #3420.
 2024-05-08 14:49:43 -04:00
Charlie Marsh 74f53729d8
Set stack size for remaining `install` and `sync` tests (#3464) 
## Summary

These are failing on various branches now.

## Test Plan

`cargo test`
 2024-05-08 14:05:07 -04:00
Charlie Marsh b2adb96ec7
Ignore `compile_invalid_pyc_invalidation_mode` on macOS (#3465) 
## Summary

This is annoying both locally in CI. If anyone wants to fuss with the
filters to fix it, that's fine too, but IMO it's better to disable than
leave it enabled on macOS for now.
 2024-05-08 14:04:57 -04:00
konsti 7c7c9e2189
Warn when missing minimal bounds when using `tool.uv.sources` (#3452) 
When using `tool.uv.sources`, we warn that requirements have a bound,
i.e. at least a lower version constraint.

When using a library, the symbols you import were introduced in
different versions, creating an implicit lower bound. This warning makes
this explicit. This is crucial to prevent backtracking resolvers from
selecting an ancient versions that is not compatible (or worse, doesn't
build), and a performance optimization on top.

This feature is gated to `tool.uv.sources` (as it should have been to
begin with for #3263/#3443) to not unnecessarily break legacy workflows.
It is also helpful specifically when using a `tool.uv.sources` section
that contains constraints that are not published to pypi, e.g. for
workspace dependencies. We can adjust those later to e.g. not constrain
workspace dependencies with `publish = false`, but i think it's the
right setting to start with.
 2024-05-08 13:16:25 -04:00
Charlie Marsh 7c6632114b
Improve JSON Schema and add export script (#3461) 
## Summary

A few errors I noticed after generating the schema.
 2024-05-08 16:15:16 +00:00
Charlie Marsh 18d229e2bb
Upgrade `async_http_range_reader` to v0.8.0 (#3460) 
## Summary

Closes #2025.
Closes https://github.com/astral-sh/uv/issues/3255.
Closes https://github.com/astral-sh/uv/pull/2843.
 2024-05-08 10:54:08 -04:00
Charlie Marsh 76a3ceb2ca
Add basic `uv sync` and `uv lock` commands (#3436) 
## Summary

These aren't intended for production use; instead, I'm just trying to
frame out the overall data flows and code-sharing for these commands. We
now have `uv sync` (sync the environment to match the lockfile, without
refreshing or resolving) and `uv lock` (generate the lockfile). Both
_require_ a virtual environment to exist (something we should change).
`uv sync`, `uv run`, and `uv lock` all share code for the underlying
subroutines (resolution and installation), so the commands themselves
are relatively small (~100 lines) and mostly consist of reading
arguments and such.

`uv lock` and `uv sync` don't actually really work yet, because we have
no way to include the project itself in the lockfile (that's a TODO in
the lockfile implementation).

Closes https://github.com/astral-sh/uv/issues/3432.
 2024-05-08 14:51:51 +00:00
konsti 0228b15baf
Improve trailing version string error message (#3453) 
We would previously show the parsed version when erroring due to
trailing content after a valid version, which can look different than
the input. E.g. when encountering `0.1-bulbasaur`, we would display:

```
after parsing '0.1b0', found 'ulbasaur', which is not part of a valid version
```

With storing the input string instead of the input version, we now show:

```
after parsing '0.1-b', found 'ulbasaur', which is not part of a valid version
```
 2024-05-08 14:50:29 +02:00
Shantanu 5a07923eb4
Use Metadata10 to parse PKG-INFO of legacy editable (#3450) 
It turns out setuptools often uses Metadata-Version 2.1 in their
PKG-INFO:
4e766834d7/setuptools/dist.py (L64)
`Metadata23` requires Metadata-Version of at least 2.2.

This means that uv doesn't actually recognise legacy editable
installations from the most common way you'd actually get legacy
editable installations (works great for most legacy editables I make at
work though!)

Anyway, over here we only need the version and don't care about anything
else. Rather than make a `Metadata21`, I just add a version field to
`Metadata10`. The one slightly tricky thing is that only
Metadata-Version 1.2 and greater guarantee that the [version number is
PEP 440 compatible](https://peps.python.org/pep-0345/#version), so I
store the version in `Metadata10` as a `String` and only parse to
`Version` at time of use.

Also did you know that back in 2004, paramiko had a pokemon based
versioning system?
 2024-05-08 10:58:18 +02:00
Shantanu 962fde29b2
Apply normcase to line from easy-install.pth (#3451) 
Thanks for the suggestion from
https://github.com/astral-sh/uv/pull/3415#discussion_r1591772942

Also it looks like you improved `egg-link` parsing in
e23c91f52e
so copying the changes over to the other parse site (happy to move this
to a helper too, if so lmk where to put it)
 2024-05-08 10:40:21 +02:00
konsti 1ad6aa8a23
Use generic pubgrub incompatibility reason (#3335) 
Pubgrub got a new feature where all unavailability is a custom, instead
of the reasonless `UnavailableDependencies` and our custom `String` type
previously (https://github.com/pubgrub-rs/pubgrub/pull/208). This PR
introduces a `UnavailableReason` that tracks either an entire version
being unusable, or a specific version. The error messages now also track
this difference properly.

The pubgrub commit is our main rebased onto the merged
https://github.com/pubgrub-rs/pubgrub/pull/208, i'll push
`konsti/main-rebase-generic-reason` to `main` after checking for rebase
problems.
 2024-05-08 08:40:15 +00:00
Charlie Marsh bd7860de17
Remove some `allow(unused)` (#3448) 2024-05-07 22:19:07 -04:00
Charlie Marsh b0d7a26431
Bump version to v0.1.41 (#3446) 2024-05-08 01:05:47 +00:00
Charlie Marsh 49937a386d
Remove unconstrained version error from requirements (#3443) 
## Summary

It's not clear to me that this should exist at all, but it's causing
errors in projects that don't use `tool.uv.sources`, so we should
definitely remove it for now.
 2024-05-07 20:04:44 -04:00
DaniPopes c59cb1381a
Use `into_par_iter` instead of `par_bridge` (#3435) 
## Summary

Use the native rayon range iterator instead of bridging the standard
library's.
 2024-05-07 19:38:35 +00:00
Charlie Marsh d665410d59
Move PyO3 derive down (#3434) 
## Summary

For some reason the current order is breaking the IntelliJ LSP.
 2024-05-07 18:16:28 +00:00
Charlie Marsh e8b423de77
Use top-level `--isolated` for `uv run` (#3431) 
## Summary

We already have a global `--isolated`, which means "ignore any on-disk
configuration". I think we should reuse this for the "ignore the
workspace" setting in `uv run`, rather than `--no-workspace`.

I've also merged the existing `--isolated` and `--no-workspace`
behaviors in `uv run` into a single flag. We may not need separate flags
for this, since the current intent seems to be "ignore the workspace
environment"? Though we could always re-add later.

Closes https://github.com/astral-sh/uv/issues/3421.
 2024-05-07 13:30:02 -04:00
Charlie Marsh 7fe9f0a3dd
Bump version to v0.1.40 (#3433) 2024-05-07 17:29:29 +00:00
Charlie Marsh f8a7813add
Rename `--force` to `--allow-existing` (#3416) 
## Summary

We've found `--force` to be a confusing name here. (Not breaking as this
hasn't shipped in a release.)
 2024-05-07 17:11:31 +00:00
konsti f8901e9989
Always activate non-pep508-extensions (#3428) 
Avoid compilation errors when running partial tests due to that feature
being missing.
 2024-05-07 16:13:09 +00:00
Ahmed Ilyas 388dba4815
add compat arg --user error message to pip install (#3424) 
Resolves [#3419](https://github.com/astral-sh/uv/issues/3419)

## Summary

Add compatargs to pip install command and hint the user to create a venv
for --user arg.

## Test Plan

Tested it locally.

```bash
cargo run pip install --user flask
   Compiling uv v0.1.39 (/home/ahmedilyas/uv/crates/uv)
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 8.96s
     Running `target/debug/uv pip install --user flask`
error: pip install's `--user` is unsupported (use a virtual environment instead).
```
 2024-05-07 14:59:53 +00:00
konsti 55f6e4e66b
Make `Requirement` generic over url type (#3253) 
This change allows switching out the url type for requirements. The
original idea was to allow different types for different requirement
origins, so that core metadata reads can ban non-pep 508 requirements
while we only allow them for requirements.txt. This didn't work out
because we expect `&Requirement`s from all sources to match.

I also tried to split `pep508_rs` into a PEP 508 compliant crate and
into our extensions, but they are to tightly coupled.

I think this change is an improvement still as it reduces the hardcoded
dependence on `VerbatimUrl`.
 2024-05-07 16:45:49 +02:00
Zanie Blue 8e86cd0c73
Add hint to use a venv to `pip sync --user` (#3418) 2024-05-07 08:50:23 -05:00
konsti 24f38d7c22
Preserve given for `tool.uv.sources` paths (#3412) 
We now correctly emit relative paths in `uv pip compile` with
`tool.uv.sources` path inputs.

`tool.uv.sources` is mainly intended to be used with the uv lock file
over requirements.txt, but it's good to have basic `uv pip` support
working.

Fixes #3366
 2024-05-07 09:00:02 +00:00
Shantanu 18516b4e41
List and uninstall legacy editables (#3415) 2024-05-07 03:51:50 +00:00
Ibraheem Ahmed 94cf604574
Remove unnecessary uses of `DashMap` and `Arc` (#3413) 
## Summary

All of the resolver code is run on the main thread, so a lot of the
`Send` bounds and uses of `DashMap` and `Arc` are unnecessary. We could
also switch to using single-threaded versions of `Mutex` and `Notify` in
some places, but there isn't really a crate that provides those I would
be comfortable with using.

The `Arc` in `OnceMap` can't easily be removed because of the uv-auth
code which uses the
[reqwest-middleware](https://docs.rs/reqwest-middleware/latest/reqwest_middleware/trait.Middleware.html)
crate, that seems to adds unnecessary `Send` bounds because of
`async-trait`. We could duplicate the code and create a `OnceMapLocal`
variant, but I don't feel that's worth it.
 2024-05-06 22:30:43 -04:00
konsti 2c84af15b8
Rename `distribution_types::VersionOrUrl` to `VersionOrUrlRef` (#3254) 
This is more consistent with the other `*Ref` types and reduces
confusion with the real `VersionOrUrl` type.
 2024-05-06 14:15:56 -04:00
Charlie Marsh ed27dde8a2
Revise comment on virtualenv discovery from cwd (#3406) 
See:
37d229b2c2..cd53a28181 (r1590746360)
 2024-05-06 14:07:11 +00:00
Charlie Marsh 26045e5f59
Respect and enable uninstalls of existing `.egg-info` packages (#3380) 
## Summary

Users often find themselves dropped into environments that contain
`.egg-info` packages. While we won't support installing these, it's not
hard to support identifying them (e.g., in `pip freeze`) and
_uninstalling_ them.

Closes https://github.com/astral-sh/uv/issues/2841.
Closes #2928.
Closes #3341.

## Test Plan

Ran `cargo run pip freeze --python
/opt/homebrew/Caskroom/miniforge/base/envs/TEST/bin/python`, with an
environment that includes `pip` as an `.egg-info`
(`/opt/homebrew/Caskroom/miniforge/base/envs/TEST/lib/python3.12/site-packages/pip-24.0-py3.12.egg-info`):

```
cffi @ file:///Users/runner/miniforge3/conda-bld/cffi_1696001825047/work
pip==24.0
pycparser @ file:///home/conda/feedstock_root/build_artifacts/pycparser_1711811537435/work
setuptools==69.5.1
wheel==0.43.0
```

Then ran `cargo run pip uninstall`, verified that `pip` was uninstalled,
and no longer listed in `pip freeze`.
 2024-05-06 09:47:28 -04:00
konsti 098944fc7d
Improve non-git error message (#3403) 
The boxing changes are due to clippy
 2024-05-06 13:28:05 +02:00
konsti d0c3146ef6
Restore verbatim in error message (#3402) 
Fixup for
https://github.com/astral-sh/uv/pull/3263#discussion_r1589718035
 2024-05-06 11:17:06 +00:00
konsti b2f6b92e3b
Move pep508-rs `Cursor` into its own module (#3401) 2024-05-06 10:13:27 +00:00
Shantanu 95f31f2266
Better error for unsupported Python version (#3398) 
Fixes #3371

It seems like uv doesn't proactively enforce 3.8+ and in most cases just
issues a warning. This PR keeps that property, only adding the new check
when it is known to fail. I checked the imports in this file and the
other ones seem fine.
 2024-05-06 11:12:36 +02:00
konsti 9de49c8a60
Make pubgrub an allowed ident (#3399) 
Followup to #3361, fix some backtick-quoting.
 2024-05-06 09:10:37 +00:00
renovate[bot] c1370cab1b
Update pre-commit dependencies (#3391) 2024-05-06 02:18:51 +00:00
Godefroid Chapelle ef92c38486
Detect current venv when `uv` is invoked from within a virtualenv (#3379) 
Fixes #3378.
 2024-05-05 22:53:25 +00:00
Charlie Marsh 6d73db2b1e
Use `Cow` for source call (#3377) 2024-05-05 02:21:24 +00:00
Charlie Marsh 37635fda56
Update activation scripts from virtualenv (#3376) 
## Summary

Refreshes some of the activation scripts, and fixes some bugs in
`activate_this.py` that were likely the rest of some erroneous
copy-pasting.

Closes https://github.com/astral-sh/uv/issues/3346.

## Test Plan

```
❯ python
Python 3.12.0 (main, Feb 28 2024, 09:44:16) [Clang 15.0.0 (clang-1500.1.0.2.5)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import httpx
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ModuleNotFoundError: No module named 'httpx'
>>> activator = '.venv/bin/activate_this.py'
>>> with open(activator) as f:
...     exec(f.read(), {'__file__': activator})
...
>>> import httpx
```
 2024-05-04 23:30:00 +00:00
Charlie Marsh 2a212eb6a9
Add branch and tag variants to Git reference (#3374) 
## Summary

Closes https://github.com/astral-sh/uv/issues/3368.
 2024-05-04 21:13:11 +00:00
Charlie Marsh 69e99b3502
Use canonical URLs in satisfaction check (#3373) 
## Summary

Closes https://github.com/astral-sh/uv/issues/3367.
 2024-05-04 12:44:25 +00:00
Charlie Marsh 8adf5b11ab
Fix Git URL construction in `tool.uv.sources` (#3365) 
## Summary

We were including the `git+` prefix twice:

```
DEBUG At least one requirement is not satisfied: boltons @ git+git+https://github.com/mahmoud/boltons@57fbaa9b673ed85b32458b31baeeae230520e4a0@57fbaa9b673ed85b32458b31baeeae230520e4a0
```

## Test Plan

Extended the test to include a Git URL; verified that we don't trigger a
reinstall.
 2024-05-04 03:02:14 +00:00
konsti 44858bc28d
Use preview mode for tool.uv.sources (#3277) 
Only allow using `tool.uv.sources` with preview mode, the design isn't
finalized yet.

Not sure what to label this, do we want a preview section and label for
the release notes?
 2024-05-04 02:47:47 +00:00
Charlie Marsh 363e808724
Tweak some of the `tool.uv.sources` error messages for consistency (#3364) 2024-05-04 02:38:47 +00:00
Charlie Marsh 100935f4f1
Respect `editable = true` setting in sources map (#3363) 
## Summary

We need to partition the editable and non-editable requirements. As-is,
`editable = true` requirements were still being installed as
non-editable.
 2024-05-04 02:17:55 +00:00
Charlie Marsh a63018591e
Unset target when creating virtual environments (#3362) 
## Summary

We were writing the build dependencies into the `--target` directory,
which both made builds fail and led to them leaking into the user's
directory.

Closes https://github.com/astral-sh/uv/issues/3349.
 2024-05-03 23:21:23 +00:00
konsti 4f87edbe66
Add basic `tool.uv.sources` support (#3263) 
## Introduction

PEP 621 is limited. Specifically, it lacks
* Relative path support
* Editable support
* Workspace support
* Index pinning or any sort of index specification

The semantics of urls are a custom extension, PEP 440 does not specify
how to use git references or subdirectories, instead pip has a custom
stringly format. We need to somehow support these while still stying
compatible with PEP 621.

## `tool.uv.source`

Drawing inspiration from cargo, poetry and rye, we add `tool.uv.sources`
or (for now stub only) `tool.uv.workspace`:

```toml
[project]
name = "albatross"
version = "0.1.0"
dependencies = [
  "tqdm >=4.66.2,<5",
  "torch ==2.2.2",
  "transformers[torch] >=4.39.3,<5",
  "importlib_metadata >=7.1.0,<8; python_version < '3.10'",
  "mollymawk ==0.1.0"
]

[tool.uv.sources]
tqdm = { git = "https://github.com/tqdm/tqdm", rev = "cc372d09dcd5a5eabdc6ed4cf365bdb0be004d44" }
importlib_metadata = { url = "https://github.com/python/importlib_metadata/archive/refs/tags/v7.1.0.zip" }
torch = { index = "torch-cu118" }
mollymawk = { workspace = true }

[tool.uv.workspace]
include = [
  "packages/mollymawk"
]

[tool.uv.indexes]
torch-cu118 = "https://download.pytorch.org/whl/cu118"
```

See `docs/specifying_dependencies.md` for a detailed explanation of the
format. The basic gist is that `project.dependencies` is what ends up on
pypi, while `tool.uv.sources` are your non-published additions. We do
support the full range or PEP 508, we just hide it in the docs and
prefer the exploded table for easier readability and less confusing with
actual url parts.

This format should eventually be able to subsume requirements.txt's
current use cases. While we will continue to support the legacy `uv pip`
interface, this is a piece of the uv's own top level interface. Together
with `uv run` and a lockfile format, you should only need to write
`pyproject.toml` and do `uv run`, which generates/uses/updates your
lockfile behind the scenes, no more pip-style requirements involved. It
also lays the groundwork for implementing index pinning.

## Changes

This PR implements:
* Reading and lowering `project.dependencies`,
`project.optional-dependencies` and `tool.uv.sources` into a new
requirements format, including:
  * Git dependencies
  * Url dependencies
  * Path dependencies, including relative and editable
* `pip install` integration
* Error reporting for invalid `tool.uv.sources`
* Json schema integration (works in pycharm, see below)
* Draft user-level docs (see `docs/specifying_dependencies.md`)

It does not implement:
* No `pip compile` testing, deprioritizing towards our own lockfile
* Index pinning (stub definitions only)
* Development dependencies
* Workspace support (stub definitions only)
* Overrides in pyproject.toml
* Patching/replacing dependencies

One technically breaking change is that we now require user provided
pyproject.toml to be valid wrt to PEP 621. Included files still fall
back to PEP 517. That means `pip install -r requirements.txt` requires
it to be valid while `pip install -r requirements.txt` with `-e .` as
content falls back to PEP 517 as before.

## Implementation

The `pep508` requirement is replaced by a new `UvRequirement` (name up
for bikeshedding, not particularly attached to the uv prefix). The still
existing `pep508_rs::Requirement` type is a url format copied from pip's
requirements.txt and doesn't appropriately capture all features we
want/need to support. The bulk of the diff is changing the requirement
type throughout the codebase.

We still use `VerbatimUrl` in many places, where we would expect a
parsed/decomposed url type, specifically:
* Reading core metadata except top level pyproject.toml files, we fail a
step later instead if the url isn't supported.
* Allowed `Urls`.
* `PackageId` with a custom `CanonicalUrl` comparison, instead of
canonicalizing urls eagerly.
* `PubGrubPackage`: We eventually convert the `VerbatimUrl` back to a
`Dist` (`Dist::from_url`), instead of remembering the url.
* Source dist types: We use verbatim url even though we know and require
that these are supported urls we can and have parsed.

I tried to make improve the situation be replacing `VerbatimUrl`, but
these changes would require massive invasive changes (see e.g.
https://github.com/astral-sh/uv/pull/3253). A main problem is the ref
`VersionOrUrl` and applying overrides, which assume the same
requirement/url type everywhere. In its current form, this PR increases
this tech debt.

I've tried to split off PRs and commits, but the main refactoring is
still a single monolith commit to make it compile and the tests pass.

## Demo

Adding
d1ae3b85d5/pyproject.json
as json schema (v7) to pycharm for `pyproject.toml`, you can try the IDE
support already:


![pycharm](https://github.com/astral-sh/uv/assets/6826232/599082c7-6be5-41c1-a3cd-516092382f8d)


[dove.webm](https://github.com/astral-sh/uv/assets/6826232/c293c272-c80b-459d-8c95-8c46a8d198a1)
 2024-05-03 21:10:50 +00:00
samypr100 2ffb252498
Update Rust to v1.78 (#3361) 
## Summary

Updates rust to 1.78 in `rust-toolchain.toml`

See: https://blog.rust-lang.org/2024/05/02/Rust-1.78.0.html

### Potential blockers

* homebre still on 1.77 -
https://github.com/Homebrew/homebrew-core/pull/170649
* conda-forge still on 1.77 - https://anaconda.org/conda-forge/rust
 2024-05-03 20:07:13 +00:00
Andrew Gallant 1089abda3f
require serde and rkyv everywhere; remove optional serde and rkyv features (#3345) 
In *some* places in our crates, `serde` (and `rkyv`) are optional
dependencies. I believe this was done out of reasons of "good sense,"
that is, it follows a Rust ecosystem pattern where serde integration
tends to be an opt-in crate feature. (And similarly for `rkyv`.)

However, ultimately, `uv` itself requires `serde` and `rkyv` to
function. Since our crates are strictly internal, there are limited
consumers for our crates without `serde` (and `rkyv`) enabled. I think
one possibility is that optional `serde` (and `rkyv`) integration means
that someone can do this:

    cargo test -p pep440_rs

And this will run tests _without_ `serde` or `rkyv` enabled. That in
turn could lead to faster iteration time by reducing compile times. But,
I'm not sure this is worth supporting. The iterative compilation times
of
individual crates are probably fast enough in debug mode, even with
`serde` and `rkyv` enabled. Namely, `serde` and `rkyv` themselves
shouldn't need to be re-compiled in most cases. On `main`:

```
from-scratch: `cargo test -p pep440_rs --lib` 0.685
incremental: `cargo test -p pep440_rs --lib` 0.278s
from-scratch: `cargo test -p pep440_rs --features serde,rkyv --lib` 3.948s
incremental: `cargo test -p pep440_rs --features serde,rkyv --lib` 0.321s
```

So while a from-scratch build does take significantly longer, an
incremental build is about the same.

The benefit of doing this change is two-fold:

1. It brings out crates into alignment with "reality." In particular,
   some crates were _implicitly_ relying on `serde` being enabled
   without explicitly declaring it. This technically means that our
   `Cargo.toml`s were wrong in some cases, but it is hard to observe it
   because of feature unification in a Cargo workspace.
2. We no longer need to deal with the cognitive burden of writing
   `#[cfg_attr(feature = "serde", ...)]` everywhere.
 2024-05-03 10:21:03 -04:00
Andrew Gallant 7772e6249f
add basic "install from lock file" operation (#3340) 
This PR principally adds a routine for converting a `Lock` to a
`Resolution`, where a `Resolution` is a map of package names pinned to
a specific version.

I'm not sure that a `Resolution` is ultimately what we want here (we
might need more stuff), but this was the quickest route I could find to
plug a `Lock` into our existing `uv pip install` infrastructure.

This commit also does a little refactoring of the `Lock` types. The
main thing is to permit extra state on some of the types (like a
`by_id` map on `Lock` for quick lookups of distributions) that aren't
included in the serialization format of a `Lock`. We achieve this
by defining separate `Wire` types that are automatically converted
to-and-from via `serde`.

Note that like with the lock file format types themselves, we leave a
few `todo!()` expressions around. The main idea is to get something
minimally working without spending too much effort here. (A fair bit
of refactoring will be required to generate a lock file, and it's
not clear how much this code will wind up needing to change anyway.)
In particular, we only handle the case of installing wheels from a
registry.

A demonstration of the full flow:

```
$ requirements.in
anyio
$ cargo run -p uv -- pip compile -p3.10 requirements.in --unstable-uv-lock-file
$ uv venv
$ cargo run -p uv -- pip install --unstable-uv-lock-file anyio -r requirements.in
Installed 5 packages in 7ms
 + anyio==4.3.0
 + exceptiongroup==1.2.1
 + idna==3.7
 + sniffio==1.3.1
 + typing-extensions==4.11.0
```

In order to install from a lock file, we start from the root and do a
breadth first traversal over its dependencies. We aren't yet filtering
on marker expressions (since they aren't in the lock file yet), but we
should be able to add that in the future. In so doing, the traversal
should select only the subset of distributions relevant for the current
platform.
 2024-05-03 08:18:36 -04:00
Zanie Blue 49675558eb
Split virtual environment detection into a dedicated module (#3331) 
Split out of https://github.com/astral-sh/uv/pull/3266
 2024-05-02 06:58:48 -05:00
Zanie Blue c28a2806b3
Separate interpreter selectors into `implementation` and `platform` modules (#3332) 
Split out of #3266

The "selector" concept doesn't seem well enough defined as-is. For
example, `PythonVersion` belongs there but isn't present. Going for
smaller modules instead.
 2024-05-02 11:55:01 +00:00
Zanie Blue 5048ccef3a
Update toolchain discovery to avoid runtime panic (#3330) 
Split out of https://github.com/astral-sh/uv/pull/3266

If `UV_BOOTSTRAP_DIR` and `CARGO_MANIFEST_DIR` are both unset, we
currently panic. This isn't good once we start to use managed toolchains
in production. We'll need to change this more later once the toolchain
directory is more user-facing.
 2024-05-02 06:44:16 -05:00
Zanie Blue 528bed5bed
Move `py` launcher handling into separate module (#3329) 
Split out of #3266 

Mostly an organizational change, with some error handling
simplification.
 2024-05-02 06:44:07 -05:00
konsti 2e27abd34a
Remove `Into::into` (#3337) 
Motivated by
https://github.com/astral-sh/uv/pull/3263#discussion_r1585896159

I don't think we can lint againt this since we do want to allow
`.into()`, just not the bare `Into::into` call.
 2024-05-02 10:26:42 +00:00
konsti 538a85b827
Add missing optional rkyv feature bound (#3336) 
`PackageName` needs to derive the rkyv types.
 2024-05-02 10:01:10 +00:00
Charlie Marsh c6137702a5
Accept `--no-upgrade`, `--no-refresh`, etc. on the CLI (#3328) 
## Summary

We added `--no-X` variants for all other flags, but omitted these. Seems
more consistent to support them.

Closes https://github.com/astral-sh/uv/issues/1900.
 2024-05-01 11:13:33 -07:00
Charlie Marsh 614c07329b
Allow `--force` to overwrite existing virtualenv (#2548) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2529.

## Test Plan

- `mkdir .venv`
- `touch .venv/foo`
- `cargo run venv` (ensure failure)
- `cargo run venv --force` (ensure success)
- `cargo run venv --force` (ensure success again)
 2024-05-01 16:34:52 +00:00
Zanie Blue 630d3fde5c
Merge `uv-toolchain` and `uv-interpreter` (#3265) 
Moves all of `uv-toolchain` into `uv-interpreter`. We may split these
out in the future, but the refactoring I want to do for interpreter
discovery is easier if I don't have to deal with entanglement. Includes
some restructuring of `uv-interpreter`.

Part of #2386
 2024-04-30 17:49:46 +00:00
Ibraheem Ahmed 1d2c57a259
Run resolve/install benchmarks in ci (#3281) 
## Summary

Runs resolver benchmarks in CI with CodSpeed.
 2024-04-30 13:39:42 -04:00
Zanie Blue 100dbe475c
Quote version parse errors consistently (#3325) 2024-04-30 12:20:14 -05:00
konsti d57af514d9
Centralize installed dist satisfies requirement check (#3324) 
Another split out from https://github.com/astral-sh/uv/pull/3263. This
abstracts the copy&pasted check whether an installed distribution
satisfies a requirement used by both plan.rs and site_packages.rs into a
shared module. It's less useful here than with the new requirement but
helps with reducing https://github.com/astral-sh/uv/pull/3263 diff size.
 2024-04-30 18:45:05 +02:00
konsti 66d750b2b9
Log which requirements were or weren't satisfied (#3319) 
Previously, a noop `uv pip install` would only show "Audited {}
package(s)" but no details, not even with `-vv`. Now it debug logs which
requirements were met and it also debug logs which requirement was
missing to trigger the full routine, allowing it investigate caching
behaviour.

First `uv pip install -v jupyter`:

```
DEBUG At least one requirement is not satisfied: jupyter
```

Second `uv pip install -v jupyter`:

```
DEBUG Found a virtualenv named .venv at: /home/konsti/projects/uv-main/.venv
DEBUG Cached interpreter info for Python 3.12.1, skipping probing: .venv/bin/python
DEBUG Using Python 3.12.1 environment at .venv/bin/python
DEBUG Trying to lock if free: .venv/.lock
DEBUG Requirement satisfied: anyio
DEBUG Requirement satisfied: anyio>=3.1.0
DEBUG Requirement satisfied: argon2-cffi-bindings
DEBUG Requirement satisfied: argon2-cffi>=21.1
DEBUG Requirement satisfied: arrow>=0.15.0
DEBUG Requirement satisfied: asttokens>=2.1.0
DEBUG Requirement satisfied: async-lru>=1.0.0
DEBUG Requirement satisfied: attrs>=22.2.0
DEBUG Requirement satisfied: babel>=2.10
...
DEBUG Requirement satisfied: webencodings
DEBUG Requirement satisfied: webencodings>=0.4
DEBUG Requirement satisfied: websocket-client>=1.7
DEBUG Requirement satisfied: widgetsnbextension~=4.0.10
DEBUG All editables satisfied: 
Audited 1 package in 12ms
```

This will clash with the `tool.uv.sources` PR, i'll rebase it on top.
 2024-04-30 15:39:41 +00:00
konsti 80ce32b3e9
Fix typos (#3323) 
Split out from https://github.com/astral-sh/uv/pull/3263
 2024-04-30 14:36:36 +00:00
Tim de Jager 9ae116f82b
fix: remove cache generic from builder (#3322) 
Just a small fix, remove generic argument that I think was unused.
 2024-04-30 08:27:55 -05:00
konsti 71fbd25a09
Refactor `Dist` constructors (#3320) 
Split out from #3263. No functional changes.
 2024-04-30 12:02:17 +02:00
Alexander Gherm f77583e036
Add `UV_NO_BUILD_ISOLATION` as environment variable (#3318) 
## Summary
Hi! Added `UV_NO_BUILD_ISOLATION` as a boolean environment variable for
the `--no-build-isolation` command-line option.

Closes https://github.com/astral-sh/uv/issues/3309

## Test Plan

Added new test `respect_no_build_isolation_env_var` to check that the
behaviour is the same as if the ``--no-build-isolation``
command-line-option is set.
 2024-04-30 04:18:33 +00:00
Charlie Marsh cf55c715f8
Expose `--python` as an environment variable (#3284) 
## Summary

This was requested offline, and seems reasonable to me.
 2024-04-30 03:32:40 +00:00
Ibraheem Ahmed c5cd808876
Remove uncondtional `serde` usage in uv-resolver (#3317) 
## Summary

Makes the `serde` implementations added in https://github.com/astral-sh/uv/pull/3314 conditional on uv-resolver's `serde` feature.
 2024-04-29 16:31:37 -04:00
Andrew Gallant d2e7c0554b
uv-resolver: add initial version of universal lock file format (#3314) 
This is meant to be a base on which to build. There are some parts
which are implicitly incomplete and others which are explicitly
incomplete. The latter are indicated by TODO comments.

Here is a non-exhaustive list of incomplete things. In many cases, these
are incomplete simply because the data isn't present in a
`ResolutionGraph`. Future work will need to refactor our resolver so
that this data is correctly passed down.

* Not all wheels are included. Only the "selected" wheel for the current
  distribution is included.
* Marker expressions are always absent.
* We don't emit hashes for certainly kinds of distributions (direct
  URLs, git, and path).
* We don't capture git information from a dependency specification.
  Right now, we just always emit "default branch."

There are perhaps also other changes we might want to make to the format
of a more cosmetic nature. Right now, all arrays are encoded using
whatever the `toml` crate decides to do. But we might want to exert more
control over this. For example, by using inline tables or squashing more
things into strings (like I did for `Source` and `Hash`). I think the
main trade-off here is that table arrays are somewhat difficult to read
(especially without indentation), where as squashing things down into a
more condensed format potentially makes future compatible additions
harder.

I also went pretty light on the documentation here than what I would
normally do. That's primarily because I think this code is going to
go through some evolution and I didn't want to spend too much time
documenting something that is likely to change.

Finally, here's an example of the lock file format in TOML for the
`anyio` dependency. I generated it with the following command:

```
cargo run -p uv -- pip compile -p3.10 ~/astral/tmp/reqs/anyio.in --unstable-uv-lock-file
```

And that writes out a `uv.lock` file:

```toml
version = 1

[[distribution]]
name = "anyio"
version = "4.3.0"
source = "registry+https://pypi.org/simple"

[[distribution.wheel]]
url = "2f20c40b45242c0b33774da0e2e34f/anyio-4.3.0-py3-none-any.whl"
hash = "sha256:048e05d0f6caeed70d731f3db756d35dcc1f35747c8c403364a8332c630441b8"

[[distribution.dependencies]]
name = "exceptiongroup"
version = "1.2.1"
source = "registry+https://pypi.org/simple"

[[distribution.dependencies]]
name = "idna"
version = "3.7"
source = "registry+https://pypi.org/simple"

[[distribution.dependencies]]
name = "sniffio"
version = "1.3.1"
source = "registry+https://pypi.org/simple"

[[distribution.dependencies]]
name = "typing-extensions"
version = "4.11.0"
source = "registry+https://pypi.org/simple"

[[distribution]]
name = "exceptiongroup"
version = "1.2.1"
source = "registry+https://pypi.org/simple"

[[distribution.wheel]]
url = "79fe92dd414cadab75055b0ae00b33/exceptiongroup-1.2.1-py3-none-any.whl"
hash = "sha256:5258b9ed329c5bbdd31a309f53cbfb0b155341807f6ff7606a1e801a891b29ad"

[[distribution]]
name = "idna"
version = "3.7"
source = "registry+https://pypi.org/simple"

[[distribution.wheel]]
url = "741d8c8280948df2ea0eda2c8b79e8/idna-3.7-py3-none-any.whl"
hash = "sha256:82fee1fc78add43492d3a1898bfa6d8a904cc97d8427f683ed8e798d07761aa0"

[[distribution]]
name = "sniffio"
version = "1.3.1"
source = "registry+https://pypi.org/simple"

[[distribution.wheel]]
url = "75a9c94214239abab1ea2cc8f38b40/sniffio-1.3.1-py3-none-any.whl"
hash = "sha256:2f6da418d1f1e0fddd844478f41680e794e6051915791a034ff65e5f100525a2"

[[distribution]]
name = "typing-extensions"
version = "4.11.0"
source = "registry+https://pypi.org/simple"

[[distribution.wheel]]
url = "936e2092671b43269810cd589ceaf5/typing_extensions-4.11.0-py3-none-any.whl"
hash = "sha256:c1f94d72897edaf4ce775bb7558d5b79d8126906a14ea5ed1635921406c0387a"
```
 2024-04-29 14:03:17 -04:00
Ahmed Ilyas a3b61a2644
add `UV_LINK_MODE` as env variable (#3315) 
Resolves https://github.com/astral-sh/uv/issues/3313

## Summary

Add a new env variable `UV_LINK_MODE` as alias for the cli argument
--link-mode.
Updated the README env variables section.

## Test Plan

Tested manually using `UV_LINK_MODE=hardlink cargo run -p uv pip install
flask`.
 2024-04-29 17:29:36 +00:00
konsti cedb8259f7
Avoid panic for file url (#3306) 
When using find links with a file url, we shouldn't panic because we
can't remove username/password for a host-less url.

See #3262
 2024-04-29 16:39:16 +02:00
konsti 1344cfae4b
Use fs_err for cachedir errors (#3304) 
When running

```
set UV_CACHE_DIR=%LOCALAPPDATA%\uv\cache-foo && uv venv venv
```

in windows CMD, the error would be just

```
error: The system cannot find the path specified. (os error 3)
```

The problem is that the first action in the cache dir is adding the tag,
and the `cachedir` crate is using `std::fs` instead of `fs_err`. I've
copied the two functions we use from the crate and changed the import
from `std::fs` to `fs_err`.

The new error is

```
error: failed to open file `C:\Users\Konstantin\AppData\Local\uv\cache-foo \CACHEDIR.TAG`
  Caused by: The system cannot find the path specified. (os error 3)
```

which correctly explains the problem.

Closes #3280
 2024-04-29 16:33:10 +02:00
konsti f63a1fde42
Fix span recording with install_wheel_rs (#3293) 
We would only record spans for `uv` prefixed crates, while the rayon
operations are in `install_wheel_rs`, therefore "disappearing" spans
from rayon.

With these changes, we can profile the parallel installation:


![jupyter](https://github.com/astral-sh/uv/assets/6826232/bb3c626a-ba9a-443d-9727-ac1e3bf14a71)
 2024-04-28 18:33:40 +00:00
Charlie Marsh eabefbf8a2
Ignore 401 errors with multiple indexes (#3292) 
## Summary

It seems like Azure might return a 401 when you request a package that
doesn't exist (even with valid credentials)? But I admittedly haven't
tested this. (We already skip 403, and this seems similar?)

Closes https://github.com/astral-sh/uv/issues/3291.
 2024-04-28 10:06:43 -04:00
Charlie Marsh 42a44dcfff
Fix serialization of index URLs (#3289) 
Closes https://github.com/astral-sh/uv/issues/3288.
 2024-04-27 12:52:06 +00:00
Charlie Marsh 028b407411
Bump version to v0.1.39 (#3286) 2024-04-27 07:18:16 -04:00
Charlie Marsh da89e53090
Fix documentation on `--cache-dir` CLI (#3285) 
## Summary

This looks like a copy-paste error.
 2024-04-27 02:28:00 +00:00
Yorick 43181f1933
Implement `--index-strategy unsafe-best-match` (#3138) 
## Summary

This index strategy resolves every package to the latest possible
version across indexes. If a version is in multiple indexes, the first
available index is selected.

Implements #3137 

This closely matches pip.

## Test Plan

Good question. I'm hesitant to use my certifi example here, since that
would inevitably break when torch removes this package. Please comment!
 2024-04-27 01:24:54 +00:00
Charlie Marsh a0e7d9fe87
Add a `--isolated` mode to ignore on-disk configuration (#3283) 
## Summary

We have the same thing in Ruff. Really useful.
 2024-04-26 23:33:34 +00:00
Charlie Marsh 845dc3d8d9
Add debug logging for `--target` (#3282) 2024-04-26 23:31:19 +00:00
Charlie Marsh ad99e3af63
Create `--target` directories lazily (#3274) 
## Summary

Based on feedback in
https://github.com/astral-sh/uv/pull/3257#issuecomment-2078560574.
 2024-04-26 03:36:56 +00:00
Charlie Marsh 1a4f7de831
Revise `compile_index_url_fallback_prefer_primary` (#3273) 
## Summary

Closes https://github.com/astral-sh/uv/issues/3238.
 2024-04-25 23:30:44 +00:00
Charlie Marsh ed8f6e4556
Add `--target` support to `sync` and `install` (#3257) 
## Summary

The approach taken here is to model `--target` as an install scheme in
which all the directories are just subdirectories of the `--target`.
From there, everything else... just works? Like, upgrade, uninstalls,
editables, etc. all "just work".

Closes #1517.
 2024-04-25 19:15:39 -04:00
Grzegorz Bokota fab8d858b6
fix platform_machine for macos arm (#3267) 
## Summary

based on PEP 508 the `platform_machine` should be same as
`platform.machine()` output:
https://peps.python.org/pep-0508/#environment-markers

From my macOS M2 

```python
In [1]: import platform

In [2]: platform.machine()
Out[2]: 'arm64'
```

I napari we also use `arm64` in requirements and it works as expected: 

9fcf63e69a/pyproject.toml (L120)

## Test Plan

<!-- How was it tested? -->
 2024-04-25 18:16:52 +00:00
Charlie Marsh 413859768d
Replace Twisted with an empty bz2 package (#3258) 
## Summary

This is just an empty package taken from packse, rezipped with `tar -cjf
bz2-1.0.0.tar.bz2 bz2-1.0.0`.
 2024-04-25 03:45:23 +00:00
Zanie Blue 3b6e16bb0e
Fix `uv-toolchain` requirement on `pep508_rs` (#3256) 2024-04-24 19:10:47 -04:00
Zanie Blue 0b23caa18d
Bump version to 0.1.38 (#3251) 2024-04-24 13:28:50 -05:00
Zanie Blue c22e15f07d
Warn when an unsupported Python version is encountered (#3250) 
I rebased https://github.com/astral-sh/uv/pull/2757 then realized that
we want to implement this for more than `uv venv`.

Closes https://github.com/astral-sh/uv/issues/2587
Closes https://github.com/astral-sh/uv/issues/2757

```
❯ cargo run -q -- pip install -p /Users/mz/bin/python3.7 anyio
warning: uv is only compatible with Python 3.8+, found Python 3.7.17.
Audited 1 package in 84ms

❯ cargo run -q -- venv -p /Users/mz/bin/python3.7
warning: uv is only compatible with Python 3.8+, found Python 3.7.17.
Using Python 3.7.17 interpreter at: /Users/mz/bin/python3.7
Creating virtualenv at: .venv
Activate with: source .venv/bin/activate
```

---------

Co-authored-by: Stevie Gayet <stegayet@users.noreply.github.com>
 2024-04-24 17:51:57 +00:00
Ibraheem Ahmed 20e9589662
Combine dependency clauses with the same root (#3225) 
## Summary

Simplifies dependency errors of the form `you require package-a and you
require package-b` to `you require package-a and package-b`. Resolves
https://github.com/astral-sh/uv/issues/1009.
 2024-04-24 12:34:32 -04:00
Zanie Blue eb27d742b9
Add `--python` support to `uv run` (#3189) 2024-04-24 16:03:50 +00:00
konsti 005b76770e
Update BUILD_VENDOR_LINKS_URL from packse version (#3246) 
Make `generate.py` update the packse version used in
`BUILD_VENDOR_LINKS_URL`.

Closes #3245
 2024-04-24 17:54:38 +02:00
Zanie Blue 691b7d26a0
Upgrade packse to 0.3.15 (#3244) 
Includes https://github.com/astral-sh/packse/pull/179 for #3225

```
uv pip compile scripts/scenarios/requirements.in -o scripts/scenarios/requirements.txt --refresh-package packse --upgrade
cargo dev fetch-python
source .env
./scripts/sync_scenarios.sh
```
 2024-04-24 10:54:03 -05:00
Zanie Blue 84bb6e1976
Remove `KeyringProvider.cache` (#3243) 
This is handled by `CredentialsCache.fetches` instead since #3237 

Moves the test demonstrating the flaw in the cache to the middleware
level.
 2024-04-24 15:39:24 +00:00
Zanie Blue a5abb8eb1e
Add keyring logs for URL and host fetches (#3212) 
So we can identify when we need to fall back to the host.
 2024-04-24 10:32:17 -05:00
Zanie Blue a07adf72de
Use read-write locks instead of mutexes in authentication handling (#3210) 
- Use `RwLock` for `KeyringProvider` cache
- Use `RwLock` for `CredentialsCache`
 2024-04-24 10:17:16 -05:00
Andrew Gallant 0b84eb0140
once-map: avoid hard-coding `Arc` (#3242) 
The only thing a `OnceMap` really needs to be able to do with the value
is to clone it. All extant uses benefited from having this done for them
by automatically wrapping values in an `Arc`. But this isn't necessarily
true for all things. For example, a value might have an `Arc` internally
to making cloning cheap in other contexts, and it doesn't make sense to
re-wrap it in an `Arc` just to use it with a `OnceMap`. Or
alternatively, cloning might just be cheap enough on its own that an
`Arc` isn't worth it.
 2024-04-24 11:11:46 -04:00
Andrew Gallant 67d8805ca8
uv-toolchain: use colocated temporary directory (#3240) 
Previously, this would use the "system" temporary directory.
Because we rename the resulting directory to its final destination,
and because renaming is implemented via hardlinking, and because
hardlinking doesn't work across mount points, and because /tmp is
commonly on a different mount point than where `uv` is checked out,
we "fix" this by putting the temporary directory somewhere close to
the final destination of the fetched artifact.

There are alternatives we might consider pursuing. For example,
if the `rename` fails, then we should probably do a recursive
directory copy. But this is a quick fix for now and it also
consistent with colocation of other temporary directories in `uv`.

The main downside of this change is that if a user does ^C while
`uv-dev fetch-python` is running, then there is no mechanism for
cleaning up temporary directories.
 2024-04-24 10:56:03 -04:00
Zanie Blue e92b38cfb9
Only perform fetches of credentials for a realm once (#3237) 
Closes https://github.com/astral-sh/uv/issues/3205

Tested with

`RUST_LOG=uv=trace cargo run -- pip install -r
scripts/requirements/trio.in --index-url
https://oauth2accesstoken@us-central1-python.pkg.dev/zb-test-project-421213/pypyi/simple/
--no-cache --keyring-provider subprocess -vv --reinstall 2>&1 | grep
keyring`

On `main` you can see a dozen keyring attempts at once. Here, the other
requests wait for the first attempt and only a single keyring call is
performed.
 2024-04-24 09:53:44 -05:00
Charlie Marsh 116d47ed03
Add alternate manylinux targets to `--python-platform` (#3229) 
## Summary

I initially implemented this by allowing arbitrary
`x86_64-manylinux_x_y`, but it makes the Clap, Serde, and Schemars
definitions more complicated, _and_ makes it harder for the user.
Ultimately, manylinux itself only provides images for 2_17 and 2_28, so
this seems like it should be sufficient.

Closes https://github.com/astral-sh/uv/issues/3222.
 2024-04-24 07:53:25 -04:00
Charlie Marsh 84989a3f49
Unroll self-dependencies via extras (#3230) 
## Summary

We now recursively expand any self-dependencies via extras, which lets
us detect conflicts sooner and avoid building unnecessary versions of
packages that are excluded via the extra.

Closes https://github.com/astral-sh/uv/issues/3135.
 2024-04-24 07:51:56 -04:00
konsti 3783292c43
Remove unused dependencies (#3236) 
`cargo shear --fix` and some manual fixing for tokio and flate2.

I wanted to prepare my branch and realized main also needs this.
 2024-04-24 11:18:24 +00:00
konsti a653670d04
Move RequirementsTxtRequirement to its own module (#3235) 
Small refactoring, no functional changes.
 2024-04-24 11:16:10 +00:00
konsti bed730571d
Fix single crate tokio features (#3234) 
Previously, uv-auth would fail to compile due to a missing process
feature. I chose to make all tokio features we use top level features,
so we can share the tokio cache between all test invocations.
 2024-04-24 08:55:15 +00:00
Charlie Marsh 8b711d2e4d
Avoid adding extras when expanding constraints (#3232) 
## Summary

See the diff in the tests. If you have a constraint with an extra, we
should respect it, but we shouldn't _add_ the extra to the requirements.
 2024-04-24 02:00:27 +00:00
Charlie Marsh c7d7b07408
Add test for extra-in-constraint (#3231) 
## Summary

We have the wrong behavior here, so starting by adding a test for it.
 2024-04-23 21:52:41 -04:00
Charlie Marsh 084408b88f
Upgrade macOS target to 12.0 (#3228) 
## Summary

macOS 11 has been EOL for 7 months, and it seems like it's common to
publish ARM-only wheels at 12.0+. I think this is a better default for
ARM macs.

Closes https://github.com/astral-sh/uv/issues/3227.

## Test Plan

`cargo run pip install scikit-learn==1.3.2 --python-platform macos
--no-build`
 2024-04-23 23:28:14 +00:00
Michael Ritsema 936facfb08
Gave a better name to the `--color` placeholder (#3226) 
## Summary

The cli gives <COLOR> as value placeholder which is misleading. I
changed this to <COLOR_CHOICE> to make it obvious you don't supply a
color but a ColorChoice value.

## Test Plan

Compiled and verified --help text was correct
 2024-04-23 18:13:17 -04:00
samypr100 308f95fce1
chore: use uv-version in uv-virtualenv (#3221) 
## Summary

This is mainly a cleanup PR to leverage uv-version in uv-virtualenv
instead of passing it via `uv`.
In #1852 I introduced the ability to pass extra cfg to `gourgeist` for
the primary purpose of passing the uv version, but since the dawn of the
uv-version crate dynamically passing more values to pyvenv.cfg is no
longer needed.

## Test Plan

Existing `uv` tests should still verify `uv = <version>` exists in the
venv and make sure no regressions were introduced.
 2024-04-23 16:18:40 -04:00
Charlie Marsh 697d821343
Reinstall package when editable label is removed (#3219) 
## Summary

Closes https://github.com/astral-sh/uv/issues/3200.
 2024-04-23 19:03:44 +00:00
haarisr 1c2a7f6a85
Use directory instead of file when searching for uv.toml file (#3203) 
## Summary

The function `find_in_directory` joins `uv.toml`. The initial join in
`user` is redundant.

Also a small comment fix.

## Test Plan

Not really sure how to test this. Please suggest if any tests need to be
added.
 2024-04-23 14:36:38 -04:00
Ibraheem Ahmed fa53de9223
Avoid Removing Quotes From Requirement Markers (#3214) 
## Summary

Avoid removing quotes from markers, e.g. `numpy (>=1.19) ;
python_version >= "3.7"` should not be rewritten. Fixes
https://github.com/astral-sh/uv/issues/2551.

This PR also makes fixups a bit more flexible internally for fixes that
aren't simple to implement with a pure regex replacement, like this one.
https://github.com/astral-sh/uv/pull/1529 fixed a similar problem but
the current regex is still not smart enough to avoid all markers
completely (like `python_version`).

## Test Plan

Added a few unit tests.
 2024-04-23 14:07:51 -04:00
konsti 70ee3b7cd2
An enum and backticks for lookahead error (#3216) 
Mostly a small refactor, adds backticks to be coherent with #3004.
 2024-04-23 17:28:10 +00:00
konsti 4a49ff4372
Rename ancillary direct url types to parsed url (#3211) 
Followup to #3187. Renaming only
 2024-04-23 14:51:23 +00:00
Zanie Blue 645d0399fd
Bump version to 0.1.37 (#3208) 2024-04-23 14:35:27 +00:00
Zanie Blue b8302d44de
Improve tracing for keyring provider (#3207) 2024-04-23 09:23:21 -05:00
Zanie Blue 598a67cf31
Fix fetch of credentials when cache is seeded with username (#3206) 
Fixes the failure to lookup credentials in
https://github.com/astral-sh/uv/issues/3205

The issue is that we seed the cache with the index URL which includes a
username but no password. We did not ensure that a password was present
in the cached credentials before attempting a request with them. Now,
the cache will not return credentials when a username is provided and
the cached credentials have no password — the cached credentials are
useless in that case.

Tested with a Google Artifact Registry and keyring

```
RUST_LOG=uv=trace cargo run -q -- pip install requests --index-url https://oauth2accesstoken@us-central1-python.pkg.dev/<project>/pypi/simple/ --no-cache --keyring-provider subprocess -v
```
 2024-04-23 09:02:29 -05:00
哇呜哇呜呀咦耶 65efaf70da
Make KeyringProvider::fetch_* async (#3089) 
To resolve #3073
 2024-04-23 07:58:00 -05:00
Charlie Marsh ad923b71a7
Improve `--python-platform` documentation (#3202) 
See:
https://github.com/astral-sh/uv/pull/3154#pullrequestreview-2016083883
 2024-04-23 02:42:30 +00:00
renovate[bot] 054fa3e439
Update Rust crate zip to v1 (#3175) 2024-04-22 22:17:44 -04:00
Charlie Marsh 14f05f27b3
Add ticks around error messages more consistently (#3004) 
## Summary

I found some of these too bare (e.g., when they _just_ show a package
name with no other information). For me, this makes it easier to
differentiate error message copy from data. But open to other opinions.
Take a look at the fixture changes and LMK!
 2024-04-22 23:58:36 +00:00
Charlie Marsh 8536e63438
Add `--python-platform` to `sync` and `install` commands (#3154) 
## Summary

pip supports providing a `--platform` to `pip install`, which can be
used to seed an environment (e.g., for use in a container or otherwise).
This PR adds `--python-platform` to our commands to support a similar
workflow. It has some caveats, which are documented on the CLI.

Closes #2079.
 2024-04-22 19:31:55 -04:00
konsti d10903f0a4
30s default http read timeout (#3182) 
Since we're now using read timeouts and not total timeouts, we can use a
lower threshold, a single read shouldn't take 5 min (and not even 10s).

The 10s value is somewhat arbitrary.

Like #3144, this is a breaking change in some sense.
 2024-04-22 19:05:44 -04:00
Zanie Blue b9419e67aa
Add preview mode and use for warning in `uv run` (#3192) 
Adds hidden `--preview` / `--no-preview` flags with `UV_PREVIEW`
environment variable support. Copies the `PreviewMode` type from Ruff.

Does a little bit of extra work to port `uv run` to the new settings
model.

Note we allow `uv run` invocations without preview and only use its
presence to toggle an experimental warning.

## Test plan

```
❯ cargo run -q -- run --no-workspace -- python --version
warning: `uv run` is experimental and may change without warning.
Python 3.12.2
❯ cargo run -q -- run --no-workspace --preview -- python --version
Python 3.12.2
❯ UV_PREVIEW=1 cargo run -q -- run --no-workspace -- python --version
Python 3.12.2
```
 2024-04-22 15:41:15 -05:00
Zanie Blue 78cd9991d7
Bump version to 0.1.36 (#3193) 2024-04-22 13:55:55 -05:00
renovate[bot] 04eaee7e19
Update Rust crate pyo3 to 0.21.0 (#2911) 2024-04-22 18:27:22 +00:00
Zanie Blue f98eca8843
Fix authentication for URLs with a shared realm (#3130) 
In #2976 I made some changes that led to regressions:

- We stopped tracking URLs that we had not seen credentials for in the
cache
- This means the cache no longer returns a value to indicate we've seen
a realm before
- We stopped seeding the cache with URLs 
- Combined with the above, this means we no longer had a list of
locations that we would never attempt to fetch credentials for
- We added caching of credentials found on requests
- Previously the cache was only populated from the seed or credentials
found in the netrc or keyring
- This meant that the cache was populated for locations that we
previously did not cache, i.e. GitHub artifacts(?)

Unfortunately this unveiled problems with the granularity of our cache.
We cache credentials per realm (roughly the hostname) but some realms
have mixed authentication modes i.e. different credentials per URL or
URLs that do not require credentials. Applying credentials to a URL that
does not require it can lead to a failed request, as seen in #3123 where
GitHub throws a 401 when receiving credentials.

To resolve this, the cache is expanded to supporting caching at two
levels:

- URL, cached URL must be a prefix of the request URL
- Realm, exact match required

When we don't have URL-level credentials cached, we attempt the request
without authentication first. On failure, we'll search for realm-level
credentials or fetch credentials from external services. This avoids
providing credentials to new URLs unless we know we need them.

Closes https://github.com/astral-sh/uv/issues/3123
 2024-04-22 13:06:57 -05:00
Charlie Marsh 41b29b2dc4
Add support for embedded Python on Windows (#3161) 
## Summary

References:
-
cad550030a/src/virtualenv/create/via_global_ref/builtin/cpython/cpython3.py (L58-L68)
- https://github.com/pypa/virtualenv/pull/2353
- https://github.com/pypa/virtualenv/issues/2368

Closes https://github.com/astral-sh/uv/issues/1656.
 2024-04-22 13:34:27 -04:00
Charlie Marsh 792a917a97
Restrict observed requirements to direct when `--no-deps` is specified (#3191) 
## Summary

This PR avoids: (1) using the lookahead resolver when `--no-deps` is
specified (we'll never use those requirements), and (2) including any
transitive requirements when searching for allowed URLs, etc., when
`--no-deps` is specified.

Closes https://github.com/astral-sh/uv/issues/3183.
 2024-04-22 17:17:58 +00:00
Charlie Marsh a4f125ca34
Avoid waiting for metadata for `--no-deps` editables (#3188) 
## Summary

We don't emit a request for this, so we shouldn't wait for it either --
we already have the metadata!

Closes https://github.com/astral-sh/uv/issues/3184.
 2024-04-22 16:29:19 +00:00
konsti 725004dcf1
Rename the second direct url to parsed url (#3187) 
Previously, we got `pypi_types::DirectUrl` (the pypa spec
direct_url.json format) and `distribution_types::DirectUrl` (an enum of
all the url types we support). This lead me to confusion, so i'm
renaming the latter one to the more appropriate `ParsedUrl`.
 2024-04-22 14:38:27 +00:00
konsti 82c4772e89
Move unnamed requirements to their own pep508_rs module and requirements-txt (#3186) 
Another refactoring in preparation of using a richer requirements type.
No functional changes, only moves code around
 2024-04-22 14:02:39 +00:00
konsti f29c991e21
Dedicated error type for direct url parsing (#3181) 
Add a dedicated error type for direct url parsing. This change is broken
out from the new uv requirement type, which uses direct url parsing
internally.
 2024-04-22 11:57:36 +00:00
Grzegorz Bokota 7efd13ca33
Add UV_CONSTRAINT environment variable to provide value for `--constraint` (#3162) 
## Summary

This PR is adding `UV_CONSTRAINT` environment variable as analogous to
`PIP_CONSTRAINT` to allow providing constraint file via environment
variable. Implementing this will simplify adoption of uv in testing
procedure in projects that I'm involved (testing using tox).

This was my motivation for opening #1841 that is closed in favor of
#1789 which was closed without implementing this feature.

In this implementation, I have used space as a separator as analogous to
`pip`. This introduces an obvious problem if the path contains space.
Another option could be to use standard separator (`:` - UNIX like, `;`
- Windows). Which one did you prefer?

## Test Plan

It is my first contribution and first rust coding experience. It will be
nice if one could point how I should implement testing this.
 2024-04-20 17:32:28 -04:00
Charlie Marsh bf1036832f
Fix `venvlauncher.exe` reference in venv creation (#3160) 
I can't get this to reproduce on GitHub Actions -- maybe the builds
there differ, or maybe the builds changed since we added this fix? I'll
check locally, but regardless, this is a typo.

Closes #3158.
 2024-04-20 14:16:47 +00:00
Charlie Marsh b4ee7d7359
Bump version to v0.1.35 (#3153) 2024-04-19 19:58:15 -04:00
Charlie Marsh 4a98839c1d
Move argument normalization into settings construction (#3103) 
## Summary

No behavior changes, but the idea here is that we move the argument
normalization code (e.g., create an `Upgrade` struct from `--upgrade`
and `--upgrade-package`) into the `settings.rs` file, where we build the
common settings structs.

This reduces a lot of the logic and duplication across commands in
`main.rs`.
 2024-04-19 23:45:08 +00:00
Charlie Marsh fda378fd29
Avoid preferring constrained over unconstrained packages (#3148) 
## Summary

pip prefers somewhat-constrained over unconstrained packages... but only
if they're at equal depths in the tree. We don't have a way to track the
latter property yet (I've added a TODO), so for now, we should remove
this constraint -- it seems to be counter-productive.

I've filed https://github.com/astral-sh/uv/issues/3149 as a follow-up.

Closes https://github.com/astral-sh/uv/issues/3143

## Test Plan

- `git clone https://github.com/drivendataorg/zamba.git`
- `cat "-e .[tests]" > req.in`
- `cargo run venv && cargo run pip compile req.in --refresh -n
--python-platform linux --python-version 3.8`
 2024-04-19 23:30:08 +00:00
Charlie Marsh 70b6bde254
Add `--python-platform` to configuration (#3147) 
## Summary

Just for consistency with `--python-version`.
 2024-04-19 23:08:03 +00:00
Charlie Marsh 5e4e2fa0bf
Rename `--platform` to `--python-platform` (#3146) 
## Summary

`--platform` is a flag that exists in `pip` and it has a different
meaning. (Not breaking as this hasn't been released yet anyway.)
 2024-04-19 22:24:23 +00:00
Zanie Blue 4046b2bcfa
Allow `uv run` to execute Python scripts directly (#3110) 
e.g. `uv run foo.py` implies `python foo.py`

Future work includes #3096
 2024-04-19 21:29:57 +00:00
Zanie Blue 91e32fec6f
Bump `astral-test` commit snapshots (#3145) 
I added distributions to these projects so the commit changed.

We could pin but we want to test for resolution... so we don't. These
are pretty static so this should be rare.
 2024-04-19 21:20:34 +00:00
Charlie Marsh 9f2bc19eaf
Enforce HTTP timeouts on a per-read (rather than per-request) basis (#3144) 
## Summary

This leverages the new `read_timeout` property, which ensures that (like
pip) our timeout is not applied to the _entire_ request, but rather, to
each individual read operation.

Closes: #1921.

See: #1912.
 2024-04-19 16:49:53 -04:00
Zanie Blue 31765c05bd
Default to `python` when `uv run` does not recieve a command (#3109) 
This means that a bare `uv run` invocation drops you into a REPL.

This behavior is internally controversial, and may best be served by a
dedicated `uv repl` command. I would imagine it's important to fail if
no command is given in _some_ circumstances, but those may be resolved
by _not_ doing this if we do not detect a TTY.

Regardless, I'm interested in giving this a try for a bit during this
experimental phase.
 2024-04-19 15:15:38 +00:00
Zanie Blue 9bcc1943cc
Allow workspace requirements to be ignored during `uv run` (#3108) 2024-04-19 14:52:04 +00:00
Zanie Blue 01a7b7a088
Read base requirements from `pyproject.toml` in `uv run` (#3101) 
In addition to the requested requirements, we include requirements from
a `pyproject.toml` file if it exists and install the current directory.

Closes https://github.com/astral-sh/uv/issues/3104
 2024-04-19 14:36:03 +00:00
Zanie Blue becb12642a
Add `uv run --with <pkg>` to run a command with ephemeral requirements (#3077) 
Holy cow does installation / resolution take a ton of options. We
side-step most of them here.

If the current environment satisfies the requirements, it is used.
Otherwise, we create a new environment with the requested dependencies.
 2024-04-19 09:23:26 -05:00
Jack Cherng 7a163ba9f1
Fix `uv pip compile` with `UV_SYSTEM_PYTHON=1` (#3136) 
## Summary

Following up 

- https://github.com/astral-sh/uv/pull/3113
- https://github.com/astral-sh/uv/pull/3115

It looks like `uv pip compile` command with `UV_SYSTEM_PYTHON` is missed
because these two PRs are close in time. And thus resulting in


```bash
$ uv --version
uv 0.1.34 (9259eceeb 2024-04-19)
$ UV_SYSTEM_PYTHON=1 uv pip compile --upgrade requirements.in -o requirements.txt
error: invalid value '1' for '--system'
  [possible values: true, false]

For more information, try '--help'.
```

Signed-off-by: Jack Cherng <jfcherng@gmail.com>
 2024-04-19 08:48:55 -04:00
Charlie Marsh 93559d5c2a
Add a `--platform` argument to enable resolving against a target platform (#3111) 
## Summary

I've wanted to try this for a long time, so decided to give it a shot.
The basic idea is that you can provide a target triple (e.g.,
`--platform x86_64-pc-windows-msvc`) and resolve against that platform,
rather than the currently-running platform. It's functionally similar to
`--python-version`, though a bit simpler since there's no need to engage
with `Requires-Python`.

Our infrastructure is well-setup for this and so, in the end, it's
actually pretty straightforward: for each triple, we just need to
override the markers and platform tags.
 2024-04-18 22:57:41 -04:00
Charlie Marsh 9259eceebc
Bump version to v0.1.34 (#3134) 2024-04-19 02:15:04 +00:00
Charlie Marsh a241bc79b1
Add priorities for editables (#3133) 
## Summary

We weren't setting a priority for editables, so they were being visited
last.

I think there's still a problem whereby we're not aggressive enough in
visiting recursive extras (and, in fact, that's making it really hard to
write a test -- I wrote a test, but the most-reduced case still fails,
and I'd need to add a layer of indirection to make it
fail-on-main-but-pass-on-this-branch), but that problem likely already
existed on main prior to #3087, so I just want to get this quick fix out
now.

Closes https://github.com/astral-sh/uv/issues/3127.

## Test Plan

- `git clone https://github.com/cda-tum/mqt-core.git`
- `cargo run venv`
- `cargo run pip install 'scikit-build-core[pyproject]>=0.8.1'
'setuptools_scm>=7' 'pybind11>=2.12' --resolution=lowest-direct`
- `cargo run pip install --no-build-isolation
'-ve.[test,qiskit,evaluation,coverage]' --resolution=lowest-direct`
 2024-04-19 02:04:58 +00:00
Charlie Marsh 2e88bb6f1b
Add a proxy layer for extras (#3100) 
Given requirements like:

```
black==23.1.0
black[colorama]
```

The resolver will (on `main`) add a dependency on Black, and then try to
use the most recent version of Black to satisfy `black[colorama]`. For
sake of example, assume `black==24.0.0` is the most recent version. Once
the selects this most recent version, it'll fetch the metadata, then
return the dependencies for `black==24.0.0` with the `colorama` extra
enabled. Finally, it will tack on `black==24.0.0` (a dependency on the
base package). The resolver will then detect a conflict between
`black==23.1.0` and `black==24.0.0`, and throw out
`black[colorama]==24.0.0`, trying to next most-recent version.

This is both wasteful and can cause problems, since we're fetching
metadata for versions that will _never_ satisfy the resolver. In the
`apache-airflow[all]` case, I also ran into an issue whereby we were
attempting to build very old versions of `apache-airflow` due to
`apache-airflow[pandas]`, which in turn led to resolution failures.

The solution proposed here is that we create a new proxy package with
exactly two dependencies: one on `black` and one of `black[colorama]`.
Both of these packages must be at the same version as the proxy package,
so the resolver knows much _earlier_ that (in the above example) the
extra variant _must_ match `23.1.0`.
 2024-04-19 01:04:59 +00:00
Zanie Blue 822ae19879
Restore seeding of authentication cache from index URLs (#3124) 
Roughly reverts
f7820ceaa7
to reduce possible race conditions for pre-authenticated index URLs

Part of:

- https://github.com/astral-sh/uv/issues/3123
- https://github.com/astral-sh/uv/issues/3122
 2024-04-18 19:48:21 -05:00
Charlie Marsh 5ca5d7da67
Add test for avoiding irrelevant extras (#3107) 
## Summary

This PR adds a test that currently leads to an error, but should
successfully resolve as of https://github.com/astral-sh/uv/pull/3100.

The core idea is that if we have a pinned package, we shouldn't try to
build other versions of that package if we have an unconstrained variant
with an extra.
 2024-04-19 00:47:27 +00:00
Charlie Marsh 3c9d925531
Avoid treating localhost URLs as local file paths (#3132) 
## Summary

Closes https://github.com/astral-sh/uv/issues/3128.

## Test Plan

- `python -m http.server`
- `cargo run pip install
"http://localhost:8000/werkzeug-3.0.2-py3-none-any.whl"`
- `cargo run pip install
"http://localhost:8000/werkzeug-3.0.2-py3-none-any.whl"`
 2024-04-19 00:37:33 +00:00
Charlie Marsh 0ce039d1f9
Remove `Option<bool>` for `--no-cache` (#3129) 
## Summary

This was unintended. We ended up reverting `Option<bool>` everywhere,
but I missed this once since it's in a separate file.

(If you use `Option<bool>`, Clap requires a value, like `--no-cache
true`.)

## Test Plan

`cargo run pip install flask --no-cache`
 2024-04-18 22:56:46 +00:00
Charlie Marsh 822e3dc0c5
Add `UV_REQUIRE_HASHES` environment variable (#3125) 
Closes https://github.com/astral-sh/uv/issues/3117.
 2024-04-18 21:07:08 +00:00
konsti c9eefc0833
Reset default `-v` level to debug (#3120) 
Fixup from
https://github.com/astral-sh/uv/pull/2815/files#diff-9b6f8f13cfc3c9d7ef554182fa52c7466fa6037da54a97c03855b6068b481848L127-R127
 2024-04-18 13:34:04 +00:00
Charlie Marsh 7688f464c8
Allow `--python` and `--system` on `pip compile` (#3115) 
## Summary

I think these are useful to have for consistency, though the `--system`
variant requires some new threading.

Closes: https://github.com/astral-sh/uv/issues/2242.
 2024-04-18 04:55:49 +00:00
Charlie Marsh 37aefbd199
Use `BoolishValueParser` for boolean environment variables (#3113) 
## Summary

Right now, we only accept _exactly `UV_NATIVE_TLS=true` and
`UV_NATIVE_TLS=false`. `BoolishValueParser` accepts a wider range of
values:

```rust
/// True values are `y`, `yes`, `t`, `true`, `on`, and `1`.
pub(crate) const TRUE_LITERALS: [&str; 6] = ["y", "yes", "t", "true", "on", "1"];

/// False values are `n`, `no`, `f`, `false`, `off`, and `0`.
pub(crate) const FALSE_LITERALS: [&str; 6] = ["n", "no", "f", "false", "off", "0"];
```

I tend to use `0` and `1` personally so this surprised me.
 2024-04-18 00:37:38 -04:00
Chan Kang 8c7d0a31e6
Hide password in the index printed via `--emit-index-annotation` (#3112) 
## Summary

resolves https://github.com/astral-sh/uv/issues/3106

## Test Plan

added a simple test where the password provided in `UV_INDEX_URL` is
hidden in the output as expected.
 2024-04-18 03:59:44 +00:00
Zanie Blue 01532d98c4
Add integration test coverage for netrc authentication (#3068) 
Closes https://github.com/astral-sh/uv/issues/2465
 2024-04-17 14:05:24 -05:00
Charlie Marsh aea8b0ae6c
Rename `--compile` to `--compile-bytecode` (#3102) 
## Summary

With an alias for backwards compatibility. It's clearer and matches the
setting in the TOML configuration (where `compile` was deemed too
vague).
 2024-04-17 15:05:10 -04:00
Charlie Marsh 67d879dcad
Add integration tests for configuration discovery (#3082) 2024-04-17 18:21:44 +00:00
Charlie Marsh f846fdc2b9
Add negation flags to the CLI (#3050) 
## Summary

Now that we can pick up configuration values from persistent files, we
need to enable users to _disable_ those values from the CLI. For
example, if a user has `emit_index_url = true` in the configuration
file, they should be able to do `--no-emit-index-url` on the
command-line. This PR adds support for such negations, following the
same patterns we use in Ruff.
 2024-04-17 14:16:09 -04:00
Charlie Marsh dfccdb0e39
Enable global configuration files (#3049) 
## Summary

Enables `uv` to read configuration from (e.g.)
`/Users/crmarsh/.config/uv/uv.toml` on macOS and Linux, and
`C:\Users\Charlie\AppData\Roaming\uv\uv.toml` on Windows.

This differs slightly from Ruff, which uses the `Application Support`
directory on macOS. But I've deviated here. based on the preferences
expressed in https://github.com/astral-sh/ruff/issues/10739.
 2024-04-17 13:59:50 -04:00
Charlie Marsh c6e75f8b35
Add `--config-file` support (#3047) 
## Summary

Users can now pass a config file on the command line, e.g., with
`--config-file /path/to/file.py`.
 2024-04-17 17:32:29 +00:00
Charlie Marsh 7fb2bf816f
Add JSON Schema support (#3046) 
## Summary

This PR adds JSON Schema support. The setup mirrors Ruff's own.
 2024-04-17 17:24:41 +00:00
Zanie Blue 7c5b13c412
Add integration test coverage for keyring authentication (#3067) 
Closes https://github.com/astral-sh/uv/issues/2464
 2024-04-17 12:23:26 -05:00
Charlie Marsh e5d4ea55ca
Merge workspace settings with CLI settings (#3045) 
## Summary

This PR adds the structs and logic necessary to respect settings from
the workspace. It's a ton of code, but it's mostly mechanical. And,
believe it or not, I pulled out a few refactors in advance to trim down
the code and complexity.

The highlights are:

- All CLI arguments are now `Option`, so that we can detect whether they
were provided (i.e., we can't let Clap fill in the defaults).
- We now have a `*Settings` struct for each command, which merges the
CLI and workspace options (e.g., `PipCompileSettings`).

I've only implemented `PipCompileSettings` for now. If approved, I'll
implement the others prior to merging, but it's very mechanical and I
both didn't want to do the conversion prior to receiving feedback _and_
realized it would make the PR harder to review.
 2024-04-17 17:03:29 +00:00
Zanie Blue dcc2c6865c
Create ephemeral virtual environments for `uv run` (#3075) 
If a virtual environment does not exist, we will create one for the
duration of the invocation.

Adds an `--isolated` flag to force this behavior (ignoring an existing
virtual environment).
 2024-04-17 16:32:04 +00:00
Zanie Blue f7b83e9e83
Add `uv run` command (#3074) 
Adds `uv run` which executes a command in your current virtual
environment.

This is a simple first milestone, lots of remaining work and behavior.
The command is hidden.
 2024-04-17 11:20:43 -05:00
Zanie Blue 2cee7525c7
Bump version to 0.1.33 (#3094) 2024-04-17 10:34:13 -05:00
Charlie Marsh b456fa2939
Incorporate heuristics to improve package prioritization (#3087) 
See: https://github.com/astral-sh/uv/issues/3078
 2024-04-17 14:21:42 +00:00
Charlie Marsh 5be47f698e
Un-hide `--require-hashes` CLI argument (#3093) 
## Summary

An oversight from the release.
 2024-04-17 13:48:45 +00:00
Charlie Marsh d6f9ea9d54
Skip configuration loading while unused (#3092) 
## Summary

No benefit to doing this until it actually ships.
 2024-04-17 13:46:08 +00:00
konsti d1b07a3f49
Log versions tried from batch prefetch (#3090) 
This is required for evaluating #3087.

This also removes tracking of virtual packages from extras from the
batch prefetcher (we only track real packages).

Let's look at some stats:
* jupyter: Tried 100 versions: anyio 1, argon2-cffi 1,
argon2-cffi-bindings 1, arrow 1, asttokens 1, async-lru 1, attrs 1,
babel 1, beautifulsoup4 1, bleach 1, certifi 1, cffi 1,
charset-normalizer 1, comm 1, debugpy 1, decorator 1, defusedxml 1,
exceptiongroup 1, executing 1, fastjsonschema 1, fqdn 1, h11 1, httpcore
1, httpx 1, idna 1, ipykernel 1, ipython 1, ipywidgets 1, isoduration 1,
jedi 1, jinja2 1, json5 1, jsonpointer 1, jsonschema 1,
jsonschema-specifications 1, jupyter 1, jupyter-client 1,
jupyter-console 1, jupyter-core 1, jupyter-events 1, jupyter-lsp 1,
jupyter-server 1, jupyter-server-terminals 1, jupyterlab 1,
jupyterlab-pygments 1, jupyterlab-server 1, jupyterlab-widgets 1,
markupsafe 1, matplotlib-inline 1, mistune 1, nbclient 1, nbconvert 1,
nbformat 1, nest-asyncio 1, notebook 1, notebook-shim 1, overrides 1,
packaging 1, pandocfilters 1, parso 1, pexpect 1, platformdirs 1,
prometheus-client 1, prompt-toolkit 1, psutil 1, ptyprocess 1, pure-eval
1, pycparser 1, pygments 1, python-dateutil 1, python-json-logger 1,
pyyaml 1, pyzmq 1, qtconsole 1, qtpy 1, referencing 1, requests 1,
rfc3339-validator 1, rfc3986-validator 1, root 1, rpds-py 1, send2trash
1, six 1, sniffio 1, soupsieve 1, stack-data 1, terminado 1, tinycss2 1,
tomli 1, tornado 1, traitlets 1, types-python-dateutil 1,
typing-extensions 1, uri-template 1, urllib3 1, wcwidth 1, webcolors 1,
webencodings 1, websocket-client 1, widgetsnbextension 1
* boto3: botocore 1697, boto3 849, urllib3 2, jmespath 1,
python-dateutil 1, root 1, s3transfer 1, six 1
* transformers-extras: Tried 1191 versions: sagemaker 152, hypothesis
67, tensorflow 21, jsonschema 19, tensorflow-cpu 18, multiprocess 10,
pathos 10, tensorflow-text 10, chex 8, tf-keras 8, tf2onnx 8, aiohttp 6,
aiosignal 6, alembic 6, annotated-types 6, apscheduler 6, attrs 6,
backoff 6, binaryornot 6, black 6, boto3 6, click 6, coloredlogs 6,
colorlog 6, dash 6, dash-bootstrap-components 6, dlinfo 6,
exceptiongroup 6, execnet 6, fire 6, frozenlist 6, gitdb 6, google-auth
6, google-auth-oauthlib 6, hjson 6, iniconfig 6, jinja2-time 6, markdown
6, markdown-it-py 6, markupsafe 6, mpmath 6, namex 6, nbformat 6, ninja
6, nvidia-nvjitlink-cu12 6, onnxconverter-common 6, pandas 6, plac 6,
platformdirs 6, pluggy 6, portalocker 6, poyo 6, protobuf3-to-dict 6,
py-cpuinfo 6, py3nvml 6, pyarrow 6, pyarrow-hotfix 6, pydantic-core 6,
pygments 6, pynvml 6, pypng 6, python-slugify 6, responses 6,
smdebug-rulesconfig 6, soupsieve 6, sqlalchemy 6,
tensorboard-data-server 6, tensorboard-plugin-wit 6, tensorboardx 6,
threadpoolctl 6, tomli 6, wasabi 6, wcwidth 6, werkzeug 6, wheel 6,
xxhash 6, zipp 6, etils 5, tensorboard 5, beautifulsoup4 4, cffi 4,
clldutils 4, codecarbon 4, datasets 4, dill 4, evaluate 4, gitpython 4,
hf-doc-builder 4, kenlm 4, librosa 4, llvmlite 4, nest-asyncio 4, nltk
4, optuna 4, parameterized 4, phonemizer 4, psutil 4, pyctcdecode 4,
pytest 4, pytest-timeout 4, pytest-xdist 4, ray 4, rjieba 4, rouge-score
4, ruff 4, sacrebleu 4, sacremoses 4, sigopt 4, sortedcontainers 4,
tensorstore 4, timeout-decorator 4, toolz 4, torchaudio 4, accelerate 3,
audioread 3, cookiecutter 3, decorator 3, deepspeed 3, faiss-cpu 3, flax
3, fugashi 3, ipadic 3, isort 3, jax 3, jaxlib 3, joblib 3, keras-nlp 3,
lazy-loader 3, numba 3, optax 3, pooch 3, pydantic 3, pygtrie 3, rhoknp
3, scikit-learn 3, segments 3, soundfile 3, soxr 3, sudachidict-core 3,
sudachipy 3, torch 3, unidic 3, unidic-lite 3, urllib3 3, absl-py 2,
arrow 2, astunparse 2, async-timeout 2, botocore 2, cachetools 2,
certifi 2, chardet 2, charset-normalizer 2, csvw 2, dash-core-components
2, dash-html-components 2, dash-table 2, diffusers 2, dm-tree 2,
fastjsonschema 2, flask 2, flatbuffers 2, fsspec 2, ftfy 2, gast 2,
google-pasta 2, greenlet 2, grpcio 2, h5py 2, humanfriendly 2, idna 2,
importlib-metadata 2, importlib-resources 2, jinja2 2, jmespath 2,
jupyter-core 2, kagglehub 2, keras 2, keras-core 2, keras-preprocessing
2, libclang 2, mako 2, mdurl 2, ml-dtypes 2, msgpack 2, multidict 2,
mypy-extensions 2, networkx 2, nvidia-cublas-cu12 2,
nvidia-cuda-cupti-cu12 2, nvidia-cuda-nvrtc-cu12 2,
nvidia-cuda-runtime-cu12 2, nvidia-cudnn-cu12 2, nvidia-cufft-cu12 2,
nvidia-curand-cu12 2, nvidia-cusolver-cu12 2, nvidia-cusparse-cu12 2,
nvidia-nccl-cu12 2, nvidia-nvtx-cu12 2, onnx 2, onnxruntime 2,
onnxruntime-tools 2, opencv-python 2, opt-einsum 2, orbax-checkpoint 2,
pathspec 2, plotly 2, pox 2, ppft 2, pyasn1-modules 2, pycparser 2,
pyrsistent 2, python-dateutil 2, pytz 2, requests-oauthlib 2, retrying
2, rich 2, rsa 2, s3transfer 2, scipy 2, setuptools 2, six 2, smmap 2,
sympy 2, tabulate 2, tensorflow-estimator 2, tensorflow-hub 2,
tensorflow-io-gcs-filesystem 2, termcolor 2, text-unidecode 2, traitlets
2, triton 2, typing-extensions 2, tzdata 2, tzlocal 2, wrapt 2,
xmltodict 2, yarl 2, Python 1, av 1, babel 1, bibtexparser 1, blinker 1,
colorama 1, decord 1, filelock 1, huggingface-hub 1, isodate 1,
itsdangerous 1, language-tags 1, lxml 1, numpy 1, oauthlib 1, packaging
1, pillow 1, protobuf 1, pyasn1 1, pylatexenc 1, pyparsing 1, pyyaml 1,
rdflib 1, regex 1, requests 1, rfc3986 1, root 1, safetensors 1,
sentencepiece 1, tenacity 1, timm 1, tokenizers 1, torchvision 1, tqdm
1, transformers 1, types-python-dateutil 1, uritemplate 1


You can reproduce them with python 3.10 and:
```
RUST_LOG=uv_resolver=debug cargo run pip compile -o /dev/null -q scripts/requirements/<input>.in 2>&1 | tail -n 1
```

Closes #2270 - This is less invasive compared to the other PR, we can
revisit number of network/build request tracking later.
 2024-04-17 09:08:21 +00:00
Charlie Marsh 64b545d954
Avoid `#[clap]` macro (#3085) 
## Summary

I can't find a source for this beyond
https://users.rust-lang.org/t/clap-derive-helper-attribute-question/101228,
but apparently `#[arg]` and friends are newer and recommended. (They're
also used in the examples in the docs.)
 2024-04-17 02:07:27 +00:00
Charlie Marsh b1cb193d12
Add some tracing to workspace discovery (#3084) 2024-04-17 01:54:08 +00:00
Charlie Marsh f9c4ca3473
Fix reference to `pyproject.toml` path in workspace discovery (#3083) 
This is why we write tests 😂
 2024-04-17 01:41:00 +00:00
Charlie Marsh b3f98d5e05
Use kebab-case for serde enums (#3080) 
By default, these serialize as (e.g.) `LowestDirect`. This now matches
the format we use in Ruff.
 2024-04-17 01:13:39 +00:00
Charlie Marsh 40d5a8adcf
Flatten settings into a single struct (#3079) 
## Summary

This division proved to be not-so-useful in subsequent PRs.
 2024-04-17 00:15:09 +00:00
Charlie Marsh dd09de2d70
Add filter for install_registry_source_dist_cached on Gentoo (#3071) 
Closes https://github.com/astral-sh/uv/issues/3051.
 2024-04-16 15:07:48 -04:00
Paul Moore 8e37625005
Allow passing a venv to `uv pip --python` (#3064) 
Fixes https://github.com/astral-sh/uv/issues/3060

## Summary

Allows passing a virtual environment (the path to the directory, rather
than the path to the Python interpreter within the directory) to the
`--python` option of the `uv pip` command.

## Test Plan

Tested manually to confirm that the expected new functionality works.
The test suite still passes after this change.

I don't know how to add tests for a new feature like this. I would be
happy to do so if someone can give me some pointers on how to do it.
 2024-04-16 18:39:37 +00:00
Sergey Kolosov d2551bb2bd
Add support for .tar.bz2 source distributions (#3069) 
## Summary

Source distributions in the .tar.bz2 format are still relatively common
within the existing code-bases, namely, the most common examples are the
Twisted source distributions up to the version 20.3.0. As quite so often
the ability to upgrade Twisted to a more recent version is not available
for a given project, we add the support for .tar.bz2 here to still allow
`uv` to be a drop-in replacement for `pip` in these projects.

## Test Plan

The feature was tested both by adding the corresponding test coverage,
and by directly installing a package of interest under a Python version
that doesn't have the corresponding wheel:

```sh
cargo run venv -p python3.8
cargo run pip install Twisted==20.3.0 --no-cache
```

The `--no-cache` argument in the example above serves the purpose of
cleaning the cached information regarding the unsatisfiability of the
requirements, as it may have been cached during some previous attempt to
install this package by `uv` version that didn't implement this feature
yet.
 2024-04-16 18:34:55 +00:00
Charlie Marsh e78bbb8f6a
Remove invalid `serde` reference in `uv-configuration` (#3072) 2024-04-16 18:27:18 +00:00
elbaro ab74263cbc
Skip HEAD requests for Pypicloud with Private S3 (#3070) 2024-04-16 18:25:35 +00:00
Charlie Marsh 295b58ad37
Add `uv-workspace` crate with settings discovery and deserialization (#3007) 
## Summary

This PR adds basic struct definitions along with a "workspace" concept
for discovering settings. (The "workspace" terminology is used to match
Ruff; I did not invent it.)

A few notes:

- We discover any `pyproject.toml` or `uv.toml` file in any parent
directory of the current working directory. (We could adjust this to
look at the directories of the input files.)
- We don't actually do anything with the configuration yet; but those
PRs are large and I want this to be reviewed in isolation.
 2024-04-16 13:56:47 -04:00
Zanie Blue c0efeeddf6
Rewrite `uv-auth` (#2976) 
Closes 

- #2822 
- https://github.com/astral-sh/uv/issues/2563 (via #2984)

Partially address:

- https://github.com/astral-sh/uv/issues/2465
- https://github.com/astral-sh/uv/issues/2464

Supersedes:

- https://github.com/astral-sh/uv/pull/2947
- https://github.com/astral-sh/uv/pull/2570 (via #2984)

Some significant refactors to the whole `uv-auth` crate:

- Improving the API
- Adding test coverage
- Fixing handling of URL-encoded passwords
- Fixing keyring authentication
- Updated middleware (see #2984 for more)
 2024-04-16 11:48:37 -05:00
Alvise Vianello 193704f98b
Add compatibility arguments for pip list (#3055) 
Hello! This is my first PR so do not hesitate to let me know if anything
should be done differently 🙌🏽

## Summary

This PR starts adding useful error messages and warnings when people
pass redundant or unsupported arguments to `pip list`.

For now, I've just covered `pip list --outdated`, which is currently
unsupported.

Closes https://github.com/astral-sh/uv/issues/2948
 2024-04-16 09:31:01 -04:00
Alex Waygood 66e420f34b
Enable auto-wrapping of `--help` output (#3058) 
## Summary

Fixes #3057

On `main`, with a narrow terminal:

- <details>


![image](https://github.com/astral-sh/uv/assets/66076021/2453dcbc-739c-4174-ba2e-029cff3227a2)

  </details>

- <details>


![image](https://github.com/astral-sh/uv/assets/66076021/02553e90-fe35-4828-b50f-71f926a1e347)

  </details>

- <details>


![image](https://github.com/astral-sh/uv/assets/66076021/b33eac26-f2fe-4328-8aa0-c51235b7c4c3)

  </details>

- <details>


![image](https://github.com/astral-sh/uv/assets/66076021/e731f647-3519-4c54-ab33-b42500faf544)

  </details>

With PR:

- <details>


![image](https://github.com/astral-sh/uv/assets/66076021/0f1aaec0-960a-4060-95ba-f49bec2f6995)

  </details>

- <details>


![image](https://github.com/astral-sh/uv/assets/66076021/b8078125-bd57-41a9-9c09-1966c8971c92)

  </details>

- <details>


![image](https://github.com/astral-sh/uv/assets/66076021/c2f38eb0-5f67-46ee-8a09-47da9e9ce0a5)

  </details>

- <details>


![image](https://github.com/astral-sh/uv/assets/66076021/31b9fdca-938a-47ca-96ba-751d987c269e)

  </details>

## Test Plan

See screenshots in the summary
 2024-04-16 08:54:40 -04:00
konsti 88d6a55dbf
Show package name in no version for direct dependency error (#3056) 
Fixes #3053
 2024-04-16 07:57:13 +00:00
Ben Beasley 2d95ca4b83
Make the junction crate dependency Windows-only (#3043) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

<!-- What's the purpose of the change? What does it do, and why? -->

Since the [`junction` crate](https://crates.io/crates/junction)
implements Windows-only functionality, and since the only place it is
used is guarded by `#[cfg(windows)]`,


1f626bfc73/crates/uv-fs/src/lib.rs (L65-L86)

it makes sense not to depend on this crate at all on non-Windows
platforms.

If nothing else, this makes Linux distribution packagers’ lives just a
*tiny* bit easier.

## Test Plan

<!-- How was it tested? -->

On Fedora Linux 39:

```
# To avoid an error when /tmp and the working directory are on different filesystems:
$ mkdir _tmp
$ TMPDIR="${PWD}/tmp" cargo run -p uv-dev -- fetch-python
$ cargo test
```

I don’t have access to a Windows system.
 2024-04-15 16:01:24 -05:00
Charlie Marsh f6b1580d8b
Move global CLI flags into separate struct (#3042) 
## Summary

No change in behavior; this separation just makes things easier later
for merging persistent configuration with the CLI.
 2024-04-15 20:29:53 +00:00
Charlie Marsh 1f626bfc73
Move `ExcludeNewer` into its own type (#3041) 
## Summary

This makes it easier to add (e.g.) JSON Schema derivations to the type.

If we have support for other dates in the future, we can generalize it
to a `UserDate` or similar.
 2024-04-15 20:24:08 +00:00
Zanie Blue 37a43f4b48
Bump version to 0.1.32 (#3039) 
Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
 2024-04-15 15:16:47 -05:00
konsti dd55995768
Force color for build error messages (#3032) 
Since we're using anstream's strip stream, we can force color output
from child processes and strip them when we redirect to a file

Before:


![image](https://github.com/astral-sh/uv/assets/6826232/ce8aafe9-687c-4c4a-970a-22abd660bc71)

After:


![image](https://github.com/astral-sh/uv/assets/6826232/bacedf1c-2462-4947-bd2f-393476a8031b)

Redirecting to a file correctly strips color codes.
 2024-04-15 18:12:54 +02:00
konsti eded6c9fae
Use link mode for builds, in `uv pip compile` and for `uv venv` seed packages (#3016) 
Use the user specified link mode for temporary build venvs, too. It
seems consistent to respect the user's link mode for all installations
we perform
 2024-04-15 08:49:41 +00:00
Jos van de Wolfshaar 3103180ce5
Avoid cache invalidation on credentials renewal (#3010) 
# Avoid cache invalidation on credentials renewal

Addresses

- https://github.com/astral-sh/uv/issues/3009#issue-2239221126

## Summary

Some private package registries (e.g. AWS CodeArtifact) use short-lived
credentials. Since they are short-lived, the exact URL that is assigned
to `UV_INDEX_URL` changes frequently and with that the cache key /
hashes of these URLs. This causes the cache to be missed on token
renewal.

This PR attempts to fix this by hashing URLs for cache keys without
their user credentials.

## Test Plan

I added a test that validates that:
1. Changing user credentials returns the same hash
2. Setting no user credentials yields the same as some user credentials

## Question
I'm not sure if we should also change the `hash` implementation of
`CanonicalUrl` / `RepositoryUrl`. They also run `.hash` within.

PS. this is the first time I'm writing `rust` so if I'm wasting your
precious time, let me know and I'll try to up my skills before I ask
again. Anyway, I figured it's good to get this issue on your radar :)
 2024-04-13 23:38:24 +00:00
Charlie Marsh ab9cc78b7a
Deduplicate symbolic links between `purelib` and `platlib` (#3002) 
## Summary

This PR adds system install tests to verify the behavior described in
#2798. It turns out this behavior _also_ affects Fedora and Amazon
Linux, we just didn't have the right conditions enabled (specifically,
you need to create the virtualenv with `python -m venv` to get these
symlinks), so the test suite was expanded to capture that.

The issue itself is also fixed by way of deduplicating the
`site-packages` entries.

Closes: https://github.com/astral-sh/uv/issues/2798
 2024-04-12 17:08:56 -04:00
Charlie Marsh 3ae35adc8e
Allow comments after all requirements.txt entries (#3018) 
## Summary

I'm surprised we haven't hit this before, but apparently we don't allow
comments after `--index-url`, `-e` entries, etc., in the
requirements.txt parser.

Closes #3011.

## Test Plan

`cargo test`
 2024-04-12 15:56:57 -04:00
Charlie Marsh a95a8c881c
Remove some Clap-level conflicts in argument groups (#3001) 
## Summary

It turns out that if you have an environment variable set, Clap will
consider that equivalent to passing the flag, even if it's set to (e.g.)
something falsy or the default value.

So, e.g., this fails:

```shell
UV_SYSTEM=false uv pip install --python ./.venv/bin/python flask
```

Worse, this fails, because it thinks `--no-index` and `--index-url` are
conflicting:

```shell
export UV_INDEX_URL=https://google.com
uv pip install flask --no-index
```

This PR removes some of the conflicts, namely those related to
environment variables, such that:

- You _can_ pass mixes of `--no-index`, `--index-url`, etc. If
`--no-index` is provided, all the index URLs will be ignored (but we
won't error).
- Passing `--pre` will always enable prereleases, even if `--prerelease`
is also provided. (We could warn here, although honestly it's not
trivial because we'd need to make `--prerelease` take an optional, then
we'd lose the default argument from the `--help`.)
- You _can_ pass `--system` and `--python`. If `--python` is provided,
we use that, and ignore `--system`. (We could warn here.)

I guess the underlying problem here is that we can't differentiate
between arguments passed on the CLI and those set as environment
variables. But making bigger changes here seems out-of-scope.

Closes https://github.com/astral-sh/uv/issues/3000.
 2024-04-12 19:51:16 +00:00
Charlie Marsh c43757ad4c
Avoid calling `normalize_path` with relative paths that extend beyond the current directory (#3013) 
## Summary

It turns out that `normalize_path` (sourced from Cargo) has a subtle
bug. If you pass it a relative path that traverses beyond the root, it
silently drops components. So, e.g., passing `../foo/bar`, it will just
drop the leading `..` and return `foo/bar`.

This PR encodes that behavior as a `Result` and avoids using it in such
cases.

Closes https://github.com/astral-sh/uv/issues/3012.
 2024-04-12 14:48:03 -04:00
konsti d2da575c41
Log hardlink failures (#3015) 
Inspired by https://github.com/astral-sh/uv/issues/2964, we now properly
log hardlink failures, e.g. when the cache is a docker container but the
venv is in a bind mount, e.g.:

```
DEBUG Failed to hardlink `/code/venv/uv/lib/python3.12/site-packages/asgiref-3.8.1.dist-info/WHEEL` to `/root/.cache/uv/archive-v0/nnpkKgUoM3LMxcNDmEKJQ/asgiref-3.8.1.dist-info/WHEEL`, attempting to copy files as a fallback
```
 2024-04-12 15:06:38 +00:00
Charlie Marsh f61b97e6ba
Split Clap arguments into separate module (#3008) 
## Summary

I don't know if this is a good change, but `main.rs` is really large.
This just moves all the Clap arguments into their own `cli.rs` module.
 2024-04-12 09:37:51 -04:00
konsti 7f70849e3c
Support freethreading python (#2805) 
freethreaded python reintroduces abiflags since it is incompatible with
regular native modules and abi3.

Tests: None yet! We're lacking cpython 3.13 no-gil builds we can use in
ci.

My test setup:

```
PYTHON_CONFIGURE_OPTS="--enable-shared --disable-gil" pyenv install 3.13.0a5
cargo run -q -- venv -q -p python3.13 .venv3.13 --no-cache-dir && cargo run -q -- pip install -v psutil --no-cache-dir && .venv3.13/bin/python -c "import psutil"
```

Fixes #2429
 2024-04-12 09:39:47 +00:00
Charlie Marsh 3df8df656b
Replace `unwrap` with `?` in hash generation (#3003) 
And add tests to catch it.
 2024-04-12 00:41:08 +00:00
Charlie Marsh 8507ba872f
Remove unnecessary hashing from IDs (#2998) 
## Summary

In all of these ID types, we pass values to `cache_key::digest` prior to
passing to `DistributionId` or `ResourceId`. The `DistributionId` and
`ResourceId` are then hashed later, since they're used as keys in hash
maps.

It seems wasteful to hash the value, then hash the hashed value? So this
PR modifies those structs to be enums that can take one of a fixed set
of types.
 2024-04-11 17:23:37 -04:00
Charlie Marsh a71bd60238
Allow unnamed requirements for overrides (#2999) 
## Summary

This PR lifts a constraint by allowing unnamed requirements in
`overrides.txt` files.
 2024-04-11 17:19:11 -04:00
Charlie Marsh 0d62e62fb7
Make hash-checking failure mode stricter and safer (#2997) 
## Summary

If there are no hashes for a given package, we now return
`Validate(&[])` so that the policy is impossible to satisfy. Previously,
we returned `None`, which is always satisfied.

We don't really ever expect to hit this, because we detect this case in
the resolver and raise a different error. But if we have a bug
somewhere, it's better to fail with an error than silently let the
package through.
 2024-04-11 17:53:34 +00:00
Charlie Marsh 9d5467dc2f
Remove outdated comment on `IndexLocations` (#2996) 
Closes https://github.com/astral-sh/uv/issues/2990.
 2024-04-11 17:31:34 +00:00
Charlie Marsh d03e9f2b8c
Add `UV_BREAK_SYSTEM_PACKAGES` environment variable (#2995) 
## Summary

Requested here: https://github.com/astral-sh/uv/issues/2988. Seems
reasonable to me given that pip supports it and we already have
`UV_SYSTEM_PYTHON`.

Closes https://github.com/astral-sh/uv/issues/2988
 2024-04-11 15:58:00 +00:00
Charlie Marsh 8e5a40e33c
Add additional coverage for `--require-hashes` in `install` (#2994) 2024-04-11 11:42:59 -04:00
Charlie Marsh 96c3c2e774
Support unnamed requirements in `--require-hashes` (#2993) 
## Summary

This PR enables `--require-hashes` with unnamed requirements. The key
change is that `PackageId` becomes `VersionId` (since it refers to a
package at a specific version), and the new `PackageId` consists of
_either_ a package name _or_ a URL. The hashes are keyed by `PackageId`,
so we can generate the `RequiredHashes` before we have names for all
packages, and enforce them throughout.

Closes #2979.
 2024-04-11 11:26:50 -04:00
Charlie Marsh d56d142520
Add a few more `--generate-hashes` cases to compile tests (#2992) 2024-04-11 14:16:05 +00:00
konsti 6e06760591
Silence lint false positive (#2989) 
When running the `uv-client` tests, i would previously get:

```
warning: field `0` is never read
  --> crates/uv-configuration/src/config_settings.rs:43:27
   |
43 | pub struct ConfigSettings(BTreeMap<String, ConfigSettingValue>);
   |            -------------- ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   |            |
   |            field in this struct
   |
   = note: `ConfigSettings` has derived impls for the traits `Clone` and `Debug`, but these are intentionally ignored during dead code analysis
   = note: `#[warn(dead_code)]` on by default
help: consider changing the field to be of unit type to suppress this warning while preserving the field numbering, or remove the field
   |
43 | pub struct ConfigSettings(());
   |                           ~~

warning: `uv-configuration` (lib) generated 1 warning
```
 2024-04-11 09:45:50 +00:00
samypr100 7c7f06f62b
feat: convert linehaul tests to use snapshots (#2923) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

Closes #2564

## Test Plan

1. Changed existing linehaul tests to leverage insta.
2. Ran tests in various linux distros (Debian, Ubuntu, Centos, Fedora,
Alpine) to ensure they also pass locally again.

---------

Co-authored-by: konstin <konstin@mailbox.org>
 2024-04-11 09:41:09 +00:00
konsti c85c52d4ce
Unify packse find links urls (#2969) 
The sync scenarios script is broken, so i did the updates manually

```
$ ./scripts/sync_scenarios.sh
Setting up a temporary environment...
Using Python 3.12.1 interpreter at: /home/konsti/projects/uv/.venv/bin/python3
Creating virtualenv at: .venv
Activate with: source .venv/bin/activate
  × No solution found when resolving dependencies:
  ╰─▶ Because docutils==0.21.post1 is unusable because the package metadata was inconsistent and you require docutils==0.21.post1, we can conclude that the requirements are unsatisfiable.

      hint: Metadata for docutils==0.21.post1 was inconsistent:
        Package metadata version `0.21` does not match given version `0.21.post1`
```

---------

Co-authored-by: Zanie Blue <contact@zanie.dev>
 2024-04-11 08:35:22 +00:00
Charlie Marsh 5f59e30106
Remove editable field from `RequirementEntry` (#2987) 
## Summary

It turns out this isn't used? We have a separate `EditableRequirement`.
 2024-04-11 04:55:41 +00:00
Charlie Marsh 3dd673677a
Add `--find-links` source distributions to the registry cache (#2986) 
## Summary

Source distributions in `--find-links` are now properly picked up in the
cache.

Closes https://github.com/astral-sh/uv/issues/2978.
 2024-04-11 01:25:58 +00:00
Charlie Marsh 32f129c245
Store IDs rather than paths in the cache (#2985) 
## Summary

Similar to `Revision`, we now store IDs in the `Archive` entires rather
than absolute paths. This makes the cache robust to moves, etc.

Closes https://github.com/astral-sh/uv/issues/2908.
 2024-04-10 21:07:51 -04:00
Charlie Marsh c294c7098f
Remove unnecessary `touch` calls from tests (#2981) 
You only need to `touch` if you don't end up writing to the file.
 2024-04-10 22:00:51 +00:00
Charlie Marsh 5583b90c30
Create dedicated abstractions for `.rev` and `.http` pointers (#2977) 
## Summary

This PR formalizes some of the concepts we use in the cache for
"pointers to things".

In the wheel cache, we have files like
`annotated_types-0.6.0-py3-none-any.http`. This represents an unzipped
wheel, cached alongside an HTTP caching policy. We now have a struct for
this to encapsulate the logic: `HttpArchivePointer`.

Similarly, we have files like `annotated_types-0.6.0-py3-none-any.rev`.
This represents an unzipped local wheel, alongside with a timestamp. We
now have a struct for this to encapsulate the logic:
`LocalArchivePointer`.

We have similar structs for source distributions too.
 2024-04-10 17:30:27 -04:00
Charlie Marsh 006379c50c
Add support for URL requirements in `--generate-hashes` (#2952) 
## Summary

This PR enables hash generation for URL requirements when the user
provides `--generate-hashes` to `pip compile`. While we include the
hashes from the registry already, today, we omit hashes for URLs.

To power hash generation, we introduce a `HashPolicy` abstraction:

```rust
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum HashPolicy<'a> {
    /// No hash policy is specified.
    None,
    /// Hashes should be generated (specifically, a SHA-256 hash), but not validated.
    Generate,
    /// Hashes should be validated against a pre-defined list of hashes. If necessary, hashes should
    /// be generated so as to ensure that the archive is valid.
    Validate(&'a [HashDigest]),
}
```

All of the methods on the distribution database now accept this policy,
instead of accepting `&'a [HashDigest]`.

Closes #2378.
 2024-04-10 20:02:45 +00:00
Charlie Marsh 8513d603b4
Return computed hashes from metadata requests (#2951) 
## Summary

This PR modifies the distribution database to return both the
`Metadata23` and the computed hashes when clients request metadata.

No behavior changes, but this will be necessary to power
`--generate-hashes`.
 2024-04-10 19:31:41 +00:00
Charlie Marsh c18551fd3c
Fall back to distributions without hashes in resolver (#2949) 
## Summary

This represents a change to `--require-hashes` in the event that we
don't find a matching hash from the registry. The behavior in this PR is
closer to pip's.

Prior to this PR, if a distribution had no reported hash, or only
mismatched hashes, we would mark it as incompatible. Now, we mark it as
compatible, but we use the hash-agreement as part of the ordering, such
that we prefer any distribution with a matching hash, then any
distribution with no hash, then any distribution with a mismatched hash.

As a result, if an index reports incorrect hashes, but the user provides
the correct one, resolution now succeeds, where it would've failed.

Similarly, if an index omits hashes altogether, but the user provides
the correct one, resolution now succeeds, where it would've failed.

If we end up picking a distribution whose hash ultimately doesn't match,
we'll reject it later, after resolution.
 2024-04-10 19:19:47 +00:00
Charlie Marsh 1f3b5bb093
Add hash-checking support to `install` and `sync` (#2945) 
## Summary

This PR adds support for hash-checking mode in `pip install` and `pip
sync`. It's a large change, both in terms of the size of the diff and
the modifications in behavior, but it's also one that's hard to merge in
pieces (at least, with any test coverage) since it needs to work
end-to-end to be useful and testable.

Here are some of the most important highlights:

- We store hashes in the cache. Where we previously stored pointers to
unzipped wheels in the `archives` directory, we now store pointers with
a set of known hashes. So every pointer to an unzipped wheel also
includes its known hashes.
- By default, we don't compute any hashes. If the user runs with
`--require-hashes`, and the cache doesn't contain those hashes, we
invalidate the cache, redownload the wheel, and compute the hashes as we
go. For users that don't run with `--require-hashes`, there will be no
change in performance. For users that _do_, the only change will be if
they don't run with `--generate-hashes` -- then they may see some
repeated work between resolution and installation, if they use `pip
compile` then `pip sync`.
- Many of the distribution types now include a `hashes` field, like
`CachedDist` and `LocalWheel`.
- Our behavior is similar to pip, in that we enforce hashes when pulling
any remote distributions, and when pulling from our own cache. Like pip,
though, we _don't_ enforce hashes if a distribution is _already_
installed.
- Hash validity is enforced in a few different places:
1. During resolution, we enforce hash validity based on the hashes
reported by the registry. If we need to access a source distribution,
though, we then enforce hash validity at that point too, prior to
running any untrusted code. (This is enforced in the distribution
database.)
2. In the install plan, we _only_ add cached distributions that have
matching hashes. If a cached distribution is missing any hashes, or the
hashes don't match, we don't return them from the install plan.
3. In the downloader, we _only_ return distributions with matching
hashes.
4. The final combination of "things we install" are: (1) the wheels from
the cache, and (2) the downloaded wheels. So this ensures that we never
install any mismatching distributions.
- Like pip, if `--require-hashes` is provided, we require that _all_
distributions are pinned with either `==` or a direct URL. We also
require that _all_ distributions have hashes.

There are a few notable TODOs:

- We don't support hash-checking mode for unnamed requirements. These
should be _somewhat_ rare, though? Since `pip compile` never outputs
unnamed requirements. I can fix this, it's just some additional work.
- We don't automatically enable `--require-hashes` with a hash exists in
the requirements file. We require `--require-hashes`.

Closes #474.

## Test Plan

I'd like to add some tests for registries that report incorrect hashes,
but otherwise: `cargo test`
 2024-04-10 19:09:03 +00:00
Charlie Marsh 715a309dd5
Remove unused `--output-file` from `pip install` (#2975) 
## Summary

This doesn't do anything. I suspect it was a copy-paste error.
 2024-04-10 14:58:34 -04:00
Charlie Marsh ddf02e7d5f
Remove unused `task-local-extensions` dependency (#2974) 
## Summary

Made obsolete with the `reqwest` upgrade.
 2024-04-10 14:56:39 -04:00
Charlie Marsh 48ba7df98a
Move `FlatIndex` into the `uv-resolver` crate (#2972) 
## Summary

This lets us remove circular dependencies (in the future, e.g., #2945)
that arise from `FlatIndex` needing a bunch of resolver-specific
abstractions (like incompatibilities, required hashes, etc.) that aren't
necessary to _fetch_ the flat index entries.
 2024-04-10 14:38:42 -04:00
Charlie Marsh a9d554fa90
Add a `--require-hashes` command-line setting (#2824) 
## Summary

I'll likely only merge this once the PR chain is further along, but this
PR wires up the setting fro the CLI.
 2024-04-10 14:07:03 -04:00
Zanie Blue 44e39bdca3
Replace Python bootstrapping script with Rust implementation (#2842) 
See https://github.com/astral-sh/uv/issues/2617

Note this also includes:
- #2918 
- #2931 (pending)

A first step towards Python toolchain management in Rust.

First, we add a new crate to manage Python download metadata:

- Adds a new `uv-toolchain` crate
- Adds Rust structs for Python version download metadata
- Duplicates the script which downloads Python version metadata
- Adds a script to generate Rust code from the JSON metadata
- Adds a utility to download and extract the Python version

I explored some alternatives like a build script using things like
`serde` and `uneval` to automatically construct the code from our
structs but deemed it to heavy. Unlike Rye, I don't generate the Rust
directly from the web requests and have an intermediate JSON layer to
speed up iteration on the Rust types.

Next, we add add a `uv-dev` command `fetch-python` to download Python
versions per the bootstrapping script.

- Downloads a requested version or reads from `.python-versions`
- Extracts to `UV_BOOTSTRAP_DIR`
- Links executables for path extension

This command is not really intended to be user facing, but it's a good
PoC for the `uv-toolchain` API. Hash checking (via the sha256) isn't
implemented yet, we can do that in a follow-up.

Finally, we remove the `scripts/bootstrap` directory, update CI to use
the new command, and update the CONTRIBUTING docs.

<img width="1023" alt="Screenshot 2024-04-08 at 17 12 15"
src="https://github.com/astral-sh/uv/assets/2586601/57bd3cf1-7477-4bb8-a8e9-802a00d772cb">
 2024-04-10 11:22:41 -05:00
Chan Kang 7cd98d2499
Implement `--emit-index-annotation` to annotate source index for each package (#2926) 
## Summary
resolves https://github.com/astral-sh/uv/issues/2852

## Test Plan
add a couple of tests:
- one covering the simplest case with all packages pulled from a single
index.
- another where packages are pull from two distinct indices.

tested manually as well:
```
$ (echo 'pandas'; echo 'torch') | UV_EXTRA_INDEX_URL='https://download.pytorch.org/whl/cpu' cargo run pip compile - --include-indices 
    Finished dev [unoptimized + debuginfo] target(s) in 0.60s
     Running `target/debug/uv pip compile - --include-indices`
Resolved 15 packages in 686ms
# This file was autogenerated by uv via the following command:
#    uv pip compile - --include-indices
filelock==3.9.0
    # via torch
    # from https://download.pytorch.org/whl/cpu
fsspec==2023.4.0
    # via torch
    # from https://download.pytorch.org/whl/cpu
jinja2==3.1.2
    # via torch
    # from https://download.pytorch.org/whl/cpu
markupsafe==2.1.3
    # via jinja2
    # from https://download.pytorch.org/whl/cpu
mpmath==1.3.0
    # via sympy
    # from https://download.pytorch.org/whl/cpu
networkx==3.2.1
    # via torch
    # from https://download.pytorch.org/whl/cpu
numpy==1.26.3
    # via pandas
    # from https://download.pytorch.org/whl/cpu
pandas==2.2.1
    # from https://pypi.org/simple
python-dateutil==2.9.0.post0
    # via pandas
    # from https://pypi.org/simple
pytz==2024.1
    # via pandas
    # from https://pypi.org/simple
six==1.16.0
    # via python-dateutil
    # from https://pypi.org/simple
sympy==1.12
    # via torch
    # from https://download.pytorch.org/whl/cpu
torch==2.2.2
    # from https://download.pytorch.org/whl/cpu
typing-extensions==4.8.0
    # via torch
    # from https://download.pytorch.org/whl/cpu
tzdata==2024.1
    # via pandas
    # from https://pypi.org/simple
```
 2024-04-10 16:05:58 +00:00
Charlie Marsh a01143980a
Upgrade `reqwest` to v0.12.3 (#2817) 
## Summary

Closes #2814.
 2024-04-10 11:20:44 -04:00
Charlie Marsh d8323551f8
Update hashes without `--upgrade` if not present (#2966) 
## Summary

If the user runs with `--generate-hashes`, and the lockfile doesn't
contain _any_ hashes for a package (despite being pinned), we should add
new hashes. This mirrors running `uv pip compile --generate-hashes` for
the first time with an existing lockfile.

Closes #2962.
 2024-04-10 14:56:34 +00:00
Zanie Blue bbe46c074c
Upgrade packse (#2963) 
Should improve test performance with
https://github.com/astral-sh/packse/pull/169 thanks @konstin !
 2024-04-10 09:30:57 -05:00
Charlie Marsh 38ab39c439
Strip query string when parsing filename from HTML index (#2961) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2958.
 2024-04-10 09:25:29 -05:00
Zanie Blue c345a79b9b
Add `python-patch` feature to isolate tests that require Python patch versions to match our suite (#2940) 
Closes https://github.com/astral-sh/uv/issues/2165
Follows https://github.com/astral-sh/uv/pull/2930
 2024-04-10 09:01:25 -05:00
konsti 273de456ea
Remove rust 1.75 workaround (#2959) 2024-04-10 13:26:18 +00:00
konsti 15f0be8f04
Allow profiling tests with tracing instrumentation (#2957) 
To get more insights into test performance, allow instrumenting tests
with tracing-durations-export.

Usage:

```shell
# A single test
TRACING_DURATIONS_TEST_ROOT=$(pwd)/target/test-traces cargo test --features tracing-durations-export --test pip_install_scenarios no_binary -- --exact
# All tests
TRACING_DURATIONS_TEST_ROOT=$(pwd)/target/test-traces cargo nextest run --features tracing-durations-export
```

Then we can e.g. look at
`target/test-traces/pip_install_scenarios::no_binary.svg` and see the
builds it performs:


![image](https://github.com/astral-sh/uv/assets/6826232/40b4e094-debc-4b22-8aa3-9471998674af)
 2024-04-10 10:15:27 +00:00
Charlie Marsh c4472ebbb9
Enforce and backtrack on invalid versions in source metadata (#2954) 
## Summary

If we build a source distribution from the registry, and the version
doesn't match that of the filename, we should error, just as we do for
mismatched package names. However, we should also backtrack here, which
we didn't previously.

Closes https://github.com/astral-sh/uv/issues/2953.

## Test Plan

Verified that `cargo run pip install docutils --verbose --no-cache
--reinstall` installs `docutils==0.21` instead of the invalid
`docutils==0.21.post1`.

In the logs, I see:

```
WARN Unable to extract metadata for docutils: Package metadata version `0.21` does not match given version `0.21.post1`
```
 2024-04-10 05:13:33 +00:00
Aria Beingessner 997f3c9161
chore: update axoupdater to 0.4.0 and add a test (#2938) 
## Summary

This updates to the version of axoupdater used in cargo-dist 0.13.0's
own selfupdate command, with all relevant fixes for platforms. It also
tentatively introduces a mildly dangerous self-runtest that runs `uv
self update` and checks that the binary is installed and executable.

I *believe* some adjustments need to be made to your CI to have this new
test run, because it requires the `self-update` feature to be enabled,
and I didn't want to just start messing with how you do feature coverage
in your CI. **As a result I haven't yet had a chance to actually fully
run this in CI**, though I've locally tested it on windows (with the
guard disabled).


## Test Plan

Most of the machinery here is provided by axoupdater itself (cargo-dist
also includes a variant of these tests in its codebase). This initial
implementation has a couple major limitations:

* This is For Reals modifying the system that runs the test (so it's off
unless it detects it's running in CI, and if you want variations on this
test they'll need to be [run in
serial](5e7826f7b0/cargo-dist/tests/cli-tests.rs (L235))).
Since many of the testing issues were surrounding precise details of
Actual Deployed Executions, this seemed worth the tradeoff.
* The actual installer *script* it's ultimately invoking is the one you
last published, and *not* the one that cargo-dist will make when you
next publish.

We're already working on implementing some logic for "get cargo-dist to
generate a fresh installer script too", which is in fact the basis of a
huge amount of cargo-dist's own testsuite. Now that we're dogfooding
this stuff, it should be quite hard for this stuff to break without
cargo-dist's own codebase noticing it first.


<!-- How was it tested? -->
 2024-04-09 23:41:16 -04:00
Charlie Marsh 7ae06b3b46
Surface invalid metadata as hints in error reports (#2850) 
## Summary

Closes #2847.
 2024-04-09 23:12:10 -04:00
Charlie Marsh 7bcca28b12
Bump version to v0.1.31 (#2944) 2024-04-09 19:20:43 +00:00
Charlie Marsh f9c0632953
Ignore direct URL distributions in prefetcher (#2943) 
## Summary

The prefetcher tallies the number of times we tried a given package, and
then once we hit a threshold, grabs the version map, assuming it's
already been fetched. For direct URL distributions, though, we don't
have a version map! And there's no need to prefetch.

Closes https://github.com/astral-sh/uv/issues/2941.
 2024-04-09 14:09:41 -05:00
Charlie Marsh 83e2297633
Store common fields on `BuiltWheelIndex` struct (#2939) 
## Summary

This mirrors the structure of the `RegistryWheelIndex`. It will be
useful once these indexes check hashes too.
 2024-04-09 13:30:02 -04:00
Charlie Marsh 13ae5ac8dc
Replace PyPI-internal Hashes representation with flat vector (#2925) 
## Summary

Right now, we have a `Hashes` representation that looks like:

```rust
/// A dictionary mapping a hash name to a hex encoded digest of the file.
///
/// PEP 691 says multiple hashes can be included and the interpretation is left to the client.
#[derive(Debug, Clone, Eq, PartialEq, Default, Deserialize)]
pub struct Hashes {
    pub md5: Option<Box<str>>,
    pub sha256: Option<Box<str>>,
    pub sha384: Option<Box<str>>,
    pub sha512: Option<Box<str>>,
}
```

It stems from the PyPI API, which returns a dictionary of hashes.

We tend to pass these around as a vector of `Vec<Hashes>`. But it's a
bit strange because each entry in that vector could contain multiple
hashes. And it makes it difficult to ask questions like "Is
`sha256:ab21378ca980a8` in the set of hashes"?

This PR instead treats `Hashes` as the PyPI-internal type, and uses a
new `Vec<HashDigest>` everywhere in our own APIs.
 2024-04-09 16:56:16 +00:00
Zanie Blue 1512e07a2e
Split configuration options out of `uv-types` (#2924) 
Needed to prevent circular dependencies in my toolchain work (#2931). I
think this is probably a reasonable change as we move towards persistent
configuration too?

Unfortunately `BuildIsolation` needs to be in `uv-types` to avoid
circular dependencies still. We might be able to resolve that in the
future.
 2024-04-09 11:35:53 -05:00
Charlie Marsh a4f5a7d233
Bump version to v0.1.30 (#2934) 2024-04-09 12:06:11 -04:00
Zanie Blue 1cdadbdec8
Add filtering of patch Python versions unless explicitly requested (#2930) 
Elides Python patch versions from the test suite unless the test
specifically requests a patch version.

This reduces some toil when not using our bootstrapped Python versions.

Partially addresses https://github.com/astral-sh/uv/issues/2165 though
we'll need changes to the scenario tests to really support their case.
 2024-04-09 10:04:28 -05:00
Zanie Blue d7ff8d93c0
Skip scenario tests on Windows (#2932) 
These tests are about resolver correctness, which should not be platform
dependent and Windows CI is horribly slow.
 2024-04-09 09:57:30 -05:00
Charlie Marsh 07e3694c3c
Separate local archive vs. local source tree paths in source database (#2922) 
## Summary

When you specify a source distribution via a path, it can either be a
path to an archive (like a `.tar.gz` file), or a source tree (a
directory). Right now, we handle both paths through the same methods in
the source database. This PR splits them up into separate handlers.

This will make hash generation a little easier, since we need to
generate hashes for archives, but _can't_ generate hashes for source
trees.

It also means that we can now store the unzipped source distribution in
the cache (in the case of archives), and avoid unzipping the source
distribution needlessly on every invocation; and, overall, let's un
enforce clearer expectations between the two routes (e.g., what errors
are possible vs. not), at the cost of duplicating some code.

Closes #2760 (incidentally -- not exactly the motivation for the change,
but it did accomplish it).
 2024-04-09 01:12:33 +00:00
Charlie Marsh 06e96a8f58
DRY up source distribution fetching between wheel and metadata routes (#2921) 
These will get more involved with hash-checking, so easiest to extract
them now.

No functional changes.
 2024-04-09 00:14:42 +00:00
Charlie Marsh 4f14e2a764
Rebrand `Manifest` as `Revision` in wheel database (#2920) 
## Summary

I think this is a much clearer name for this concept: the set of
"versions" of a given wheel or source distribution. We also use
"Manifest" elsewhere to refer to the set of requirements, constraints,
etc., so this was overloaded.
 2024-04-08 20:00:57 -04:00
Charlie Marsh 1ab471d167
Reduce visibility of some methods in source database (#2919) 2024-04-08 23:49:23 +00:00
Charlie Marsh cc3c5700e1
Use scheme parsing to determine absolute vs. relative URLs (#2904) 
## Summary

We have a heuristic in `File` that attempts to detect whether a URL is
absolute or relative. However, `contains("://")` is prone to false
positive. In the linked issues, the URLs look like:

```
/packages/5a/d8/4d75d1e4287ad9d051aab793c68f902c9c55c4397636b5ee540ebd15aedf/pytz-2005k.tar.bz2?hash=597b596dc1c2c130cd0a57a043459c3bd6477c640c07ac34ca3ce8eed7e6f30c&remote=4d75d1e4287636b5ee540ebd15aedf/pytz-2005k.tar.bz2#sha256=597b596dc1c2c130cd0a57a043459c3bd6477c640c07ac34ca3ce8eed7e6f30c
```

Which is relative, but includes `://`.

Instead, we should determine whether the URL has a _scheme_ which
matches the `Url` crate internally.

Closes https://github.com/astral-sh/uv/issues/2899.
 2024-04-08 17:04:27 -04:00
Zanie Blue bdeab55193
Add extract support for zstd (#2861) 
We need this to extract toolchain downloads
 2024-04-08 15:34:08 -05:00
Charlie Marsh c46772eec5
Add a layer of indirection to the local path-based wheel cache (#2909) 
## Summary

Right now, the path-based wheel cache just looks at the symlink to the
archives directory, checks the timestamp on it, and continues with that
symlink as long as the timestamp is up-to-date.

The HTTP-based wheel meanwhile, uses an intermediary `.http` file, which
includes the HTTP caching information. The `.http` file's payload is
just a path pointing to an entry in the archives directory.

This PR modifies the path-based codepaths to use a similar cache file,
which stores a timestamp along with a path to the archives directory.
The main advantage here is that we can add other data to this cache file
(namely, hashes in the future).

## Test Plan

Beyond existing tests, I also verified that this doesn't require a
version bump:

```
git checkout main 
cargo run pip install ~/Downloads/zeal-0.0.1-py3-none-any.whl --cache-dir baz --reinstall
git checkout charlie/manifest
cargo run pip install ~/Downloads/zeal-0.0.1-py3-none-any.whl --cache-dir baz --reinstall
cargo run pip install ~/Downloads/zeal-0.0.1-py3-none-any.whl --cache-dir baz --reinstall --refresh
```
 2024-04-08 19:32:59 +00:00
Charlie Marsh 134810c547
Respect cached local `--find-links` in install plan (#2907) 
## Summary

I think this is kind of just an oversight. If a wheel is available via
`--find-links`, and the index is "local", we never find it in the cache.

## Test Plan

`cargo test`
 2024-04-08 18:58:33 +00:00
Charlie Marsh 31a67f539f
Remove unused local wheel types (#2906) 
## Summary

No behavior changes. Just removing unused code.
 2024-04-08 18:15:20 +00:00
Charlie Marsh 1daa35176f
Always return unzipped wheels from the distribution database (#2905) 
## Summary

In all cases, we unzip these immediately after returning. By moving the
unzipping into the database, we can remove a bunch of code (coming in a
separate PR), and pave the way for hash-checking, since hash generation
will _also_ happen in the database, and splitting the caching layers
across the database and the unzipper creates complications.

Closes #2863.
 2024-04-08 14:07:17 -04:00
Sławomir Ehlert f1630a70f5
Suppress `MultipleHandlers` from Ctrl-C in confirm (#2903) 
## Summary

Fixes #2900

## Test Plan

Tried reproducing the steps described in #2900,
but with `cargo run -- pip ...` and it didn't crash 😄.
 2024-04-08 17:18:53 +00:00
Charlie Marsh 10dfd43af9
DRY up HTTP request builder in source database (#2902) 2024-04-08 14:45:26 +00:00
Charlie Marsh f11a5e2208
DRY up local wheel path in distribution database (#2901) 2024-04-08 10:40:17 -04:00
konsti fb4ba2bbc2
Speed up cold cache urllib3/boto3/botocore with batched prefetching (#2452) 
With pubgrub being fast for complex ranges, we can now compute the next
n candidates without taking a performance hit. This speeds up cold cache
`urllib3<1.25.4` `boto3` from maybe 40s - 50s to ~2s. See docstrings for
details on the heuristics.

**Before**


![image](https://github.com/astral-sh/uv/assets/6826232/b7b06950-e45b-4c49-b65e-ae19fe9888cc)

**After**


![image](https://github.com/astral-sh/uv/assets/6826232/1c749248-850e-49c1-9d57-a7d78f87b3aa)

---

We need two parts of the prefetching, first looking for compatible
version and then falling back to flat next versions. After we selected a
boto3 version, there is only one compatible botocore version remaining,
so when won't find other compatible candidates for prefetching. We see
this as a pattern where we only prefetch boto3 (stack bars), but not
botocore (sequential requests between the stacked bars).


![image](https://github.com/astral-sh/uv/assets/6826232/e5186800-23ac-4ed1-99b9-4d1046fbd03a)

The risk is that we're completely wrong with the guess and cause a lot
of useless network requests. I think this is acceptable since this
mechanism only triggers when we're already on the bad path and we should
simply have fetched all versions after some seconds (assuming a fast
index like pypi).

---

It would be even better if the pubgrub state was copy-on-write so we
could simulate more progress than we actually have; currently we're
guessing what the next version is which could be completely wrong, but i
think this is still a valuable heuristic.

Fixes #170.
 2024-04-08 14:28:56 +00:00
Zanie Blue b181907ad2
Fix linehaul tests (#2891) 
Cleans up the assertions a bit. I looked into snapshot tests per #2564
but it didn't seem worth it for cross-platform tests.

Closes #2564 
Closes https://github.com/astral-sh/uv/pull/2878
 2024-04-07 23:42:19 -05:00
renovate[bot] f0c83a4ded
Update Rust crate base64 to 0.22.0 (#2874) 2024-04-08 03:02:35 +00:00
Charlie Marsh 52577892eb
Expand some documentation around identifier traits (#2876) 
## Summary

I already added more documentation since this issue was created, but
this doesn't hurt.

Closes https://github.com/astral-sh/uv/issues/496.
 2024-04-08 02:50:24 +00:00
Zanie Blue b535d252c9
Fix base client builder docstring reference (#2860) 2024-04-07 16:16:13 +00:00
Charlie Marsh d4a258422b
DRY up request builer in wheel download (#2857) 2024-04-07 02:12:03 +00:00
Charlie Marsh bfc4c1aa5a
Turn off text wrapping in non-scenario fixtures (#2854) 
## Summary

We do this in the scenarios, but weren't setting it elsewhere.
 2024-04-06 23:27:56 +00:00
Charlie Marsh 35940cb885
Remove additional 'because' (#2849) 
## Summary

Is this, perhaps, not totally necessary? It doesn't show up in any
fixtures beyond those that I added recently.

Closes https://github.com/astral-sh/uv/issues/2846.
 2024-04-06 10:58:23 -04:00
Charlie Marsh 8ffdcced0f
Use `miette` when printing `pip sync` resolution failures (#2848) 
Closes https://github.com/astral-sh/uv/issues/2845.
 2024-04-06 00:35:00 +00:00
Charlie Marsh 00934044aa
Backtrack on distributions with invalid metadata (#2834) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2821.
 2024-04-05 18:00:48 -04:00
Charlie Marsh c11e9e5097
Add backtracking tests for distribution incompatibilities (#2839) 
## Summary

Demonstrates some suboptimal behavior in how we handle invalid metadata,
which are fixed in https://github.com/astral-sh/uv/pull/2834.

The included wheels were modified by-hand to include invalid structures.
 2024-04-05 18:16:18 +00:00
Charlie Marsh cedb5e4aec
Add a test for `--offline` direct URLs (#2837) 2024-04-05 17:10:23 +00:00
Ikko Eltociear Ashimine 37225cb920
Fix a typo in source_tree.rs (#2836) 2024-04-05 17:53:09 +01:00
konsti 5474c61fed
Refactor candidate selector for batch prefetching (#2832) 
Batch prefetching needs more information from the candidate selector, so
i've split `select` into methods. Split out from #2452. No functional
changes.
 2024-04-05 16:51:01 +02:00
Charlie Marsh a0b8d1a994
Clean up `Error` enum in `Metadata23` (#2835) 
## Summary

Rename, and remove a bunch of unused variants.
 2024-04-05 14:40:33 +00:00
Charlie Marsh 2f386ef440
Show resolution diagnostics after `pip install` (#2829) 
## Summary

These are shown in `pip compile`, but absent from `pip install`.

See: #2828.
 2024-04-05 03:13:01 +00:00
Charlie Marsh 2ac562b40d
Respect `--no-build` and `--no-binary` in `--find-links` (#2826) 
## Summary

In working on `--require-hashes`, I noticed that we're missing some
incompatibility tracking for `--find-links` distributions. Specifically,
we don't respect `--no-build` or `--no-binary`, so if we select a wheel
due to `--find-links`, we then throw a hard error when trying to build
it later (if `--no-binary` is provided), rather than selecting the
source distribution instead.

Closes https://github.com/astral-sh/uv/issues/2827.
 2024-04-05 02:00:39 +00:00
Charlie Marsh 365cb16fd6
Bump version to v0.1.29 (#2825) 2024-04-04 15:50:52 -04:00
Charlie Marsh ab8368aa27
Deduplicate editables during install commands (#2820) 
## Summary

Closes #2819.
 2024-04-04 13:19:44 -04:00
Charlie Marsh dd3009ad84
Respect Git tags and branches that look like short commits (#2795) 
## Summary

If we're given a Git reference like `20240222`, we currently treat it as
a short commit hash. However... it _could_ be a branch or a tag. This PR
improves the Git reference logic to ensure that ambiguous references
like `20240222` are handled appropriately, by attempting to extract it
as a branch, then a tag, then a short commit hash.

Closes https://github.com/astral-sh/uv/issues/2772.
 2024-04-03 22:05:54 -04:00
Charlie Marsh dc2c289dff
Upgrade `rs-async-zip` to support data descriptors (#2809) 
## Summary

Upgrading `rs-async-zip` enables us to support data descriptors in
streaming. This both greatly improves performance for indexes that use
data descriptors _and_ ensures that we support them in a few other
places (e.g., zipped source distributions created in Finder).

Closes #2808.
 2024-04-04 01:31:40 +00:00
Charlie Marsh 34341bd6e9
Allow package lookups across multiple indexes via explicit opt-in (#2815) 
## Summary

This partially revives https://github.com/astral-sh/uv/pull/2135 (with
some modifications) to enable users to opt-in to looking for packages
across multiple indexes.

The behavior is such that, in version selection, we take _any_
compatible version from a "higher-priority" index over the compatible
versions of a "lower-priority" index, even if that means we might accept
an "older" version.

Closes https://github.com/astral-sh/uv/issues/2775.
 2024-04-03 23:23:37 +00:00
Charlie Marsh e0d55ef496
Allow no-op `--no-compile` flag on CLI (#2816) 
Closes https://github.com/astral-sh/uv/issues/2771.
 2024-04-03 20:36:44 +00:00
Charlie Marsh 8eaaf65456
Avoid unused extras check in `pip install` for source trees (#2811) 
## Summary

This was an oversight in the `-r pyproject.toml` refactor. We can't
enforce unused extras if we have a source tree. We made the correct
changes to `pip compile`, but not `pip install`. This PR just mirrors
those changes to `pip install`, and adds a few tests.

Closes https://github.com/astral-sh/uv/issues/2801.
 2024-04-03 11:23:25 -04:00
konsti 691ed09a9b
Fix windows lock race: Lock exclusive after all try lock errors (#2800) 
We don't know what kind of error the OS gives us on `try_lock_exclusive`
with an already locked file, so we assume all those errors are an
already locked file and call `lock_exclusive`.

For example the windows error:

```
Os {
    code: 33,
    kind: Uncategorized,
    message: "The process cannot access the file because another process has locked a portion of the file.",
}
```

Fixes #2767
 2024-04-03 16:02:40 +02:00
Alex Waygood 6915bc90e0
fix typos (#2804) 2024-04-03 11:57:19 +00:00
Zanie Blue 471cb2bfd6
Simplify sorting of site package entries (#2782) 
per https://github.com/astral-sh/uv/pull/2780#discussion_r1548340373
 2024-04-03 04:33:11 +00:00
Charlie Marsh 189d0d41d0
Remove redirects from the resolver (#2792) 
## Summary

Rather than storing the `redirects` on the resolver, this PR just
re-uses the "convert this URL to precise" logic when we convert to a
`Resolution` after-the-fact. I think this is a lot simpler: it removes
state from the resolver, and simplifies a lot of the hooks around
distribution fetching (e.g., `get_or_build_wheel_metadata` no longer
returns `(Metadata23, Option<Url>)`).
 2024-04-03 02:43:57 +00:00
Charlie Marsh ffd4b6fcac
Remove unused `download_and_extract_archive` method (#2793) 
## Summary

This was introduced at some point but then removed in favor of accessing
the database directly.
 2024-04-03 02:34:14 +00:00
Charlie Marsh 29492b7754
Fix references to "WerkZeug" in "anyio" tests (#2791) 
## Summary

Also fixes up the descriptions (some were wrong).
 2024-04-02 22:28:12 -04:00
Zander 4b2e67955f
fixed uv can't create .venv for cpython-x86 on Windows (#2707) 
Adaptation to the win32 platform is added.

https://docs.python.org/3/library/sysconfig.html#sysconfig.get_platform


## Summary

fixed uv can't create .venv for cpython-x86 on Windows 

[uv can't create .venv for cpython-x86 on Windows
](https://github.com/astral-sh/rye/issues/952)

---------

Co-authored-by: Nashan <34827878+zhuang1234@users.noreply.github.com>
 2024-04-02 20:45:53 -05:00
Charlie Marsh 684f790d5d
Preserve `.git` suffixes and casing in Git dependencies (#2789) 
## Summary

I noticed in #2769 that I was now stripping `.git` suffixes from Git
URLs after resolving to a precise commit. This PR cleans up the internal
caching to use a better canonical representation: a `RepositoryUrl`
along with a `GitReference`, instead of a `GitUrl` which can contain
non-canonical data. This gives us both better fidelity (preserving the
`.git`, along with any casing that the user provided when defining the
URL) and is overall cleaner and more robust.
 2024-04-03 00:24:29 +00:00
Charlie Marsh c30a65ee0c
Allow conflicting Git URLs that refer to the same commit SHA (#2769) 
## Summary

This PR leverages our lookahead direct URL resolution to significantly
improve the range of Git URLs that we can accept (e.g., if a user
provides the same requirement, once as a direct dependency, and once as
a tag). We did some of this in #2285, but the solution here is more
general and works for arbitrary transitive URLs.

Closes https://github.com/astral-sh/uv/issues/2614.
 2024-04-02 23:36:35 +00:00
Zanie Blue 20d4762776
Move scenario sync script to top-level scripts (#2788) 
Same idea as https://github.com/astral-sh/uv/pull/2787
 2024-04-02 23:27:05 +00:00
Zanie Blue 0046a0d596
Bump version to 0.1.28 (#2785) 2024-04-02 21:39:35 +00:00
Charlie Marsh 03b709a0e7
Detect Fish via `FISH_VERSION` (#2781) 
## Summary

Apparently `SHELL` isn't always set to Fish:
https://github.com/fish-shell/fish-shell/issues/374.

## Test Plan

`uv venv` after running `fish` in macOS.
 2024-04-02 19:50:48 +00:00
Zanie Blue 1ac9672b95
Resolve non-determistic behavior in preferences due to site-packages ordering (#2780) 
Originally a regression test for #2779 but we found out that there's
some weird behavior where different `anyio` versions were preferred
based on the platform.
 2024-04-02 13:48:33 -05:00
Zanie Blue 119d753cfe
Exclude installed distributions with multiple versions from consideration in the resolver (#2779) 
Addresses panic introduced in #2596 and reported in
https://github.com/astral-sh/uv/issues/2763#issuecomment-2030674936

When there are multiple versions of a package available, we remove the
existing packages before installing the resolved version to "fix" the
environment. We must remove all of the package versions and reinstall
because removing _any_ of the package versions could break the others.
Since reinstalls require a pull from the remote, this broke a contract
between the resolver and the planner which must always agree on which
packages should come from the remote. This further demonstrates that we
should be constructing the install plan with more concrete knowledge
from the resolver (i.e. `ResolvedDist` instead of `Requirement`) to
avoid having to manually ensure logic matches.

## Test plan

Fails on `main` with panic succeeds on branch

```
uv venv --seed
source .venv/bin/activate
pip install anyio==3.7.0 --ignore-installed
pip install anyio==4.0.0 --ignore-installed
cargo run -- pip install anyio black -v
```
 2024-04-02 12:10:52 -05:00
Charlie Marsh b73cfbb0de
Use `user_display` for source tree error (#2768) 2024-04-02 00:42:11 +00:00
Charlie Marsh ccd457a37e
Use distribution database and index for all pre-resolution phases (#2766) 
## Summary

Ensures that if we resolve any distributions before the resolver, we
cache the metadata in-memory.

_Also_ ensures that we lock (important!) when resolving Git
distributions.
 2024-04-02 00:34:13 +00:00
Charlie Marsh dfdcce68fd
Split `get_or_build_wheel_metadata` into distinct methods (#2765) 
## Summary

Internal refactor which makes `DistributionDatabase` for unnamed
requirements (or, at least, source distributions).
 2024-04-01 23:52:21 +00:00
Charlie Marsh f2c9e88f3e
Populate the in-memory index when resolving lookahead URLs (#2761) 
## Summary

Just ensures that we don't have to go back to the cache when resolving.
 2024-04-01 22:07:54 +00:00
Charlie Marsh 999d653404
Use canonical URL to key redirect map (#2764) 
## Summary

This fixes a potential bug that revealed itself in
https://github.com/astral-sh/uv/pull/2761. We don't run into this now
because we always use "allowed URLs", stores the "last" compatible URL
in the map. But the use of the "raw" URL (rather than the "canonical"
URL) means that other writers have to follow that same assumption and
iterate over dependencies in-order.
 2024-04-01 17:57:13 -04:00
Charlie Marsh d2bbc07b76
Rename `resolver.rs` to `unnamed.rs` in `uv-requirements` (#2762) 
## Summary

We have a few different "resolvers" in here now so the name is
confusing.
 2024-04-01 21:40:03 +00:00
Charlie Marsh a48bcaecb1
Recursively resolve direct URL references upfront (#2684) 
## Summary

This PR would enable us to support transitive URL requirements. The key
idea is to leverage the fact that...

- URL requirements can only come from URL requirements.
- URL requirements identify a _specific_ version, and so don't require
backtracking.

Prior to running the "real" resolver, we recursively resolve any URL
requirements, and collect all the known URLs upfront, then pass those to
the resolver as "lookahead" requirements. This means the resolver knows
upfront that if a given package is included, it _must_ use the provided
URL.

Closes https://github.com/astral-sh/uv/issues/1808.
 2024-04-01 21:16:20 +00:00
Charlie Marsh f60e7495ca
Bump version to v0.1.27 (#2758) 2024-04-01 14:54:50 -04:00
konsti 05ed7ac64b
Don't use exclude newer manually in test functions (#2697) 
With this change, all usages of `EXCLUDE_NEWER` are now in command
wrappers, not in the test functions themselves.

For the venv test, i refactored them into the same kind of test context
abstraction that the other test modules have in the second commit.

The third commit makes`"INSTA_FILTERS` "private", removing the last
remaining individual usage.

Pending windows CI 🤞
 2024-04-01 16:07:25 +02:00
Charlie Marsh e68cdb1049
Rename to `SourceDistributionBuilder` (#2750) 
## Summary

This is more consistent with `DistributionDatabase`. The order of the
arguments is also now consistent between the two structs.
 2024-04-01 02:37:43 +00:00
Charlie Marsh 8596ff3470
Remove `Cache` argument from `DistributionDatabase` (#2749) 
## Summary

We can access cache from `BuildContext`. This mirrors
`SourceDistCachedBuilder`, which doesn't accept `Cache` as an argument
and always accesses it through `BuildContext`.
 2024-03-31 22:22:25 -04:00
Charlie Marsh ffdb283ec9
Add `pyproject.toml` et al to list of prompted packages (#2746) 
## Summary

If the user provides `uv pip install pyproject.toml`, we now prompt them
to confirm that they meant the `pyproject-toml` package (as opposed to
`uv pip install -r pyproject.toml`).
 2024-04-01 02:02:06 +00:00
Charlie Marsh c669542a9e
Respect overrides in all direct-dependency iterators (#2742) 
## Summary

We iterate over the project "requirements" directly in a variety of
places. However, it's not always the case that an input "requirement" on
its own will _actually_ be part of the resolution, since we support
"overrides".

Historically, then, overrides haven't worked as expected for _direct_
dependencies (and we have some tests that demonstrate the current,
"wrong" behavior). This is just a bug, but it's not really one that
comes up in practice, since it's rare to apply an override to your _own_
dependency.

However, we're now considering expanding the lookahead concept to
include local transitive dependencies. In this case, it's more and more
important that overrides and constraints are handled consistently.

This PR modifies all the locations in which we iterate over requirements
directly, and modifies them to respect overrides (and constraints, where
necessary).
 2024-03-31 14:03:49 -04:00
eth3lbert f65f013066
Add `--exclude-editable` support to `pip-freeze` (#2740) 
## Summary

Closes #2738
 2024-03-31 17:59:30 +00:00
Charlie Marsh 6d5b5ae9a2
Use distinct `Constraints` and `Overrides` types more widely (#2741) 
## Summary

No functional changes.
 2024-03-31 13:46:37 -04:00
Charlie Marsh ff6aea3f5c
Respect subdirectories when reading static metadata (#2728) 
## Summary

This was just an oversight (and a lack of test coverage).

Closes https://github.com/astral-sh/uv/issues/2727.
 2024-03-29 22:36:10 -04:00
Charlie Marsh 1f31350d46
Recursively allow URL requirements for local dependencies (#2702) 
## Summary

This is a trimmed-down version of
https://github.com/astral-sh/uv/pull/2684 that only applies to local
source trees for now, which enables workspace-like workflows (whereby
local packages can depend on other local packages at arbitrary depth).

Closes #2699.

## Test Plan

Added new tests.

Also cloned this MRE that was shared with me
(https://github.com/timothyjlaurent/uv-poetry-monorepo-mre), and
verified that it was installed without error:

```
❯ cargo run pip install ./uv-poetry-monorepo-mre/app --no-cache
    Finished dev [unoptimized + debuginfo] target(s) in 0.15s
     Running `target/debug/uv pip install ./uv-poetry-monorepo-mre/app --no-cache`
Resolved 4 packages in 1.28s
   Built app @ file:///Users/crmarsh/workspace/uv/uv-poetry-monorepo-mre/app
   Built lib1 @ file:///Users/crmarsh/workspace/uv/uv-poetry-monorepo-mre/lib1
   Built lib2 @ file:///Users/crmarsh/workspace/uv/uv-poetry-monorepo-mre/lib2                                        Downloaded 4 packages in 457ms
Installed 4 packages in 2ms
 + app==0.1.0 (from file:///Users/crmarsh/workspace/uv/uv-poetry-monorepo-mre/app)
 + lib1==0.1.0 (from file:///Users/crmarsh/workspace/uv/uv-poetry-monorepo-mre/lib1)
 + lib2==0.1.0 (from file:///Users/crmarsh/workspace/uv/uv-poetry-monorepo-mre/lib2)
 + ruff==0.3.4
```
 2024-03-28 22:53:57 +00:00
Charlie Marsh ce5df77ecb
Add `UV_RESOLUTION` environment variable for `--resolution` (#2720) 
Closes https://github.com/astral-sh/uv/issues/2710.
 2024-03-28 17:08:16 -04:00
Zanie Blue 27b96211a2
Filter flake message for `install_git_public_https_missing_commit` on win32 (#2717) 2024-03-28 13:52:17 -05:00
Zanie Blue e1878c8359
Consider installed packages during resolution (#2596) 
Previously, we did not consider installed distributions as candidates
while performing resolution. Here, we update the resolver to use
installed distributions that satisfy requirements instead of pulling new
distributions from the registry.

The implementation details are as follows:

- We now provide `SitePackages` to the `CandidateSelector`
- If an installed distribution satisfies the requirement, we prefer it
over remote distributions
- We do not want to allow installed distributions in some cases, i.e.,
upgrade and reinstall
- We address this by introducing an `Exclusions` type which tracks
installed packages to ignore during selection
- There's a new `ResolvedDist` wrapper with `Installed(InstalledDist)`
and `Installable(Dist)` variants
- This lets us pass already installed distributions throughout the
resolver

The user-facing behavior is thoroughly covered in the tests, but
briefly:

- Installing a package that depends on an already-installed package
prefers the local version over the index
- Installing a package with a name that matches an already-installed URL
package does not reinstall from the index
- Reinstalling (--reinstall) a package by name _will_ pull from the
index even if an already-installed URL package is present
- To reinstall the URL package, you must specify the URL in the request

Closes https://github.com/astral-sh/uv/issues/1661

Addresses:

- https://github.com/astral-sh/uv/issues/1476
- https://github.com/astral-sh/uv/issues/1856
- https://github.com/astral-sh/uv/issues/2093
- https://github.com/astral-sh/uv/issues/2282
- https://github.com/astral-sh/uv/issues/2383
- https://github.com/astral-sh/uv/issues/2560

## Test plan

- [x] Reproduction at `charlesnicholson/uv-pep420-bug` passes
- [x] Unit test for editable package
([#1476](https://github.com/astral-sh/uv/issues/1476))
- [x] Unit test for previously installed package with empty registry
- [x] Unit test for local non-editable package
- [x] Unit test for new version available locally but not in registry
([#2093](https://github.com/astral-sh/uv/issues/2093))
- ~[ ] Unit test for wheel not available in registry but already
installed locally
([#2282](https://github.com/astral-sh/uv/issues/2282))~ (seems
complicated and not worthwhile)
- [x] Unit test for install from URL dependency then with matching
version ([#2383](https://github.com/astral-sh/uv/issues/2383))
- [x] Unit test for install of new package that depends on installed
package does not change version
([#2560](https://github.com/astral-sh/uv/issues/2560))
- [x] Unit test that `pip compile` does _not_ consider installed
packages
 2024-03-28 13:49:17 -05:00
Andrew Gallant 7b685a8158
uv-cache: bump built-wheels cache version (#2715) 
It turns out that #2712 did _not_ fix #2711. After I put up #2712, I
started trying to track down the specific change that caused the
failure. I had assumed at first that it was related to one of our `rkyv`
types, but it actually ended up being one of our msgpack caches. I think
the failure mode is still fundamentally the same idea: the cached data
changed in a way that is still valid msgpack, but got interpreted
differently after deserializing.

The specific change that caused this was the [removal of a field] from
our
metadata type.

Ideally we would just undo the change and add the field back. But that
change has already been shipped out to users. So I believe the only
plausible choice at this point is to bump the `built-wheels` cache. This
will unfortunately mean that `uv` will need to re-build wheels.

Fixes #2711

[removal of a field]:
365c292525 (diff-e42586829f9c2cdbb909bedc5cf95691cc415247f2cbc2ebeb80d887020457bbL29)
 2024-03-28 13:24:47 -05:00
Zanie Blue ffa1b01176
Bump version to 0.1.26 (#2713) 2024-03-28 12:55:36 -05:00
Andrew Gallant c72d3d73d5
uv-cache: bump simple cache version (#2712) 
It seems likely that we forgot to bump the version of the "simple" cache
in the 0.1.25 release. I'm still working on confirming it, but I figured
I'd get this bump up first.

The main problem here is that our "simple" cache is represented by
`rkyv`, and that in turn is tightly coupled to the representation of a
selection of data types in `uv`. Changing those data types without
bumping the cache version can result in cache deserialization errors
like this, or in the worst case, silent logic errors.

One possibility here is that the representation changed in a way that
permitted it to pass `rkyv` validation, but changed how the data itself
is interpreted. Our cache is robust with respect to `rkyv` validation
(if it fails, the cache will invalidate the entry and self-heal), but
being robust to higher level logical errors in interpretation of the
data is a much more significant challenge. Our best bet there is perhaps
some kind of checksum that we could do on top of `rkyv` validation (or
instead of it), and thus convert silent logical changes in how the data
is interpreted into failure modes that we're already robust to.

Fixes #2711
 2024-03-28 12:29:29 -05:00
Zanie Blue 4e59bfd16e
Bump version to 0.1.25 (#2709) 
Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
 2024-03-28 10:17:52 -05:00
Charlie Marsh f8f7f848f5
Remove `Tags` from `tracing` (#2704) 
Oops, these show in `tracing` now, and they're huge.
 2024-03-28 02:18:54 +00:00
Charlie Marsh 4cc91cc6bb
Add convenience methods to `Manifest` to iterate over requirements (#2701) 
## Summary

These are repeated a bunch. It's nice to DRY them up and ensure the
ordering is consistent.
 2024-03-28 01:03:44 +00:00
Charlie Marsh b6ab919945
Make tags non-required for fetching wheel metadata (#2700) 
## Summary

This looks like a big change but it really isn't. Rather, I just split
`get_or_build_wheel` into separate `get_wheel` and `build_wheel` methods
internally, which made `get_or_build_wheel_metadata` capable of _not_
relying on `Tags`, which in turn makes it easier for us to use the
`DistributionDatabase` in various places without having it coupled to an
interpreter or environment (something we already did for
`SourceDistributionBuilder`).
 2024-03-28 00:06:25 +00:00
Charlie Marsh cf30932831
Allow prereleases, locals, and URLs in non-editable path requirements (#2671) 
## Summary

This PR enables the resolver to "accept" URLs, prereleases, and local
version specifiers for direct dependencies of path dependencies. As a
result, `uv pip install .` and `uv pip install -e .` now behave
identically, in that neither has a restriction on URL dependencies and
the like.

Closes https://github.com/astral-sh/uv/issues/2643.
Closes https://github.com/astral-sh/uv/issues/1853.
 2024-03-27 22:17:09 +00:00
Charlie Marsh 4b69ad4281
Remove some unused dependencies (#2698) 2024-03-27 17:50:55 -04:00
Charlie Marsh f8fa887c0b
Use `Resolver` in `pip sync` (#2696) 
## Summary

This PR removes the custom `DistFinder` that we use in `pip sync`. This
originally existed because `VersionMap` wasn't lazy, and so we saved a
lot of time in `DistFinder` by reading distribution data lazily. But
now, AFAICT, there's really no benefit. Maintaining `DistFinder` means
we effectively have to maintain two resolvers, and end up fixing bugs in
`DistFinder` that don't exist in the `Resolver` (like #2688.

Closes #2694.

Closes #2443.

## Test Plan

I ran this benchmark a bunch. It's basically a wash. Sometimes one is
faster than the other.

```
❯ python -m scripts.bench \
        --uv-path ./target/release/main \
        --uv-path ./target/release/uv \
        scripts/requirements/compiled/trio.txt --min-runs 50 --benchmark install-warm --warmup 25
Benchmark 1: ./target/release/main (install-warm)
  Time (mean ± σ):      54.0 ms ±  10.6 ms    [User: 8.7 ms, System: 98.1 ms]
  Range (min … max):    45.5 ms …  94.3 ms    50 runs

  Warning: Statistical outliers were detected. Consider re-running this benchmark on a quiet PC without any interferences from other programs. It might help to use the '--warmup' or '--prepare' options.

Benchmark 2: ./target/release/uv (install-warm)
  Time (mean ± σ):      50.7 ms ±   9.2 ms    [User: 8.7 ms, System: 98.6 ms]
  Range (min … max):    44.0 ms …  98.6 ms    50 runs

  Warning: The first benchmarking run for this command was significantly slower than the rest (77.6 ms). This could be caused by (filesystem) caches that were not filled until after the first run. You should consider using the '--warmup' option to fill those caches before the actual benchmark. Alternatively, use the '--prepare' option to clear the caches before each timing run.

Summary
  './target/release/uv (install-warm)' ran
    1.06 ± 0.29 times faster than './target/release/main (install-warm)'
```
 2024-03-27 17:36:38 -04:00
Andrew Gallant d41ab0ef4d
uv/tests: add regression test for `echo pendulum | uv pip compile -` (#2693) 
I stumbled across this when writing tests for
`--emit-marker-expressions`. Namely, I observed that in CI, the `tzdata`
dependency of `pendulum` wasn't included in the `requirements.txt`
output on Windows.

@konstin [suggested] that this was a bug, so I've created a test for it.
In particular, it looks like [`tzdata` is an unconditional dependency of
`pendulum`][tzdata-unconditional].

[suggested]:
https://github.com/astral-sh/uv/pull/2651#discussion_r1539722464
[tzdata-unconditional]:
e646afbd165e58327bc5c698731107/pendulum-3.0.0-cp310-none-win_amd64.whl/pendulum-3.0.0.dist-info/METADATA#line.12
 2024-03-27 13:04:50 -04:00
Charlie Marsh dc957d7322
Respect `--no-index` with `--find-links` in `pip sync` (#2692) 
## Summary

In `pip sync`, we weren't properly handling cases in which a package
_only_ existed in `--find-links` (e.g., the user passed `--offline` or
`--no-index`).

I plan to explore removing `Finder` entirely to avoid these mismatch
bugs between `pip sync` and other commands, but this is fine for now.

Closes https://github.com/astral-sh/uv/issues/2688.

## Test Plan

`cargo test`
 2024-03-27 16:15:14 +00:00
Andrew Gallant 384355bb57 uv: add tests for --emit-marker-expressions 
Unfortunately these tests are all gated on specific platforms because
the marker expressions they generate are, by design, platform specific.

I think we'll eventually want to figure out a more robust testing
strategy for multi-platform locking (of which this is just the tiniest
of first steps), but I don't think we really have the infrastructure for
that in place yet. That is, we don't yet have a way of generating a
marker expression _for_ a particular environment instead of just the one
that happens to _be_ the current environment.
 2024-03-27 11:22:29 -04:00
Andrew Gallant c21e759567 uv: add new hidden --emit-marker-expression flag 
When enabled, the marker expression for the pinned requirements
is written as a comment at the top of the output. It is disabled
by default *and* hidden because it's not clear whether 1) this is
useful to end users and 2) is an interface we want to commit to.
However, it is useful to expose it in some way so that it can be
tested.
 2024-03-27 11:22:29 -04:00
Andrew Gallant 980dcc3324 uv-resolver: add new 'marker_tree' method on ResolutionGraph 
This routine generates a marker expression that, when evaluated
to true, implies that the resolution graph is guaranteed to be
valid.
 2024-03-27 11:22:29 -04:00
Andrew Gallant 50e48847f1 uv-resolver: add Clone impls 
For $reasons, we'll want to be able to clone a `Manifest` so
that it can be re-used to generate a marker expression.

There is likely a refactoring that could be done to avoid the
cloning, but a `Manifest` is likely to be small in practice, and
we'll only need to clone it once.
 2024-03-27 11:22:29 -04:00
Andrew Gallant b177bd026d pep508: expose lower level marker env routines 
These are useful for converting lower level marker values types
to their corresponding values from a marker environment.

We'll use these for generating marker expressions based on both
the dependency graph and the current marker environment.
 2024-03-27 11:22:29 -04:00
Charlie Marsh 236a4163be
Unhide `--emit-index-url` and `--emit-find-links` (#2691) 
## Summary

I don't know why I hid these in the first place. Maybe I copied these
over from the `compat.rs` version.

Closes https://github.com/astral-sh/uv/issues/1502.
 2024-03-27 14:55:25 +00:00
Charlie Marsh 15c9a5c980
Use Scripts folder for virtualenv activation prompt (#2690) 
## Summary

We shouldn't assume that you're on Unix when using Nushell.

Closes https://github.com/astral-sh/uv/issues/2687.
 2024-03-27 10:46:38 -04:00
Charlie Marsh 8c7a6038fd
Update Rust to v1.77 (#2591) 2024-03-27 14:41:27 +00:00
Charlie Marsh 365c292525
Read package metadata from `pyproject.toml` when statically defined (#2676) 
## Summary

Now that we're resolving metadata more aggressively for local sources,
it's worth doing this. We now pull metadata from the `pyproject.toml`
directly if it's statically-defined.

Closes https://github.com/astral-sh/uv/issues/2629.
 2024-03-27 14:34:18 +00:00
Zanie Blue 248d6f89ef
Bring harmony to the test snapshot filtering situation (#2678) 
The snapshot filtering situation has gotten way out of hand, with each
test hand-rolling it's own filters on top of copied cruft from previous
tests.

I've attempted to address this holistically:

- `TestContext.filters()` has everything you should need 
- This was introduced a while ago, but needed a few more filters for it
to be generalized everywhere
- Using `INSTA_FILTERS` is **not recommended** unless you do not want
the context filters
    - It is okay to extend these filters for things unrelated to paths
- If you have to write a custom path filter, please highlight it in
review so we can address it in the common module
- `TestContext.site_packages()` gives cross-platform access to the
site-packages directory
    - Do not manually construct the path to site-packages from the venv
- Do not turn off tests on Windows because you manually constructed a
Unix path to site-packages
- `TestContext.workspace_root` gives access to uv's repository directory
    - Use this for installing from `scripts/packages/`
- If you need coverage for relative paths, copy the test package into
the `temp_dir` don't change the working directory of the test fixture

There is additional work that can be done here, such as:

- Auditing and removing additional uses of `INSTA_FILTERS`
- Updating manual construction of `Command` instances to use a utility
- The `venv` tests are particularly frightening in their lack of a test
context and could use some love
- Improving the developer experience i.e. apply context filters to
snapshots by default
 2024-03-27 14:10:12 +00:00
Charlie Marsh ffd78d0821
Add an in-memory cache for Git references (#2682) 
## Summary

Ensures that, even if we try to resolve the same Git reference twice
within an invocation, it always returns a (cached) consistent result.

Closes https://github.com/astral-sh/uv/issues/2673.

## Test Plan

```
❯ cargo run pip install git+https://github.com/pallets/flask.git --reinstall --no-cache
   Compiling uv-distribution v0.0.1 (/Users/crmarsh/workspace/uv/crates/uv-distribution)
   Compiling uv-resolver v0.0.1 (/Users/crmarsh/workspace/uv/crates/uv-resolver)
   Compiling uv-installer v0.0.1 (/Users/crmarsh/workspace/uv/crates/uv-installer)
   Compiling uv-dispatch v0.0.1 (/Users/crmarsh/workspace/uv/crates/uv-dispatch)
   Compiling uv-requirements v0.1.0 (/Users/crmarsh/workspace/uv/crates/uv-requirements)
   Compiling uv v0.1.24 (/Users/crmarsh/workspace/uv/crates/uv)
    Finished dev [unoptimized + debuginfo] target(s) in 3.95s
     Running `target/debug/uv pip install 'git+https://github.com/pallets/flask.git' --reinstall --no-cache`
 Updated https://github.com/pallets/flask.git (b90a4f1)
Resolved 7 packages in 280ms
   Built flask @ git+https://github.com/pallets/flask.git@b90a4f1f4a370e92054b9cc9db0efcb864f87ebe                                                                                                                                            Downloaded 7 packages in 212ms
Installed 7 packages in 9ms
```
 2024-03-27 01:39:01 +00:00
Charlie Marsh 32d8ee8ba3
Add `--no-binary` and `--only-binary` support to `requirements.txt` (#2680) 
## Summary

Closes https://github.com/astral-sh/uv/issues/1461.
 2024-03-27 01:12:29 +00:00
Zanie Blue 0b08ba1e67
Rename `uv-traits` and split into separate modules (#2674) 
This is driving me a little crazy and is becoming a larger problem in
#2596 where I need to move more types (like `Upgrade` and `Reinstall`)
into this crate. Anything that's shared across our core resolver,
install, and build crates needs to be defined in this crate to avoid
cyclic dependencies. We've outgrown it being a single file with some
shared traits.

There are no behavioral changes here.
 2024-03-26 15:39:43 -05:00
Charlie Marsh 39769d82a0
Fall back to PEP 517 hooks for non-compliant PEP 621 metadata (#2662) 
If you pass a `pyproject.toml` that use Hatch's context formatting API,
we currently fail because the dependencies aren't valid under PEP 508.
This PR makes the static metadata parsing a little more relaxed, so that
we appropriately fall back to PEP 517 there.
 2024-03-26 02:28:39 +00:00
Charlie Marsh 12846c2c85
Disallow `pyproject.toml` from `pip uninstall` (#2663) 
## Summary

Passing `pyproject.toml` or `setup.py` to `pip uninstall` is a bit
strange, since it will often require running a resolution to resolve the
dependencies (e.g., build the project), which means we also need to
accept `--index-url` and friends.
 2024-03-26 01:35:43 +00:00
Charlie Marsh 5270624b11
Avoid `prepare_metadata_for_build_wheel` calls for Hatch packages with dynamic dependencies (#2645) 
## Summary

Hatch allows for highly dynamic customization of metadata via hooks. In
such cases, Hatch
can't upload the PEP 517 contract, in that the metadata Hatch would
return by
`prepare_metadata_for_build_wheel` isn't guaranteed to match that of the
built wheel.

Hatch disables `prepare_metadata_for_build_wheel` entirely for pip.
We'll instead disable
it on our end when metadata is defined as "dynamic" in the
pyproject.toml, which should
allow us to leverage the hook in _most_ cases while still avoiding
incorrect metadata for
the remaining cases.

Closes: https://github.com/astral-sh/uv/issues/2130.
 2024-03-25 22:26:51 +00:00
Charlie Marsh ae35a215c6
Accept `setup.py` and `setup.cfg` files in compile (#2634) 
## Summary

This costs us ~nothing now that we support using PEP 517 hooks for
`pyproject.toml`.

## Test Plan

`cargo test`
 2024-03-25 20:39:35 +00:00
Charlie Marsh 71428f7d74
Use PEP 517 to extract non-static `pyproject.toml` metadata (#2633) 
## Summary

When a user passes a `pyproject.toml` to `pip compile` (e.g., `uv pip
compile pyproject.toml`), we extract the requirements from the
`pyproject.toml` directly. However... that isn't always possible (as
seen in the linked issues). When it's _not_, we instead need to run the
PEP 517 build hooks to identify the metadata.

Closes https://github.com/astral-sh/uv/issues/1624.

Closes https://github.com/astral-sh/uv/issues/1644.

## Test Plan

`cargo test`
 2024-03-25 20:27:41 +00:00
Charlie Marsh f3753347e0
Add `rustc-hash` to `uv` crate (#2660) 
## Summary

This is required as of https://github.com/astral-sh/uv/pull/2589, but
isn't a direct dependency. I'm not sure how that PR passed CI exactly.
 2024-03-25 20:21:43 +00:00
eth3lbert 6d7b2c7ca4
`Editable project location` and `Required-by` for `pip show` (#2589) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

<!-- What's the purpose of the change? What does it do, and why? -->

- Displays missing packages as single-line warnings.
- Adds support for `Editable project location` and `Required-by` fields
in `pip show`.

Part of #2526.
 2024-03-25 14:45:05 -05:00
Charlie Marsh 8587c440fe
Support `file://localhost/` schemes (#2657) 
## Summary

`uv` was failing to install requirements defined like:

```
file://localhost/Users/crmarsh/Downloads/iniconfig-2.0.0-py3-none-any.whl
```

Closes https://github.com/astral-sh/uv/issues/2652.
 2024-03-25 19:23:26 +00:00
Andrew Gallant 7a5571fa5c
bump EXCLUDE_NEWER to more recent datetime (#2650) 
While writing tests for a new flag (`--emit-marker-expression`) for `uv
pip compile`, I noticed that one of my test cases (`pendulum 3.0.0`)
was published in Dec 2023. I wanted to include this package in my
tests, but since it comes after our `EXCLUDE_NEWER` constant, it wasn't
visible to `uv`.

In this PR, I chose to resolve this by bumping `EXCLUDE_NEWER` to
`2024-03-25T00:00:00Z`. I also considered a couple other options:

* For a specific test, override and provide a custom `--exclude-newer`
flag. I felt like this would maybe be okay, but we could easily wind
up in a situation where we do this a lot and have a bunch of different
`--exclude-newer` flags in our tests. I'm not sure if this is a huge
problem in practice. Maybe it's fine.
* Find another package (or invent one) with a similarly interesting
configuration. It seemed easier to just bump `EXCLUDE_NEWER`.

The way I did this was to run `cargo insta test` after bumping
`EXCLUDE_NEWER`.
I then reviewed the snapshot diffs, and if they looked reasonable, I
accepted them.
There was only one case where I changed the test to preserve what I
thought it
was trying to test. That's isolated in its own commit.
 2024-03-25 11:29:05 -04:00
konsti 33bde826a0
Update pubgrub to use a dependency provider (#2648) 
With https://github.com/pubgrub-rs/pubgrub/pull/190, pubgrub attaches
all types to a dependency provider to reduce the number of generics. We
need a dummy dependency provider now to emulate this. On the plus side,
pep440_rs drops its pubgrub dependency.
 2024-03-25 15:51:31 +01:00
Andrew Gallant 8cc69a723d
uv-client: fix linehaul test (#2647) 
This test was introduced in 42973cd9cb. It
looks like it compares some values against some platform specific code
that attempts to find the OS version. But the comparisons made some
assumptions about what kind of data is available. In this commit, we try
to make the test a little more flexible on Linux by not assuming that
`Option` values are `Some`.
 2024-03-25 10:12:00 -04:00
Charlie Marsh 1601ea08e6
Rename `scripts/editable-installs` to `scripts/packages` (#2644) 
## Summary

This was discussed in a prior PR.
 2024-03-25 03:56:00 +00:00
Shantanu a6602ad416
Do not force recompile pyc files (#2642) 
Helps with #2637
 2024-03-24 20:02:53 -04:00
Charlie Marsh a7b251f65e
Limit overrides and constraints to `requirements.txt` format (#2632) 
## Summary

I don't see a great reason to allow this, and it adds a lot of
complexity, so `pyproject.toml` files are now limited to `pip compile`
and `pip install -r` -- they can't be passed as `-c` or `--override`.
 2024-03-23 09:33:29 -04:00
Hans Baker a632d2485b
Don't error on multiple matching index URLs (#2627) 
## Summary

Closes Issue:
- https://github.com/astral-sh/uv/issues/2626

## Test Plan

```
cargo run -- pip install -r dev-requirements.txt -r requirements.txt
```
where both requirements files have same `--index-url`
 2024-03-22 23:37:02 +00:00
Zanie Blue d0cb301d59
Use dense formatting for requirement version specifiers in diagnostics (#2601) 
For consistency with the output in "no solution" errors
 2024-03-22 16:35:49 -05:00
Charlie Marsh 90a1f89ac4
Extract local versions from direct URL requirements (#2624) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2623.

## Test Plan

`cargo run pip install -r requirements.txt`, with:

```
 whisperX @ befe2b242e.zip
 pyannote-audio @ git+https://github.com/pyannote/pyannote-audio@11b56a137a578db9335efc00298f6ec1932e6317
 torch @ https://download.pytorch.org/whl/cu118/torch-2.2.1%2Bcu118-cp311-cp311-linux_x86_64.whl#sha256=84328a35621cc6a67a182a327baaab67e5f5869981c4b1677ed05f92c15cceb1
 torchaudio @ https://download.pytorch.org/whl/cu118/torchaudio-2.2.1%2Bcu118-cp311-cp311-linux_x86_64.whl#sha256=cd3b1c3582b17792c6d7a367dea0459b123e54d7a4242809ea87ccc10fa220e5
 pytorch_triton @ https://download.pytorch.org/whl/nightly/pytorch_triton-2.1.0%2B7d1a95b046-cp311-cp311-linux_x86_64.whl
```
 2024-03-22 21:34:14 +00:00
Zanie Blue a5cae02922
Bump version to 0.1.24 (#2621) 2024-03-22 14:58:10 -05:00
konsti fca2883864
Avoid ignore crate finding cache gitignore (#2615) 
We put a `.gitignore` with `*` at the top of our cache. When maturin was
building a source distribution inside the cache, it would walk up the
tree to find a gitignore, see that and ignore all python files. We now
add an (empty) `.git` directory one directory below, in the root of
built-wheels cache. This prevents ignore walking further up (it marks
the top level a git repository).

Deptry (from #2490) is a mid sized rust package with additional python
packages, so instead of using it in the test i've replaced it with a
small (44KB total) reproducer that uses cffi for faster building, the
entire test taking <2s on my machine.

Fixes #2490
 2024-03-22 14:36:07 -05:00
Wolf Vollprecht 68432e77e5
fix: expose `AllowedYanks` (#2608) 
## Summary

If I see correctly, this is used in the interface of
`DefaultResolverProvider` but not accessible outside.
 2024-03-22 09:15:22 -05:00
konsti 48bd02b8a8
Update miette v7, pubgrub and small Cargo.toml cleanup (#2610) 
I was going through the output of `cargo tree --duplicate -p uv`, not
much success except these small cleanups.
 2024-03-22 10:42:48 +00:00
konsti 375b33ff0c
Remove unused deps with cargo machete (#2609) 2024-03-22 10:01:17 +00:00
Charlie Marsh 9986710a53
Make self-update an opt-in Cargo feature (#2606) 
## Summary

Ensures that (e.g.) installs from conda-forge, Homebrew, and other
distributions don't expose `uv self update` at all.

We'll still show `uv self update` for `pip install uv`, but it will fail
with a good error. Removing the `uv self update` from `pip`-installed
`uv` is more complicated, since we'd need to build separately for the
installer vs. for PyPI.

Closes #2588.
 2024-03-22 00:23:09 -04:00
Charlie Marsh 0ea51d43f5
Add progress reporting for named requirement resolution (#2605) 2024-03-22 04:01:10 +00:00
Charlie Marsh 31743f2bd8
Use PEP 517 build hooks to resolve unnamed requirements (#2604) 2024-03-22 03:20:40 +00:00
Charlie Marsh 5d7d7dce24
Enable PEP 517 builds for unnamed requirements (#2600) 
## Summary

This PR enables the source distribution database to be used with unnamed
requirements (i.e., URLs without a package name). The (significant)
upside here is that we can now use PEP 517 hooks to resolve unnamed
requirement metadata _and_ reuse any computation in the cache.

The changes to `crates/uv-distribution/src/source/mod.rs` are quite
extensive, but mostly mechanical. The core idea is that we introduce a
new `BuildableSource` abstraction, which can either be a distribution,
or an unnamed URL:

```rust
/// A reference to a source that can be built into a built distribution.
///
/// This can either be a distribution (e.g., a package on a registry) or a direct URL.
///
/// Distributions can _also_ point to URLs in lieu of a registry; however, the primary distinction
/// here is that a distribution will always include a package name, while a URL will not.
#[derive(Debug, Clone, Copy)]
pub enum BuildableSource<'a> {
    Dist(&'a SourceDist),
    Url(SourceUrl<'a>),
}
```

All the methods on the source distribution database now accept
`BuildableSource`. `BuildableSource` has a `name()` method, but it
returns `Option<&PackageName>`, and everything is required to work with
and without a package name.

The main drawback of this approach (which isn't a terrible one) is that
we can no longer include the package name in the cache. (We do continue
to use the package name for registry-based distributions, since those
always have a name.). The package name was included in the cache route
for two reasons: (1) it's nice for debugging; and (2) we use it to power
`uv cache clean flask`, to identify the entries that are relevant for
Flask.

To solve this, I changed the `uv cache clean` code to look one level
deeper. So, when we want to determine whether to remove the cache entry
for a given URL, we now look into the directory to see if there are any
wheels that match the package name. This isn't as nice, but it does work
(and we have test coverage for it -- all passing).

I also considered removing the package name from the cache routes for
non-registry _wheels_, for consistency... But, it would require a cache
bump, and it didn't feel important enough to merit that.
 2024-03-21 22:46:39 -04:00
Charlie Marsh 12192dd872
Remove unused `requirements.rs` file (#2603) 
This was accidentally duplicated in a rebase.
 2024-03-22 02:21:36 +00:00
Wolf Vollprecht 7d285148b2
fix: do not error when there are warnings on stderr (#2599) 
## Summary

We had some users report bugs because the Python querying failed due to
warnings in `stderr`. I don't think this should fail on any `stderr`
output.

E.g.

```
  × Querying Python at `USER/.pixi/envs/default/bin/python3.10` failed with status exit status: 0 with exit status: 0
  │ --- stdout:
  │ {"markers": {"implementation_name": "cpython", "implementation_version": "3.10.0", "os_name": "posix", "platform_machine": "x86_64", "platform_python_implementation": "CPython", "platform_release": "5.15.146.1-microsoft-standard-WSL2",
  │ "platform_system": "Linux", "platform_version": "#1 SMP Thu Jan 11 04:09:03 UTC 2024", "python_full_version": "3.10.0", "python_version": "3.10", "sys_platform": "linux"}, "base_prefix": "USER/.pixi/
  │ envs/default", "base_exec_prefix": "USER/.pixi/envs/default", "prefix": "USER/.pixi/envs/default", "base_executable": "USER/.pixi/envs/default/
  │ bin/python3.10", "sys_executable": "USER/.pixi/envs/default/bin/python3.10", "stdlib": "USER/.pixi/envs/default/lib/python3.10", "scheme": {"platlib": "/home/mvanniekerk/
  │ code/vice-python/.pixi/envs/default/lib/python3.10/site-packages", "purelib": "USER/.pixi/envs/default/lib/python3.10/site-packages", "include": "USER/.pixi/envs/default/
  │ include/python3.10", "scripts": "USER/.pixi/envs/default/bin", "data": "USER/.pixi/envs/default"}, "virtualenv": {"purelib": "lib/python3.10/site-packages", "platlib": "lib/
  │ python3.10/site-packages", "include": "include/site/python3.10", "scripts": "bin", "data": ""}}
  │ --- stderr:
  │ [03/21/24 15:59:48] WARNING  pyproject.toml does not contain a setuptools.py:119
  │                              tool.setuptools_scm section
  │ ---
```
 2024-03-21 19:23:41 -04:00
Zanie Blue c6e181d233
Respect HTTP client options when reading remote requirements files (#2434) 
Uses the base client introduced in #2431 to restore use of our fully
configured client when reading remote requirements files.

Closes https://github.com/astral-sh/uv/issues/2357

## Test plan

```
npx http-server --username user --password password
cargo run -- pip install -r http://user:password@127.0.0.1:8080/requirements.txt
```

Fails on main succeeds on branch.
 2024-03-21 13:48:57 -05:00
Charlie Marsh 0f96386032
Add a garbage collection mechanism to the CLI (#1217) 
## Summary

Detects unused cache entries, which can come in a few forms:

1. Directories that are out-dated via our versioning scheme.
2. Old source distribution builds (i.e., we have a more recent version).
3. Old wheels (stored in `archive-v0`, but not symlinked-to from
anywhere in the cache).

Closes https://github.com/astral-sh/puffin/issues/1059.
 2024-03-21 18:07:48 +00:00
Zanie Blue 7ee90dc71f
Fix authentication with JFrog artifactories (#2592) 
Closes #2566 

We were storing the username e.g. `charlie@astral.sh` as a
percent-encoded string `charlie%40astral.sh` which resulted in different
headers and broke JFrog's artifactory which apparently does not decode
usernames.

Tested with a JFrog artifactory and AWS CodeArtifact although it is
worth noting that AWS does _not_ have a username with an `@` — it'd be
nice to test another artifactory with percent-encoded characters in the
username and/or password.
 2024-03-21 12:10:43 -05:00
konsti 2375008cc1
Use c-string literals and update trampolines (#2590) 
Rust 1.77 has stabilized c-string literals (`c"<string>"`):
https://doc.rust-lang.org/nightly/edition-guide/rust-2021/c-string-literals.html.
This PR replaces the usages of the custom c-string literal macro in the
trampoline with the new syntax.
 2024-03-21 15:36:00 +00:00
Charlie Marsh f91ce521c5
Move requirements resolution into its own crate (#2579) 
## Summary

No functional changes, but this was a lot of core logic in the `uv`
crate, which is mostly meant to be the CLI.
 2024-03-21 13:52:47 +00:00
Charlie Marsh 2979918320
Add support for unnamed Git and HTTP requirements (#2578) 
## Summary

Enables, e.g., `uv pip install
git+https://github.com/pallets/flask.git`.

Part of: https://github.com/astral-sh/uv/issues/313.
 2024-03-21 13:44:54 +00:00
Tim de Jager fc9761d020
feat: make direct_url public (#2584) 
## Summary

Made the `direct_url` method public because it was not :) Can be merged
instead of in addition to: https://github.com/astral-sh/uv/pull/2510
 2024-03-21 09:37:15 -04:00
veryyet d6dad57fab
chore: fix some typos (#2581) 2024-03-21 04:09:37 +00:00
Charlie Marsh 7c728a2e77
Support unnamed requirements directly in pip uninstall (#2577) 
## Summary

In `pip uninstall`, we shouldn't need to resolve unnamed requirements,
since we already index packages in `site-packages` by their URL.

This also changes `uninstall` to ignore editables, which matches pip's
behavior.

Part of: https://github.com/astral-sh/uv/issues/313.

## Test Plan

Run `cargo run pip install ./scripts/editable-installs/black_editable`,
followed by each of the following:

- `cargo run pip uninstall ./scripts/editable-installs/black_editable`
- `cargo run pip uninstall black`
- `cargo run pip uninstall ./scripts/editable-installs/black_editable
black`
 2024-03-21 00:02:06 -04:00
Charlie Marsh 34bef37072
Enable install audits without resolving named requirements (#2575) 
## Summary

This PR ensures that if a package is already satisfied by the current
environment, we don't bother resolving the named requirement.

Part of: https://github.com/astral-sh/uv/issues/313.

## Test Plan

- `cargo run pip install ./scripts/editable-installs/black_editable`
- `cargo run pip install black --verbose`
 2024-03-20 23:54:45 -04:00
Charlie Marsh e5b0cf7f89
Add support for unnamed local directory requirements (#2571) 
## Summary

For example: `cargo run pip install .`

The strategy taken here is to attempt to extract the package name from
the distribution without executing the PEP 517 build steps. We could
choose to do that in the future if this proves lacking, but it adds
complexity.

Part of: https://github.com/astral-sh/uv/issues/313.
 2024-03-21 03:46:11 +00:00
Charlie Marsh 4d96255ade
Enable unnamed requirements for direct URLs (#2569) 
## Summary

This PR enables `uv pip install` to accept unnamed requirements, as long
as the requirement ends with the wheel or source distribution archive
name. For example: `cargo run pip install
~/Downloads/anyio-4.3.0.tar.gz`.

In subsequent PRs, I'll expand the scope of supported archives and
patterns.

Part of: https://github.com/astral-sh/uv/issues/313.
 2024-03-21 03:39:02 +00:00
Charlie Marsh ee211b35bc
Add support for parsing unnamed URL requirements (#2567) 
## Summary

First piece of https://github.com/astral-sh/uv/issues/313. In order to
support unnamed requirements, we need to be able to parse them in
`requirements-txt`, which in turn means that we need to introduce a new
type that's distinct from `pep508::Requirement`, given that these
_aren't_ PEP 508-compatible requirements.

Part of: https://github.com/astral-sh/uv/issues/313.
 2024-03-21 03:28:58 +00:00
Charlie Marsh 0af6a3d41d
Bump version to v0.1.23 (#2580) 2024-03-21 02:51:21 +00:00
konsti 70e0967dbd
Avoid repeating paths of workspace packages (#2573) 
Scott schafer got me the idea: We can avoid repeating the path for
workspaces dependencies everywhere if we declare them in the virtual
package once and treat them as workspace dependencies from there on.
 2024-03-20 16:16:02 -04:00
konsti 7111fdd637
`VIRTUAL_ENV` takes precedence over `CONDA_PREFIX` (#2574) 
It is a common pattern to have an active conda base env (that sets
`CONDA_PREFIX`) and then create a venv on top of that (setting
`VIRTUAL_ENV`).

Previously, we would error when both `VIRTUAL_ENV` and `CONDA_PREFIX`
were set, now `VIRTUAL_ENV` takes precedence over `CONDA_PREFIX`.

Fixes #2028
 2024-03-20 16:14:44 -04:00
Wolf Vollprecht 1255c981a7
feat: allow setting installer name other than `uv` (#2561) 
## Summary

We would like to be able to configure the installer-name so that other
tools can co-exist with `uv`. In `pixi` we would like to use `pixi-uv`
as the installer name, for example, to be able to distinguish them from
packages installed by pure `uv`.
 2024-03-20 10:36:49 -04:00
Charlie Marsh 00fc44012c
Use relative paths for user display (#2559) 
## Summary

This PR changes our user-facing representation for paths to use relative
paths, when the path is within the current working directory. This
mirrors what we do in Ruff. (If the path is _outside_ the current
working directory, we print an absolute path.)

Before:

```shell
❯ uv venv .venv2
Using Python 3.12.2 interpreter at: /Users/crmarsh/workspace/uv/.venv/bin/python3
Creating virtualenv at: .venv2
Activate with: source .venv2/bin/activate
```

After:

```shell
❯ cargo run venv .venv2
    Finished dev [unoptimized + debuginfo] target(s) in 0.15s
     Running `target/debug/uv venv .venv2`
Using Python 3.12.2 interpreter at: .venv/bin/python3
Creating virtualenv at: .venv2
Activate with: source .venv2/bin/activate
```

Note that we still want to use the existing `.simplified_display()`
anywhere that the path is being simplified, but _still_ intended for
machine consumption (e.g., when passing to `.current_dir()`).
 2024-03-20 09:52:50 -04:00
Hans Baker 204b159cf4
Add CUSTOM_COMPILE_COMMAND support to uv pip compile (#2554) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

<!-- What's the purpose of the change? What does it do, and why? -->

This adds support for `CUSTOM_COMPILE_COMMAND` support to change the
header comment in generated requirements files.

See Issue:  
- #1527 

From [pip-tools docs](https://pip-tools.readthedocs.io/en/latest/):

> You might be wrapping the pip-compile command in another script. To
avoid confusing consumers of your custom script you can override the
update command generated at the top of requirements files by setting the
CUSTOM_COMPILE_COMMAND environment variable.

## Test Plan

<!-- How was it tested? -->

See unit test included

---------

Co-authored-by: konsti <konstin@mailbox.org>
 2024-03-20 11:22:18 +00:00
konsti 32b9eeb532
Use mac version from python for linehaul information (#2509) 
See
https://github.com/astral-sh/uv/pull/2493#pullrequestreview-1942899151.

---------

Co-authored-by: Zanie Blue <contact@zanie.dev>
 2024-03-20 10:55:50 +01:00
Charlie Marsh cfd18aa1a2
Treat uninstallable packages as warnings, rather than errors (#2557) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2467.
 2024-03-20 01:02:12 +00:00
Zanie Blue baa30697a4
Ensure mtime of site packages is updated during wheel installation (#2545) 
Closes https://github.com/astral-sh/uv/issues/2530
 2024-03-20 00:54:05 +00:00
Charlie Marsh c180fedbce
Run interpreter discovery under `-I` mode (#2552) 
## Summary

If you have a file `typing.py` in the current working directory, `python
-m` doesn't work in some Python versions:

```sh
❯ python -m foo
Could not import runpy module
Traceback (most recent call last):
  File "/Users/crmarsh/.local/share/rtx/installs/python/3.9.18/lib/python3.9/runpy.py", line 15, in <module>
    import importlib.util
  File "/Users/crmarsh/.local/share/rtx/installs/python/3.9.18/lib/python3.9/importlib/util.py", line 2, in <module>
    from . import abc
  File "/Users/crmarsh/.local/share/rtx/installs/python/3.9.18/lib/python3.9/importlib/abc.py", line 17, in <module>
    from typing import Protocol, runtime_checkable
ImportError: cannot import name 'Protocol' from 'typing' (/Users/crmarsh/workspace/uv/typing.py)
```

This did _not_ cause problems for us on Python 3.11 or later, because we
set `PYTHONSAFEPATH`, which avoids adding the current working directory
to `sys.path`. However, on earlier versions, we _were_ failing with the
above. (It's important that we run interpreter discovery in the current
working directory, since doing otherwise breaks pyenv shims.)

The fix implemented here uses `-I` to run Python in isolated mode, which
is even stricter. The downside of isolated mode is that we currently
rely on setting `PYTHONPATH` to find the "fake module" that we create on
disk, and `-I` means `PYTHONPATH` is totally ignored. So, instead, we
run a script directly, and that _script_ injects the path we care about
into `PYTHONSAFEPATH`.

Closes https://github.com/astral-sh/uv/issues/2547.
 2024-03-19 20:19:46 -04:00
konsti 79fbac7af5
Fast lint CI job: Rustfmt, Prettier, Ruff (#2406) 
Add a single job for for fast lint tools. Rustfmt for rust, ruff for
python formatting and linting, prettier avoids inconsistent formatter
changes between pycharm and vscode.
 2024-03-20 00:16:46 +00:00
Charlie Marsh ab99a18cbc
Implement `--no-strip-extras` to preserve extras in compilation (#2555) 
## Summary

We strip extras by default, but there are some valid use-cases in which
they're required (see the linked issue). This PR doesn't change our
default, but it does add `--no-strip-extras`, which lets users preserve
extras in the output requirements.

Closes https://github.com/astral-sh/uv/issues/1595.
 2024-03-19 23:59:32 +00:00
Charlie Marsh ad396a7cff
Remove unused activate script (#2556) 
I believe we use the variant in `activator`.
 2024-03-19 23:50:12 +00:00
Charlie Marsh 1bf48c91f2
Add a `uv self update` command (#2228) 
## Summary

Powered by Axo: https://github.com/axodotdev/axoupdater.

Closes https://github.com/astral-sh/uv/issues/1591.

## Test Plan

To test locally:

- `rm -f ~/.config/uv/uv-receipt.json /Users/crmarsh/.cargo/bin/uv`
- `curl --proto '=https' --tlsv1.2 -LsSf
https://github.com/astral-sh/uv/releases/download/0.1.14/uv-installer.sh
| sh`
- `cargo run self update`

Up-to-date:

![Screenshot 2024-03-06 at 12 13
36 AM](https://github.com/astral-sh/uv/assets/1309177/04bb7a11-6557-4317-8e86-18288fbc13c6)

Updated:

![Screenshot 2024-03-06 at 12 13
54 AM](https://github.com/astral-sh/uv/assets/1309177/c08ad739-5a2b-47cf-bf13-018a8d708330)

No receipt:

![Screenshot 2024-03-06 at 12 14
13 AM](https://github.com/astral-sh/uv/assets/1309177/317bbfaf-a787-4cbf-9f93-a4ce8ca7a988)
 2024-03-19 16:02:49 -04:00
Charlie Marsh c4107f9c40
Re-test validity after every lenient parsing change (#2550) 
## Summary

We had the right fixup for `torchsde`, but a subsequent fixup was making
it invalid. In general, we should apply as few of these as we can, so
lets stop as soon as we succeed.

Closes https://github.com/astral-sh/uv/issues/2546.

## Test Plan

`cargo run pip install torchsde==0.2.5 --verbose --reinstall -n
--verbose`
 2024-03-19 15:41:49 -04:00
Charlie Marsh 2e65092be0
Add `--link-mode` defaults to CLI (#2549) 2024-03-19 19:13:17 +00:00
Micha Reiser acbee166c0
Remove unused dependencies (#2543) 
## Summary

I tried out `cargo shear` to see if there are any unused dependencies
that `cargo udeps` isn't reporting. It turned out, there are a few. This
PR removes those dependencies.

## Test Plan

`cargo build`
 2024-03-19 13:10:10 -04:00
Charlie Marsh ba14f69676
Search in both `purelib` and `platlib` for site-packages population (#2537) 
## Summary

In reality, there's no such thing as the `site-packages` directory for a
given virtualenv. Rather, Python defines both `purelib` and `platlib`,
where the former is for pure-Python packages and the latter is for
packages that contain native code. These are almost always set to the
same thing... but they don't _have_ to be, and in fact of Fedora they
are not.

This PR changes the `site_packages` method to return an iterator of
directories.

Closes https://github.com/astral-sh/uv/issues/2527.
 2024-03-19 03:06:16 +00:00
Charlie Marsh 659e00c4c1
Use `Box<str>` in Hashes to reduce size (#2536) 2024-03-19 02:51:46 +00:00
Charlie Marsh 80aa03dcba
Add SHA384 and SHA512 hash algorithms (#2534) 
Closes #2533.
 2024-03-19 02:23:16 +00:00
Charlie Marsh d0789fc078
Preserve hashes for pinned packages (#2532) 
## Summary

When a user runs with `--output-file` and `--generate-hashes`, we should
_only_ update the hashes if the pinned version itself changes.

Closes https://github.com/astral-sh/uv/issues/1530.
 2024-03-19 01:02:18 +00:00
Charlie Marsh 9afb360524
Bump version to v0.1.21 (#2517) 2024-03-18 13:51:06 -04:00
Zanie Blue b7ecd4faa1
Tweak `uv pip check` output for consistency with other interfaces (#2480) 2024-03-18 12:49:12 -05:00
Charlie Marsh 2b01d9f70b
Validate required package names against wheel package names (#2516) 
Closes https://github.com/astral-sh/uv/issues/2484.
 2024-03-18 17:35:15 +00:00
eth3lbert 1911c966b5
Allow direct file path requirements to include fragments (#2502) 
This PR handles the fragment part of the URL path.
It achieves this by splitting the fragment from the path before
normalization and parsing. It then sets the fragment back after the URL
has been parsed.

Resolve #2501
 2024-03-18 17:06:11 +00:00
Zanie Blue 01cef878f6
Drop `macosx_10_0` from compatible wheel tags on `aarch64` (#2496) 
Following #2489 this is the last remaining difference from Python 3.12's
packaging module.
 2024-03-18 14:52:54 +00:00
Zanie Blue b71973cd7b
Fix priority of ABI tags (#2489) 
Brings us in-line with Python's behavior:

1. Prioritize `none` tags _after_ all of the relevant platform tags 
2. Omit  `none` tags for CPython versions less than the current version
3. Prioritize major (i.e. `py3-none`) version tags over minor (i.e.
`py3x-none`) version tags less than the current version
4. Add a `none-any` tag for the current CPython version


## Test plan

Tested on my Linux machine with a script to emit tags at the desired
glibc version:

```python
from packaging import tags
import re

exclude = re.compile("_(21|22|23|24|25|26|27|28|29|30|31|32|33|34|35|36|37|38|39)_")

for tag in tags.sys_tags():
    if exclude.search(str(tag)):
        continue
    print(tag)
```

Then performed a diff with the snapshot in `tags.rs`
 2024-03-18 09:21:54 -05:00
konsti 4c59aefdb7
Add missing platform entries to subcommands (#2507) 
Fixup for #2493
 2024-03-18 13:33:43 +01:00
konsti 060a2fb80b
Shrink `solve()` a little by moving formatting out (#2506) 
`solve()` is our main loop. Shrinking it down a little by moving
formatting out makes it easier to follow.
 2024-03-18 12:27:24 +00:00
konsti ecc46c5412
Fix operating system detection on *BSD (#2505) 
For #2487, not closing since we still need confirmation that his fixes
*BSD.
 2024-03-18 10:51:55 +00:00
samypr100 42973cd9cb
feat: add linehaul info to uv-client (#2493) 
## Summary

Closes #1958

This adds linehaul metadata to uv's user-agent when pep 508 markers are
provided to the RegistryClientBuilder. Thanks to #2381, we were able to
leverage most information from markers and avoid inconsistency.

Linehaul is meant to be accompanying metadata pip sends in it's user
agent when talking to registries. You can see this output by running
something like `python -c 'from pip._internal.network.session import
user_agent; print(user_agent())'`.
In PyPI, this metadata processed by the
[linehaul-cloud-function](https://github.com/pypi/linehaul-cloud-function).
More info about linehaul can be found in #1958.

Below are some examples from pip:

* Linux GHA: `pip/24.0
{"ci":true,"cpu":"x86_64","distro":{"id":"jammy","libc":{"lib":"glibc","version":"2.35"},"name":"Ubuntu","version":"22.04"},"implementation":{"name":"CPython","version":"3.12.2"},"installer":{"name":"pip","version":"24.0"},"openssl_version":"OpenSSL
3.0.2 15 Mar
2022","python":"3.12.2","rustc_version":"1.76.0","system":{"name":"Linux","release":"6.5.0-1016-azure"}}`
* Windows GHA: `pip/24.0
{"ci":true,"cpu":"AMD64","implementation":{"name":"CPython","version":"3.12.2"},"installer":{"name":"pip","version":"24.0"},"openssl_version":"OpenSSL
3.0.13 30 Jan
2024","python":"3.12.2","rustc_version":"1.76.0","system":{"name":"Windows","release":"2022Server"}}`
* OSX GHA: `pip/24.0
{"ci":true,"cpu":"arm64","distro":{"name":"macOS","version":"14.2.1"},"implementation":{"name":"CPython","version":"3.12.2"},"installer":{"name":"pip","version":"24.0"},"openssl_version":"OpenSSL
3.0.13 30 Jan
2024","python":"3.12.2","rustc_version":"1.76.0","system":{"name":"Darwin","release":"23.2.0"}}`



Here's how uv results look like (sorry for the keys not having the same
order):

* Linux GHA: `uv/0.1.21
{"installer":{"name":"uv","version":"0.1.21"},"python":"3.12.2","implementation":{"name":"CPython","version":"3.12.2"},"distro":{"name":"Ubuntu","version":"22.04","id":"jammy","libc":null},"system":{"name":"Linux","release":"6.5.0-1016-azure"},"cpu":"x86_64","openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}`
* Windows GHA: `uv/0.1.21
{"installer":{"name":"uv","version":"0.1.21"},"python":"3.12.2","implementation":{"name":"CPython","version":"3.12.2"},"distro":null,"system":{"name":"Windows","release":"2022Server"},"cpu":"AMD64","openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}`
* OSX GHA: `uv/0.1.21
{"installer":{"name":"uv","version":"0.1.21"},"python":"3.12.2","implementation":{"name":"CPython","version":"3.12.2"},"distro":{"name":"macOS","version":"14.2.1","id":null,"libc":null},"system":{"name":"Darwin","release":"23.2.0"},"cpu":"arm64","openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}`

Distro information (such as the one pip uses `from pip._vendor import
distro` to retrieve instead of `platform` module) was not retrieved from
markers. Instead, the linux release codename/name/version uses
`sys-info` crate, adding about 50us of extra overhead on linux. The
distro osx version re-used the [mac_os version
implementation](99c992e38b/crates/platform-host/src/mac_os.rs)
from #2381 which adds about 20us of overhead on osx. I tried to use
other crates to avoid re-introducing `mac_os.rs` but most of them didn't
yield satisfactory performance (40ms-60ms~) or had the wrong values
needed (e.g. darwin version vs osx version).

I also didn't add libc retrieval or rustc retrieval as those seem to add
substantial overhead due to querying `ldd` or `rustc`. PyPy version
detection was also not added to avoid adding extra overhead to [support
PyPy for
linehaul](https://github.com/pypa/pip/blob/24.0/src/pip/_internal/network/session.py#L123).
All other behavior was kept 1-1 to match what pip's linehaul
implementation does (as of 24.0). This also aligns with what was
discussed in #1958.

## Test Plan

Added new integration test to uv-client.

---------

Co-authored-by: konstin <konstin@mailbox.org>
 2024-03-18 10:46:58 +00:00
Charlie Marsh a07438f52f
Re-add support for pyenv shims (#2503) 
## Summary

By running `get_interpreter_info.py` outside of the current working
directory, we seem to have broken pyenv shims.

Closes https://github.com/astral-sh/uv/issues/2488.

## Test Plan

Without this change (resolving to the Homebrew Python, even though we
start with a shim):

```
DEBUG Starting interpreter discovery for Python @ `python3.11`
DEBUG Probing interpreter info for: /Users/crmarsh/.pyenv/shims/python3.11
DEBUG Found Python 3.11.7 for: /Users/crmarsh/.pyenv/shims/python3.11
Using Python 3.11.7 interpreter at: /opt/homebrew/opt/python@3.11/bin/python3.11
Creating virtualenv at: .venv
INFO Removing existing directory
Activate with: source .venv/bin/activate
```

With this change:

```
DEBUG Starting interpreter discovery for Python @ `python3.11`
DEBUG Probing interpreter info for: /Users/crmarsh/.pyenv/shims/python3.11
DEBUG Found Python 3.11.1 for: /Users/crmarsh/.pyenv/shims/python3.11
Using Python 3.11.1 interpreter at: /Users/crmarsh/.pyenv/versions/3.11.1/bin/python3.11
Creating virtualenv at: .venv
INFO Removing existing directory
Activate with: source .venv/bin/activate
```
 2024-03-17 22:57:36 -04:00
Zanie Blue 653327b55d
Fix priority of platform tags for manylinux (#2483) 
Closes https://github.com/astral-sh/uv/issues/2477

See also:
- #2489
 2024-03-16 22:33:47 +00:00
Zanie Blue eac23512f6
Add snapshot test for platform tags (#2482) 
Adding ordering test coverage as a preface to fixing
https://github.com/astral-sh/uv/issues/2477 (see #2483)
 2024-03-16 17:20:57 -05:00
Charlie Marsh db5898bd67
Add support for Hatch's `{root:uri}` paths in editable installs (#2492) 
## Summary

If a package uses Hatch's `root.uri` feature, we currently error:

```toml
dependencies = [
  "black @ {root:uri}/../black_editable"
]
```

Even though we're using PEP 517 hooks to get the metadata, which
_should_ support this. The problem is that we load the full
`PyProjectToml`, which means we parse the requirements, which means we
reject what looks like a relative URL in dependencies.

Instead, we should only enforce a limited subset of `pyproject.toml`
(arguably none).

Closes https://github.com/astral-sh/uv/issues/2475.
 2024-03-16 19:06:42 +00:00
Charlie Marsh 5a95f50619
Add support for PyTorch-style local version semantics (#2430) 
## Summary

This PR adds limited support for PEP 440-compatible local version
testing. Our behavior is _not_ comprehensively in-line with the spec.
However, it does fix by _far_ the biggest practical limitation, and
resolves all the issues that've been raised on uv related to local
versions without introducing much complexity into the resolver, so it
feels like a good tradeoff for me.

I'll summarize the change here, but for more context, see [Andrew's
write-up](https://github.com/astral-sh/uv/issues/1855#issuecomment-1967024866)
in the linked issue.

Local version identifiers are really tricky because of asymmetry.
`==1.2.3` should allow `1.2.3+foo`, but `==1.2.3+foo` should not allow
`1.2.3`. It's very hard to map them to PubGrub, because PubGrub doesn't
think of things in terms of individual specifiers (unlike the PEP 440
spec) -- it only thinks in terms of ranges.

Right now, resolving PyTorch and friends fails, because...

- The user provides requirements like `torch==2.0.0+cu118` and
`torchvision==0.15.1+cu118`.
- We then match those exact versions.
- We then look at the requirements of `torchvision==0.15.1+cu118`, which
includes `torch==2.0.0`.
- Under PEP 440, this is fine, because `torch @ 2.0.0+cu118` should be
compatible with `torch==2.0.0`.
- In our model, though, it's not, because these are different versions.
If we change our comparison logic in various places to allow this, we
risk breaking some fundamental assumptions of PubGrub around version
continuity.
- Thus, we fail to resolve, because we can't accept both `torch @ 2.0.0`
and `torch @ 2.0.0+cu118`.

As compared to the solutions we explored in
https://github.com/astral-sh/uv/issues/1855#issuecomment-1967024866, at
a high level, this approach differs in that we lie about the
_dependencies_ of packages that rely on our local-version-using package,
rather than lying about the versions that exist, or the version we're
returning, etc.

In short:

- When users specify local versions upfront, we keep track of them. So,
above, we'd take note of `torch` and `torchvision`.
- When we convert the dependencies of a package to PubGrub ranges, we
check if the requirement matches `torch` or `torchvision`. If it's
an`==`, we check if it matches (in the above example) for
`torch==2.0.0`. If so, we _change_ the requirement to
`torch==2.0.0+cu118`. (If it's `==` some other version, we return an
incompatibility.)

In other words, we selectively override the declared dependencies by
making them _more specific_ if a compatible local version was specified
upfront.

The net effect here is that the motivating PyTorch resolutions all work.
And, in general, transitive local versions work as expected.

The thing that still _doesn't_ work is: imagine if there were _only_
local versions of `torch` available. Like, `torch @ 2.0.0` didn't exist,
but `torch @ 2.0.0+cpu` did, and `torch @ 2.0.0+gpu` did, and so on.
`pip install torch==2.0.0` would arbitrarily choose one one `2.0.0+cpu`
or `2.0.0+gpu`, and that's correct as per PEP 440 (local version
segments should be completely ignored on `torch==2.0.0`). However, uv
would fail to identify a compatible version. I'd _probably_ prefer to
fix this, although candidly I think our behavior is _ok_ in practice,
and it's never been reported as an issue.

Closes https://github.com/astral-sh/uv/issues/1855.

Closes https://github.com/astral-sh/uv/issues/2080.

Closes https://github.com/astral-sh/uv/issues/2328.
 2024-03-16 10:24:50 -04:00
John 62fdd3db59
chore: remove repetitive words (#2485) 2024-03-16 10:13:48 -04:00
Chan Kang 5b2293dbd0
Add `uv pip check` (#2397) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary
Resolves https://github.com/astral-sh/uv/issues/2391
<!-- What's the purpose of the change? What does it do, and why? -->

## Test Plan
Added a few tests to make sure that the exit code returned is 0 when
there's no conflict; 1 when there's any conflict.
<!-- How was it tested? -->
 2024-03-15 12:39:55 -05:00
Zanie Blue 9c27f92203
Introduce a `BaseClient` for construction of canonical configured client (#2431) 
In preparation for support of
https://github.com/astral-sh/uv/issues/2357 (see
https://github.com/astral-sh/uv/pull/2434)
 2024-03-15 12:07:38 -05:00
Charlie Marsh 8463d6d672
Apply from-URL credentials in authentication middleware (#2449) 
## Summary

Right now, the middleware doesn't apply credentials that were
_originally_ sourced from a URL. This requires that we call
`with_url_encoded_auth` whenever we create a request to ensure that any
credentials that were passed in as part of an index URL (for example)
are respected.

This PR modifies `uv-auth` to instead apply those credentials in the
middleware itself. This seems preferable to me. As far as I can tell, we
can _only_ add in-URL credentials to the store ourselves (since in-URL
credentials are converted to headers by the time they reach the
middleware). And if we ever _didn't_ apply those credentials to new
URLs, it'd be a bug in the logic that precedes the middleware (i.e., us
forgetting to call `with_url_encoded_auth`).

## Test Plan

`cargo run pip install` with an authenticated index.
 2024-03-15 16:21:37 +00:00
Zanie Blue 10abeae3c6
Add test case for URL with basic authentication (#2463) 
Closes https://github.com/astral-sh/uv/issues/2447
 2024-03-15 09:50:04 -05:00
Charlie Marsh fdee1e2299
Remove NumPy from editable test (#2473) 2024-03-15 14:41:52 +00:00
Charlie Marsh bd3c577883
Update packse to pull in additional post tests (#2474) 2024-03-15 14:34:12 +00:00
Charlie Marsh e69b76bc72
Make > operator exclude post and local releases (#2471) 
## Summary

This PR attempts to use a similar trick to that we added in
https://github.com/astral-sh/uv/pull/1878, but for post-releases.

In https://github.com/astral-sh/uv/pull/1878, we added a fake "minimum"
version to enable us to treat `< 1.0.0` as _excluding_ pre-releases of
1.0.0.

Today, on `main`, we accept post-releases and local versions in `>
1.0.0`. But per PEP 440, that should _exclude_ post-releases and local
versions, unless the specifier is itself a pre-release, in which case,
pre-releases are allowed (e.g., `> 1.0.0.post0` should allow `>
1.0.0.post1`).

To support this, we add a fake "maximum" version that's greater than all
the post and local releases for a given version. This leverages our last
remaining free bit in the compact representation.
 2024-03-15 14:02:06 +00:00
Charlie Marsh c296da34bf
Add additional ARM targets to release (#2417) 
Closes https://github.com/astral-sh/uv/issues/2415.
Closes https://github.com/astral-sh/uv/issues/2416.
 2024-03-15 13:49:29 +00:00
Charlie Marsh fbb8bc1f6f
Pull in `packse` tests for post releases (#2468) 
## Summary

Like local versions, a few of these failures and have fixups in the
generation script.
 2024-03-14 23:26:31 +00:00
Charlie Marsh 17732246df
Update packse to pull in additional local version tests (#2462) 
Precursor to #2430.
 2024-03-14 20:13:47 +00:00
Charlie Marsh 2fb8df3769
Avoid panicking on cannot-be-a-base URLs (#2461) 
`path_segments_mut` returns an `Err` for cannot-be-a-base URLs. These
won't be valid when we try to fetch them anyway, but we need to avoid a
panic.

Closes https://github.com/astral-sh/uv/issues/2460.
 2024-03-14 17:47:16 +00:00
Zanie Blue e9c12c52fd
Bump version to 0.1.21 (#2457) 2024-03-14 09:43:39 -05:00
Charlie Marsh 492ffbf997
Loosen `.dist-info` validation to accept arbitrary versions (#2441) 
## Summary

It turns out that pip does _not_ validate the normalization of the
version specifier in the `.dist-info` directory. In particular, it seems
that some tools replace the `+` in a local version segment with a `_`.

Closes https://github.com/astral-sh/uv/issues/2424.
 2024-03-14 09:04:39 -04:00
konsti b5d9014918
Fix mac os arch with `platform.mac_ver()` (#2454) 
Fixes #2450, see
https://github.com/konstin/typeshed-stats/actions/runs/8280420121
 2024-03-14 12:37:45 +00:00
Charlie Marsh ea8fc8280a
Bump version to v0.1.20 (#2448) 2024-03-13 23:58:21 -04:00
Charlie Marsh f1aec3e779
Add in-URL credentials to store prior to creating requests (#2446) 
## Summary

The authentication middleware extracts in-URL credentials from URLs that
pass through it; however, by the time a request reaches the store, the
credentials will have already been removed, and relocated to the header.
So we were never propagating in-URL credentials.

This PR adds an explicit pass wherein we pass in-URL credentials to the
store prior to doing any work.

Closes https://github.com/astral-sh/uv/issues/2444.

## Test Plan

`cargo run pip install` against an authenticated AWS registry.
 2024-03-14 03:46:33 +00:00
Charlie Marsh d29645ce75
Error when direct URL requirements don't match `Requires-Python` (#2196) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2195.

## Test Plan

`cargo test`
 2024-03-14 02:37:01 +00:00
Zanie Blue 044a77cfd2
Simplify the packse scenario package name filters (#2440) 
I liked the bird names but we can't actually apply those in some
situations (i.e. when the package is not supposed to exist) — this is
simpler.
 2024-03-13 20:16:51 -05:00
Zanie Blue 3825c95472
Bump version to 0.1.19 (#2435) 2024-03-13 18:43:53 -05:00
Charlie Marsh 05688ca13f
Respect `--native-tls` in `venv` (#2433) 
Closes https://github.com/astral-sh/uv/issues/2432.
 2024-03-13 22:54:51 +00:00
Zanie Blue 22a52391be
Refactor `AuthenticationStore` to inline credentials (#2427) 2024-03-13 17:48:02 -05:00
Hans Baker 9159731792
Add support for retrieving credentials from `keyring` (#2254) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

<!-- What's the purpose of the change? What does it do, and why? -->

Adds basic keyring auth support for `uv` commands. Adds clone of `pip`'s
`--keyring-provider subprocess` argument (using CLI `keyring` tool).

See issue: https://github.com/astral-sh/uv/issues/1520

## Test Plan

<!-- How was it tested? -->

Hard to write full-suite unit tests due to reliance on
`process::Command` for `keyring` cli

Manually tested end-to-end in a project with GCP artifact registry using
keyring password:
```bash
➜  uv pip uninstall watchdog
Uninstalled 1 package in 46ms
 - watchdog==4.0.0

➜  cargo run -- pip install --index-url https://<redacted>/python/simple/ --extra-index-url https://<redacted>/pypi-mirror/simple/ watchdog
    Finished dev [unoptimized + debuginfo] target(s) in 0.18s
     Running `target/debug/uv pip install --index-url 'https://<redacted>/python/simple/' --extra-index-url 'https://<redacted>/pypi-mirror/simple/' watchdog`
error: HTTP status client error (401 Unauthorized) for url (https://<redacted>/pypi-mirror/simple/watchdog/)

➜  cargo run -- pip install --keyring-provider subprocess --index-url https://<redacted>/python/simple/ --extra-index-url https://<redacted>/pypi-mirror/simple/ watchdog
    Finished dev [unoptimized + debuginfo] target(s) in 0.17s
     Running `target/debug/uv pip install --keyring-provider subprocess --index-url 'https://<redacted>/python/simple/' --extra-index-url 'https://<redacted>/pypi-mirror/simple/' watchdog`
Resolved 1 package in 2.34s
Installed 1 package in 27ms
 + watchdog==4.0.0
```

`requirements.txt`
```
#
# This file is autogenerated by pip-compile with Python 3.10
# by the following command:
#
#    .bin/generate-requirements
#
--index-url https://<redacted>/python/simple/
--extra-index-url https://<redacted>/pypi-mirror/simple/

...
```

```bash
➜  cargo run -- pip install --keyring-provider subprocess -r requirements.txt
    Finished dev [unoptimized + debuginfo] target(s) in 0.19s
     Running `target/debug/uv pip install --keyring-provider subprocess -r requirements.txt`
Resolved 205 packages in 23.52s
   Built <redacted>
   ...
Downloaded 47 packages in 19.32s
Installed 195 packages in 276ms
 + <redacted>
  ...
```

---------

Co-authored-by: Thomas Gilgenast <thomas@vant.ai>
Co-authored-by: Zanie Blue <contact@zanie.dev>
 2024-03-13 15:02:18 -05:00
Charlie Marsh d4d78b0cc3
Remove `django` as a common test package (#2420) 
## Summary

Django is actually pretty large (the wheel is 8MB, the source
distribution is 10MB). There's nothing specific to Django in any of
these tests, so this just replaces it with a much smaller dependency.

We should prune these down eventually since the scenarios cover a lot of
this -- this is just a bandaid.
 2024-03-13 15:46:57 -04:00
konsti 74dc5ebc85
Fix tests on main (#2423) 
A new protobuf release on pypi broke our tests.

This is the same version that pip installs:

```console
$ pip install hashb_foxglove_protocolbuffers_python==25.3.0.1.20240226043130+465630478360 --extra-index-url https://buf.build/gen/python
  Looking in indexes: https://pypi.org/simple, https://buf.build/gen/python
  Collecting hashb_foxglove_protocolbuffers_python==25.3.0.1.20240226043130+465630478360
    Downloading https://buf.build/gen/python/hashb-foxglove-protocolbuffers-python/hashb_foxglove_protocolbuffers_python-25.3.0.1.20240226043130%2B465630478360-py3-none-any.whl
       - 34.1 kB 1.9 MB/s 0:00:00
  Collecting protobuf (from hashb_foxglove_protocolbuffers_python==25.3.0.1.20240226043130+465630478360)
    Downloading protobuf-5.26.0-cp37-abi3-manylinux2014_x86_64.whl.metadata (592 bytes)
  Downloading protobuf-5.26.0-cp37-abi3-manylinux2014_x86_64.whl (302 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 302.8/302.8 kB 2.8 MB/s eta 0:00:00
  Installing collected packages: protobuf, hashb_foxglove_protocolbuffers_python
  Successfully installed hashb_foxglove_protocolbuffers_python-25.3.0.1.20240226043130+465630478360 protobuf-5.26.0
```

I added a constraints file for future releases of protobuf.
 2024-03-13 19:32:47 +00:00
Charlie Marsh d9b160b405
Add backoff for transient Windows failures (#2419) 
## Summary

This may be required elsewhere, but all the traces in that issue are
related to persisting the temporary directory to our persistent cache,
so lets start there.

See: https://github.com/astral-sh/uv/issues/1491.
 2024-03-13 13:16:26 -04:00
Charlie Marsh cca9de13e2
Treat non-existent site-packages as empty (#2413) 
## Summary

It turns out this doesn't need to exist until something has been
installed into it. See, e.g., https://github.com/astral-sh/uv/pull/2402.

Closes https://github.com/astral-sh/uv/issues/2404.
 2024-03-13 15:10:34 +00:00
Charlie Marsh bfddd729b7
Add `UV_NATIVE_TLS` environment variable (#2412) 
Closes https://github.com/astral-sh/uv/issues/2409.
 2024-03-13 14:29:31 +00:00
konsti 7964bfbb2b
Move architecture and operating system probing to Python (#2381) 
The architecture of uv does not necessarily match that of the python
interpreter (#2326). In cross compiling/testing scenarios the operating
system can also mismatch. To solve this, we move arch and os detection
to python, vendoring the relevant pypa/packaging code, preventing
mismatches between what the python interpreter was compiled for and what
uv was compiled for.

To make the scripts more manageable, they are now a directory in a
tempdir and we run them with `python -m` . I've simplified the
pypa/packaging code since we're still building the tags in rust. A
`Platform` is now instantiated by querying the python interpreter for
its platform. The pypa/packaging files are copied verbatim for easier
updates except a `lru_cache()` python 3.7 backport.

Error handling is done by a `"result": "success|error"` field that allow
passing error details to rust:

```console
$ uv venv --no-cache
  × Can't use Python at `/home/konsti/projects/uv/.venv/bin/python3`
  ╰─▶ Unknown operation system `linux`
```

I've used the [maturin sysconfig
collection](855f6d2cb1/sysconfig)
as reference. I'm unsure how to test these changes across the wide
variety of platforms.

Fixes #2326
 2024-03-13 11:51:14 +00:00
samypr100 e0ac5b4e84
feat: keep backwards compatibility with `SSL_CERT_FILE` without requiring `--native-tls` (#2401) 
## Summary

Small follow up to https://github.com/astral-sh/uv/pull/2362 to check if
`SSL_CERT_FILE` is set to enable `--native-tls` functionality. This
maintains backwards compatibility with `0.1.17` and below users
leveraging only `SSL_CERT_FILE`.

Closes https://github.com/astral-sh/uv/issues/2400

## Test Plan

<!-- How was it tested? -->
Assuming `SSL_CERT_FILE` is already working via `--native-tls`, this is
simply a shortcut to enable `--native-tls` functionality implicitly
while still being able to let `rustls-native-certs` handle the loading
of `SSL_CERT_FILE` instead of ourselves.

Edit: Manually tested by setting up own self-signed CA certificate
bundle and set `SSL_CERT_FILE` to this and confirmed the loading happens
without having to specify `--native-tls`.
 2024-03-13 04:33:10 +00:00
Charlie Marsh 43dc9c87a6
Bump version to v0.1.18 (#2398) 2024-03-13 00:25:41 +00:00
Charlie Marsh 3799862f5d
Trim injected `python_version` marker to (major, minor) (#2395) 
## Summary

Per [PEP 508](https://peps.python.org/pep-0508/), `python_version` is
just major and minor:

![Screenshot 2024-03-12 at 5 15
09 PM](https://github.com/astral-sh/uv/assets/1309177/cc3b8d65-dab3-4229-aed7-c6fe590b8da0)

Right now, we're using the provided version directly, so if it's, e.g.,
`-p 3.11.8`, we'll inject the wrong marker. This was causing `pandas` to
omit `numpy` when `-p 3.11.8` was provided, since its markers look like:

```
Requires-Dist: numpy<2,>=1.22.4; python_version < "3.11"
Requires-Dist: numpy<2,>=1.23.2; python_version == "3.11"
Requires-Dist: numpy<2,>=1.26.0; python_version >= "3.12"
```

Closes https://github.com/astral-sh/uv/issues/2392.
 2024-03-13 00:11:50 +00:00
Zanie Blue 00ec99399a
Fix bug where `--no-binary :all:` prevented build of editable packages (#2393) 
Closes https://github.com/astral-sh/uv/issues/2343
 2024-03-12 23:21:40 +00:00
Charlie Marsh 7220894ffb
Expand environment variables prior to detecting scheme (#2394) 
## Summary

This PR ensures that we expand environment variables _before_ sniffing
for the URL scheme (e.g., `file://` vs. `https://` vs. something else).

Closes https://github.com/astral-sh/uv/issues/2375.
 2024-03-12 19:17:41 -04:00
Charlie Marsh 3bf20f95e4
Use local package instead of `transitive_url_dependency.zip` (#2396) 2024-03-12 22:56:00 +00:00
Charlie Marsh 79ac3a2a7e
Wait for request stream to flush before returning resolution (#2374) 
## Summary

This is a more robust fix for
https://github.com/astral-sh/uv/issues/2300.

The basic issue is:

- When we resolve, we attempt to pre-fetch the distribution metadata for
candidate packages.
- It's possible that the resolution completes _without_ those pre-fetch
responses. (In the linked issue, this was mainly because we were running
with `--no-deps`, but the pre-fetch was causing us to attempt to build a
package to get its dependencies. The resolution would then finish before
the build completed.)
- In that case, the `Index` will be marked as "waiting" for that
response -- but it'll never come through.
- If there's a subsequent call to the `Index`, to see if we should fetch
or are waiting for that response, we'll end up waiting for it forever,
since it _looks_ like it's in-flight (but isn't). (In the linked issue,
we had to build the source distribution for the install phase of `pip
install`, but `setuptools` was in this bad state from the _resolve_
phase.)

This PR modifies the resolver to ensure that we flush the stream of
requests before returning. Specifically, we now `join` rather than
`select` between the resolution and request-handling futures.

This _could_ be wasteful, since we don't _need_ those requests, but it
at least ensures that every `.wait` is followed by ` .done`. In
practice, I expect this not to have any significant effect on
performance, since we end up using the pre-fetched distributions almost
every time.

## Test Plan

I ran through the test plan from
https://github.com/astral-sh/uv/pull/2373, but ran the build 10 times
and ensured it never crashed. (I reverted
https://github.com/astral-sh/uv/pull/2373, since that _also_ fixes the
issue in the proximate case, by never fetching `setuptools` during the
resolve phase.)

I also added logging to verify that requests are being handled _after_
the resolution completes, as expected.

I also introduced an arbitrary error in `fetch` to ensure that the error
was immediately propagated.
 2024-03-12 10:13:57 -04:00
Jacob Coffee 15f6f9f448
Add `--dry-run` flag to `uv pip install` (#1436) 
## What

Adds a `--dry-run` flag that ejects out of the installation process
early (but after resolution) and displays only what *would have*
installed

## Closes

Closes #1244 

## Out of Scope

I think it may be nice to include a `dry-run` flag for `uninstall` even
though `pip` doesn't implement this... thinking `Would uninstall X
packages: ...`

---------

Co-authored-by: Zanie Blue <contact@zanie.dev>
 2024-03-12 01:19:30 -05:00
Chan Kang 9bb548d251
Implement "Requires" field in `pip show` (#2347) 
## Summary
Follow-up for
395be442fc

adds `Requires` field to pip show output.

I've aimed to make it behave exactly the same as `pip` does for now, but
there seem to be subtle issues that may require some discussion going
forward:
- Should `uv pip show` support extras? `pip` has an open issue for it,
but currently does not support https://github.com/pypa/pip/issues/4824.
- Relatedly, `Requred-by` field (not implemented in this PR) in `pip
show` currently doesn't take the extras into account transparently, i.e.
when `PySocks` has been installed as an extra for `requests[socks]`,
`pip show PySocks` doesn't have `requests` or `requests[socks]` under
`Requred-by` field. Should `uv pip show` for now just replicate `pip`'s
behavior for now for simplicity and parity or try to cover the extras
for completeness?

## Test Plan
Added a couple of tests:
1. `requests==2.31.0` has four dependencies that would be ordered
differently unless sorted. Additionally, it has two dependencies that
are optionally included for extras.
2. `pandas==2.1.3` depends on different versions of `numpy` depending on
the python version used.
 2024-03-12 04:35:22 +00:00
Charlie Marsh e9c16e9aa2
Enable TLS native root toggling at runtime (#2362) 
## Summary

It turns out that on macOS, reading the native certificates can add
hundreds of milliseconds to client initialization. This PR makes
`--native-tls` a command-line flag, to toggle (at runtime) the choice of
the `webpki` roots or the native system roots.

You can't accomplish this kind of configuration with the `reqwest`
builder API, so instead, I pulled out the heart of that logic from the
crate
(e319263851/src/async_impl/client.rs (L498)),
and modified it to allow toggling a choice of root.

Note that there's an open PR for this in reqwest
(https://github.com/seanmonstar/reqwest/pull/1848), along with an issue
(https://github.com/seanmonstar/reqwest/issues/1843), which I may ping,
but it's been around for a while and I believe reqwest is focused on its
next major release.

Closes https://github.com/astral-sh/uv/issues/2346.
 2024-03-12 04:05:49 +00:00
Charlie Marsh 1d21e65fbc
Skip prefetching when `--no-deps` is specified (#2373) 
## Summary

When running under `--no-deps`, we don't need to pre-fetch, because
pre-fetching fetches the _distribution_ metadata. But with `--no-deps`,
we only need the package metadata for the top-level requirements. We
never need distribution metadata.

Incidentally, this will fix https://github.com/astral-sh/uv/issues/2300.

## Test Plan

- `cargo test`
- `./target/debug/uv pip install --verbose --no-cache-dir --no-deps
--reinstall ddtrace==2.6.2 debugpy==1.8.1 ecdsa==0.18.0
editorconfig==0.12.4 --verbose` in a Python 3.10 Docker contain
repeatedly.
 2024-03-12 03:44:02 +00:00
Charlie Marsh ebca3197dd
Add dedicated error message for direct filesystem paths in requirements (#2369) 
## Summary

This is analogous to #669, but for cases in which the package name is a
filesystem path. In such cases, we'll fail when parsing the _package
name_, since it doesn't start with a valid character, as opposed to
failing when we go to parse the remaining version specifier.

Inspired by https://github.com/astral-sh/uv/issues/2356.
 2024-03-11 18:45:13 -04:00
konsti 0118358835
Remove `Range::bounds` usage (#2363) 
I'm trying to reduce our pubgrub upstream divergences and since we only
have one usage of our custom `Range::bounds` it seems more reasonable to
do this in uv directly than in pubgrub
(https://github.com/pubgrub-rs/pubgrub/pull/188#issuecomment-1989410636).
 2024-03-11 21:10:16 +00:00
Robert Resch 85483e88a4
Add env UV_SYSTEM as alias to --system (#2354) 
## Summary

Add a new env variable `UV_SYSTEM` as alias for the cli argument
`--system`.
Use cases:
- No need to specify on each uv call inside the docker container the
`--system` flag
- It allows installing and configuring uv in a base container and in the
child containers nobody needs to know if you need the `--system` cli
flag
- The Home Assistant development env can be set up via devcontainer or a
venv. Both use some common scripts. Instead of adding duplicate or
special code to identify the dev container to set the `--system` flag,
it would be nicer to set it via an env variable.

I'm unfamiliar with Rust and tried to add the support by looking at the
code.

## Test Plan

I did test it manually
`UV_SYSTEM_PYTHON=true uv pip install requests`
 2024-03-11 20:56:45 +00:00
Charlie Marsh a292817d57
Ignore inverse dependencies when building graph (#2360) 
## Summary

It turns out that when we iterate over the incompatibilities of a
package, PubGrub will _also_ show us the inverse dependencies. I suspect
this was rare, because we have a version check at the bottom... So, this
specifically required that you had some dependency that didn't end up
appearing in the output resolution, but that matched the version
constraints of the package you care about.

In this case, `langchain-community` depends on `langchain-core`. So we
were seeing an incompatibility like:

```rust
FromDependencyOf(Package(PackageName("langchain-community"), None, None), Range { segments: [(Included("0.0.10"), Included("0.0.10")), (Included("0.0.11"), Included("0.0.11"))] }, Package(PackageName("langchain-core"), None, None), Range { segments: [(Included("0.1.8"), Excluded("0.2"))] })
```

Where we were iterating over `langchain-core`, and looking for version
`0.0.11`... which happens to match `langchain-community`.
(`langchain-community was omitted from the resolution; hence, it didn't
exist in the map.)

Closes https://github.com/astral-sh/uv/issues/2358.
 2024-03-11 13:51:42 -04:00
konsti f70ae72874
Add a `-vv` log level and make `-v` more readable (#2301) 
Behind error messages, the debug log is the second most important
resource to finding out what and why went wrong when there was a problem
with uv. It is important to see which paths it has found and how the
decisions in the resolver were made. I'm trying to improve the
experience interacting with the debug log.

The hierarchical layer is verbose and hard to follow, so it's moved to
the `-vv` extra verbose setting, while `-v` works like
`RUST_LOG=uv=debug`.

For installing jupyter with a warm cache:

* Default:
https://gist.github.com/konstin/4de6e466127311c5a5fc2f99c56a8e11
* `-v`: https://gist.github.com/konstin/e7bafe0ec7d07e47ba98a3865ae2ef3e
* `-vv`:
https://gist.github.com/konstin/3ee1aaff37f91cceb6275dd5525f180e
Ideally, we would have `-v`, `-vv` and `-vvv`, but we're lacking the the
`info!` layer for `-v`, so there's only two layers for now.

The `tracing_subcriber` formatter always print the current span, so i
replaced it with a custom formatter.


![image](https://github.com/astral-sh/uv/assets/6826232/75f5cfd1-da7b-432e-b090-2f3916930dd1)

Best read commit-by-commit.
 2024-03-11 08:58:31 +01:00
Charlie Marsh b9b4109ad8
Initialize client lazily for remote requirements files (#2350) 
## Summary

We now initialize an HTTP client in advance for remote requirements
files. It turns out this adds a significant overhead, even for
operations like auditing the environment (at least on macOS).

This PR makes initialization lazy. After a lot of evaluation, I took the
easiest route, which is: we just pass in `Connectivity`, and then use
the default HTTP client. So we won't respect netrc files and anything
else that we get from our registry client. If we want to keep using the
registry client, we _can_, it's just way more ceremony to pass down a
closure.

See: https://github.com/astral-sh/uv/issues/2346.

## Test Plan

- Verified that `cargo run pip compile
https://raw.githubusercontent.com/ansible/ansible/f1ded0f41759235eb15a7d13dbc3c95dce5d5acd/requirements.txt`
completed without error.
- Verified that `cargo run pip compile
https://raw.githubusercontent.com/ansible/ansible/f1ded0f41759235eb15a7d13dbc3c95dce5d5acd/requirements.txt
--offline` failed with an error.
- Verified that `./target/release/uv pip install requests` completed in
0-2ms, rather than hundreds.
 2024-03-11 00:42:38 +00:00
Charlie Marsh d2d12c32bb
Remove `wheel` from default PEP 517 backend (#2341) 
## Summary

This matches the latest `pip` and `build` releases. See:
https://github.com/astral-sh/uv/issues/2313.

Closes https://github.com/astral-sh/uv/issues/2313.
 2024-03-10 19:34:36 -04:00
Charlie Marsh 9566ac9b85
Write relative paths for scripts in data directory (#2348) 
## Summary

In #2000, I shipped a regression whereby we stopped writing relative
paths for scripts within `data` directories. The net effect here is that
we aren't _uninstalling_ binaries in all cases. (This does _not_ apply
to entrypoints, only scripts in `data` directories.)

Closes https://github.com/astral-sh/uv/issues/2330.

## Test Plan

Most Python packages ship entrypoints, not binaries, so I don't know how
to test this cheaply. But I did test it locally by verifying that `uv`
is now removed from the `bin` directory after an uninstall.
 2024-03-10 23:02:02 +00:00
Charlie Marsh ec83151666
Remove unnnecesary Windows stack size changes (#2345) 
This is already set by `command`.
 2024-03-10 15:21:55 -04:00
Charlie Marsh bb2d06cbb2
Bump version to v0.1.17 (#2344) 2024-03-10 15:07:11 -04:00
konsti 7825a53d21
install_extra_index_url_has_priority without exclude newer (#2340) 
Manual synthesis of #2337 and #2339, i think one accidentally reverted
the other?

No rush in merging, CI is green.
 2024-03-10 19:03:07 +00:00
Charlie Marsh a267a501b6
Add `Seek` fallback for zip files (#2320) 
## Summary

Some zip files can't be streamed; in particular, `rs-async-zip` doesn't
support data descriptors right now (though it may in the future). This
PR adds a fallback path for such zips that downloads the entire zip file
to disk, then unzips it from disk (which gives us `Seek`).

Closes https://github.com/astral-sh/uv/issues/2216.

## Test Plan

`cargo run pip install --extra-index-url https://buf.build/gen/python
hashb_foxglove_protocolbuffers_python==25.3.0.1.20240226043130+465630478360
--force-reinstall -n`
 2024-03-10 11:39:28 -04:00
Charlie Marsh 67fb023f10
Avoid duplicating authorization header with netrc (#2325) 
## Summary

The netrc middleware we added in
https://github.com/astral-sh/uv/pull/2241 has a slight problem. If you
include credentials in your index URL, _and_ in the netrc file, the
crate blindly adds the netrc credentials as a header. And given the
`ReqwestBuilder` API, this means you end up with _two_ `Authorization`
headers, which always leads to an invalid request, though the exact
failure can take different forms.

This PR removes the middleware crate in favor of our own middleware.
Instead of using the `RequestInitialiser` API, we have to use the
`Middleware` API, so that we can remove the header on the request
itself.

Closes https://github.com/astral-sh/uv/issues/2323.

## Test Plan

- Verified that running against a private index with credentials in the
URL (but no netrc file) worked without error.
- Verified that running against a private index with credentials in the
netrc file (but not the URL) worked without error.
- Verified that running against a private index with a mix of
credentials in both _also_ worked without error.
 2024-03-10 15:02:24 +00:00
Charlie Marsh 7fc8087583
Use helpers in all editable tests (#2339) 
## Summary

Improves consistency and helps with the kinds of failures seen in
https://github.com/astral-sh/uv/pull/2320.
 2024-03-10 14:59:07 +00:00
Charlie Marsh be00b5b7b7
Remove duplicate `INSTALLER` in `RECORD` (#2336) 
## Summary

We write this a few lines down with a value passed in by the caller. I
suspect I missed that this was already here (with a less accurate value)
when adding `INSTALLER`.
 2024-03-10 13:52:06 +00:00
Charlie Marsh 7978492122
Update `install_extra_index_url_has_priority` to avoid packaging breakage (#2337) 
`packaging==24.0` came out which broke this test. It has to run without
`--exclude-newer` since it's testing an index that doesn't support it.
Instead, though, we can just disable dependencies, since the test still
exercises the same logic.
 2024-03-10 13:50:19 +00:00
konsti 262ca8b576
Rename and document venv discoveries (#2334) 
Preparing for #2058, i found it hard to follow where which discovery
function gets called. I moved all the discovery functions to a
`find_python` module (some exposed through `PythonEnvironment`) and
documented which subcommand uses which python discovery strategy.

No functional changes.

![new uv-virtualenv docs
page](https://github.com/astral-sh/uv/assets/6826232/cd56df8a-754d-4640-9e7a-e1f9baf6441c)
 2024-03-10 13:44:50 +00:00
konsti 73b30ba8ed
Fix failing install_extra_index_url_has_priority test (#2335) 
`install_extra_index_url_has_priority` started failing because
`packaging` had a new release. I'm not sure if this preserves the index
order check as intended, but it does unblock CI.
 2024-03-10 14:35:16 +01:00
Charlie Marsh 6dcd00e031
Move wheel download into a shared method (#2324) 
## Summary

No behavioral changes; just taking code that's duplicated between two
branches in `distribution_database.rs` and pulling it into its own
method.
 2024-03-09 22:40:00 -05:00
Charlie Marsh 6866a55f20
Add `Accept-Encoding: identity` to remaining stream paths (#2321) 
## Summary

Like #2319, there are a few other places where we attempt to stream a
file.
 2024-03-10 02:42:53 +00:00
Charlie Marsh a9c00024a7
Move `Error` methods off of `ErrorKind` (#2322) 
## Summary

Using `ErrorKind` is leaking an abstraction, since this only exists
(IIUC) to box the variant.
 2024-03-10 02:42:23 +00:00
Jonathon Belotti e16140a849
Address #2220 (slow download perf against PyPi mirror) (#2319) 
## Summary

Addressing the extremely slow performance detailed in
https://github.com/astral-sh/uv/issues/2220. There are two changes to
increase download performance:

1. setting `accept-encoding: identity`, in the spirit of
https://github.com/pypa/pip/pull/1688
2. increasing buffer from 8KiB to 128KiB. 

### 1. accept-encoding: identity

I think this related `pip` PR has a good explanation of what's going on:
https://github.com/pypa/pip/pull/1688

```
  # We use Accept-Encoding: identity here because requests
  # defaults to accepting compressed responses. This breaks in
  # a variety of ways depending on how the server is configured.
  # - Some servers will notice that the file isn't a compressible
  #   file and will leave the file alone and with an empty
  #   Content-Encoding
  # - Some servers will notice that the file is already
  #   compressed and will leave the file alone and will add a
  #   Content-Encoding: gzip header
  # - Some servers won't notice anything at all and will take
  #   a file that's already been compressed and compress it again
  #   and set the Content-Encoding: gzip header
```

The `files.pythonhosted.org` server is the 1st kind. Example debug log I
added in `uv` when installing against PyPI:

<img width="1459" alt="image"
src="https://github.com/astral-sh/uv/assets/12058921/ef10d758-46aa-4c8e-9dba-47f33437401b">

(there is no `content-encoding` header in this response, the `whl`
hasn't been compressed, and there is a content-length header)

Our internal mirror is the third case. It does seem sensible that our
mirror should be modified to act like the 1st kind. But `uv` should
handle all three cases like `pip` does.

### 2. buffer increase

In https://github.com/astral-sh/uv/issues/2220 I observed that `pip`'s
downloading was causing up-to 128KiB flushes in our mirror.

After fix 1, `uv` was still only causing up-to 8KiB flushes, and was
slower to download than `pip`. Increasing this buffer from the default
8KiB led to a download performance improvement against our mirror and
the expected observed 128KiB flushes.

## Test Plan

Ran benchmarking as instructed by @charliermarsh 

<img width="1447" alt="image"
src="https://github.com/astral-sh/uv/assets/12058921/840d9c8d-4b98-4bfa-89f3-073a2dec1f23">

No performance improvement or regression.
 2024-03-09 19:49:29 -05:00
Charlie Marsh a9a211a407
Document the environment variables that uv respects (#2318) 
Closes https://github.com/astral-sh/uv/issues/2303.
 2024-03-10 00:47:46 +00:00
Charlie Marsh f7f6453287
Communicate PEP 517 hook results via files (#2314) 
## Summary

In #1813, we were failing to install `scikit-image==0.19.3` from source
in Python 3.11. Confusingly, though, the trace showed that the build
command exited with status 0...

The issue is that we get results from the PEP 517 hooks by reading from
`stdout` -- that is, we `print` at the end of the script, and parse the
printed output on the other side.

It turns out that for `scikit-image`, in this case, there was output
_after_ the wheel filename:

```
...
no previously-included directories found matching 'doc/gh-pages'
adding license file 'LICENSE.txt'
writing manifest file 'scikit_image.egg-info/SOURCES.txt'
Copying scikit_image.egg-info to build/bdist.macosx-12.6-arm64/wheel/scikit_image-0.19.3-py3.11.egg-info
running install_scripts
scikit_image-0.19.3-cp311-cp311-macosx_14_0_arm64.whl
INFO:
########### EXT COMPILER OPTIMIZATION ###########
INFO: Platform      :
  Architecture: aarch64
  Compiler    : clang

CPU baseline  :
  Requested   : 'min'
  Enabled     : NEON NEON_FP16 NEON_VFPV4 ASIMD
  Flags       : none
  Extra checks: none

CPU dispatch  :
  Requested   : 'max -xop -fma4'
  Enabled     : ASIMDHP ASIMDDP ASIMDFHM
  Generated   : none
INFO: CCompilerOpt.cache_flush[864] : write cache to path -> /private/var/folders/nt/6gf2v7_s3k13zq_t3944rwz40000gn/T/.tmp5ZPIbv/built-wheels-v0/pypi/scikit-image/0.19.3/hLW_f7wWeGDOPRlSazQXw/scikit-image-0.19.3.tar.gz/build/temp.macosx-12.6-arm64-3.11/ccompiler_opt_cache_ext.py
```

We need the `scikit_image-0.19.3-cp311-cp311-macosx_14_0_arm64.whl`
line, but we were failing to find it due to all the extra output at the
end (presumedly, some kind of `atexit` logging).

This PR modifies the hooks to instead write their results to files that
are passed in by the parent. On the other end, we then read the results
back from disk. This makes it much more robust to "other" output in the
script.

Closes https://github.com/astral-sh/uv/issues/1813.

## Test Plan

Ran `cargo run pip install scikit-image==0.19.3 --reinstall
--no-cache-dir` on Python 3.11.
 2024-03-09 06:49:57 -05:00
Charlie Marsh 9e2d155e9e
Add a custom suggestion to install wheel into the build environment (#2307) 
Closes https://github.com/astral-sh/uv/issues/2306.
 2024-03-08 21:00:39 +00:00
Charlie Marsh ff62fe2c0b
Avoid using setuptools shim of distutils (#2305) 
## Summary

It turns out that setuptools includes a shim to patch distutils. I'll
admit that I don't fully understand why or how it's different, but this
is the trick `pip` uses to ensure that it gets the "original" distutils.

We actually use distutils in two places: once for the system Python
scheme, and once for virtual environments. In virtualenv, they _do_ use
the patched distutils, so this could deviate in ways I don't understand.

Closes #2302.
 2024-03-08 14:53:49 -05:00
Zanie Blue 10c4effbd3
Refactor incompatiblity tracking for distributions (#1298) 
Extends the "compatibility" types introduced in #1293 to apply to source
distributions as well as wheels.

- We now track the most-relevant incompatible source distribution
- Exclude newer, Python requirements, and yanked versions are all
tracked as incompatibilities in the new model (this lets us remove
`DistMetadata`!)
 2024-03-08 11:02:31 -06:00
wim glenn 1181aa9be4
Added ability to select bytecode invalidation mode of generated .pyc (#2297) 
Since Python 3.7, deterministic pycs are possible (see [PEP
552](https://peps.python.org/pep-0552/))
To select the bytecode invalidation mode explicitly by env var:

    PYC_INVALIDATION_MODE=UNCHECKED_HASH uv pip install --compile ...

Valid values are TIMESTAMP (default), CHECKED_HASH, and UNCHECKED_HASH.
The latter options are useful for reproducible builds.

---------

Co-authored-by: konstin <konstin@mailbox.org>
 2024-03-08 17:55:42 +01:00
Charlie Marsh 2e9678e5d3
Add support for Metadata 2.2 (#2293) 
## Summary

PyPI now supports Metadata 2.2, which means distributions with Metadata
2.2-compliant metadata will start to appear. The upside is that if a
source distribution includes a `PKG-INFO` file with (1) a metadata
version of 2.2 or greater, and (2) no dynamic fields (at least, of the
fields we rely on), we can read the metadata from the `PKG-INFO` file
directly rather than running _any_ of the PEP 517 build hooks.

Closes https://github.com/astral-sh/uv/issues/2009.
 2024-03-08 16:02:32 +00:00
Andrew Gallant 41c911fc41 uv-fs: fix Windows path literals 
This was causing `cargo test --doc` to fail for me locally.
 2024-03-08 09:10:14 -05:00
Andrew Gallant b3b5afaf78 uv-fs: transparently support reading UTF-16 files 
This PR tweaks uv to support reading `requirements.txt` regardless of
whether it is encoded as UTF-8 or UTF-16. This is particularly relevant
on Windows where `uv pip freeze > requirements.txt` will likely write a
UTF-16 encoded `requirements.txt` file.

There is some discussion on #1666 where it's suggested that perhaps
we should explicitly not support this. I didn't see that until I
had already put this PR together, but even so, I think it's worth
considering this. UTF-16 is predominant on Windows. It is very easy
to produce a UTF-16 encoded file. Moreover, there is an easy and well
specified way to recognize and transcode UTF-16 encoded data to UTF-8.

I think the downside of this is that it could encourage the use UTF-16
encoded `requirements.txt` files *in addition* to UTF-8 encoded
files, and it would probably be nice to converge and standardize on
one encoding. One possible alternative to this PR is that we provide
a better error message. Another alternative is to ensure that a
`-o/--output` flag exists for all commands (neither `uv pip freeze` nor
`pip freeze` have such a flag) so that users can always write output
to a file without relying on their environment's piping behavior.
(Although this last alternative seems a little sad to me.)

It's also worth noting the [PEP-0508] doesn't seem to mention file
encoding at all. So I think from a "do the standards allow this"
perspective, this change is OK.

Finally, `pip` itself seems to work with UTF-16 encoded
`requirements.txt` files.

I think I personally overall lean towards supporting UTF-16 for
`requirements.txt` files. In part because I think it smoothes out the
UX a little bit, in part because there is no obvious specification
(that I'm aware of) that mandates that these files are UTF-8, and
finally in part because `pip` supports it too.

Fixes #1666, Fixes #2276

[PEP-0508]: https://peps.python.org/pep-0508/
 2024-03-08 09:10:14 -05:00
Zhan Rongrui ef806dcb6e
🧹 chore: refactor pip_list function to trim end of joined elements (#2298) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary
refactor pip_list function to trim end of joined elements

fixed: https://github.com/astral-sh/uv/issues/2296


<!-- How was it tested? -->
 2024-03-08 08:53:29 +00:00
Charlie Marsh 8a807094e9
Encapsulate header parsing for metadata files (#2295) 2024-03-08 03:59:53 +00:00
Charlie Marsh 26f6919465
Move source distribution unpacking out of `build` (#2294) 
## Summary

If a user provides a source distribution via a direct path, it can
either be an archive (like a `.tar.gz` or `.zip` file) or a directory.
If the former, we need to extract (e.g., unzip) the contents at some
point. Previously, this extraction was in `uv-build`; this PR lifts it
up to the distribution database.

The first benefit here is that various methods that take the
distribution are now simpler, as they can assume a directory.

The second benefit is that we no longer extract _multiple times_ when
working with a source distribution. (Previously, if we tried to get the
metadata, then fell back and built the wheel, we'd extract the wheel
_twice_.)
 2024-03-08 03:40:11 +00:00
Charlie Marsh f15af6771a
Allow more-precise Git URLs to override less-precise Git URLs (#2285) 
## Summary

This PR removes the URL conflict errors when the output of a `uv pip
compile` is used as a constraint to a subsequent `uv pip compile`.

If you run `uv pip compile`, the output file will contain your Git
dependencies, but pinned to a specific commit, like:

```
git+https://github.com/pallets/werkzeug@32e69512134c2f8183c6438b2b2e13fd24e9d19f
```

If you then use the output as a constraint to a subsequent resolution
(e.g., perhaps you require
`git+https://github.com/pallets/werkzeug@main`), we currently fail. I
think this is a reasonable workflow to support when all of these
requirements are coming from _your own_ dependencies. So we now assume
when resolving that the former is a more precise variant of the latter.

Closes https://github.com/astral-sh/uv/issues/1903.

Closes https://github.com/astral-sh/uv/issues/2266.

## Test Plan

`cargo test`
 2024-03-07 18:47:31 -05:00
Charlie Marsh 9f1452cb72
Bump version to v0.1.16 (#2289) 2024-03-07 18:12:18 -05:00
Charlie Marsh f1e8b6433a
Address review feedback on reparse points (#2288) 
See: https://github.com/astral-sh/uv/pull/2284
 2024-03-07 16:49:27 -05:00
Charlie Marsh 996a859b29
Use reparse points to detect Windows installer shims (#2284) 
## Summary

This PR enables use of the Windows Store Pythons even with `py` is not
installed. Specifically, we need to ensure that the `python.exe` and
`python3.exe` executables installed into the
`C:\Users\crmar\AppData\Local\Microsoft\WindowsApp` directory _are_ used
when they're not "App execution aliases" (which merely open the Windows
Store, to help you install Python).

When `py` is installed, this isn't strictly necessary, since the
"resolved" executables are discovered via `py`. These look like
`C:\Users\crmar\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.11_qbs5n2kfra8p0\python.exe`.

Closes https://github.com/astral-sh/uv/issues/2264.

## Test Plan

- Removed all Python installations from my Windows machine.
- Uninstalled `py`.
- Enabled "App execution aliases".
- Verified that for both `cargo run venv --python python.exe` and `cargo
run venv --python python3.exe`, `uv` exited with a failure that no
Python could be found.
- Installed Python 3.10 via the Windows Store.
- Verified that the above commands succeeded without error.
- Verified that `cargo run venv --python python3.10.exe` _also_
succeeded.
 2024-03-07 15:47:32 -05:00
Zanie Blue fd03362520
Use released packse for scenario updates (#2256) 
- Now that `packse` is being published to PyPI we can install it from
there.
- Tweaks the tooling around scenario updates to manage a temporary
virtual environment for you.
- Makes use of a new index URL
- Includes local version segment scenarios (supersedes
https://github.com/astral-sh/uv/pull/2022)
 2024-03-07 11:40:54 -06:00
Charlie Marsh b3ac0e30ec
Add Conda tests to `system-install.yml` (#2281) 
Closes https://github.com/astral-sh/uv/issues/2280.
 2024-03-07 11:44:19 -05:00
konsti 54311c8664
Retry on python interpreter launch failures (#2278) 
Sometimes, the first time we read from the stdout of the bytecode
compiler python subprocess, we get an empty string back (no newline). If
we try to write to stdin, it will often be a broken pipe (#2245). After
we got an empty string the first time, we will get the same empty string
if we read a line again.

The details of this behavior are mysterious to me, but it seems that it
can be identified by the first empty string. We check by inserting
starting with a `Ready` message on the Python side. When we encounter
the broken state, we discard the interpreter and try again.

We have to introduce a third timeout check for the interpreter launch
itself.

Minimized test script:

```bash
#!/usr/bin/env bash

set -euo pipefail

while true; do
  date --iso-8601=seconds # Progress indicator
  rm -rf testenv
  target/profiling/uv venv testenv -q --python 3.12
  VIRTUAL_ENV=$PWD/testenv target/profiling/uv pip install -q --compile wheel==0.42.0
done
```

Run as

```
cargo build --profile profiling && bash compile_bug.sh
```

Fixes #2245
 2024-03-07 16:07:58 +01:00
Charlie Marsh c3cd550a7a
Fix Conda Python detection on Windows (#2279) 
## Summary

In #2102, I did some refactor, and changed a method to return the Python
executable path rather than the parent directory path. But I missed this
one codepath for Conda on Windows.

Closes https://github.com/astral-sh/uv/issues/2269.

## Test Plan

- Installed micromamba on my Windows machine.
- Reproduced the failure in the linked issue.
- Verified that `python.exe` exists at `${CONDA_PREFIX}\python.exe`.
- Ran with this change; installed successfully.
 2024-03-07 14:45:09 +00:00
Charlie Marsh 4796927c4c
Prefer more recent minor versions in wheel tags (#2263) 
## Summary

In the list of tags produced by `Tags::from_env`, higher-priority tags
are expected to come earlier in the list. Right now, though, we push
tags like `py38` before `py312`. So if you run `cargo run pip install
multiprocess -n --reinstall --verbose` on Python 3.12, you get the
`py38` wheel rather than the `py32` wheel.

Closes https://github.com/astral-sh/uv/issues/2261.
 2024-03-07 14:04:54 +00:00
Charlie Marsh 5ae5980c88
Add support for `--no-build-isolation` (#2258) 
## Summary

This PR adds support for pip's `--no-build-isolation`. When enabled,
build requirements won't be installed during PEP 517-style builds, but
the source environment _will_ be used when executing the build steps
themselves.

Closes https://github.com/astral-sh/uv/issues/1715.
 2024-03-07 14:04:02 +00:00
konsti d249574a47
Use insta in pep508_rs (#2275) 
Quality of life improvement that aligns pep508_rs with the rest of our
testing.
 2024-03-07 08:54:05 -05:00
konsti de0109169d
Fix uv tokio extra, part 2 (#2274) 
Follow to #2272 by adding the tokio gate to `read_to_string`.
 2024-03-07 12:27:37 +00:00
konsti 953a13f12e
Fix parsing requirement where a variable follows an operator without a space (#2273) 
Fix parsing `pytest;'4.0'>=python_version`, where previously the
operator and the variable were incorrectly tokenized as one invalid
operator.

Fixes #2247
 2024-03-07 12:22:16 +00:00
konsti 85042308a1
Fix uv-fs extras by removing dead code (#2272) 
Running the pep508_rs tests was failing due to uv-fs depending on
`fs_err::tokio` even when not selected. But the function that used it is
unused anyway, so i removed it.
 2024-03-07 12:16:29 +00:00
Charlie Marsh 59f4639863
Close `RECORD` after reading entries during uninstall (#2259) 
## Summary

It turns out that by keeping the `RECORD` file open, older versions of
Windows mark it for deletion, but don't allow it to be deleted until
it's closed. As such, we end up leaving the `.dist-info` directory
around, since it appears non-empty; but once the program terminates, we
_do_ delete `RECORD`, leaving it empty. This then creates the impression
that a package exists where it does not.

Closes https://github.com/astral-sh/uv/issues/2074.
 2024-03-07 04:35:22 +00:00
Charlie Marsh b061db094d
Cache wheel metadata in no-PEP 658 fallback (#2255) 
## Summary

If we fallback to streaming the wheel (because the registry doesn't
support range requests), we currently don't cache the metadata at all.
This PR fixes that, ensuring that we cache based on the same HTTP
policies, etc.
 2024-03-06 19:46:24 -05:00
Charlie Marsh 2305998669
Fallback to fresh request on non-validating 304 (#2218) 
## Summary

We're seeing reports that Sonatype Nexus isn't working with cached data.
Users are reporting 304 responses that show "Found modified response..."
path in the logs. I can't reproduce this on latest Sonatype Nexus, but
my best guess is that there's a 304 response that is failing our
validators, and we try to use that as if it's a "complete" response?

Closes https://github.com/astral-sh/uv/issues/1754.
 2024-03-06 22:51:03 +00:00
Charlie Marsh e7d126e80c
Allow `UV_PRERELEASE` to be set via environment variable (#2240) 
## Summary

This is useful as it tends to be "system-wide" configuration, and
configuration that differs from pip. See
https://github.com/astral-sh/uv/issues/1641#issuecomment-1980934954.
 2024-03-06 16:34:12 -05:00
Bas Schoenmaeckers e7742070c1
feat: Add netrc authentication to uv-client (#2241) 
## Summary

Add netrc support to the uv-client.

closes #1405 

## Test Plan

I've added a corresponding test case to validate the correct header.
Furthermore a tested it against a real world private repository.
 2024-03-06 20:48:30 +00:00
Charlie Marsh a5d5e99496
Implement `--break-system-packages` (#2249) 
## Summary

Per the
[`EXTERNALLY-MANAGED`](https://packaging.python.org/en/latest/specifications/externally-managed-environments/)
spec, installers SHOULD add a `--break-system-packages` flag to allow
users to override the package manager warnings raised by
`EXTERNALLY-MANAGED`. This PR adds the flag to comply with the spec, and
enable system Python installs on newer versions of certain
distributions.

While this flag feels kind of bad, it's not necessarily a change in
behavior. We _already_ allow installing into these system distributions
-- it's just that `EXTERNALLY-MANAGED` doesn't exist for distributions
that were packaged prior to the spec, so we don't run into this problem.

Closes https://github.com/astral-sh/uv/issues/2234.
 2024-03-06 15:37:28 -05:00
Charlie Marsh 65e1005bfa
Stop exposing `client_raw` (#2250) 
## Summary

This is no longer necessary as `AsyncHttpRangeReader` now accepts
`ClientWithMiddleware` -- which is good, because it means all relevant
middleware will be enforced (like offline, or `.netrc` in the future).
 2024-03-06 15:37:19 -05:00
Michał Górny c6af78d153
test: pip_list: Fix replacement pattern computation (#2237) 
## Summary

Fix computing replacements pattern for pip_list tests to count
characters in the original directory string rather than the
regex::escape'd string. The latter yields incorrect results if the
workspace path contains characters such as `-` or `.`.

Fixes #2232

## Test Plan

`cargo test --test pip_list` in a directory named `uv-test` to provoke
the bug.
 2024-03-06 08:32:07 -05:00
Charlie Marsh 3ca777673f
Make `Client` optional in `requirements-txt` (#2229) 2024-03-06 05:49:09 +00:00
jannisko 71626e8dec
Support remote `https://` requirements files (#1332) (#2081) 
## Summary

Allow using http(s) urls for constraints and requirements files handed
to the CLI, by handling paths starting with `http://` or `https://`
differently. This allows commands for such as: `uv pip install -c
https://raw.githubusercontent.com/apache/airflow/constraints-2.8.1/constraints-3.8.txt
requests`.

closes #1332

## Test Plan

Testing install using a `constraints.txt` file hosted on github in the
airflow repository:

fbdc2eba8e/crates/uv/tests/pip_install.rs (L1440-L1484)

## Advice Needed

- filesystem/http dispatch is implemented at a relatively low level (at
`crates/uv-fs/src/lib.rs#read_to_string`). Should I change some naming
here so it is obvious that the function is able to dispatch?
- I kept the CLI argument for -c and -r as a PathBuf, even though now it
is technically either a path or a url. We could either keep this as is
for now, or implement a new enum for this case? The enum could then
handle dispatch to files/http.
- Using another abstraction layer like
https://docs.rs/object_store/latest/object_store/ for the
files/urls/[s3] could work as well, though I ran into a bug during
testing which I couldn't debug
 2024-03-06 04:18:11 +00:00
samypr100 2ebcef9ad8
feat: cmd.exe detection heuristic (#2226) 
## Summary

Follow up from discussion in https://github.com/astral-sh/uv/pull/2223

Detect CMD.exe by checking if `PROMPT` env var is set on windows,
otherwise assume it's PowerShell.

Note, this will not work if user modifies their system env vars to
include `PROMPT` by default or if they launch nested PowerShell from
Command Prompt (e.g. `Developer PowerShell for VS 2022`).

## Test Plan

Only tested locally, although we try to add some CI tests that
specifically use CMD.exe

Command Prompt
```
Microsoft Windows [Version 10.0.19044.3086]
(c) Microsoft Corporation. All rights reserved.

Z:\Users\samypr100\dev\uv>Z:\Users\samypr100\.cargo\bin\cargo.exe +stable run --color=always -- venv "Foo Bar"
    Finished dev [unoptimized + debuginfo] target(s) in 0.69s
     Running `target\debug\uv.exe venv "Foo Bar"`
Using Python 3.12.2 interpreter at: Z:\Users\samypr100\AppData\Local\Programs\Python\Python312\python.exe
Creating virtualenv at: Foo Bar
Activate with: "Foo Bar\Scripts\activate"
```

Power Shell
```
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

Try the new cross-platform PowerShell https://aka.ms/pscore6

PS Z:\Users\samypr100\dev\uv>Z:\Users\samypr100\.cargo\bin\cargo.exe +stable run --color=always -- venv "Foo Bar"
    Finished dev [unoptimized + debuginfo] target(s) in 0.63s
     Running `target\debug\uv.exe venv "Foo Bar"`
Using Python 3.12.2 interpreter at: Z:\Users\samypr100\AppData\Local\Programs\Python\Python312\python.exe
Creating virtualenv at: Foo Bar
Activate with: & "Foo Bar\Scripts\activate"
```
 2024-03-06 03:29:50 +00:00
Charlie Marsh 511e32e406
Add `.stdout()` and `.stderr()` outputs to `Printer` (#2227) 
## Summary

This adds a `.stdout()` stream to `Printer`, so that it automatically
respects `--quiet`.

Motivated by
https://github.com/astral-sh/uv/pull/2115/files#r1513753101.
 2024-03-06 03:22:00 +00:00
Chan Kang 395be442fc
Implement `uv pip show` (#2115) 
## Summary
Implementation for https://github.com/astral-sh/uv/issues/1594
The output will contain only the name, version and location of the
packages for now but it should be extendable to include other
information in the future.

Quite inexperienced with Rust, so please forgive me if there are things
that obviously don't make sense 😭

## Test Plan
Added a bunch of unit tests. The exit code behavior matches `pip`'s
behavior:
- When the package is found -> exit code 0
- When the package isn't found -> exit code 1
- When one package is found but another isn't -> exit code 0
 2024-03-06 03:08:13 +00:00
Charlie Marsh 30bc16a3c1
Minor internal refactors `list` (#2224) 2024-03-06 01:54:21 +00:00
Simon Brugman 190a161cc5
Support for `--format=freeze` and `--format=json` in `uv pip list` (#1998) 
Implements `pip list --format=freeze` and `pip list --format=json`

Closes https://github.com/astral-sh/uv/issues/1970

## Test Plan

Extended existing `pip list` tests to match output.
Need to look at escaping in the Windows test 🪟
 2024-03-06 01:46:13 +00:00
konsti df06069922
Include exit code for build failures (#2108) 
`uv pip install mysqlclient==2.1.1` on python 3.12 on windows, where the
are no binary wheels:

![grafik](https://github.com/astral-sh/uv/assets/6826232/31f6294a-d845-4c85-b663-82a82ae925a6)

Part of #2052.
 2024-03-06 01:05:50 +00:00
Charlie Marsh 65518c9c58
Escape Windows paths with spaces in `venv` activation command (#2223) 
## Summary

Ensure that we print `& "foo bar\Scripts\activate"` if necessary.
 2024-03-05 18:11:41 -05:00
Charlie Marsh 9f1bb4dee2
Show appropriate activation command based on shell detection (#2221) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2174.

## Test Plan

On Nushell:

```
(uv) ~/workspace/uv> cargo run venv                                                                                                                                                                                      
Using Python 3.12.0 interpreter at: /Users/crmarsh/workspace/uv/.venv/bin/python3
Creating virtualenv at: .venv
Activate with: overlay use .venv/bin/activate.nu
```

On Bash:

```
❯ cargo run venv "foo bar"
Using Python 3.12.0 interpreter at: /Users/crmarsh/.local/share/rtx/installs/python/3.12.0/bin/python3
Creating virtualenv at: foo bar
Activate with: source 'foo bar/bin/activate'
```
 2024-03-05 17:28:17 -05:00
Charlie Marsh 9e41f73e41
Respect non-`sysconfig`-based system Pythons (#2193) 
## Summary

`pip` uses `sysconfig` for Python 3.10 and later by default; however, it
falls back to `distutils` for earlier Python versions, and distros can
actually tell `pip` to continue falling back to `distutils` via the
`_PIP_USE_SYSCONFIG` variable.

By _always_ using `sysconfig`, we're doing the wrong then when
installing into some system Pythons, e.g., on Debian prior to Python
3.10.

This PR modifies our logic to mirror `pip` exactly, which is what's been
recommended to me as the right thing to do.

Closes https://github.com/astral-sh/uv/issues/2113.

## Test Plan

Most notably, the new Debian tests pass here (which fail on main:
https://github.com/astral-sh/uv/pull/2144).

I also added Pyston as a second stress-test.
 2024-03-05 21:23:35 +00:00
Charlie Marsh 0f6fc117c1
Query interpreter to determine correct `virtualenv` paths (#2188) 
## Summary

This PR migrates our virtualenv creation from a setup that assumes prior
knowledge of the correct paths, to a technique borrowed from
`virtualenv` whereby we use `sysconfig` and `distutils` to determine the
paths. The general trick is to grab the expected paths with `sysconfig`,
then make them all relative, then make them absolute for a given
directory.

Closes #2095.
Closes #2153.
 2024-03-05 16:13:24 -05:00
Charlie Marsh 043d72646d
Bump version to v0.1.15 (#2217) 2024-03-05 14:47:10 -05:00
Charlie Marsh 34acfe4ac6
Respect `py --list-paths` fallback in `--python python3` invocations (#2214) 
## Summary

This makes `--python python3` and `--python 3.10` more consistent on
Windows.

Closes https://github.com/astral-sh/uv/issues/2213.

## Test Plan

Ran `cargo run venv --python python3.12` with the Windows Store Python.
 2024-03-05 19:28:24 +00:00
Charlie Marsh aeb80e345b
HTML-decode URLs in HTML indexes (#2215) 
## Summary

If the index lists a URL like
`https://buf.build/gen/python/hashb-foxglove-protocolbuffers-python/hashb_foxglove_protocolbuffers_python-25.3.0.1.20240226043130&#43;465630478360-py3-none-any.whl`,
we need to decode that to
`https://buf.build/gen/python/hashb-foxglove-protocolbuffers-python/hashb_foxglove_protocolbuffers_python-25.3.0.1.20240226043130+465630478360-py3-none-any.whl`.

Closes https://github.com/astral-sh/uv/issues/2202.
 2024-03-05 19:26:54 +00:00
Charlie Marsh 01ebaef4e7
Avoid Windows Store shims in `--python python3`-like invocations (#2212) 
## Summary

We have logic in `python_query.rs` to filter out Windows Store shims
when you use invocations like `-p 3.10`, but not `--python python3`,
which is uncommon but allowed on Windows.

Closes #2211.
 2024-03-05 13:47:38 -05:00
Charlie Marsh cf94df7cb9
Expand Windows shim detection to include `python3.12.exe` (#2209) 
## Summary

Our Windows shim detection wasn't catching shims like `python3.12.exe`.

Closes #2208.

## Test Plan

Installed Python 3.12 via the Windows Store; verified that `cargo run
venv --python 3.12` failed before but passes after this change.
 2024-03-05 13:25:05 -05:00
Charlie Marsh 8620b5a52f
Make direct dependency detection respect markers (#2207) 
## Summary

When determining "direct" dependencies, we need to ensure that we
respect markers. In the linked issue, the user had an optional
dependency like:

```toml
[project.optional-dependencies]
dev = [
  "setuptools>=64",
  "setuptools_scm>=8"
]
```

By not respecting markers, we tried to resolve `setuptools` to the
lowest-available version. However, since `setuptools>=64` _isn't_
enabled (since it's optional), we won't respect _that_ constraint.

To be consistent, we need to omit optional dependencies just as we will
at resolution time.

Closes https://github.com/astral-sh/uv/issues/2203.

## Test Plan

`cargo test`
 2024-03-05 17:25:06 +00:00
Charlie Marsh 7f07ada24c
Allow direct URLs in optional dependencies in editables (#2206) 
See the additional test, which fails on `main`.
 2024-03-05 11:57:55 -05:00
Charlie Marsh fc55cb9a3c
Respect nested editable requirements in parser (#2204) 
Closes https://github.com/astral-sh/uv/issues/2198.
 2024-03-05 16:47:37 +00:00
konsti 0924185a7f
Only use compile timeout for critical section (#2199) 
Follow-up to #2086: Don't use timeouts for the entire workers, but only
for the section that's about communicating with the (potentially broken)
`python` subprocess. I've also raised the timeout to 60s.
 2024-03-05 17:20:04 +01:00
Charlie Marsh 0bc047866d
Error when editables don't match `Requires-Python` (#2194) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2192.

## Test Plan

(Needs tests.)
 2024-03-04 23:20:42 -05:00
konsti 2a53e789b0
Add an option to bytecode compile during installation (#2086) 
Add a `--compile` option to `pip install` and `pip sync`.

I chose to implement this as a separate pass over the entire venv. If we
wanted to compile during installation, we'd have to make sure that
writing is exclusive, to avoid concurrent processes writing broken
`.pyc` files. Additionally, this ensures that the entire site-packages
are bytecode compiled, even if there are packages that aren't from this
`uv` invocation. The disadvantage is that we do not update RECORD and
rely on this comment from [PEP 491](https://peps.python.org/pep-0491/):

> Uninstallers should be smart enough to remove .pyc even if it is not
mentioned in RECORD.

If this is a problem we can change it to run during installation and
write RECORD entries.

Internally, this is implemented as an async work-stealing subprocess
worker pool. The producer is a directory traversal over site-packages,
sending each `.py` file to a bounded async FIFO queue/channel. Each
worker has a long-running python process. It pops the queue to get a
single path (or exists if the channel is closed), then sends it to
stdin, waits until it's informed that the compilation is done through a
line on stdout, and repeat. This is fast, e.g. installing `jupyter
plotly` on Python 3.12 it processes 15876 files in 319ms with 32 threads
(vs. 3.8s with a single core). The python processes internally calls
`compileall.compile_file`, the same as pip.

Like pip, we ignore and silence all compilation errors
(https://github.com/astral-sh/uv/issues/1559). There is a 10s timeout to
handle the case when the workers got stuck. For the reviewers, please
check if i missed any spots where we could deadlock, this is the hardest
part of this PR.

I've added `uv-dev compile <dir>` and `uv-dev clear-compile <dir>`
commands, mainly for my own benchmarking. I don't want to expose them in
`uv`, they almost certainly not the correct workflow and we don't want
to support them.

Fixes #1788
Closes #1559
Closes #1928
 2024-03-05 03:35:24 +00:00
Charlie Marsh 93b1395daa
Fallback to non-range requests when HEAD returns 404 (#2186) 
## Summary

We have at least one reported case of this happening. It's preferable
IMO to move on rather than fail hard despite sub-pbar registry behavior.

Closes https://github.com/astral-sh/uv/issues/2099.
 2024-03-04 22:18:49 -05:00
dependabot[bot] e66afa8767
Bump insta from 1.35.1 to 1.36.1 (#2180) 2024-03-04 23:01:49 +00:00
dependabot[bot] 5aedcffdf0
Bump log from 0.4.20 to 0.4.21 (#2178) 2024-03-04 16:16:20 -06:00
Charlie Marsh fbe043b093
Respect markers on URL dependencies in editables (#2176) 
Closes https://github.com/astral-sh/uv/issues/2172.
 2024-03-04 22:09:08 +00:00
Charlie Marsh 70143b8626
Run Windows against Python 3.13 (#2171) 
## Summary

In Python 3.13, at least in the current builds, there's no `python.exe`,
but there is `venvlauncher.exe`.

I've asked here about whether it's intended:
https://discuss.python.org/t/when-should-venv-scripts-nt-python-exe-be-present/47620.
But there's at least some evidence in CPython
[here](d457345bbc/Lib/venv/__init__.py (L270))
that we should fall back to these, and the tests pass.

Closes https://github.com/astral-sh/uv/issues/1636.
 2024-03-04 21:49:17 +00:00
Charlie Marsh 14d968ac22
Set `.metadata` suffix on URL path (#2123) 
## Summary

Ensures that we don't add the `.metadata` suffix after the fragment, if
it exists.
 2024-03-04 20:51:07 +00:00
Charlie Marsh 5fed1f6259
Use simpler pip-like `Scheme` for install paths (#2173) 
## Summary

This will make it easier to use the paths returned by `distutils.py`
(for some cases). No code or behavior changes; just removing some fields
we don't need.
 2024-03-04 15:50:13 -05:00
samypr100 93f5609476
feat: add uv version to user agent (#2136) 
## Summary

Closes #1977

This allows us to send uv's version in the `uv-client` User Agent
header.

Here's how request headers look like to a server now:
```
...
Accept: application/vnd.pypi.simple.v1+json, application/vnd.pypi.simple.v1+html;q=0.2, text/html;q=0.01
User-Agent: uv/0.1.13
...
```

~~I went for a mix of Option 1 and 2 from #1977.~~ Open to alternative
naming as well, not tied too strongly here to the names picked.

~~Another possibility for this new crate is that we can use it to
consolidate metadata that exists across crates to ultimately be able to
create linehaul information described in #1958, but I haven't looked
into what those changes might look like.~~

<!-- What's the purpose of the change? What does it do, and why? -->

## Test Plan

<!-- How was it tested? -->
Added initial tests in the new crate to exercise its public API and
added a new test to uv-client to validate the headers using a 1-time
disposable server.
 2024-03-04 19:48:41 +00:00
Charlie Marsh fda691401a
Respect local freshness when auditing installed environment (#2169) 
## Summary

Ensures that local dependencies function similarly to editables, in that
if they're `uv pip install`ed, we invalidate them.

Closes https://github.com/astral-sh/uv/issues/1651.
 2024-03-04 19:40:52 +00:00
Charlie Marsh 8c51b59298
Allow empty values in WHEEL files (#2170) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2149.

## Test Plan

`cargo run pip install "openturns==1.22"`
 2024-03-04 19:39:01 +00:00
Charlie Marsh 6f94dc3c77
Centralize up-to-date checking for path installations (#2168) 
## Summary

Internal-only refactor to consolidate multiple codepaths we have for
checking whether a cached or installed entry is up-to-date with a local
requirement.
 2024-03-04 14:10:51 -05:00
Zanie Blue ffb69e3f48
Expose the `--exclude-newer` flag (#2166) 
Closes https://github.com/astral-sh/uv/issues/2088
 2024-03-04 17:51:19 +00:00
Charlie Marsh c525fdf2b5
Bump version to v0.1.14 (#2157) 2024-03-04 15:42:33 +00:00
konsti 898c3f6bcf
Better offline error message (#2110) 
Error for `uv pip compile scripts/requirements/jupyter.in` without
internet:

**Before**

```
error: error sending request for url (https://pypi.org/simple/jupyter/): error trying to connect: dns error: failed to lookup address information: No such host is known. (os error 11001)
  Caused by: error trying to connect: dns error: failed to lookup address information: No such host is known. (os error 11001)
  Caused by: dns error: failed to lookup address information: No such host is known. (os error 11001)
  Caused by: failed to lookup address information:  No such host is known. (os error 11001)
```

**After**

```
error: Could not connect, are you offline?
  Caused by: error sending request for url (https://pypi.org/simple/django/): error trying to connect: dns error: failed to lookup address information: Temporary failure in name resolution
  Caused by: error trying to connect: dns error: failed to lookup address information: Temporary failure in name resolution
  Caused by: dns error: failed to lookup address information: Temporary failure in name resolution
  Caused by: failed to lookup address information: Temporary failure in name resolution
```

On linux, it would be "Temporary failure in name resolution" instead of
"No such host is known. (os error 11001)".

The implementation checks for "dne error" stringly as hyper errors are
opaque. The danger is that this breaks with a hyper update. We still get
the complete error trace since reqwest eagerly inlines errors
(https://github.com/seanmonstar/reqwest/issues/2147).

No test since i wouldn't know how to simulate this in cargo test.

Fixes #1971
 2024-03-04 15:47:40 +01:00
konsti bc0345a1fd
Make WHEEL parsing error line numbers one indexed. (#2151) 
Fixes an off-by-one from #2149. `enumerate` is zero-based, human line
numbers are one based.
 2024-03-04 11:55:18 +00:00
Charlie Marsh 836b90c760
Expand environment variables in `-r` and `-c` subfile paths (#2143) 
## Summary

This PR expands environment variables in `-r` and `-c` paths _within_
requirements files. We already do this for `@` URL references and
others.

Closes https://github.com/astral-sh/uv/issues/1473.
 2024-03-03 18:47:04 -05:00
Charlie Marsh bf07c7bb72
Add tests for empty index URL environment variable (#2141) 2024-03-03 21:01:41 +00:00
Taniguchi Yasufumi 13a6fc8575
Make an empty string behave like the default (#2137) 
## Summary

Resolve  #2129

I changed the behavior to parse an empty string for `--index-url` to be
the same as the default.
 2024-03-03 14:57:14 -05:00
Charlie Marsh 6fa88f9be0
Use space as delimiter for `UV_EXTRA_INDEX_URL` (#2140) 
## Summary

I was looking at something unrelated and saw this in the Clap docs.

Closes https://github.com/astral-sh/uv/issues/1702.

## Test Plan

```shell
❯ UV_EXTRA_INDEX_URL="https://google.com https://foo.com" cargo run pip compile -
    Finished dev [unoptimized + debuginfo] target(s) in 0.14s
     Running `target/debug/uv pip compile -`
index: None
extra_index_url: [Url(VerbatimUrl { url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("google.com")), port: None, path: "/", query: None, fragment: None }, given: Some("https://google.com") }), Url(VerbatimUrl { url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("foo.com")), port: None, path: "/", query: None, fragment: None }, given: Some("https://foo.com") })]
```
 2024-03-03 14:01:07 -05:00
Charlie Marsh 6a5379834b
Add support for Python installed from Windows Store (#2122) 
## Summary

After https://github.com/astral-sh/uv/pull/2121, the only remaining
issue is that calling `canonicalize` on these Pythons returns an error.

Closes https://github.com/astral-sh/uv/issues/2105.

## Test Plan

Uninstalled all python.org Pythons on my Windows machine, then created a
virtualenv. The resulting config file:

```
Using Python 3.11.8 interpreter at: C:\Users\crmar\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\python.exe
Creating virtualenv at: .venv
Activate with: .venv\Scripts\activate
PS C:\Users\crmar\workspace\puffin> cat .\.venv\pyvenv.cfg
home = C:\Users\crmar\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0
implementation = CPython
version_info = 3.11.8
include-system-site-packages = false
uv = 0.1.13
prompt = puffin
```

Prior to this PR, it would fail with a canonicalization error.

Prior to #2121, it would leave a "bad" Python in the config file:

```
Using Python 3.11.8 interpreter at: C:\Users\crmar\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\python.exe
Creating virtualenv at: .venv
Activate with: .venv\Scripts\activate
PS C:\Users\crmar\workspace\puffin> cat .\.venv\pyvenv.cfg
home = C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.11_3.11.2288.0_x64__qbz5n2kfra8p0
implementation = CPython
version_info = 3.11.8
include-system-site-packages = false
uv = 0.1.13
prompt = puffin
```

Which, once activated, would fail with:

```
(venv) PS C:\Users\crmar\workspace\puffin> python
No Python at '"C:\Users\crmar\AppData\Local\Programs\Python\Python312\python.exe'
```
 2024-03-03 17:55:36 +00:00
Charlie Marsh 46265b711b
Adjust base Python lookup logic for Windows (#2121) 
## Summary

When I install via the Windows Store, `interpreter.base_prefix` contains
a bunch of resolved information that leads to a broken environment.

Instead, we now use `sys._base_executable` on Windows by default,
falling back to `sys.base_prefix` if it doesn't exist. (There are some
issues with `sys.base_executable` that lead to complexity in
`virtualenv`, but they only affect POSIX.) Admittedly, I don't know when
`sys._base_executable` wouldn't exist. It exists in all the environments
I've tested.

Additionally, we use the system interpreter directly if we're outside of
a virtualenv.
 2024-03-03 17:44:10 +00:00
Nyakku Shigure d4f1973bdc
Allow empty extras in `pep508-rs` and add more corner case to tests (#2128) 
## Summary

Fixes #2127, allow empty extras, and add more corner case to tests

## References

- [PEP 508 grammar](https://peps.python.org/pep-0508/#complete-grammar)
 2024-03-02 20:36:28 +00:00
Charlie Marsh e7f336ac53
Preserve environment variables in resolved Git dependencies (#2125) 
## Summary

Closes https://github.com/astral-sh/uv/issues/2116.
 2024-03-01 20:38:34 -05:00
samypr100 c7c3affee0
feat: report line and column on requirements parser errors (#2100) 
## Summary

Closes #2012

This changes `RequirementsTxtParserError::Parser` to take a line, column
instead of cursor location to improve reporting of parser errors. A new
function was added to compute the line and column based on the content
and cursor location when a parser error occurs for simplicity.

Given `uv pip compile .\requirements.txt` of below
```
numpy>=1,<2
  --borken
tqdm
```

Before:

``` 
error: Unexpected '-', expected '-c', '-e', '-r' or the start of a requirement in `.\requirements.txt` at position 14
```

After:

```
error: Unexpected '-', expected '-c', '-e', '-r' or the start of a requirement in `.\requirements.txt` at position 2:3
```

Open Question: Do we want to support `line:column` for other types of
errors? I didn't look dig other potential error types where this might
be desired.

## Test Plan

New test was added to `requirements-txt` crate with this example.
 2024-03-01 21:50:11 +00:00
Charlie Marsh 0233a5771d
Remove `base-prefix` and friends from `pyvenv.cfg` (#2120) 
## Summary

It looks like these have been included since the very first gourgeist
commit, but `virtualenv` and `venv` don't include them, and they only
add complexity AFAICT.
 2024-03-01 16:17:30 -05:00
Charlie Marsh 6f54aacfea
Remove `camino` from `uv-virtualenv` (#2119) 
## Summary

I think Camino is nice but it makes it much harder to work in
`uv-virtualenv`, since it's the _only_ crate that uses it. If we want to
use Camino, we should use it everywhere IMO.
 2024-03-01 19:36:56 +00:00
Charlie Marsh 59c7a10c4b
Rename `gourgeist` to `uv-virtualenv` (#2118) 
As agreed on Discord!
 2024-03-01 14:02:40 -05:00
Charlie Marsh b818199403
Use `prefix` instead of `base_prefix` for environment root (#2117) 
Closes https://github.com/astral-sh/uv/issues/2107.
 2024-03-01 13:12:49 -05:00
Charlie Marsh 72dc72496f
Consider editable dependencies to be 'direct' (#2114) 
Closes https://github.com/astral-sh/uv/issues/2112.
 2024-03-01 11:00:45 -05:00
Charlie Marsh c9ffe976f9
Centralize virtualenv path construction (#2102) 
## Summary

Right now, we have virtualenv construction encoded in a few different
places. Namely, it happens in both `gourgeist` and
`virtualenv_layout.rs` -- _and_ `interpreter.rs` also encodes some
knowledge about how they work, by way of reconstructing the
`SysconfigPaths`.

Instead, `gourgeist` now returns the complete layout, enumerating all
the directories it created. So, rather than returning a root directory,
and re-creating all those paths in `uv-interpreter`, we pass the data
directly back to it.
 2024-03-01 15:52:48 +00:00
Charlie Marsh c579e6f6bf
Add support for `--system-site-packages` in `uv venv` (#2101) 
## Summary

Adds support for `--system-site-packages`. Unlike `pip`, we won't take
the system site packages into account in subsequent commands. I think
this is ok.

Closes https://github.com/astral-sh/uv/issues/1483.
 2024-03-01 09:05:19 -05:00
konsti d0ffabd1f2
Future-proof pip entrypoints special case (#1982) 
Update #1918 to handle https://github.com/pypa/pip/pull/12536, where pip
removed their python minor entrypoint. The pip test is semi-functional
since it builds pip from source instead of using a wheel with the wrong
entrypoint, we have to update it when this pip version has a release.

Closes #1593.
 2024-03-01 10:05:50 +01:00
Charlie Marsh e811070ef1
Wrap unsafe script shebangs in `/bin/sh` (#2097) 
## Summary

This is based on Pradyun's installer branch
(d01624e5f2/src/installer/scripts.py (L54)),
which is itself based on pip
(0ad4c94be7/src/pip/_vendor/distlib/scripts.py (L136)).

The gist of it is: on Posix platforms, if a path contains a space (or is
too long), we wrap the shebang in a `/bin/sh` invocation.

Closes https://github.com/astral-sh/uv/issues/2076.

## Test Plan

```
❯ cargo run venv "foo"
    Finished dev [unoptimized + debuginfo] target(s) in 0.14s
     Running `target/debug/uv venv foo`
Using Python 3.12.0 interpreter at: /Users/crmarsh/.local/share/rtx/installs/python/3.12.0/bin/python3
Creating virtualenv at: foo
Activate with: source foo/bin/activate

❯ source "foo bar/bin/activate"

❯ which black
black not found

❯ cargo run pip install black
Resolved 6 packages in 177ms
Installed 6 packages in 17ms
 + black==24.2.0
 + click==8.1.7
 + mypy-extensions==1.0.0
 + packaging==23.2
 + pathspec==0.12.1
 + platformdirs==4.2.0

❯ which black
/Users/crmarsh/workspace/uv/foo bar/bin/black

❯ black
Usage: black [OPTIONS] SRC ...

One of 'SRC' or 'code' is required.

❯ cat "foo bar/bin/black"
#!/bin/sh
'''exec' '/Users/crmarsh/workspace/uv/foo bar/bin/python' "$0" "$@"
' '''
# -*- coding: utf-8 -*-
import re
import sys
from black import patched_main
if __name__ == "__main__":
    sys.argv[0] = re.sub(r"(-script\.pyw|\.exe)?$", "", sys.argv[0])
    sys.exit(patched_main())
```
 2024-02-29 23:19:06 +00:00
Andrew Gallant b62a81549b uv-interpreter: cut alternative implementation of site-packages python 
This is a separate commit so that the alternative is preserved in
history.
 2024-02-29 15:57:57 -05:00
Andrew Gallant 8122d809a4 virtualenv: determine 'site-packages' based on implementation name 
I'm not at all sure whether this is a correct fix or not, but it does
seem to make `pypy` work in at least some cases with `uv`. Previously,
I couldn't get it to work at all. Namely the virtualenv was created
with a `lib/python3.10/site-packages`, but whenever I did a `uv
pip install` in that virtualenv, it was looking for a non-existent
`lib/pypy3.10/site-packages` directory.

With this PR, the workflow reported as not working in #1488 now works
for me:

```
$ pypy3 --version
Python 3.10.13 (fc59e61cfbff, Jan 17 2024, 05:35:45)
[PyPy 7.3.15 with GCC 13.2.1 20230801]

$ uv venv --python $(which pypy3) --seed
Using Python 3.10.13 interpreter at: /usr/bin/pypy3
Creating virtualenv at: .venv
 + pip==24.0
 + setuptools==69.1.1
 + wheel==0.42.0
Activate with: source .venv/bin/activate

$ uv pip install 'alembic==1.0.11'
Resolved 9 packages in 8ms
Installed 9 packages in 14ms
 + alembic==1.0.11
 + greenlet==3.0.3
 + mako==1.3.2
 + markupsafe==2.1.5
 + python-dateutil==2.8.2
 + python-editor==1.0.4
 + six==1.16.0
 + sqlalchemy==2.0.27
 + typing-extensions==4.10.0
```

Where as previously (current `main`), I was hitting this error:

```
$ uv venv --python $(which pypy3) --seed
Using Python 3.10.13 interpreter at: /usr/bin/pypy3
Creating virtualenv at: .venv
 + pip==24.0
 + setuptools==69.1.1
 + wheel==0.42.0
Activate with: source .venv/bin/activate

$ uv pip install 'alembic==1.0.11'
error: Failed to list installed packages
  Caused by: failed to read directory `/home/andrew/astral/issues/uv/i1488/.venv/lib/pypy3.10/site-packages`
  Caused by: No such file or directory (os error 2)
```

Notice though that neither outcome above matches the error reported in #1488,
so this is likely not a complete fix. There are perhaps other lurking
issues.

Ref #1488
 2024-02-29 15:57:57 -05:00
Charlie Marsh 9ce5170e64
Bump version to v0.1.13 (#2090) 2024-02-29 17:39:28 +00:00
Charlie Marsh 6c23cffd07
Avoid assuming `RECORD` file is in `platlib` (#2091) 
## Summary

This was a missed find-and-replace. We shouldn't assume `layout.platlib`
here, since `RECORD` will be written to `site_packages` (which could be
`layout.purelib`).

This is hard to reproduce. You need a _fresh_ environment where
`purelib` and `platlib` differ (which isn't the case for virtualenvs, at
least typically), and you need to be installing a new package that is a
purelib. I tested it by manually changing `platlib` to point to a
different path.

Closes https://github.com/astral-sh/uv/issues/2064.
 2024-02-29 17:21:49 +00:00
Andrew Gallant 5e351343da
tweak the order of index priority (#2083) 
Previously, `uv` would always prioritize the index given by
`--index-url`. It would then try any indexes after that given by zero
or more `--extra-index-url` flags. This differed from `pip` in that any
priority was given at all, where `pip` doesn't guarantee any priority
ordering of indexes.

We could go in the direction of mimicing `pip`'s behavior here, but it
at present has issues with dependency confusion attacks where packages
may get installed from indexes you don't control. More specifically,
there is an issue of different trust levels. See discussion in #171 and
[PEP-0708] for more on the security impact.

In contrast, `uv` will only select versions for a package from a single
index. That is, even if `foo` is in indexes `a` and `b`, it will
only consider the versions from the index that it checks first. This
probably helps with respect to dependency confusion attacks, but also
means that `uv` doesn't quite cover all of the same use cases as `pip`.

In this PR, we retain the notion of prioritizing indexes, but
tweak it so that PyPI is preferred last as opposed to first. Or
more precisely, the `--index-url` flag specifies a fallback index,
not the primary index, and is deprioritized beneath every index
specified by `--extra-index-url`. The ordering among indexes given by
`--extra-index-url` remains the same: earlier indexes are prioritized
over later indexes.

While this tweak likely won't hit all use cases, I believe it will
resolve some of the most common pain points without exacerbating
dependency confusion problems.

Ref #171, Fixes #1377, Fixes #1451, Fixes #1600

[PEP-0708]: https://peps.python.org/pep-0708/
 2024-02-29 11:57:07 -05:00
Tim de Jager 9a99aa7776
feat: expose uv_normalize types (#2082) 
## Summary

<!-- What's the purpose of the change? What does it do, and why? -->

Expose the uv_normalize types from pep508, so that these can be used
with a crates.io version.

---------

Co-authored-by: konsti <konstin@mailbox.org>
 2024-02-29 15:06:56 +00:00
Charlie Marsh b983ff4fa7
Prioritize `PATH` over `py --list-paths` in Windows selection (#2057) 
`uv --system` is failing in GitHub Actions, because `py --list-paths`
returns all the pre-cached Pythons:

```
-V:3.12 *        C:\hostedtoolcache\windows\Python\3.12.2\x64\python.exe
-V:3.12-32       C:\hostedtoolcache\windows\Python\3.12.2\x86\python.exe
-V:3.11          C:\hostedtoolcache\windows\Python\3.11.8\x64\python.exe
-V:3.11-32       C:\hostedtoolcache\windows\Python\3.11.8\x86\python.exe
-V:3.10          C:\hostedtoolcache\windows\Python\3.10.11\x64\python.exe
-V:3.10-32       C:\hostedtoolcache\windows\Python\3.10.11\x86\python.exe
-V:3.9           C:\hostedtoolcache\windows\Python\3.9.13\x64\python.exe
-V:3.9-32        C:\hostedtoolcache\windows\Python\3.9.13\x86\python.exe
-V:3.8           C:\hostedtoolcache\windows\Python\3.8.10\x64\python.exe
-V:3.8-32        C:\hostedtoolcache\windows\Python\3.8.10\x86\python.exe
-V:3.7           C:\hostedtoolcache\windows\Python\3.7.9\x64\python.exe
-V:3.7-32        C:\hostedtoolcache\windows\Python\3.7.9\x86\python.exe
```

So, our default selector returns the first entry here. But none of these
are actually in `PATH` except the one that the user installed via
`actions/setup-python@v5` -- that's the point of the action, that it
puts the correct versions in `PATH`.

It seems to me like we should prioritize `PATH` over `py --list-paths`.
Is there a good reason not to do this?

Closes: https://github.com/astral-sh/uv/issues/2056
 2024-02-29 15:06:29 +00:00
Tim de Jager 0fbfa11013
Add option pass environment variables for SDist building (#2039) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

With this PR I've added the option environment variables to the wheel
building process, through the `BuildDispatch`. When integrating uv with
our project pixi (https://github.com/prefix-dev/pixi/pull/863). We ran
into this missing requirement, I've made a rough version here, could
maybe use some refinement.

### Why do we need this?

Because pixi allow the user to use a conda activated prefix for wheel
building, this comes with a number of environment variables, like `PATH`
but also `CONDA_PREFIX` amongst others. This allows the user to use
system dependencies from conda-forge to use during an sdist build.
Because we use `uv` as a library we need to pass in the options
programatically. Additionally, in general there is nothing holding a
python sdist back from actually depending on an environment variable,
see
e.g the test package: https://pypi.org/project/env-test-package/

### What about `ConfigSettings`

I think `ConfigSettings` does not suffice because e.g. CMake could
function differently when the `CONDA_PREFIX` is set. Also, we do not
know if the user supplied backend actually support these settings.

### Path handling

Because the user can now also supply a PATH in the environment map, the
logic I had was the following, I format the path so that it has the
following precedence

1. venv scripts dir.
2. user supplied path.
3. system path.

### Improvements

There is some path modification and copying happening everytime we use
the `run_python_script` function, I think we could improve this but
would like some pointers where to best put the maybe split and cached
version, we might also want to use some types to split these things up.


### Finally

I did not add any of these options to the uv executables, I first would
like to know if this is a direction we would want to go in. I'm happy to
do this or make any changes that you feel would benefit this project.

Also tagging @wolfv to keep track of this as well.  

## Test Plan

<!-- How was it tested? -->

---------

Co-authored-by: konsti <konstin@mailbox.org>
 2024-02-29 10:55:10 +00:00
Charlie Marsh 2838542ade
Avoid truncating EXTERNALLY-MANAGED error message (#2073) 
## Summary

This is still imperfect, since the INI parser seems to strip empty
lines, but at least the content is preserved.

Closes https://github.com/astral-sh/uv/issues/2061.

## Test Plan

![Screenshot 2024-02-28 at 9 48
24 PM](https://github.com/astral-sh/uv/assets/1309177/66224e94-0500-4634-83cb-33981443b8a3)
 2024-02-28 22:00:23 -05:00
Charlie Marsh 1f19ef670b
Avoid canonicalizing user-provided interpreters (#2072) 
## Summary

We shouldn't be resolving symlinks on the provided interpreter;
otherwise we break `pyenv`, since running `cargo run pip install mypy
--python .venv/bin/python` will immediately resolve to (e.g.)
`/Users/crmarsh/.pyenv/versions/3.10.2/bin/python3.10`, and pyenv relies
on the path to do its lookups.

Instead, the canonicalizing happens when we query the interpreter
metadata.

Closes https://github.com/astral-sh/uv/issues/2068.

## Test Plan

Ran `cargo run pip install mypy --python .venv/bin/python -v -n` with a
virtualenv created using a pyenv Python; verified that Mypy was
installed into the virtual environment, rather than into the global
environment.
 2024-02-28 21:32:52 -05:00
Charlie Marsh ef15098288
Use `Simplified` instead of `Normalized` for path prefix stripping (#2071) 
## Summary

This directly matches the naming of the `dunce` methods.
 2024-02-29 01:44:50 +00:00
Charlie Marsh f315d07133
Extend activation highlighting to entire command (#2070) 
## Summary

In `source .venv/bin/activate`, _only_ `.venv` is colored cyan.

![Screenshot 2024-02-28 at 8 17
32 PM](https://github.com/astral-sh/uv/assets/1309177/2acc16f9-4de2-4cd9-9216-8348cf896d36)
 2024-02-28 20:27:35 -05:00
Charlie Marsh 1bc5485094
Allow pre-releases for requirements in constraints files (#2069) 
## Summary

If a pre-release marker is present on a requirement in a constraint
file, we should allow pre-releases for that package.

Closes https://github.com/astral-sh/uv/issues/2063.
 2024-02-29 01:16:23 +00:00
Charlie Marsh 69fb9c37fb
Ignore `install_git_private_https_pat_and_username` for now (#2060) 
## Summary

Temporarily disabling `install_git_private_https_pat_and_username` since
running this test can break your local Git authentication for other
projects. I experienced this today and keep finding myself needing to
ignore it locally.

See: https://github.com/astral-sh/uv/issues/1980.
 2024-02-28 19:13:40 -05:00
Charlie Marsh 9c63412526
Track wheel compatibility as a single field (#2054) 
## Summary

Internal refactor to `PrioritizedDistribution` that I think should
reduce the size? Although the motivation here is simplicity, not perf.

Instead of storing:

```rust
/// The highest-priority, installable wheel for the package version.
compatible_wheel: Option<(DistMetadata, TagPriority)>,
/// The most-relevant, incompatible wheel for the package version.
incompatible_wheel: Option<(DistMetadata, IncompatibleWheel)>,
```

We now store:

```rust
wheel: Option<(DistMetadata, WheelCompatibility)>,
```

Where `WheelCompatibility` is an enum of `TagPriority` or
`IncompatibleWheel`.
 2024-02-28 16:59:22 -05:00
Charlie Marsh f68b2d1d5e
Bump version to v0.1.12 (#2051) 2024-02-28 15:36:22 -05:00
Charlie Marsh 9328b3c2ab
Add a `--system` flag for opt-in non-virtualenv installs (#2046) 
## Summary

This is essentially a wrapper around something like `--python $(which
python3)`, but gives users a portable and streamlined way to solve the
common pain point of using `uv` in GitHub Actions or a Docker container.

See: https://github.com/astral-sh/uv/issues/1526.
 2024-02-28 19:48:32 +00:00
Charlie Marsh b873e3e991
Support environment variables in index URLs in requirements files (#2036) 
## Summary

This also preserves the environment variables in the output file, e.g.:

```
Resolved 1 package in 216ms
# This file was autogenerated by uv via the following command:
#    uv pip compile requirements.in --emit-index-url
--index-url https://test.pypi.org/${SUFFIX}

requests==2.5.4.1
```

I'm torn on whether that's correct or undesirable here.

Closes #2035.
 2024-02-28 19:36:20 +00:00
Charlie Marsh 1df977f86b
Add a `--pre` alias for `--prerelease=allow` (#2049) 
Hidden alias for `pip` compatibility.

Closes https://github.com/astral-sh/uv/issues/2047.
 2024-02-28 19:03:05 +00:00
Charlie Marsh ea5ebe59af
Use a non-local lock file for locking system interpreters (#2045) 2024-02-28 11:03:02 -05:00
Charlie Marsh e91fe1925b
Remove patch version caveat from CLI (#2044) 2024-02-28 15:11:32 +00:00
Charlie Marsh 1ee28f78cd
Rename `Virtualenv` and `PythonPlatform` structs (#2034) 
## Summary

`PythonPlatform` only exists to format paths to directories within
virtual environments based on a root and an OS, so it's now
`VirtualenvLayout`.

`Virtualenv` is now used for non-virtual environment Pythons, so it's
now `PythonEnvironment`.
 2024-02-28 15:04:55 +00:00
Charlie Marsh 02703281f0
Enable `freeze` and `list` to introspect non-virtualenv Pythons (#2033) 
## Summary

Now that we have the ability to introspect the installed packages for
arbitrary Pythons, we can allow `pip freeze` and `pip list` to fall back
to the "default" Python, if no virtualenv is present.

Closes https://github.com/astral-sh/uv/issues/2005.
 2024-02-28 10:00:00 -05:00
Charlie Marsh 23afa09fae
Accept (e.g.) `'python3.8'` as `--python` argument (#2031) 
## Summary

This PR aligns the `uv pip install --python` flag with the `uv venv
--python` flag, such that the former now accepts binary names and Python
versions by way of using the same `find_requested_python` method under
the hood.
 2024-02-28 09:48:49 -05:00
Charlie Marsh 995fba8fec
Surface the `EXTERNALLY-MANAGED` message to users (#2032) 
## Summary

Per the
[spec](https://packaging.python.org/en/latest/specifications/externally-managed-environments/),
this message should be surfaced to users:

![Screenshot 2024-02-27 at 10 42
52 PM](https://github.com/astral-sh/uv/assets/1309177/dac3bd6b-dd05-4146-8faa-f046492e8a26)
 2024-02-27 23:18:45 -05:00
Charlie Marsh 10175143d1
Add a `--python` flag to allow installation into arbitrary Python interpreters (#2000) 
## Summary

This PR adds a `--python` flag that allows users to provide a specific
Python interpreter into which `uv` should install packages. This would
replace the `VIRTUAL_ENV=` workaround that folks have been using to
install into arbitrary, system environments, while _also_ actually being
correct for installing into non-virtual environments, where the bin and
site-packages paths can differ.

The approach taken here is to use `sysconfig.get_paths()` to get the
correct paths from the interpreter, and then use those for determining
the `bin` and `site-packages` directories, rather than constructing them
based on hard-coded expectations for each platform.

Closes https://github.com/astral-sh/uv/issues/1396.

Closes https://github.com/astral-sh/uv/issues/1779.

Closes https://github.com/astral-sh/uv/issues/1988.

## Test Plan

- Verified that, on my Windows machine, I was able to install `requests`
into a global environment with: `cargo run pip install requests --python
'C:\\Users\\crmarsh\\AppData\\Local\\Programs\\Python\\Python3.12\\python.exe`,
then `python` and `import requests`.
- Verified that, on macOS, I was able to install `requests` into a
global environment installed via Homebrew with: `cargo run pip install
requests --python $(which python3.8)`.
 2024-02-28 02:10:29 +00:00
Charlie Marsh 72a5ebada3
Un-cache editable requirements with dynamic metadata (#2029) 
Closes https://github.com/astral-sh/uv/issues/1991.
 2024-02-28 01:56:25 +00:00
konsti 8214bfe080
Always remove color codes from output file (#2018) 
Always strip color codes when we're writing to a file.

I don't really know how to test this.

Fixes #2017
 2024-02-27 17:02:23 +01:00
Andrew Gallant 30e903e2ba
pep440: remove redundant `without_local()` (#2019) 
In this context, we already know (as the comment says) that `self` does
not have a local segment, so we don't need to strip it.

This change isn't motivated by anything other than making the code and
comment in sync. For example, when I first looked at it, I wondered
whether the extra stripping was somehow necessary. But it isn't.
 2024-02-27 11:00:58 -05:00
Tim de Jager cd484d5d9b
fix: make query method of interpreter public (#2016) 
## Summary

Made the `query` method public again, as I believe this currently the
only way to query a intepreter with a custom location.

Closes: #2015
 2024-02-27 09:39:50 -05:00
konsti 20253cd045
Fix simple launcher test error condition (#1911) 
This makes the test path on windows where developer mode is not enabled.

---------

Co-authored-by: Micha Reiser <micha@reiser.io>
 2024-02-27 12:15:07 +00:00
Charlie Marsh 3417330f61
Remove unused `base_python` from `BuildDispatch` (#2004) 2024-02-27 05:35:41 +00:00
Charlie Marsh 5997d0da3d
Remove some unused code from `install-wheel-rs` (#2001) 
I need to make a bunch of changes to this crate, and I'm finding that
the existing unused interfaces are really getting in the way.
 2024-02-27 04:27:25 +00:00
dependabot[bot] 6678d545fb
Bump serde_json from 1.0.113 to 1.0.114 (#1996) 2024-02-26 23:12:54 +00:00
dependabot[bot] 78d8bdc2d5
Bump assert_cmd from 2.0.13 to 2.0.14 (#1995) 2024-02-26 17:01:22 -06:00
Simon Brugman 98753fa740
`--exclude-editable` and `--exclude` args for `uv pip list` (#1985) 
Allows filtering out editable (`--exclude-editable`) and explicitly
provided packages (`--exclude setuptools`) from `uv pip list`.

https://pip.pypa.io/en/stable/cli/pip_list/

Continuation of https://github.com/astral-sh/uv/issues/1401

## Test Plan

Extended existing tests to cover these new arguments.
 2024-02-26 20:52:35 +00:00
Charlie Marsh 4fdf230c2f
Support recursive extras in direct `pyproject.toml` files (#1990) 
## Summary

When a `pyproject.toml` is provided directly to `uv pip compile`, we
were failing to resolve recursive extras. The solution I settled on here
is to flatten them recursively when determining the requirements
upfront.

Closes https://github.com/astral-sh/uv/issues/1987.

## Test Plan

`cargo test`
 2024-02-26 15:44:25 -05:00
Charlie Marsh 32e5cacdd6
Bump version to v0.1.11 (#1976) 2024-02-26 10:46:17 -05:00
Jo 2016ec4cfe
Use full python version in `pyvenv.cfg` (#1979) 
## Summary

For a venv created by `virtualenv`, the `pyvenv.cfg` file specifies the
full version string in the `version_info` field:

```
home = /Users/x/.rye/py/cpython@3.12.1/install/bin
implementation = CPython
version_info = 3.12.1.final.0
virtualenv = 20.25.0
include-system-site-packages = false
base-prefix = /Users/x/.rye/py/cpython@3.12.1/install
base-exec-prefix = /Users/x/.rye/py/cpython@3.12.1/install
base-executable = /Users/x/.rye/py/cpython@3.12.1/install/bin/python3
```

The relevant code can be found here: 

4ca8a20c17/src/virtualenv/create/creator.py (L167)

This PR changes `pyvenv.cfg` created by uv for better compatibility with
`virtualenv`.

## Test Plan

```sh
uv venv
cat .venv/pyvenv.cfg
```
 2024-02-26 09:52:17 -05:00
Taniguchi Yasufumi 70e877d11c
Add `fs_err` to `disallowed_method` in clippy.toml (#1950) 
## Summary

Resolve #1916

---------

Co-authored-by: konsti <konstin@mailbox.org>
 2024-02-26 14:15:07 +00:00
Simon Brugman a5a917169b
Uv tests fail when path contains size/time-like strings (#1984) 2024-02-26 14:02:08 +00:00
konsti 70dad51cd9
Remove `spawn_blocking` from version map (#1966) 
I previously add `spawn_blocking` to the version map construction as it
had become a bottleneck
(https://github.com/astral-sh/uv/pull/1163/files#diff-704ceeaedada99f90369eac535713ec82e19550bff166cd44745d7277ecae527R116).
With the zero copy deserialization, this has become so fast we don't
need to move it to the thread pool anymore. I've also checked
`DataWithCachePolicy` but it seems to still take a significant amount of
time. Span visualization:

Resolving jupyter warm:

![image](https://github.com/astral-sh/uv/assets/6826232/692b03da-61c5-4f96-b413-199c14aa47c4)

Resolving jupyter cold:

![image](https://github.com/astral-sh/uv/assets/6826232/a6893155-d327-40c9-a83a-7c537b7c99c4)

![image](https://github.com/astral-sh/uv/assets/6826232/213556a3-a331-42db-aaf5-bdef5e0205dd)

I've also updated the instrumentation a little.

We don't seem cpu bound for the cold cache (top) and refresh case
(bottom) from jupyter:

![image](https://github.com/astral-sh/uv/assets/6826232/cb976add-3d30-465a-a470-8490b7b6caea)

![image](https://github.com/astral-sh/uv/assets/6826232/d7ecb745-dd2d-4f91-939c-2e46b7c812dd)
 2024-02-26 09:44:24 +00:00
Jonathon Belotti c80d5c6ffb
fix 'uv pip install' handling of gzip'd response and PEP 691 (#1978) 
Thank you for writing `uv`! We're already using it internally on some
container image builds and finding that it's noticeably faster 💯

## Summary

I was attempting to use `uv` alongside [modal](https://modal.com/)'s
internal PyPi mirror and ran into some issues. The first issue was the
following error:

```
error: Failed to download: nltk==3.8.1
  Caused by: content-length header is missing from response
```

This error was coming from within
`RegistryClient::wheel_metadata_no_pep658`. By logging requests on the
client (uv) and server (internal mirror) sides I've concluded that it's
occurring because `uv` is sending a header suggesting that it can accept
a gzip'd response, but decompressing the gzip'd response strips the
`content-length` header:
https://github.com/seanmonstar/reqwest/issues/294.

**Logged request, client-side:**

```
0.981664s   0ms  INFO uv_client::registry_client JONO, REQ: Request { method: HEAD, url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv4(172.21.0.1)), port: Some(5555), path: "/simple/joblib/joblib-1.3.2-py3-none-any.whl", query: None, fragment: None }, headers: {} }
```

No headers set explicitly by `uv`.

**Logged request, server-side:**

```
2024-02-26T03:45:08.598272Z DEBUG pypi_mirror: origin request = Request { method: HEAD, uri: /simple/joblib/joblib-1.3.2-py3-none-any.whl, version: HTTP/1.1, headers: {"accept": "*/*", "user-agent": "uv", "accept-encoding": "gzip, br", "host": "172.21.0.1:5555"}, body: Body(Empty) }
```

Server receives `"accept-encoding": "gzip, br",`. 

My change adding the header to the request fixed this issue. But our
internal mirror is just passing through PyPI responses and PyPI
responses do contain PEP 658 data, and so `wheel_metadata_no_pep658`
shouldn't execute.

The issue there is that the PyPi response field has _dashes_ not
_underscores_ (https://peps.python.org/pep-0691/).

<img width="1261" alt="image"
src="https://github.com/astral-sh/uv/assets/12058921/35230f27-441a-457a-827b-870a1a16c16a">

After changing the `alias` the PEP 658 codepath now runs correctly :)

## Test Plan

I tested by installing against both our mirror and against PyPi: 

```
RUST_LOG="uv=trace" UV_NO_CACHE=true UV_INDEX_URL="http://172.21.0.1:5555/simple" target/release/uv pip install -v nltk
RUST_LOG="uv=trace" UV_NO_CACHE=true UV_INDEX_URL="http://localhost:5555/simple" target/release/uv pip uninstall -v nltk
```

```
target/release/uv pip install -v nltk
target/release/uv pip uninstall -v nltk
```
 2024-02-25 23:28:22 -05:00
Charlie Marsh 088fa97369
Remove current directory from PATH in PEP 517 hooks (#1975) 
## Summary

When you invoke `python -c`, an empty string is prepended to `sys.path`,
which allows loading modules in the current directory
(https://docs.python.org/3/using/cmdline.html#cmdoption-P). However, in
PEP 517 builds, the current directory should _not_ be part of the path.
There's a flag we can use to disable this behavior (`-P`), but it's only
available in Python 3.11 and later, so instead, I'm doing something
similar to pip's `__main__.py`, which avoids this for `python -m pip`
invocations.

Closes https://github.com/astral-sh/uv/issues/1972.
 2024-02-26 01:14:14 +00:00
samypr100 757f8e2f60
feat: improved msg for network timeouts (#1961) 
## Summary

Closes #1922

When a timeout occurs, it hints to the user to configure the
`UV_HTTP_TIMEOUT` env var.

Before
```
error: Failed to download distributions
  Caused by: Failed to fetch wheel: torch==2.2.0 
  Caused by: Failed to extract source distribution
  Caused by: request or response body error: operation timed out
  Caused by: operation timed out
```

After
```
error: Failed to download distributions
  Caused by: Failed to fetch wheel: torch==2.2.0 
  Caused by: Failed to extract source distribution
  Caused by: Failed to download distribution due to network timeout. Try increasing UV_HTTP_TIMEOUT.
```

## Test Plan

<!-- How was it tested? -->
Wasn't sure if we'd want a test. If we do, is there a existing mechanism
or preferred approach to force a timeout to occur in tests? Maybe set
the timeout to 1 and add torch as an install check (although it's
possible that could become flaky)?
 2024-02-25 21:13:28 +00:00
Charlie Marsh 06a7c7fde0
Accept single string for `backend-path` (#1969) 
Closes https://github.com/astral-sh/uv/issues/1861.
 2024-02-25 21:02:58 +00:00
Simon Brugman 0f1377bb08
`uv pip list` (#1662) 
Hi, love your work on `uv` 👋! 

Opening a Draft PR early to check if there are any existing rust table
formatting libs that I am unaware of (either already in `uv`/`ruff`, or
the rust ecosystem) before spending much time on inventing the wheel
myself and cleaning it up. Any other pointers are also welcome (e.g. on
the editable filtering).

Editable project locations in `uv pip list` include the file scheme
(`file://`), where they are omitted in `pip list`. Is this desired, or
should it replicate pip?

## Summary

Implementation for #1401 
`--editable` flag is implemented.

`--outdated` and `--uptodate` out of scope for this PR (requires latest
version information, and type wheel/sdist)

## Test Plan

Not yet implemented as I couldn't locate the tests for `uv pip freeze`.
We can compare to `pip` in
`scripts/compare_with_pip/compare_with_pip.py`?
 2024-02-25 19:42:27 +00:00
danieleades 8d721830db
Clippy pedantic (#1963) 
Address a few pedantic lints

lints are separated into separate commits so they can be reviewed
individually.

I've not added enforcement for any of these lints, but that could be
added if desirable.
 2024-02-25 14:04:05 -05:00
Charlie Marsh b052291685
Don't write pip compile output to stdout with `-q` (#1962) 
## Summary

When the user provides an output file, avoid writing the `pip compile`
output to `stdout` when `-q` is specified. (We still write to `stdout`
if no output file is provided, since otherwise, the resolution won't be
printed _anywhere_.)
 2024-02-25 03:06:19 +00:00
Charlie Marsh 432e57d070
Re-sync editables on-change (#1959) 
## Summary

Like #1955, but for `pip sync`.

Closes https://github.com/astral-sh/uv/issues/1957.
 2024-02-25 01:31:47 +00:00
Charlie Marsh f449bd41fb
Expand scope of archive timestamping (#1960) 
## Summary

Instead of looking at _either_ `pyproject.toml` or `setup.py`, we should
just be conservative and take the most-recent timestamp out of
`pyproject.toml`, `setup.py`, and `setup.cfg`. That will help prevent
staleness issues like those described in
https://github.com/astral-sh/uv/issues/1913#issuecomment-1961544084.
 2024-02-25 00:36:45 +00:00
Charlie Marsh 8d706b0f2a
Make < exclusive for non-prerelease markers (#1878) 
## Summary

Even when pre-releases are "allowed", per PEP 440, `pydantic<2.0.0`
should _not_ include pre-releases. This PR modifies the specifier
translation to treat `pydantic<2.0.0` as `pydantic<2.0.0.min0`, where
`min` is an internal-only version segment that's invisible to users.

Closes https://github.com/astral-sh/uv/issues/1641.
 2024-02-24 18:02:03 -05:00
Charlie Marsh 372cfc00bf
Properly apply constraints in venv audit (#1956) 
## Summary

We were applying every constraint to every dependency. This is
"harmless" in practice since this is just an optimization, but we thus
had false negatives ~every time which could lead to wasted work.
 2024-02-24 16:42:46 -05:00
Charlie Marsh db53486308
Invalidate dependencies when editables are updated (#1955) 
## Summary

If a `pyproject.toml` or similar is changed within an editable, we
should avoid passing our audit check (and thus re-install the package).

Closes https://github.com/astral-sh/uv/issues/1913.
 2024-02-24 19:55:39 +00:00
Charlie Marsh a1f50418fd
Avoid erroring for source distributions with symlinks in archive (#1944) 
## Summary

For context, we have three extraction paths:

- untar (async) - used for any `.tar.gz`, local or remote.
- unzip (async) - used to unzip remote wheels, or local or remote source
distributions.
- unzip (sync) - used to untar locally-available wheels into the cache.

We use three different crates for these:

- [`tokio-tar`](https://github.com/vorot93/tokio-tar)
- [`async-zip`](https://github.com/Majored/rs-async-zip)
- [`zip-rs`](https://github.com/zip-rs/zip)

These all seem to have different support for symlinks:

- `tokio-tar` tries to create a symlink (which works fine on Unix but
errors on Windows, since we typically don't have elevated permissions).
- `async-zip` _seems_ to write the target contents directly to the file
(which is what we want).
- `zip-rs` _apparently_ writes the _name_ of the target to the file
(which isn't what we want).

Thankfully, symlinks are not allowed in wheels
(https://github.com/pypa/pip/issues/5919,
https://discuss.python.org/t/symbolic-links-in-wheels/1945), so we can
ignore `zip-rs`.

For `tokio-tar`, we now _skip_ (and warn) if we see a symlink on
Windows. We could do what pip does, and recursively copy, but it's
difficult because we don't have `Seek` on the file. (Alternatively, we
could use hard links and junctions, though those also might need to
exist already.) Let's see how far this gets us.

(We also no longer attempt to set permissions on symlinks on Unix, which
caused another failure.)

Closes https://github.com/astral-sh/uv/issues/1858.
 2024-02-24 03:22:13 +00:00
dependabot[bot] 019e2fd1b5
Bump insta from 1.34.0 to 1.35.1 (#1942) 2024-02-23 21:00:35 +00:00
Charlie Marsh ca489ac3bb
Allow round-trip via `freeze` command (#1936) 
## Summary

We're printing the `Display` representation of `InstalledDist`, which
isn't guaranteed to be (and in fact isn't) a valid PEP 508 requirement,
making it impossible to use the `freeze` output as an input to an
install.

Closes https://github.com/astral-sh/uv/issues/1931.
 2024-02-23 20:01:54 +00:00
dependabot[bot] 8ff6182815
Bump anyhow from 1.0.79 to 1.0.80 (#1941) 2024-02-23 14:01:40 -06:00
dependabot[bot] fee79aea7d
Bump itertools from 0.10.5 to 0.12.1 (#1939) 2024-02-23 14:01:11 -06:00
Charlie Marsh 505653456d
Add compatibility for deprecated `python_implementation` marker (#1933) 
## Summary

Like `platform.python_implementation`, we should support the
`python_implementation` "alias" for `platform_python_implementation`.

Closes https://github.com/astral-sh/uv/issues/1906.

## Test Plan

```shell
❯ cargo run pip install "pynacl==1.4.0"
    Finished dev [unoptimized + debuginfo] target(s) in 7.02s
     Running `target/debug/uv pip install pynacl==1.4.0`
Resolved 4 packages in 9ms
   Built pynacl==1.4.0                                                                                                                                                                                                                        Downloaded 1 package in 31.51s
Installed 4 packages in 3ms
 + cffi==1.16.0
 + pycparser==2.21
 + pynacl==1.4.0
 + six==1.16.0
```
 2024-02-23 14:47:58 -05:00
Zanie Blue af39bbde75
Add long-form version output (#1930) 
Similar to https://github.com/astral-sh/ruff/pull/8034

Adds more version information so it's clear what revision the user is on

```
❯ cargo run -q -- --version
uv 0.1.10 (daa8565a7 2024-02-23)
❯ cargo run -q -- -V
uv 0.1.10
❯ cargo run -q -- version
uv 0.1.10 (daa8565a7 2024-02-23)
❯ cargo run -q -- version --output-format json
{
  "version": "0.1.10",
  "commit_info": {
    "short_commit_hash": "daa8565a7",
    "commit_hash": "daa8565a75249305821fdc34ace085060c082ba3",
    "commit_date": "2024-02-23",
    "last_tag": null,
    "commits_since_last_tag": 0
  }
}
```
 2024-02-23 13:45:01 -06:00
Charlie Marsh 0476bca272
Tweak output message for `--no-emit-package` (#1935) 
Good feedback from:
https://github.com/astral-sh/uv/pull/1889#discussion_r1501067901
 2024-02-23 14:35:29 -05:00
Charlie Marsh c69e270071
Gracefully handle virtual environments with conflicting packages (#1893) 
## Summary

When a virtual environment contains multiple packages with the same
name, we no longer throw a hard error. Instead:

- In `uv pip freeze`, we list all versions.
- In `uv pip uninstall`, we uninstall all versions.
- In `uv pip install`, we uninstall all versions prior to installing a
new version.

Closes https://github.com/astral-sh/uv/issues/1848.
 2024-02-23 19:14:52 +00:00
Taniguchi Yasufumi 0e2ea66b72
Remove `--upgrade` and `--quiet` flags from generated output files (#1873) 
## Summary

Resolve #1814

I changed the behavior of `pip compile` to not display `--upgrade`
(`-U`) and `--quiet` (`-q`) for compatibility
 2024-02-23 19:01:14 +00:00
Charlie Marsh eaf613ed31
Add support for pip-compile's `--unsafe-package` flag (#1889) 
## Summary

In uv, we're going to use `--no-emit-package` for this, to convey that
the package will be included in the resolution but not in the output
file. It also mirrors flags like `--emit-index-url`.

We're also including an `--unsafe-package` alias.

Closes https://github.com/astral-sh/uv/issues/1415.
 2024-02-23 18:47:36 +00:00
konsti 9cf7d113bc
Improve interpreter discovery logging (#1909) 
We had several cases where interpreter discovery fails. This PR improves
the verbose output to ensure interpreter discovery is debuggable for a
user.

In the process, i removed the custom gourgeist logic for the
uv_interpreter logic.

**venv creation**

```
$ uv venv -v -p 3.10
 uv_interpreter::python_query::find_requested_python request=3.10
      0.002389s   0ms DEBUG uv_interpreter::python_query Starting interpreter discovery for Python 3.10
   uv_interpreter::python_query::windows::py_list_paths
      0.016288s  14ms DEBUG uv_interpreter::interpreter Probing interpreter info for: C:\Users\Ferris\AppData\Local\Programs\Python\Python312\python.exe
      0.072860s  70ms DEBUG uv_interpreter::interpreter Found Python 3.12.1 for: C:\Users\Ferris\AppData\Local\Programs\Python\Python312\python.exe
      0.074303s  72ms DEBUG uv_interpreter::interpreter Probing interpreter info for: C:\Users\Ferris\AppData\Local\Programs\Python\Python38\python.exe
      0.134311s 132ms DEBUG uv_interpreter::interpreter Found Python 3.8.10 for: C:\Users\Ferris\AppData\Local\Programs\Python\Python38\python.exe
  x No Python 3.10 found through `py --list-paths` or in `PATH`. Is Python 3.10 installed?
error: process didn't exit successfully: `target\debug\uv.exe venv -v -p 3.10` (exit code: 1)
```

```
$ uv venv -v -p 3.10
 uv_interpreter::python_query::find_requested_python request=3.10
      0.001889s   0ms DEBUG uv_interpreter::python_query Starting interpreter discovery for Python 3.10
   uv_interpreter::python_query::windows::py_list_paths
      0.021488s  19ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.12.1, skipping probing: C:\Users\Ferris\AppData\Local\Programs\Python\Python312\python.exe
      0.021945s  20ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.8.10, skipping probing: C:\Users\Ferris\AppData\Local\Programs\Python\Python38\python.exe
  x No Python 3.10 found through `py --list-paths` or in `PATH`. Is Python 3.10 installed?
error: process didn't exit successfully: `target\debug\uv.exe venv -v -p 3.10` (exit code: 1)
```

```
$ uv venv -v -p 3.8
 uv_interpreter::python_query::find_requested_python request=3.8
      0.001896s   0ms DEBUG uv_interpreter::python_query Starting interpreter discovery for Python 3.8
   uv_interpreter::python_query::windows::py_list_paths
      0.013541s  11ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.8.10, skipping probing: C:\Users\Ferris\AppData\Local\Programs\Python\Python38\python.exe
Using Python 3.8.10 interpreter at C:\Users\Ferris\AppData\Local\Programs\Python\Python38\python.exe
Creating virtualenv at: .venv
Activate with: .venv\Scripts\activate
```

```
$ uv venv -v -p 3.12
 uv_interpreter::python_query::find_requested_python request=3.12
      0.001741s   0ms DEBUG uv_interpreter::python_query Starting interpreter discovery for Python 3.12
   uv_interpreter::python_query::windows::py_list_paths
      0.012807s  11ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.12.1, skipping probing: C:\Users\Ferris\AppData\Local\Programs\Python\Python312\python.exe
Using Python 3.12.1 interpreter at C:\Users\Ferris\AppData\Local\Programs\Python\Python312\python.exe
Creating virtualenv at: .venv
Activate with: .venv\Scripts\activate
```

**pip compile**

```
$ uv pip compile -v .\scripts\requirements\black.in
   uv::requirements::from_source source=.\scripts\requirements\black.in
   uv_interpreter::interpreter::find_best python_version=None
        0.002071s   0ms DEBUG uv_interpreter::interpreter Starting interpreter discovery for active Python
        0.002220s   0ms DEBUG uv_interpreter::virtual_env Found a virtualenv named .venv at: C:\Users\Ferris\projects\uv\.venv
        0.002483s   0ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.12.1, skipping probing: C:\Users\Ferris\projects\uv\.venv\Scripts\python.exe
      0.002581s DEBUG uv::commands::pip_compile Using Python 3.12.1 interpreter at C:\Users\Ferris\projects\uv\.venv\Scripts\python.exe for builds
```

```
$ uv pip compile -p 3.8 -v .\scripts\requirements\black.in
   uv::requirements::from_source source=.\scripts\requirements\black.in
   uv_interpreter::interpreter::find_best python_version=Some(PythonVersion(StringVersion { string: "3.8", version: "3.8" }))
        0.002001s   0ms DEBUG uv_interpreter::interpreter Starting interpreter discovery for Python 3.8
        0.002146s   0ms DEBUG uv_interpreter::virtual_env Found a virtualenv named .venv at: C:\Users\Ferris\projects\uv\.venv
        0.002378s   0ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.12.1, skipping probing: C:\Users\Ferris\projects\uv\.venv\Scripts\python.exe
     uv_interpreter::python_query::find_requested_python request=3.8
          0.002509s   0ms DEBUG uv_interpreter::python_query Starting interpreter discovery for Python 3.8
       uv_interpreter::python_query::windows::py_list_paths
          0.015989s  13ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.8.10, skipping probing: C:\Users\Ferris\AppData\Local\Programs\Python\Python38\python.exe
      0.016144s DEBUG uv::commands::pip_compile Using Python 3.8.10 interpreter at C:\Users\Ferris\AppData\Local\Programs\Python\Python38\python.exe for builds

```

```
$ uv pip compile -p 3.10 -v .\scripts\requirements\black.in
   uv::requirements::from_source source=.\scripts\requirements\black.in
   uv_interpreter::interpreter::find_best python_version=Some(PythonVersion(StringVersion { string: "3.10", version: "3.10" }))
        0.002086s   0ms DEBUG uv_interpreter::interpreter Starting interpreter discovery for Python 3.10
        0.002234s   0ms DEBUG uv_interpreter::virtual_env Found a virtualenv named .venv at: C:\Users\Ferris\projects\uv\.venv
        0.002462s   0ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.12.1, skipping probing: C:\Users\Ferris\projects\uv\.venv\Scripts\python.exe
     uv_interpreter::python_query::find_requested_python request=3.10
          0.002589s   0ms DEBUG uv_interpreter::python_query Starting interpreter discovery for Python 3.10
       uv_interpreter::python_query::windows::py_list_paths
          0.017299s  14ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.12.1, skipping probing: C:\Users\Ferris\AppData\Local\Programs\Python\Python312\python.exe
          0.018135s  15ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.8.10, skipping probing: C:\Users\Ferris\AppData\Local\Programs\Python\Python38\python.exe
        0.020176s  18ms DEBUG uv_interpreter::virtual_env Found a virtualenv named .venv at: C:\Users\Ferris\projects\uv\.venv
        0.020873s  18ms DEBUG uv_interpreter::interpreter Cached interpreter info for Python 3.12.1, skipping probing: C:\Users\Ferris\projects\uv\.venv\Scripts\python.exe
      0.021116s DEBUG uv::commands::pip_compile Using Python 3.12.1 interpreter at C:\Users\Ferris\projects\uv\.venv\Scripts\python.exe for builds
  warning: The requested Python version 3.10 is not available; 3.12.1 will be used to build dependencies instead.
```
 2024-02-23 18:43:46 +00:00
konsti 11ed4f7183
Generate versioned pip launchers (#1918) 
Users expect pip to have `pip`, `pip3` and `pip3.x` entrypoints. But pip
is a universal wheel, so it contains the `pip3.x` entrypoint where it
was built on. To fix this, pip special cases itself when installing
(3898741e29/src/pip/_internal/operations/install/wheel.py (L283)),
replacing the wheel entrypoint with one for the current version. We now
do the same.

Fixes #1593
 2024-02-23 18:01:31 +00:00
Zanie Blue daa8565a75
Bump version to 0.1.10 (#1923) 2024-02-23 11:40:36 -06:00
konsti 62023ead49
Fix uv-created venv detection (#1908) 
Read the key read for uv from `pyenv.cfg` from `gourgeist` instead of
`uv`. I missed that we're also reading pyenv.cfg when reviewing #1852.
We could check for gourgeist for backwards compatibility, but i think
it's fine this way.
 2024-02-23 11:11:22 -06:00
Zanie Blue fe1847561c
Retain authentication when making range requests (#1902) 
Needs https://github.com/prefix-dev/async_http_range_reader/pull/9
Closes https://github.com/astral-sh/uv/issues/1709
 2024-02-23 15:21:10 +00:00
Jonathan Newnham bd59076b18
Fix windows py spurious stderr failure (#1885) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

On Windows `10.0.19045` the `py` command prints to `stderr` even when
working correctly. This means that uv should not treat this as a
failure.

Fixes https://github.com/astral-sh/uv/issues/1904

## Test Plan

I ran the modified code and it worked. I expect the pull request to run
automated tests.
 2024-02-23 09:05:56 -06:00
Micha Reiser 829e14769d
Ignore Python 2 installations when querying for interpreters (#1905) 
## Summary

Fixes https://github.com/astral-sh/uv/issues/1693

`uv` currently fails when a user has `python` 2 or older installed on
their system without a `python3` or `python3.exe` on their path because
the `get_interpreter_info.py` script fails executing (it uses some
Python 3+ APIs).

This PR fixes this by:

* Returning an explicit error code in `get_interpreter_info` if the
Python version isn't supported
* Skipping over this error in `python_query` if the user requested ANY
python version or a version >= 3.
* Error if the user requested a Python 2 version. 

## Test Plan

Error if the user requests a legacy python version. 

```
uv venv -p 2
  × Python 2 or older is not supported. Please use Python 3 or newer.
```


Ignore any python 2 installation when querying newer python
installations (using v4 here because I have python3 on the path and that
takes precedence over querying python)
```
 uv_interpreter::python_query::find_python selector=Major(4)
      0.005541s   0ms DEBUG uv_interpreter::interpreter Detecting markers for: /home/micha/.pyenv/shims/python
      0.059730s  54ms DEBUG uv_interpreter::python_query Found a Python 2 installation that isn't supported by uv, skipping.
      0.059983s  54ms DEBUG uv_interpreter::interpreter Using cached markers for: /usr/bin/python
  × No Python 4 In `PATH`. Is Python 4 installed?

```
 2024-02-23 11:55:38 +01:00
Charlie Marsh 73ed0f0cf1
Omit `--find-links` from annotation header unless requested (#1898) 
## Summary

Like #1835, but for `--find-links` (for consistency).
 2024-02-23 04:05:53 +00:00
Charlie Marsh 3bd4ccad11
Write to stdout when `--output-file` is present (#1892) 
## Summary

This matches `pip-compile` and is, I think, intuitive. If you want to
suppress output, you can always pipe it away.

Closes https://github.com/astral-sh/uv/issues/1895.
 2024-02-22 22:29:14 -05:00
Evgeniy Dubovskoy a7b5c55d8b
Hide index URLs from header if not emitted (#1835) 
## Summary

Hey guys! The motivation described in #1834

## Test Plan

Changed snapshot of the existing tests. `--index-url` and
`--extra-index-url` occur pretty often, so no extra testing is required,
imo.
 2024-02-23 01:48:15 +00:00
Charlie Marsh 0212cb72e9
Bump version to v0.1.9 (#1891) 2024-02-23 01:32:48 +00:00
Charlie Marsh aa73a4f0ea
Add support for `config_settings` in PEP 517 hooks (#1833) 
## Summary

Adds `--config-setting` / `-C` (with a `--config-settings` alias for
convenience) to the CLI.

Closes https://github.com/astral-sh/uv/issues/1460.
 2024-02-23 00:53:45 +00:00
Zanie Blue 1103298e6c
Use `rustls-tls-native-roots` in `uv` crate (#1888) 
I'm confused that we have this separate specification of `reqwests`? I'm
not sure this has any effect, but it seems like it should be done for
correctness.

Follows #1512
 2024-02-22 19:46:11 -05:00
Zanie Blue 8a12b2ebf9
Ensure authentication is passed from the index url to distribution files (#1886) 
Closes https://github.com/astral-sh/uv/issues/1709
Closes https://github.com/astral-sh/uv/issues/1371

Tested with the reproduction provided in #1709 which gets past the HTTP
401.

Reuses the same copying logic we introduced in
https://github.com/astral-sh/uv/pull/1874 to ensure authentication is
attached to file URLs with a realm that matches that of the index. I had
to move the authentication logic into a new crate so it could be used in
`distribution-types`.

We will want to something more robust in the future, like track all
realms with authentication in a central store and perform lookups there.
That's what `pip` does and it allows consolidation of logic like netrc
lookups. That refactor feels significant though, and I'd like to get
this fixed ASAP so this is a minimal fix.
 2024-02-22 18:10:17 -06:00
Andrew Gallant b7942164ee
pep440: fix version ordering (#1883) 
A couple moons ago, I introduced an optimization for version comparisons
by devising a format where *most* versions would be represented by a
single `u64`. This in turn meant most comparisons (of which many are
done during resolution) would be extremely cheap.

Unfortunately, when I did that, I screwed up the preservation of
ordering as defined by the [Version Specifiers spec]. I think I messed
it up because I had originally devised the representation so that we
could pack things like `1.2.3.dev1.post5`, but later realized it would
be better to limit ourselves to a single suffix. However, I never
updated the binary encoding to better match "up to 4 release versions
and up to precisely 1 suffix." Because of that, there were cases where
versions weren't ordered correctly. For example, this fixes a bug where
`1.0a2 < 1.0dev2`, even though all dev releases should order before
pre-releases.

We also update a test so that it catches these kinds of bugs in the
future. (By testing all pairs of versions in a sequence instead of just
the adjacent versions.)

[Version Specifiers spec]:
https://packaging.python.org/en/latest/specifications/version-specifiers/#summary-of-permitted-suffixes-and-relative-ordering
 2024-02-22 18:01:42 -05:00
Zanie Blue 4f129d2a98
Add changelog (#1881) 
Closes #1774
 2024-02-22 22:00:13 +00:00
samypr100 2fa67eae6f
feat: allow passing extra config k,v pairs for pyvenv.cfg when creating a venv (#1852) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

This modifies `gourgeist` to allow passing additional k,v pairs to add
to the `pyvenv.cfg` file as proposed in #1697.
I made it allow an arbitrary set of pairs (to decouple from `uv` since
this is mainly a change to `gourgeist`) , but I can slim it down to just
allow just a name and version strings if that's desired.

The `pyvenv.cfg` will also have a `uv = <uv-crate-version>` when a venv
is created via `uv venv` ~~and `uv-build = <uv-build-crate-version>`
when it's created via `SourceBuild::setup`~~.

Example below via `uv venv`:

```ini
home = ...
implementation = CPython
version_info = 3.12
include-system-site-packages = false
base-prefix = ...
base-exec-prefix = ...
base-executable = ...
uv = 0.1.6
prompt = uv
```

Open to any suggestions, thanks!

Closes #1697 

## Test Plan

Added new test in `tests/venv.rs` called `verify_pyvenv_cfg` to verify
that it contains the right uv version string. I didn't see tests
configured in `gourgeist` itself, so I didn't add any there.
 2024-02-22 20:39:37 +01:00
Zanie Blue f0b39a36b4
Bump version to 0.1.8 (#1880) 2024-02-22 13:11:58 -06:00
Zanie Blue 54ddd0bd02
Avoid displaying "root" package when formatting terms (#1871) 
We don't have test coverage for this, but a term can reference an
incompatibility with root and then we'll display the internal 'root'
package to the user.

Raised in https://github.com/astral-sh/uv/issues/1855
 2024-02-22 18:04:19 +00:00
Zanie Blue 86052fba08
Retain authentication attached to URLs when making requests to the same host (#1874) 
Closes https://github.com/astral-sh/uv/issues/1860


In https://github.com/astral-sh/uv/pull/1816, we started using the URL
attached to a response instead of the request URL for subsequent
requests — this fixes various bugs but has the side-effect of dropping
credentials from the URL. Here, we transfer credentials from the request
URL to the response URL. We perform RFC compliant checks for safety.
 2024-02-22 17:56:38 +00:00
Charlie Marsh 6afbb02798
Allow duplicate URLs that resolve to the same canonical URL (#1877) 
Closes https://github.com/astral-sh/uv/issues/1865.

Closes https://github.com/astral-sh/uv/issues/1866.
 2024-02-22 16:44:36 +00:00
Micha Reiser 12a96ad422
Win Trampoline: Use Python executable path encoded in binary (#1803) 2024-02-22 16:10:02 +01:00
Bas Zalmstra 4e011b305f
fix: expose types to implement custom `ResolverProvider` (#1862) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

To integrate `uv` into `pixi` I need to specify a custom
`ResolverProvider` to be able to specify that some packages are already
installed by conda and should not be touched. However, some of the types
required to implement your own `ResolverProvider` were not accessible
through the public API. This PR basically adds them.

## Test Plan

I didnt add an explicit test for this.
 2024-02-22 08:59:03 -06:00
Micha Reiser 9f3ccf7fe1
Search `PATH` when `python` can't be found with `py` (#1711) 2024-02-22 08:47:33 +01:00
Charlie Marsh 12462e5730
Bump version to v0.1.7 (#1851) 2024-02-21 22:31:23 -05:00
Jane Lewis da3a7ec801
Linker copies files as a fallback when ref-linking fails (#1773) 
## Summary

Fixes #1444.

In situations where the installer fails to perform a reflink, a regular
file copy is also attempted, as a fallback. This circumvents issues with
linking files across filesystems or volumes.

## Test Plan
N/A
 2024-02-21 21:57:31 -05:00
Charlie Marsh 1652844bd3
Don't expect pinned packages for editables with non-existent extras (#1847) 
Closes https://github.com/astral-sh/uv/issues/1787.
 2024-02-22 02:55:56 +00:00
Charlie Marsh 7eaed07f6c
Move conflicting dependencies into PubGrub (#1796) 
## Summary

This revives a PR from long ago
(https://github.com/astral-sh/uv/pull/383 and
https://github.com/zanieb/pubgrub/pull/24) that modifies how we deal
with dependencies that are declared multiple times within a single
package.

To quote from the originating PR:

> Uses an experimental pubgrub branch (#370) that allows us to handle
multiple version ranges for a single dependency to the solver which
results in better error messages because the derivation tree contains
all of the relevant versions. Previously, the version ranges were merged
(by us) in the resolver before handing them to pubgrub since only one
range could be provided per package. Since we don't merge the versions
anymore, we no longer give the solver an empty range for conflicting
requirements; instead the solver comes to that conclusion from the
provided versions. You can see the improved error message for direct
dependencies in [this
snapshot](https://github.com/astral-sh/puffin/pull/383/files#diff-a0437f2c20cde5e2f15199a3bf81a102b92580063268417847ec9c793a115bd0).

The main issue with that PR was around its handling of URL dependencies,
so this PR _also_ refactors how we handle those. Previously, we stored
URL dependencies on `PubGrubPackage`, but they were omitted from the
hash and equality implementations of `PubGrubPackage`. This led to some
really careful codepaths wherein we had to ensure that we always visited
URLs before non-URL packages, so that the URL-inclusive versions were
included in any hashmaps, etc. I considered preserving this approach,
but it would require us to rely on lots of internal details of PubGrub
(since we'd now be relying on PubGrub to merge those packages in the
"right" order).

So, instead, we now _always_ set the URL on a given package, whenever
that package was _given_ a URL upfront. I think this is easier to reason
about: if the user provided a URL for `flask`, then we should just
always add the URL for `flask`. If we see some other URL for `flask`, we
error, like before. If we see some unknown URL for `flask`, we error,
like before.

Closes https://github.com/astral-sh/uv/issues/1522.

Closes https://github.com/astral-sh/uv/issues/1821.

Closes https://github.com/astral-sh/uv/issues/1615.
 2024-02-21 21:27:58 -05:00
Charlie Marsh 831ab457f7
Treat ARM wheels as higher-priority than universal (#1843) 
## Summary

We need to take care to keep wheel tags in "priority order" (e.g., we
should prefer ARM wheels over universal wheels). However... it looks
like we've had a `.sort()` in here all along, that risks throwing off
the ordering?

Closes https://github.com/astral-sh/uv/issues/1840.

## Test Plan

ensure that `rlax` uses the ARM wheel rather than the universal wheel:

- `cargo run venv`
- `cargo run pip install rlax`
- `import rlax`
 2024-02-22 01:38:56 +00:00
Zanie Blue 10be62e9d3
Improve error message when git ref cannot be fetched (#1826) 
Follow-up to #1781 improving the error message when a ref cannot be
fetched
 2024-02-22 01:22:00 +00:00
Charlie Marsh 3a34918480
Add fixup for `prefect<1.0.0` (#1825) 
Closes https://github.com/astral-sh/uv/issues/1798.
 2024-02-21 19:47:34 +00:00
Zanie Blue 71ec568d0f
Use `git` command to fetch repositories instead of `libgit2` for robust SSH support (#1781) 
Closes https://github.com/astral-sh/uv/issues/1775
Closes https://github.com/astral-sh/uv/issues/1452
Closes https://github.com/astral-sh/uv/issues/1514
Follows https://github.com/astral-sh/uv/pull/1717

libgit2 does not support host names with extra identifiers during SSH
lookup (e.g. [`github.com-some_identifier`](

https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys#using-multiple-repositories-on-one-server))
so we use the `git` command instead for fetching. This is required for
`pip` parity.

See the [Cargo
documentation](https://doc.rust-lang.org/nightly/cargo/reference/config.html#netgit-fetch-with-cli)
for more details on using the `git` CLI instead of libgit2. We may want
to try to use libgit2 first in the future, as it is more performant
(#1786).

We now support authentication with:

```
git+ssh://git@<hostname>/...
git+ssh://git@<hostname>-<identifier>/...
```

Tested with a deploy key e.g.

```
cargo run -- \
    pip install uv-private-pypackage@git+ssh://git@github.com-test-uv-private-pypackage/astral-test/uv-private-pypackage.git \
    --reinstall --no-cache -v
```

and

```
cargo run -- \
    pip install uv-private-pypackage@git+ssh://git@github.com/astral-test/uv-private-pypackage.git \
    --reinstall --no-cache -v     
```

with a ssh config like

```
Host github.com
        Hostname github.com
        IdentityFile=/Users/mz/.ssh/id_ed25519

Host github.com-test-uv-private-pypackage
        Hostname github.com
        IdentityFile=/Users/mz/.ssh/id_ed25519
```

It seems quite hard to add test coverage for this to the test suite, as
we'd need to add the SSH key and I don't know how to isolate that from
affecting other developer's machines.
 2024-02-21 12:44:32 -06:00
Charlie Marsh b4bc40627c
Sort output when installing seed packages (#1822) 
This output is technically non-deterministic right now.
 2024-02-21 18:33:06 +00:00
Micha Reiser 39ee3969d9
Upgrade to Rust 1.76 (#1820) 2024-02-21 17:53:41 +00:00
Andrew Gallant deef6c102d
platform-host: check /bin/sh, then /bin/dash and then /bin/ls (#1818) 
Previously, we were only checking /bin/sh. While that works in most
cases, it seems like there are still scenarios where /bin/sh isn't an
executable itself, and is instead just a shell script that calls
/bin/dash. (See #1810 for example.)

In this PR, we make the `ld` detection a bit more robust by trying
multiple paths. As with previous changes, we emit copious logs to help
debug this in the future.

It's not totally clear how to test this. I'm not sure how to reproduce
the environment mentions in #1810 specifically since it seems like an
internal variant of WSL Ubuntu.

Fixes #1810
 2024-02-21 11:49:28 -05:00
Micha Reiser fac9d843dc
Normalize `VIRTUAL_ENV` path in activation scripts (#1817) 2024-02-21 15:52:32 +00:00
Charlie Marsh cff16f5736
Use redirected URL as base for relative paths (#1816) 
## Summary

If you review the setup in https://github.com/astral-sh/uv/issues/1747,
when we fetch `http://localhost:8000/simple/wheel/`, it gets redirected
to `http://localhost:8000/index/wheel/`. So any relative paths returned
need to be resolved relative to `http://localhost:8000/index/wheel/`.

Closes https://github.com/astral-sh/uv/issues/1747.

## Test Plan

- Install `proxpi gunicorn pypiserver`
- `gunicorn proxpi.server:app --bind 0.0.0.0:8000`
- `pypi-server run -p 8080 ~/packages --fallback-url
"http://localhost:8000/index" --verbose`
- `echo "wheel" | cargo run pip compile - --index-url
http://localhost:8080/simple --verbose --no-cache`
 2024-02-21 15:10:25 +00:00
Charlie Marsh c2b75b64d2
Wait for distribution metadata with `--no-deps` (#1812) 
## Summary

We still need to wait for the distribution metadata (for direct
dependencies), even when resolving with `--no-deps`, since we rely on it
to report diagnostics to the user.

Closes https://github.com/astral-sh/uv/issues/1801.
 2024-02-21 14:45:09 +00:00
Charlie Marsh 19890feb77
Preserve executable bit when untarring archives (#1790) 
## Summary

Closes https://github.com/astral-sh/uv/issues/1767.
 2024-02-21 14:18:44 +00:00
Charlie Marsh 88a0c13865
Use async unzip for local source distributions (#1809) 
## Summary

We currently maintain separate untar methods for sync and async, but we
only use the sync version when the user provides a local source
distribution. (Otherwise, we untar as we download the distribution.) In
my testing, this is actually slower anyway:

```
❯ python -m scripts.bench \
        --uv-path ./target/release/main \
        --uv-path ./target/release/uv \
        ./requirements.in --benchmark resolve-cold --min-runs 50
Benchmark 1: ./target/release/main (resolve-cold)
  Time (mean ± σ):     835.2 ms ± 107.4 ms    [User: 346.0 ms, System: 151.3 ms]
  Range (min … max):   639.2 ms … 1051.0 ms    50 runs

Benchmark 2: ./target/release/uv (resolve-cold)
  Time (mean ± σ):     750.7 ms ±  91.9 ms    [User: 345.7 ms, System: 149.4 ms]
  Range (min … max):   637.9 ms … 905.7 ms    50 runs

Summary
  './target/release/uv (resolve-cold)' ran
    1.11 ± 0.20 times faster than './target/release/main (resolve-cold)'
```
 2024-02-21 14:11:37 +00:00
Charlie Marsh a2a1b2fb0f
Avoid enforcing URL correctness for installed distributions (#1793) 
## Summary

Allows the corresponding `pypi_types` struct to use any URL, since other
installers can put those into the environment, and Poetry seems to write
invalid URLs.

If we see a distribution with an invalid URL, we just treat it as a
registry distribution, which isn't ideal, but is better than (1)
erroring, and (2) changing `Url` to `String` everywhere internally. (I'm
torn on this second option.)

Closes https://github.com/astral-sh/uv/issues/1744.

## Test Plan

- Added `flask = { git = "git@github.com:pallets/flask.git", rev =
"b90a4f1f4a370e92054b9cc9db0efcb864f87ebe" }` to
`scripts/editable-installs/poetry_editable/pyproject.toml`.
- Ran `poetry install`.
- Ran `cargo pip freeze`. Verified that it errored on `main`, but passed
here.
- Ran `cargo run pip install "flask==3.0.0"`. Verified that it
uninstalled the existing Flask, and installed a new version from the
registry.
 2024-02-21 09:06:31 -05:00
konsti 0f520d8716
Configurable bootstrap dir (#1772) 
Add a `UV_BOOTSTRAP_DIR` option to configure the python bootstrap
directory. This is helpful when working across multiple platforms in a
single IDE session.
 2024-02-21 13:46:23 +01:00
Charlie Marsh 5d53040465
Stream zip archive when fetching non-range-request metadata (#1792) 
## Summary

If a registry doesn't support range requests, then today, we download
the entire wheel to disk and then read the metadata from the downloaded
archive. This PR instead modifies the registry client to stream the
zipfile and stop as soon as it's seen the metadata, which should be more
efficient.

Closes https://github.com/astral-sh/uv/issues/1596.

## Test Plan

Made this the _only_ path for downloading metadata; verified that the
test suite passed.
 2024-02-20 22:12:21 -05:00
Evgeniy Dubovskoy 31752bf4be
feat: Implement `--annotation-style` parameter for `uv pip compile` (#1679) 
## Summary

Hello there! The motivation for this feature is described here #1678 

## Test Plan

I've added unit tests and also tested this manually on my work project
by comparing it to the original `pip-compile` output - it looks much
like the `pip-compile` generated lock file.
 2024-02-21 02:08:34 +00:00
Zanie Blue 3cd51ffc92
Support setting request timeout with `UV_HTTP_TIMEOUT` and `HTTP_TIMEOUT` (#1780) 
Follow-up to #1694 matching Cargo's environment variable names


https://doc.rust-lang.org/nightly/cargo/reference/config.html#httptimeout
 2024-02-20 18:48:18 -06:00
Zanie Blue d07b587f3f
Retain passwords in Git URLs (#1717) 
Fixes handling of GitHub PATs in HTTPS URLs, which were otherwise
dropped. We now supporting the following authentication schemes:

```
git+https://<user>:<token>/...
git+https://<token>/...
```

On Windows, the username is required. We can consider adding a
special-case for this in the future, but this just matches libgit2's
behavior.

I tested with fine-grained tokens, OAuth tokens, and "classic" tokens.
There's test coverage for fine-grained tokens in CI where we use a real
private repository and PAT. Yes, the PAT is committed to make this test
usable by anyone. It has read-only permissions to the single repository,
expires Feb 1 2025, and is in an isolated organization and GitHub
account.

Does not yet address SSH authentication.

Related:
- https://github.com/astral-sh/uv/issues/1514
- https://github.com/astral-sh/uv/issues/1452
 2024-02-21 00:12:56 +00:00
Edgar Ramírez Mondragón 2e60c1d734
Use the right marker for the `implementation` field of `pyvenv.cfg` (#1785) 
## Summary

The generated `pyvenv.cfg` file hardcodes `implementation = CPython`
even for PyPy venvs, created with `uv venv venv --python pypy3.10`, for
example.

```ini
home = /path/to/.pyenv/versions/pypy3.10-7.3.15/bin
implementation = CPython
version_info = 3.10
gourgeist = 0.0.4
include-system-site-packages = false
base-prefix = /path/to/.pyenv/versions/pypy3.10-7.3.15
base-exec-prefix = /path/to/.pyenv/versions/pypy3.10-7.3.15
base-executable = /path/to/.pyenv/versions/pypy3.10-7.3.15/bin/pypy3.10
```

## Test Plan

Manually verified that `pyvenv.cfg` now contains `implementation =
PyPy`. I can try refactoring `create_bare_venv` to make it more easily
testable, though.
 2024-02-20 19:09:53 -05:00
Charlie Marsh f13d0adbcd
Ensure that builds within the cache aren't considered Git repositories (#1782) 
## Summary

Some packages encode logic to embed the current commit SHA in the
version tag, when built within a Git repo. This typically results in an
invalid (non-compliant) version. Here's an example from `pylzma`:
ccb0e7cff3/version.py (L45).

This PR adds a phony, empty `.git` to the cache root, to ensure that any
`git` commands fail.

Closes https://github.com/astral-sh/uv/issues/1768.

## Test Plan

- Create a tag on the current commit, like `v0.5.0`.
- Build `pylzma`, using a cache _within_ the repo:

```
rm -rf foo
cargo run venv
cargo run pip install "pylzma @ 10ef072c3c3b9ea77ebe9546499975/pylzma-0.5.0.tar.gz" --verbose  --cache-dir bar
```
 2024-02-20 15:37:05 -05:00
Charlie Marsh d5a2a5fed3
Add support for `>dev` specifier (#1776) 
## Summary

Not a fan of this one but we don't have a clear policy on it yet so
feels weird to discriminate.

Closes https://github.com/astral-sh/uv/issues/1686.
 2024-02-20 20:27:30 +00:00
Charlie Marsh 8df48f035f
Fix pep508-rs tests without features (#1778) 2024-02-20 19:35:36 +00:00
konsti 2928c6e574
Backport changes from publish crates (#1739) 
Backport of changes for the published new versions of pep440_rs and
pep508_rs to make it easier to keep them in sync.
 2024-02-20 19:33:27 +01:00
Andrew Gallant 8480842d3e
strip trailing `+` from version number of local Python builds (#1771) 
(This PR message is mostly copied from the comment in the code.)

For local builds of Python, at time of writing, the version numbers end
with
a `+`. This makes the version non-PEP-440 compatible since a `+`
indicates
the start of a local segment which must be non-empty. Thus, `uv` chokes
on it
and [spits out an error][1] when trying to create a venv using a "local"
build
of Python. Arguably, the right fix for this is for [CPython to use a
PEP-440
compatible version number][2].

However, as a work-around for now, [as suggested by pradyunsg][3] as one
possible direction forward, we strip the `+`.

This fix does unfortunately mean that one [cannot specify a Python
version
constraint that specifically selects a local version][4]. But at the
time of
writing, it seems reasonable to block such functionality on this being
fixed
upstream (in some way).

Another alternative would be to treat such invalid versions as strings
(which
is what PEP-508 suggests), but this leads to undesirable behavior in
this
case. For example, let's say you have a Python constraint of `>=3.9.1`
and
a local build of Python with a version `3.11.1+`. Using string
comparisons
would mean the constraint wouldn't be satisfied:

    >>> "3.9.1" < "3.11.1+"
    False

So in the end, we just strip the trailing `+`, as was done in the days
of old
for [legacy version numbers][5].

I tested this fix by manually confirming that

    uv venv --python local/python

failed before it and succeeded after it.

Fixes #1357

[1]: https://github.com/astral-sh/uv/issues/1357
[2]: https://github.com/python/cpython/issues/99968
[3]:
https://github.com/pypa/packaging/issues/678#issuecomment-1436033646
[4]: https://github.com/astral-sh/uv/issues/1357#issuecomment-1947645243
[5]:
085ff41692/packaging/version.py (L168-L193)
 2024-02-20 12:57:28 -05:00
konsti a269766c27
If-let instead of unwrap (PR #1746 follow-up) (#1770) 
Solves: https://github.com/astral-sh/uv/pull/1746#discussion_r1496139629
 2024-02-20 17:32:01 +00:00
Charlie Marsh ede2828fde
Bump version to v0.1.6 (#1736) 2024-02-20 12:22:26 -05:00
Tim de Jager 8cbeab7107
feat: add installer to `InstalledDist` (#1762) 
## Summary

Add `installer` method to `InstalledDist` to distinguish between
different installers. Might be nice to add an enum for all possible
installers, but this might be too hard to keep up to date :).

The `INSTALLER` file is a file that can be added to the `.dist-info`
folder with the installer name.

Closes: #1759 

## Test Plan

Not sure if there is a place I can automatically test it, if you have a
pointer I would be happy to add a test.
 2024-02-20 17:07:08 +00:00
konsti a7513f4644
Better error message for missing space before semicolon in requirements (#1746) 
PEP 508 requires a space between a URL and the semicolon separating it
from the markers to disambiguate it from a url ending with a semicolon.
This is easy to get wrong because the space is not required after a
plain name of PEP 440 specifier. The new error message explicitly points
out the missing space.

Fixes #1637
 2024-02-20 16:38:36 +00:00
konsti db61d848a7
Skip compile_html test on musl (#1756) 
The torch index has no musllinux wheel, so we need to skip the test on
alpine.
 2024-02-20 16:36:03 +00:00
Bas Zalmstra 6ea49ef7bf
fix: expose DefaultResolverProvider (#1764) 
## Summary

The `DefaultResolverProvider` struct was not public. This PR exposes it
so we can build our own and use this as a fallback.

## Test Plan

I did not explicitly test this trivial change.
 2024-02-20 11:34:19 -05:00
Andrew Gallant 8bcb998af1 uv-extract: add regression test for a bunk zip file 
This ensures we can install a source dist from a `zip`
file that has present but bunk permissions.

Fixes #1453
 2024-02-20 10:57:51 -05:00
Andrew Gallant d6aaf7be30 uv-extract: call `target.as_ref()` once 
This is just a style thing.
 2024-02-20 10:57:51 -05:00
Andrew Gallant 634d593127 uv-client: remove benign WARN log message 
A WARN log was being emitted for a "broken cache entry" in the case
where the cache entry simply doesn't exist. But this is totally fine and
expected. So we detect the kind of error that occurred and emit a TRACE
if the file simply didn't exist.
 2024-02-20 10:57:51 -05:00
konsti 9a720a87c8
Only preserve the executable bit (#1743) 
A file in a zip can set arbitrary unix permissions, but we, like pip,
want to preserve only the executable bit and otherwise use the OS
defaults.

This should be faster for wheels with many files since we now avoid the
blocking fs call to set the permissions in most cases.

Fixes #1740.
 2024-02-20 16:41:05 +01:00
konsti f7722c02c1
Don't preserve timestamp in streaming unzip (#1749) 
## Summary

Don't preserve mtime to work around alexcrichton/tar-rs#349. Same as
#634 except for the streaming unzip.

Fixes #1748.

## Test Plan

Added the tomli source dist as test case.
 2024-02-20 14:54:28 +00:00
Viktor Szépe c191a83c5e
Fix typos configuration (#1742) 
## Summary

Narrow down excludes for `typos` and fix 2 additional misspellings.

BTW pre-commit can be run in CI:
https://github.com/szepeviktor/pre-commit-on-you/actions/runs/7971275239/job/21760614908
 2024-02-20 09:53:07 -05:00
Bas Zalmstra daf2800ddf
feat: allow passing in a custom reqwest Client (#1745) 
## Summary

I am looking to instantiate a `RegistryClient`. However, when using the
`RegistryClientBuilder` a new reqwest client is always constructed. I
would like to pass in a custom `reqwest::Client` to be able to share the
http resources with other parts of my application.

## Test Plan

The uv codebase does not use my addition to the builder and all tests
still succeed. And in my code I can pass a custom Client.
 2024-02-20 09:50:18 -05:00
Charlie Marsh dd7d533411
Set index URLs for seeding venv (#1755) 
Just an oversight due to builder pattern.

Closes https://github.com/astral-sh/uv/issues/1752.
 2024-02-20 14:49:16 +00:00
обоо 7741e1c51a
Print activation instructions for a venv after one has been created (#1580) 2024-02-20 12:39:42 +00:00
Charlie Marsh d05cb8464a
Allow `-f` alias for `--find-links` (#1735) 
## Summary

`pip` supports this, and I keep expecting it to exist in my testing.
 2024-02-20 00:56:26 -05:00
Di-Is 36edaeecf2
Control pip timeout duration via environment variable (#1694) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

Add the environment variable `UV_REQUEST_TIMEOUT` to allow control over
pip timeouts.

Closes #1549 

## Test Plan

I built uv in the repository top Dockerfile, set the timeout to 3
seconds, and ran `uv pip install torch`.
I measured the execution time with the time command and confirmed that
the process finished at a value close to the timeout we set.

```bash
root@037c69228cdc:~# time UV_REQUEST_TIMEOUT=3 /uv pip install torch
Resolved 22 packages in 25ms
error: Failed to download distributions
  Caused by: Failed to fetch wheel: nvidia-cusolver-cu12==11.4.5.107
  Caused by: Failed to extract source distribution
  Caused by: request or response body error: operation timed out
  Caused by: operation timed out

real    0m3.064s
user    0m0.225s
sys     0m0.240s
```
 2024-02-19 22:37:56 -06:00
Charlie Marsh 692c00defe
Implement `uv cache dir` (#1734) 
## Summary

Like `pip cache dir`, merely prints out the cache directory.

Closes https://github.com/astral-sh/uv/issues/1646.
 2024-02-19 23:29:10 -05:00
Charlie Marsh bb876d95ed
Move `uv clean` to `uv cache clean` (#1733) 
## Summary

This opens up space to add other cache-related commands. (`uv clean`
continues to work for backwards compatibility but is hidden from the
CLI.)
 2024-02-20 04:14:05 +00:00
Charlie Marsh 254a94c40a
Use `httpx` instead of `anyio` for reinstall test (#1732) 
This works on Windows.
 2024-02-19 23:08:19 -05:00
Charlie Marsh 4b5b9835fd
Ensure extras trigger an install (#1727) 
## Summary

We weren't respecting extras when auditing the existing environment.

Closes https://github.com/astral-sh/uv/issues/1726.
 2024-02-20 03:37:35 +00:00
Charlie Marsh a5372d4e4d
Ignore invalid extras from PyPI (#1731) 
## Summary

We don't control these, so it seems preferable _not_ to fail on them,
but rather, to just ignore them entirely. (I considered adding a long
allow-list, but then questioned the point of it? We'd end up having to
extend it if more invalid extras were published in the future.)

Closes https://github.com/astral-sh/uv/issues/1633.
 2024-02-19 22:26:29 -05:00
Charlie Marsh 402edf1522
Improve Poetry warning (#1730) 
Good feedback from:
https://github.com/astral-sh/uv/pull/1650#discussion_r1495140531
 2024-02-19 22:08:49 -05:00
Charlie Marsh 505b99d9b6
Support recursive extras for URL dependencies (#1729) 
Closes https://github.com/astral-sh/uv/issues/1680.
 2024-02-19 21:56:21 -05:00
Charlie Marsh c05080a3e3
Add support for absolute paths on Windows (#1725) 
## Summary

The main change is that we need to have an explicit list of protocols we
_do_ support (like `https`), so that when we see a Windows absolute path
(`C:\...`), we don't treat the `C` as a protocol itself.

Closes https://github.com/astral-sh/uv/issues/1539.
 2024-02-20 01:36:53 +00:00
Taniguchi Yasufumi 8f739c9b23
Add warning when dependencies are empty with Poetry metadata (#1650) 
Resolve #1630 

`PyProjectToml` doesn't seem to have a `tool` field, so instead of
checking it, I check if `requirements` is empty.


c04f597fae/crates/uv-build/src/lib.rs (L176-L184)
 2024-02-20 00:08:25 +00:00
Charlie Marsh 034f62b24f
Respect `--index-url` provided via requirements.txt (#1719) 
## Summary

When we read `--index-url` from a `requirements.txt`, we attempt to
respect the `--index-url` provided by the CLI if it exists.
Unfortunately, `--index-url` from the CLI has a default value... so we
_never_ respect the `--index-url` in the requirements file.

This PR modifies the CLI to use `None`, and moves the default into logic
in the `IndexLocations `struct.

Closes https://github.com/astral-sh/uv/issues/1692.
 2024-02-20 00:02:26 +00:00
Zanie Blue f3ef55f879
Update the scenarios to use vendored build dependencies (#1605) 
Uses `--find-links` to discover vendored scenario build dependencies and
allows us to use `--index-url` instead of `--extra-index-url` to avoid
hitting the real PyPI in scenario tests.
 2024-02-19 21:55:03 +00:00
Charlie Marsh 1d9daa6de1
Preserve trailing slash for `--find-links` URLs (#1720) 
## Summary

We should allow a `--find-links` URL to be provided as _either_ (e.g.)
`https://wheelhouse.acsone.eu/manylinux1` or
`https://wheelhouse.acsone.eu/manylinux1/`. By using the response URL,
we can "always do the right thing" (it will always have a trailing
slash, or always return a `.html` suffix) rather than attempting to
sniff out the URL kind in advance.

Closes https://github.com/astral-sh/uv/issues/1683.

## Test Plan

- `cargo run pip install requests --force-reinstall --no-index
--find-links https://wheelhouse.acsone.eu/manylinux1 -n`
- `cargo run pip install requests --force-reinstall --no-index
--find-links https://wheelhouse.acsone.eu/manylinux1/ -n`
 2024-02-19 21:26:12 +00:00
Olivier Le Floch 220bc46643
is_http_range_requests_unsupported should return true on Method Not Allowed (#1713) 
## Summary

Azure Artifacts does not allow HEAD requests when attempting to download
packages. This expands error handling in
`is_http_range_requests_unsupported` to identify HTTP 405 (Method Not
Allowed) error codes, and return `true` (i.e. Range requests will not be
supported). This partially addresses #1458 – after this change, Azure
Artifacts downloads still fail, but due to 401 Not Authorized instead of
405 Method Not Allowed.

## Test Plan

I ran something akin to

```
RUST_LOG=trace cargo run -- pip install --index-url=https://REDACTED:REDACTED@pkgs.dev.azure.com/REDACTED/_packaging/REDACTED/pypi/simple/ --upgrade --verbose private-package
```

without this code, and got a 405 failure:

```
error: Failed to download: private-package==1.2.3
  Caused by: HTTP status client error (405 Method Not Allowed) for url (https://pkgs.dev.azure.com/REDACTED/_packaging/REDACTED/pypi/download/private-package/1.2.3/private_package-1.2.3-py3-none-any.whl#sha256=REDACTED)
  ```

with this code, I get a 401 failure:

```
error: Failed to download: private-package==1.2.3
Caused by: HTTP status client error (401 Unauthorized) for url
(https://pkgs.dev.azure.com/REDACTED/_packaging/REDACTED/pypi/download/private-package/1.2.3/private_package-1.2.3-py3-none-any.whl#sha256=REDACTED)
```

## Caveats

I'm not seeing a non HEAD request being reported as being fired, so I'm not sure I'm doing this correctly!
 2024-02-19 15:40:25 -05:00
Henry Schreiner c6fd3d97fb
fix: remove uv version from uv pip compile header (#1716) 
## Summary

This fixes https://github.com/astral-sh/uv/issues/1704 by removing the
version from the produced header.

## Test Plan

Checked with clippy, and tests are updated too.
 2024-02-19 20:26:53 +00:00
Inada Naoki 9efbc1fc25
Add support for `venv --prompt` (#1570) 
## Summary

This PR adds the `--prompt` option to `venv` subcommand.

The default behavior for `uv venv` is to create a virtual environment in
the current directory with `.venv` name. This is different from `venv` /
`virtualenv` where a user always needs to provide the virtual
environment path. This allows us to define our own behavior in the
default scenario (`uv venv`). We've decided to use the current
directory's name in that case.

Workflows:
| Command | Virtual Environment Name | Prompt |
|--------|--------|--------|
| `uv venv` | `.venv` (default) | Current directory name |
| `uv venv project` | `project` | `project` |
| `uv venv --prompt .` | `.venv` | Current directory name |
| `uv venv --prompt foobar` | `.venv` | `foobar` | 
| `uv venv project --prompt foobar` | `project` | `foobar` | 


Fixes #1445

## Test Plan

This is my first Rust code and I don't know how to write tests yet.
I just checked the behavior manually:

```
$ cargo build
$ mkdir t
$ cd t
$ ../target/debug/uv venv -p 3.11
$ rg -w t .venv/bin/acti*
.venv/bin/activate.csh
13:setenv VIRTUAL_ENV '/Users/inada-n/work/uv/t/.venv'
20:if ('t' != "") then
21:    setenv VIRTUAL_ENV_PROMPT 't'
23:    setenv VIRTUAL_ENV_PROMPT "$VIRTUAL_ENV:t:q"
38:    # in which case, $prompt is undefined and we wouldn't

.venv/bin/activate
48:VIRTUAL_ENV='/Users/inada-n/work/uv/t/.venv'
59:    VIRTUAL_ENV_PROMPT="t"

.venv/bin/activate.fish
61:set -gx VIRTUAL_ENV '/Users/inada-n/work/uv/t/.venv'
73:if test -n 't'
74:    set -gx VIRTUAL_ENV_PROMPT 't'

.venv/bin/activate.ps1
40:if ("t" -ne "") {
41:    $env:VIRTUAL_ENV_PROMPT = "t"

.venv/bin/activate.nu
6:# but then simply `deactivate` won't work because it is just an alias to hide
35:    let virtual_env = '/Users/inada-n/work/uv/t/.venv'
50:    let virtual_env_prompt = (if ('t' | is-empty) {
53:        't'
```

---------

Co-authored-by: Dhruv Manilawala <dhruvmanila@gmail.com>
 2024-02-20 00:43:20 +05:30
Andrew Gallant cd1f619d21
re-introduce cache healing when we see an invalid cache entry (#1707) 
This PR introduces more robust cache healing when `uv` fails to
deserialize an existing cache entry.

("Cache healing" in this context means that if `uv` fails to
deserialize a cache entry, then it will automatically invalidate that
entry and re-generate the data. Typically by sending an HTTP request.)

Previous to some optimizations I made around deserialization, we were
already doing this. After those optimizations, deserializing a cache
policy and the payload were split into two steps. While deserializing
a cache policy retained its cache healing behavior, deserializing the
payload did not. This became an issue when #1556 landed, which changed
one of our `rkyv` data types. This in turn made our internal types
incompatible with existing cache entries. One could work-around this
by clearing `uv`'s cache with `uv clean`, but we should just do it
automatically on a cache entry by entry basis.

This does technically introduce a new cost by pessimistically cloning
the HTTP request so that we can re-send it if necessary (see the commit
messages for the knot pushing me toward this approach). So I re-ran my
favorite ad-hoc benchmark:

```
$ hyperfine -w10 --runs 50 "uv-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null" "uv-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null" ; A bart
Benchmark 1: uv-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
  Time (mean ± σ):     114.4 ms ±   3.2 ms    [User: 149.4 ms, System: 221.5 ms]
  Range (min … max):   106.7 ms … 122.0 ms    50 runs

Benchmark 2: uv-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
  Time (mean ± σ):     114.0 ms ±   3.0 ms    [User: 146.0 ms, System: 223.3 ms]
  Range (min … max):   105.3 ms … 121.4 ms    50 runs

Summary
  uv-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null ran
    1.00 ± 0.04 times faster than uv-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
```

Which is about what I expected.

We should endeavor to have a better testing strategy for these kinds of
bugs, but I think it might be a little tricky to do. I created
https://github.com/astral-sh/uv/issues/1699 to track that.

Fixes #1571
 2024-02-19 12:33:35 -05:00
markmmm b76efc62a7
Support dotted function paths for script entrypoints (#1622) 
Co-authored-by: markm <mark.mcmahon@autodesk.com>
Co-authored-by: Micha Reiser <micha@reiser.io>
 2024-02-19 10:09:12 +00:00
Alexander Gherm 4dfcf32e4c
Add shell completions generation (#1675) 
<!--
Thank you for contributing to uv! To help us out with reviewing, please
consider the following:

- Does this pull request include a summary of the change? (See below.)
- Does this pull request include a descriptive title?
- Does this pull request include references to any relevant issues?
-->

## Summary

Adds cli command / flag (`generate-shell-completion <SHELL>` /
`--generate-shell-completion <SHELL>`) to generate the completion script
for the given shell. Implemented in exactly the same way as it is done
in ruff
(https://github.com/astral-sh/ruff/blob/main/crates/ruff/src/lib.rs#L197)

Closes https://github.com/astral-sh/uv/issues/1654

## Test Plan

I've normally tested the generated script manually only for bash shell
on Ubuntu 22.04.3
```bash
$ uv --generate-shell-completion bash > /usr/share/bash-completion/completions/uv
$ uv # <TAB>
-q                         -h                         --verbose                  --no-cache                 --version                  clean
-v                         -V                         --no-color                 --cache-dir                pip                        generate-shell-completion
-n                         --quiet                    --color                    --help                     venv                       help
$ uv pip # <TAB>
-q           -n           -V           --verbose    --color      --cache-dir  --version    sync         uninstall    help
-v           -h           --quiet      --no-color   --no-cache   --help       compile      install      freeze
```
 2024-02-18 21:43:18 -06:00
Zanie Blue 07349e39e8
Bump version to v0.1.5 (#1671) 2024-02-18 20:18:07 -06:00
Daniel Reeves e923dba4b4
Move yank warnings to end of messages (#1669) 
Resolves #1292.

## Summary

Move the yanked warnings for `uv pip sync` and `uv pip install` to the
end of the commands, as per #1292.

## Test Plan

I ran the unit tests: `cargo nextest run`
 2024-02-18 18:01:00 -06:00
Arjun Munji 3ed386c0c5
Remove setuptools & wheel from seed packages (#1602) (#1613) 
## Summary
Removed `wheel` and `setuptools` from seed packages list when creating a
virtual environment

Closes https://github.com/astral-sh/uv/issues/1602

## Test Plan
Ran the command `cargo nextest run` :
<img width="564" alt="image"
src="https://github.com/astral-sh/uv/assets/6116387/14ed2da6-1b3e-4598-a49f-29dd8c4cb19b">

---------

Co-authored-by: Zanie <contact@zanie.dev>
 2024-02-18 21:20:21 +00:00
Zanie Blue 63c313425f
Build source distributions in the cache directory instead of the global temporary directory (#1628) 
Addresses report in https://github.com/astral-sh/uv/issues/1444 where a
temporary directory is created outside of the cache directory or current
virtual environment.

There is one additional usage of bare `tempdir` outside of tests we may
want to change:


2586f655bb/crates/install-wheel-rs/src/wheel.rs (L567)
 2024-02-18 15:05:39 -06:00
Charlie Marsh 5cdc6de4a9
Add `CACHEDIR.TAG` to uv-created virtualenvs (#1653) 
## Summary

Just as we mark virtualenvs as `gitignore`d by default, we should also
mark them as `CACHEDIR.TAG`, to ensure that they aren't included in
backups, etc.

Closes https://github.com/astral-sh/uv/issues/1648.

## Test Plan

Ran `cargo run venv` and:

```
❯ ls .venv
CACHEDIR.TAG bin          lib          pyvenv.cfg
```
 2024-02-18 13:32:11 -05:00
Alexander Gherm c04f597fae
Do not remove uv itself on pip sync (#1649) 
## Summary

Added `uv` to the list of the preserved packages when building the
installer plan. In that case `uv` is not going to be removed when, for
example, using `python -m uv pip sync requirements.txt` when
requirements.txt does not contain `uv`, but `uv` is installed in that
venv.

Closes #1631 

## Test Plan

Got through the example attached to
https://github.com/astral-sh/uv/issues/1631 and did see the uv deletion
in the output
```
$ python -m uv pip sync requirements.txt
Installed 1 package in 20ms
 + ruff==0.2.2
```
 2024-02-18 14:39:51 +00:00
Charlie Marsh fef1956c62
Bump simple metadata cache version (#1617) 
## Summary

We made a breaking change to the cache representation, so some folks
have had to `uv clean`. Let's bump it for the next release.
 2024-02-17 22:10:44 +00:00
Micha Reiser b296c04a67
Add CMD support (#1523) 
## Sumamry

This PR adds the `activation.bat`, `deactivation.bat` and `pyenv.bat`
files to add support for using uv from CMD.

This PR further fixes an issue with our trampoline implementation where
calling an executable like `black` failed:

```
(venv) C:\Users\Micha\astral\test>where black
C:\Users\Micha\astral\test\.venv\Scripts\black.exe

(venv) C:\Users\Micha\astral\test>black
C:\Users\Micha\AppData\Local\Programs\Python\Python312\python.exe: can't open file 'C:\\Users\\Micha\\astral\\test\\black': [Errno 2] No such file or directory
```

The issue was that CMD doesn't extend `black` to its full path before
passing it to the trampoline and our trampoline generated the command
`<python> black` instead of `<python> .venv/Scripts/black`, and Python
can't find `black` in the project directory.

This PR fixes this by using the full executable name (that we already
parsed out to discover the Python version). This adds one complication,
we need to preserve the arguments without repeating the executable name
that is the first argument.
One option is to use
[`CommandLineToArgvW`](https://learn.microsoft.com/de-de/windows/win32/api/shellapi/nf-shellapi-commandlinetoargvw)
and then serialize the arguments 1.. to a string again. I decided
against that. Win32 API calls are easy to get wrong. That's why I
implemented the parsing rules specified in
[`CommandLineToArgvW`](https://learn.microsoft.com/de-de/windows/win32/api/shellapi/nf-shellapi-commandlinetoargvw)
to skip the first argument.

Fixes https://github.com/astral-sh/uv/issues/1471

## Test Plan


https://github.com/astral-sh/uv/assets/1203881/bdb537b6-97c8-4f7e-bb4a-3a614eb5e0f6

Powershell continues to work


https://github.com/astral-sh/uv/assets/1203881/6c806477-a7c6-4047-9ffc-5ed91c6f1c84

I haven't been able to test the aarch binaries.
 2024-02-17 16:47:40 -05:00
Charlie Marsh ea62ae4ebd
Bump version to v0.1.4 (#1608) 2024-02-17 15:22:07 -05:00
Charlie Marsh 5c4cecaa85
Allow URL requirements in editable installs (#1614) 
## Summary

If an editable package declares a direct URL requirement, we currently
error since it's not considered an "allowed" requirement. We need to add
those URLs to the allow-list.

Closes https://github.com/astral-sh/uv/issues/1603.
 2024-02-17 15:20:23 -05:00
Micha Reiser 8675f66e74
Add license to activator scripts (#1610) 2024-02-17 20:37:26 +01:00
Charlie Marsh b5617198f3
Avoid propagating top-level options to sub-resolutions (#1607) 
## Summary

It's incorrect to pass the resolution and dependency mode down to the
`BuildDispatch`, since it means that we'll use `--no-deps` when building
source distributions. If you set resolution to `lowest`, it also means
we end up using (e.g.) the lowest version of `wheel`, which also doesn't
make sense.

It's fine to pass `--exclude-newer`.

Closes https://github.com/astral-sh/uv/issues/1355.

Closes https://github.com/astral-sh/uv/issues/1563.
 2024-02-17 18:53:38 +00:00
Aarni Koskela bc14ed1613
Fix typos & add pre-commit configuration (#1487) 
Co-authored-by: Zanie Blue <contact@zanie.dev>
 2024-02-17 18:16:50 +01:00
Dhruv Manilawala e4389e537d
Consistent use of `BIN_NAME` in activation scripts (#1577) 
This PR fixes the bug where the `BIN_NAME` replacement field wasn't
being used in the activator scripts.

fixes: #1518 

## Test plan

As I don't have a Windows machine, I switched the `bin_name` value here
to point to `Scripts` on `unix` platform:


2a76c59084/crates/gourgeist/src/bare.rs (L99-L105)

<details><summary>Code diff</summary>
<p>

```diff
```diff
diff --git a/crates/gourgeist/src/bare.rs b/crates/gourgeist/src/bare.rs
index 4c7808d3..0e0b41cf 100644
--- a/crates/gourgeist/src/bare.rs
+++ b/crates/gourgeist/src/bare.rs
@@ -97,9 +97,9 @@ pub fn create_bare_venv(location: &Utf8Path,
interpreter: &Interpreter) -> io::R
// TODO(konstin): I bet on windows we'll have to strip the prefix again
     let location = location.canonicalize_utf8()?;
     let bin_name = if cfg!(unix) {
-        "bin"
-    } else if cfg!(windows) {
         "Scripts"
+    } else if cfg!(windows) {
+        "bin"
     } else {
         unimplemented!("Only Windows and Unix are supported")
     };
```

</p>
</details> 

I then created the virtual environment as usual and tested out that the path modifications were correct:

```console
$ cargo run --bin uv -- venv
    Finished dev [unoptimized + debuginfo] target(s) in 0.13s
     Running `target/debug/uv venv`
Using Python 3.12.1 interpreter at
/Users/dhruv/.pyenv/versions/3.12.1/bin/python3.12
Creating virtualenv at: .venv

$ source .venv/Scripts/activate

$ echo $PATH
/Users/dhruv/work/astral/uv/.venv/Scripts:[...]

$ which python
/Users/dhruv/work/astral/uv/.venv/Scripts/python
```

I'm not sure how else to test this without having access to a Windows machine
 2024-02-17 22:09:41 +05:30
Charlie Marsh facc60f3a8
Add graceful fallback for Artifactory indexes (#1574) 
## Summary

There are more details in https://github.com/astral-sh/uv/issues/1370,
but it looks like Artifactory servers have incorrect behavior when it
comes to HTTP range requests, in that they return `Accept-Ranges:
bytes`, but then incorrectly return 200 requests when you actually ask
for a given range.

This PR ensures that we fallback gracefully in this case. It's built on
https://github.com/prefix-dev/async_http_range_reader/pull/5. Assuming
that gets merged upstream, we can then remove the Git dependency.

Closes https://github.com/astral-sh/uv/issues/1370.

## Test Plan

`cargo run pip install requests -i
https://killjoyuvbug.jfrog.io/artifactory/api/pypi/pypi/simple
--verbose`
 2024-02-17 14:37:06 +00:00
Charlie Marsh 12fea1d058
Always run `get_requires_for_build_wheel` (#1590) 
## Summary

I want to revisit this as I think it's still skippable in some cases,
but for now, let's be more conservative.

Closes https://github.com/astral-sh/uv/issues/1582.

## Test Plan

Cloned
`3aea423569/setup/mis_builder/setup.py (L4)`,
and ran `cargo run pip install -e mis_builder`.
 2024-02-17 09:24:58 -05:00
Zanie Blue 563c636aa0
Improve tracing when encountering invalid `requires-python` values (#1568) 
Unsure what the easiest way to test this is, it is hard to publish
invalid requires-python specifiers with hatchling
 2024-02-17 07:40:13 -05:00
Shantanu 5d58d4fd2e
Better error messages on expect failures in resolver (#1583) 
I ran into some (tricky to reproduce) panics while using uv, would be
useful to have a better error message to track down the source of the
problem
 2024-02-17 07:39:10 -05:00
Zanie Blue bb7c3e6b58
Avoid using `white` coloring in terminal output (#1576) 
Closes https://github.com/astral-sh/uv/issues/1489
 2024-02-17 01:59:20 -06:00
Charlie Marsh 340cb67a8b
Allow non-nested archives for `hexdump` and others (#1564) 
## Summary#1562 

It turns out that `hexdump` uses an invalid source distribution format
whereby the contents aren't nested in a top-level directory -- instead,
they're all just flattened at the top-level. In looking at pip's source
(51de88ca64/src/pip/_internal/utils/unpacking.py (L62)),
it only strips the top-level directory if all entries have the same
directory prefix (i.e., if it's the only thing in the directory). This
PR accommodates these "invalid" distributions.

I can't find any history on this method in `pip`. It looks like it dates
back over 15 years ago, to before `pip` was even called `pip`.

Closes https://github.com/astral-sh/uv/issues/1376.
 2024-02-16 23:17:36 -05:00
Charlie Marsh 4a09889c80
Enforce URL constraints for non-URL dependencies (#1565) 
## Summary

This was just a missing line -- we have `dependencies.remove(&package);`
in the ~identical branch above, but it must've been an oversight to omit
it here.

Closes https://github.com/astral-sh/uv/issues/1467.

## Test Plan

`cargo test`
 2024-02-17 03:11:28 +00:00
Charlie Marsh f897ee3f88
Allow repeated dependencies when installing (#1558) 
## Summary

It turns out that it's not uncommon to end up with repeated packages in
requirements files when running `pip-sync`, e.g., you might have
`anyio==4.0.0` specified multiple times. This PR relaxes our assertions
in the install plan to allow such repeated packages, as long as the
requirement markers are exactly the same (i.e., they are truly
duplicates).

Closes https://github.com/astral-sh/uv/issues/1552.
 2024-02-17 01:33:40 +00:00
Charlie Marsh 1110489c29
Bump version to v0.1.3 (#1557) 2024-02-16 19:45:29 -05:00
Charlie Marsh c1eb6130e1
Support MD5 hashes (#1556) 
## Summary

We can add other hashes if necessary, but I don't know that they're
really used in practice.

Closes https://github.com/astral-sh/uv/issues/1547.
 2024-02-17 00:25:16 +00:00
Charlie Marsh 9e0336c28a
Remove URL encoding when determining file name (#1555) 
## Summary

Closes https://github.com/astral-sh/uv/issues/1553.
 2024-02-16 19:15:24 -05:00
Charlie Marsh 6392961f44
Add support for extras in editable requirements (#1531) 
## Summary

If you're developing on a package like `attrs` locally, and it has a
recursive extra like `attrs[dev]`, it turns out that we then try to find
the `attrs` in `attrs[dev]` from the registry, rather than recognizing
that it's part of the editable.

This PR fixes the issue by making editables slightly more first-class
throughout the resolver. Instead of mocking metadata, we explicitly
check for extras in various places. Part of the problem here is that we
treated editables as URL dependencies, but when we saw an _extra_ like
`attrs[dev]`, we didn't map that back to the URL. So now, we treat them
as registry dependencies, but with the appropriate guardrails
throughout.

Closes https://github.com/astral-sh/uv/issues/1447.

## Test Plan

- Cloned `attrs`.
- Ran `cargo run venv && cargo run pip install -e ".[dev]" -v`.
 2024-02-16 18:48:35 -05:00
Charlie Marsh 4e0b6f8f84
Avoid attempting rename in copy fallback path (#1546) 
## Summary

This _could_ fix https://github.com/astral-sh/uv/issues/1454, but I'm
not sure. I was able to replicate by forcing a bunch of error states.
But, in short, if we fail to hardlink on the initial copy due to a file
existing, and then fail _again_, we fallback to copying. But if we copy,
then the tempfile doesn't exist, and so the `fs_err::rename(&tempfile,
&out_path)?;` will fail with "File not found".

This PR just ensures that the cases are explicitly mutually exclusive:
we only attempt to rename if the hardlink succeeded.
 2024-02-16 17:08:49 -05:00
David Szotten 8050370717
Fix trailing commas on `Requires-Python` in HTML indexes (#1507) 
illustration and suggested fix for #1464
 2024-02-16 22:05:28 +00:00
Charlie Marsh 4f216f3a74
Apply percent-decoding to filepaths in HTML find-links (#1544) 
## Summary

Closes https://github.com/astral-sh/uv/issues/1542.
 2024-02-16 16:47:04 -05:00
Andrew Gallant 3aa7a6b796
fix OS detection for Alpine Linux (#1545) 
This PR fixes the OS detection for Alpine Linux such that the version
of musl available is correctly determined. The issue boiled down to
a regex that required 2 digits for each version component. But a
valid musl version is 1.2.4, which only has a single digit for each
component.

It's unclear how this was working for musl before this change. My
theory is that our other methods of OS detection were somehow working.

The first commit in this PR cleans up our Linux detection logic and adds
lots of tracing calls to make debugging issues like this easier in the
future. To do so, one can run:

    $ RUST_LOG=trace uv pip install -v whatever

The second commit has the actual fix.

Fixes #1427
 2024-02-16 16:37:18 -05:00
Charlie Marsh b4ea48955b
Use comparable representation for `PackageId` (#1543) 
## Summary

By using the display representation of `Version` to form a `PackageId`,
we run the risk (as seen in the linked issue) of thinking that versions
like `2021.1` and `2021.1.0` are not equivalent.

Closes https://github.com/astral-sh/uv/issues/1536
 2024-02-16 16:30:54 -05:00
Charlie Marsh 01ffc36520
Apply percent-decoding to file-based URLs (#1541) 
## Summary

Closes https://github.com/astral-sh/uv/issues/1537.
 2024-02-16 16:11:16 -05:00
Andrew Gallant a97c207674
pypi-types: fix lenient requirement parsing (#1529) 
This fixes a bug where `uv pip install` failed to install `polars`:

```
$ uv pip install polars==0.14.0
error: Failed to download: polars==0.14.0
  Caused by: Couldn't parse metadata of polars-0.14.0-cp37-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl from 749022b096cb7c1c2cc32b7f433c4f/polars-0.14.0-cp37-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
  Caused by: Operator >= cannot be used with a wildcard version specifier
pyarrow>=4.0.*; extra == 'pyarrow'
       ^^^^^^^
```

Since `pyarrow>=4.0.*; extra == 'pyarrow'` is invalid *and* it comes
from the metadata of a dependency (that isn't under the control of the
end user), we actually attempt to "fix" it. Namely, wildcard
dependency specifications are only allowed with `==` and `!=`, as per
the [Version Specifiers spec]. (They aren't explicitly forbidden in
these cases, but instead only have specified behavior for the `==` and
`!=` operators.)

This is all fine, but it turns out that when we fix the `>=4.0.*`
component, we also strip the quotes around `pyarrow`. (Because some
dependency specifications include stray quotes.) We fix this by making
our quote stripping a bit more selective. (We require that it appear
adjacent to a digit or a `*`.)

Note that #1477 also reports this error:

```
$ uv pip install 'requests>=2.30.*'
error: Failed to parse `requests>=2.30.*`
  Caused by: Operator >= cannot be used with a wildcard version specifier
requests>=2.30.*
```

However, we specifically keep that error message since it's something
under the end user's control. And similarly for a dependency
specification in a `requirements.txt` file.

Fixes #1477

[Version Specifiers spec]:
https://packaging.python.org/en/latest/specifications/version-specifiers/
 2024-02-16 15:52:44 -05:00
Zanie Blue d5e8531ae3
Add support for `UV_EXTRA_INDEX_URL` (#1515) 
Closes https://github.com/astral-sh/uv/issues/1450
 2024-02-16 12:54:58 -06:00
Zanie Blue 2ea44d863a
Add warning for empty requirements files (#1519) 
Also, improve tracing of requirements file parsing.

Per my confusion in #1334
 2024-02-16 18:19:09 +00:00
Zanie Blue 89ad1c6fa1
Add `pip install --constraint` test coverage (#1334) 
Exploring behavior reported in
https://github.com/astral-sh/uv/issues/1332
 2024-02-16 17:39:39 +00:00
Charlie Marsh f25781ff6c
Support recursive extras (#1435) 
## Summary

We had a guard in the resolve to avoid "self-dependencies" (as in
`gps3==0.33.3`), but this guard was _unintentionally_ filtering out
recursive extras.

Closes https://github.com/astral-sh/uv/issues/1342.

## Test Plan

Taken from https://github.com/astral-sh/uv/pull/1352.
 2024-02-16 11:42:04 -05:00
Zanie Blue e6c4c77ba1
Use string display instead of debug for url parse trace (#1498) 
e.g. 

`uv_client::html::parse
url=https://download.pytorch.org/whl/torch_stable.html`

instead of

`uv_client::html::parse url=Url { scheme: "https", cannot_be_a_base:
false, username: "", password: None, host:
Some(Domain("download.pytorch.org")), port: None, path:
"/whl/torch_stable.html", query: None, fragment: None }`
 2024-02-16 15:13:16 +00:00
Andrew Gallant 67cde15420
only parse /bin/sh (not /bin/ls) (#1493) 
It turns out that /bin/ls can sometimes be plain text file. For
example, in Rocky Linux 9:

```
$ cat /bin/ls
#!/usr/bin/coreutils --coreutils-prog-shebang=ls
```

However, `/bin/sh` is an ELF binary:

```
$ file /bin/sh
/bin/sh: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=7acbb41bf6f1b7d977f1b44675bf3ed213776835, for GNU/Linux 3.2.0, stripped
```

In a related issue (#1433), @zanieb fixed #1395 where, on NixOS,
`/bin/ls` doesn't exist but `/bin/sh` does. However, the fix attempts
`/bin/ls` first and only tries `/bin/sh` if `/bin/ls` doesn't exist. If
`/bin/ls` exists but isn't a valid ELF file, then the entire enterprise
gives up and `uv` fails to detect the version of `libc` that is
installed.

Instead of tweaking the logic to keep trying `/bin/ls` and then
`/bin/sh` after even if parsing `/bin/ls` fails, we just switch over to
reading `/bin/sh` only. It seems like a more fundamental thing to sniff
and likely less error prone.

We can adjust this heuristic as needed if it provdes to be problematic.

I tested this fix manually on Rocky Linux 9 via Docker:

```
$ cross b -r -p uv --target x86_64-unknown-linux-musl
$ cp target/x86_64-unknown-linux-musl/release/uv ~/astral/issues/uv/i1486/uv
$ docker run --rm -it --mount type=bind,src=/home/andrew/astral/issues/uv/i1486,dst=/host rockylinux:9 bash
[root@df2baa65d2f8 /]# /host/uv venv
Using Python 3.9.18 interpreter at /usr/bin/python3.9
Creating virtualenv at: .venv
[root@df2baa65d2f8 /]#
```

Fixes #1486, Ref #1433
 2024-02-16 09:44:47 -05:00
Micha Reiser e913167849
Fix list rendering in `venv --help` output (#1459) 2024-02-16 15:36:36 +01:00
Aarni Koskela 3280562e3a
Loosen package script regexp to match spec (#1482) 
Fixes #1479.
 2024-02-16 09:25:32 -05:00
Zanie Blue d99c4cacdf
Read from `/bin/sh` if `/bin/ls` cannot be found when determing libc path (#1433) 
I'm not sure if we should just switch to _always_ reading from sh
instead? I don't love that all these errors are strings and I if
`/bin/ls` exists but can't be parsed we still won't try `/bin/sh`. We
may want to address these things in the future.

Closes https://github.com/astral-sh/uv/issues/1395
 2024-02-16 07:51:34 -05:00
Charlie Marsh c474370064
Allow empty fragments in HTML parser (#1443) 
## Summary

It looks like `devpi` might add an empty fragment (`#`) at the end of
the URL. We expect it to contain the hash; this just makes
empty-fragment map to "no hash".

Closes https://github.com/astral-sh/uv/issues/1441.
 2024-02-16 06:42:21 +00:00
Charlie Marsh 659327f24a
Bump version to v0.1.2 (#1439) 2024-02-16 01:17:19 -05:00
Charlie Marsh 0d005a2a71
Decode HTML escapes when extracting SHA (#1440) 
## Summary

If a distribution contains a `+`, it'll be HTML-escaped; so when we try
to identify the `#`, we'll split in the wrong location.

Closes https://github.com/astral-sh/uv/issues/1338.
 2024-02-16 06:15:51 +00:00
Charlie Marsh 958e88ddbf
Ignore invalid extra named `.none` (#1428) 
## Summary

Some packages erroneously include an extra named `.none`. It turns out
that certain versions of `flit` included this by accident:
https://github.com/pypa/flit/issues/228/.

This PR adds leniency for that specific extra name.

Closes https://github.com/astral-sh/uv/issues/1363.

Closes https://github.com/astral-sh/uv/issues/1399.
 2024-02-16 05:01:21 +00:00
Zanie Blue 0bfce353fb
Fix broken URLs parsed from relative paths in registries (#1413) 
Closes https://github.com/astral-sh/uv/issues/1388

Fixes incorrect handling of relative paths returned by indexes without
an explicit `<base>`.

`Url.join` will drop the last segment in an url e.g. `http://foo/bar` ->
`http://foo/baz` if there is not a trailing slash but what we want is
`http://foo/bar/baz`. We don't add the trailing `/` in
`base_url_join_relative` because flat indexes are `http://foo/bar.html`
and we _want_ `bar.html` to be replaced.
 2024-02-15 22:37:09 -06:00
Charlie Marsh e48edf02fa
Parse `-r` and `-c` entries as relative to containing file (#1421) 
## Summary

In a `requirements.txt` file, it turns out that the `-c` and `-r`
entries should be interpreted as relative to the file in which they're
declared, while the `-e` entries should be interpreted as relative to
the current working directory, no matter where they're defined.

Previously, we always used the current working directory; now, we use
the declaring file's directory for `-c` and `-r`.

Closes https://github.com/astral-sh/uv/issues/1367.

Closes https://github.com/astral-sh/uv/issues/1416.
 2024-02-15 23:19:43 -05:00
Charlie Marsh 1837641138
Add fix-up for invalid star comparison with major-only version (#1410) 
## Summary

Closes https://github.com/astral-sh/uv/issues/1402.

## Test Plan

Ran `cargo run pip install junos-eznc==2.6.5`, which still fails for me,
but fails identically to `pip` (and not on the `requires-python`):

```
/private/var/folders/nt/6gf2v7_s3k13zq_t3944rwz40000gn/T/.tmp7mxT9L/built-wheels-v0/pypi/ncclient/0.6.13/4vvPwmDC_CL2OUXd68Zqb/ncclient-0.6.13.tar.gz/versioneer.py:421: SyntaxWarning: invalid escape sequence '\s'
  LONG_VERSION_PY['git'] = '''
Traceback (most recent call last):
  File "<string>", line 10, in <module>
  File "/private/var/folders/nt/6gf2v7_s3k13zq_t3944rwz40000gn/T/.tmplD5mMO/.venv/lib/python3.12/site-packages/setuptools/build_meta.py", line 366, in prepare_metadata_for_build_wheel
    self.run_setup()
  File "/private/var/folders/nt/6gf2v7_s3k13zq_t3944rwz40000gn/T/.tmplD5mMO/.venv/lib/python3.12/site-packages/setuptools/build_meta.py", line 480, in run_setup
    super().run_setup(setup_script=setup_script)
  File "/private/var/folders/nt/6gf2v7_s3k13zq_t3944rwz40000gn/T/.tmplD5mMO/.venv/lib/python3.12/site-packages/setuptools/build_meta.py", line 311, in run_setup
    exec(code, locals())
  File "<string>", line 45, in <module>
  File "/private/var/folders/nt/6gf2v7_s3k13zq_t3944rwz40000gn/T/.tmp7mxT9L/built-wheels-v0/pypi/ncclient/0.6.13/4vvPwmDC_CL2OUXd68Zqb/ncclient-0.6.13.tar.gz/versioneer.py", line 1480, in get_version
    return get_versions()["version"]
           ^^^^^^^^^^^^^^
  File "/private/var/folders/nt/6gf2v7_s3k13zq_t3944rwz40000gn/T/.tmp7mxT9L/built-wheels-v0/pypi/ncclient/0.6.13/4vvPwmDC_CL2OUXd68Zqb/ncclient-0.6.13.tar.gz/versioneer.py", line 1412, in get_versions
    cfg = get_config_from_root(root)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/private/var/folders/nt/6gf2v7_s3k13zq_t3944rwz40000gn/T/.tmp7mxT9L/built-wheels-v0/pypi/ncclient/0.6.13/4vvPwmDC_CL2OUXd68Zqb/ncclient-0.6.13.tar.gz/versioneer.py", line 342, in get_config_from_root
    parser = configparser.SafeConfigParser()
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: module 'configparser' has no attribute 'SafeConfigParser'. Did you mean: 'RawConfigParser'?
```
 2024-02-16 02:12:10 +00:00
Charlie Marsh 7994b68654
Add fix-up for trailing comma with trailing space (#1409) 
## Summary

Closes https://github.com/astral-sh/uv/issues/1361.

## Test Plan

```text
Resolved 3 packages in 243ms
Downloaded 3 packages in 193ms
Installed 3 packages in 6ms
 + et-xmlfile==1.1.0
 + jdcal==1.4.1
 + openpyxl==3.0.5
```
 2024-02-16 02:08:05 +00:00
Zanie Blue 0f554b0913
Add `-U`/`-P` short flags for `--upgrade`/`--upgrade-package` (#1394) 
Closes https://github.com/astral-sh/uv/issues/1340
 2024-02-16 01:34:19 +00:00
Zanie Blue 896ab1c54f
Add `--upgrade` support to `pip install` (#1379) 
Adds support for `--upgrade` — similar to `--reinstall`.

Closes https://github.com/astral-sh/uv/issues/1391
 2024-02-15 19:25:28 -06:00
Shantanu e9d82cf0fa
Avoid import contextlib in `_virtualenv` (#1406) 
No need to pay 3ms on basically every Python invocation. I opened a PR
upstream last week: https://github.com/pypa/virtualenv/pull/2688
 2024-02-15 20:23:05 -05:00
Robin Krahl f9a9f53476
Improve error message for invalid sdist archives (#1389) 
This PR improves the error message for the problem described in
https://github.com/astral-sh/uv/issues/1376. The original output
duplicates the actual error message and includes lots of noise
(`DirEntry { inner: DirEntry(...) }`).

```
$ uv pip install hexdump==3.3
error: Failed to download and build: hexdump==3.3
  Caused by: Failed to extract source distribution: The top level of the archive must only contain a list directory, but it contains: [DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/__main__.py") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/hexdump.py") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/data") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/PKG-INFO") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/setup.py") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/README.txt") }]
  Caused by: The top level of the archive must only contain a list directory, but it contains: [DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/__main__.py") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/hexdump.py") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/data") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/PKG-INFO") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/setup.py") }, DirEntry { inner: DirEntry("/home/robin/.cache/uv/.tmpgSvTCk/README.txt") }]
```

This PR removes the duplication and `DirEntry` internals so that the
error message is easier to grasp:

```
$ uv pip install hexdump==3.3
error: Failed to download and build: hexdump==3.3
  Caused by: Failed to extract source distribution
  Caused by: The top level of the archive must only contain a list directory, but it contains: ["__main__.py", "hexdump.py", "data", "PKG-INFO", "setup.py", "README.txt"]
```
 2024-02-15 18:03:23 -06:00
Zanie Blue c6a43e92f9
Add `UV_NO_CACHE` environment variable (#1383) 
It's a little picky about the value, but that seems okay.

```
❯ ./target/debug/uv pip install trio
Audited 1 package in 4ms
❯ UV_NO_CACHE=true ./target/debug/uv pip install trio
Audited 1 package in 50ms
```

Closes #1382
 2024-02-15 23:34:42 +00:00
mikcl fbd6d87214
uv-cache: Add hidden alias for --no-cache-dir (#1380) 
This is for compatability with pip install --no-cache-dir

Closes https://github.com/astral-sh/uv/issues/1373

Signed-off-by: mikcl <mikesmikes400@gmail.com>
 2024-02-15 23:26:16 +00:00
Zanie Blue 18a7c079de
Fix search for `python.exe` on Windows (#1381) 
A la #1351
 2024-02-15 17:25:20 -06:00
Zanie Blue e0885b7c8e
Bump version to 0.1.1 (#1359) 2024-02-15 15:38:22 -06:00
Yannik Sander 36544e1678
Fix diagram alignment (#1354) 
Drive by alignment PR for the trait structure diagram
 2024-02-15 15:32:33 -06:00
Zanie Blue 102e5ddfbe
Fix bug where `python3` is not found in the global path (#1351) 
When we refactored handling for Windows tests, we accidentally dropped
`python3` from path searches.
 2024-02-15 15:29:33 -06:00
Charlie Marsh 27177613d4
Bump version to v0.1.0 (#1325) 2024-02-15 14:12:23 -05:00
Zanie Blue 0780afff95
Rename `PUFFIN` environment variables to `UV` (#1319) 
A couple of these are actually user-facing although undocumented
 2024-02-15 12:49:27 -06:00
Charlie Marsh 0579a04014
Bump to v0.0.5 for pre-release (#1324) 
This is easier than figuring out the version parsing.
 2024-02-15 18:33:34 +00:00
Charlie Marsh ad12d97e71
Set crate to prerelease (#1320) 2024-02-15 18:21:09 +00:00
Charlie Marsh 06f2b6eee2
Bump version and update pyproject.toml metadata (#1316) 
Also ensures that we no longer clear the README when uploading to PyPI
:)
 2024-02-15 18:03:35 +00:00
Charlie Marsh 55808a451f
Regenerate benchmarks (#1305) 2024-02-15 17:54:04 +00:00
Zanie Blue 2586f655bb
Rename to `uv` (#1302) 
First, replace all usages in files in-place. I used my editor for this.
If someone wants to add a one-liner that'd be fun.

Then, update directory and file names:

```
# Run twice for nested directories
find . -type d -print0 | xargs -0 rename s/puffin/uv/g
find . -type d -print0 | xargs -0 rename s/puffin/uv/g

# Update files
find . -type f -print0 | xargs -0 rename s/puffin/uv/g
```

Then add all the files again

```
# Add all the files again
git add crates
git add python/uv

# This one needs a force-add
git add -f crates/uv-trampoline
```
 2024-02-15 11:19:46 -06:00
Zanie Blue e9e3e573a2
Report incompatible distributions to users (#1293) 
Instead of dropping versions without a compatible distribution, we track
them as incompatibilities in the solver. This implementation follows
patterns established in https://github.com/astral-sh/puffin/pull/1290.

This required some significant refactoring of how we track incompatible
distributions. Notably:

- `Option<TagPriority>` is now `WheelCompatibility` which allows us to
track the reason a wheel is incompatible instead of just `None`.
- `Candidate` now has a `CandidateDist` with `Compatible` and
`Incompatibile` variants instead of just `ResolvableDist`; candidates
are not strictly compatible anymore
- `ResolvableDist` was renamed to `CompatibleDist`
- `IncompatibleWheel` was given an ordering implementation so we can
track the "most compatible" (but still incompatible) wheel. This allows
us to collapse the reason a version cannot be used to a single
incompatibility.
- The filtering in the `VersionMap` is retained, we still only store one
incompatible wheel per version. This is sufficient for error reporting.
- A `TagCompatibility` type was added for tracking which part of a wheel
tag is incompatible
- `Candidate::validate_python` moved to
`PythonRequirement::validate_dist`

I am doing more refactoring in #1298 — I think a couple passes will be
necessary to clarify the relationships of these types.

Includes improved error message snapshots for multiple incompatible
Python tag types from #1285 — we should add more scenarios for coverage
of behavior when multiple tags with different levels are present.
 2024-02-15 10:48:15 -06:00
Andrew Gallant b6fba00153
cli: conventionally treat `-` as "read from stdin" (#1314) 
Basically, when a path to a requirements file is `-`, then we should
read its contents from `stdin` instead of the file path named `-`.

Fixes #1313
 2024-02-15 11:25:56 -05:00
Armin Ronacher bf2ee6bc31
Adds support for --no-deps to pip compile (#1311) 
Mostly throwing this up here as a discussion topic. Having something
like this is primarily useful for enabling use cases similar to `rye
add` where I want to use this currently. One can accomplish something
similar with `unearth` today or by abusing regular `pip install`:

```
$ ~/.rye/self/bin/pip install --no-deps --dry-run flask --report - -q | jq '.install[0].metadata | {name, version}'
{
  "name": "Flask",
  "version": "3.0.2"
}
```

Another option would be to have a `puffin resolve` command or similar
that works like `pip compile` without dependencies, takes the
requirements as arguments and returns a line for each resolution. That
would be a larger change.
 2024-02-15 09:01:31 -05:00
Andrew Gallant 94437175c7 puffin-resolver: make VersionMap::iter even lazier 
This rollbacks the optimization in the previous commit to be more
general. That is, instead of specializing the case of a range for a
singleton version, we make iteration over the distributions in a
`VersionMap` more explicitly lazy. Iteration now provides a `Version`
(like it did previously) and a _handle_ to a distribution that can be
turned into a `ResolvableDist`.

Doing things this way permits callers to iterate over the versions and
only materialize a distribution if they actually need one. In cases like
candidate selection, one can often rule out use of a distribution
through its version alone, and thus skip construction of that
distribution entirely.
 2024-02-15 08:10:32 -05:00
Andrew Gallant ed000d0dd5 puffin-resolver: add singleton fast path 
In many cases, version ranges are actually just pins to a
specific and single version. And we can detect that statically
by examining the range. If we do have a range that is just one
version, then we can ask a `VersionMap` for just that version
instead of iterating over what's in the map until we find one
that satisfies the range.

I had tried this before making `VersionMap` construction lazy,
but it didn't seem to matter much. But helps a lot more now
with a lazy `VersionMap` because it lets us avoid creating a
lot of distributions in memory that we won't ultimately use.
 2024-02-15 08:10:32 -05:00
Andrew Gallant 8102980192 puffin-resolver: make VersionMap construction lazy 
That is, a `PrioritizedDistribution` for a specific version of a
package is not actually materialized in memory until a corresponding
`VersionMap::get` call is made for that version. Similarly, iteration
lazily materializes distributions as it moves through the map. It
specifically does not materialize everything first.

The main reason why this is effective is that an
`OwnedArchive<SimpleMetadata>` represents a zero-copy (other than
reading the source file) version of `SimpleMetadata` that is really just
a `Vec<u8>` internally. The problem with `VersionMap` construction
previously is that it had to eagerly materialize a `SimpleMetadata` in
memory before anything else, which defeats a large part of the purpose
of zero-copy deserialization. By making more of `VersionMap`
construction itself lazy, we permit doing some parts of resolution
without necessarily fully deserializing a `SimpleMetadata` into memory.
Indeed, with this commit, in the warm cached case, a `SimpleMetadata` is
itself never materialized fully in memory.

This does not completely and totally fully realize the benefits of
zero-copy deserialization. For example, we are likely still building
lots of distributions in memory that we don't actually need in some
cases. Perhaps in cases where no resolution exists, or when one needs to
iterate over large portions of the total versions published for a
package.
 2024-02-15 08:10:32 -05:00
Andrew Gallant e2f3ad0e28 puffin-resolver: add some trace calls 
This commit adds some logging to candidate selection during
resolution. The idea with these logs is to get a signal on
how much "exploring" the resolver does in specific examples.

For example, this logs helped me realize that at least in
some cases, candidate selection was looking through a long list
of versions even when its range consisted of exactly one
version. We'll use this fact in a later commit.
 2024-02-15 08:10:32 -05:00
Andrew Gallant 1cff7c3774 platform-tags: make Tags use an Arc internally 
This makes cloning and thus sharing across multiple threads much
cheaper. Since Tags is conceptually immutable once it is constructed,
this doesn't pose an issue and shouldn't introduce any additional
costs.
 2024-02-15 08:10:32 -05:00
Charlie Marsh e4fffc15f5
Remove Cargo-specific error messages (#1306) 
We're leveraging Cargo's git implementation, but we left in some
Cargo-specific error messages for features we don't yet support.
 2024-02-15 06:04:22 +00:00
Zanie Blue 9808c6b500
Reset all of the snapshots for consistent indentation (#1300) 
This is really annoying, but the snapshots keep changing indentation
when updated.

I could not get insta to update them. So I added a print statement to
`main` and updated the snapshots, then removed the statement and updated
the snapshots again to force them all to refresh.
 2024-02-14 12:50:28 -06:00
Charlie Marsh 40b74fb0fb
Replace `MarkupSafe` for no-binary tests (#1296) 2024-02-14 04:44:07 +00:00
Zanie Blue 7fec2a311a
Refactor storage of distribution metadata needed in resolver (#1291) 
Follows #1290 and https://github.com/astral-sh/puffin/pull/912 with some
minor clean-up.
 2024-02-13 04:19:21 +00:00
Zanie Blue 3bff8d5f79
Add scenario coverage for wheels with incompatible ABI and Python tags (#1285) 
We use

- An arbitrary ABI hash: `MMMMMM` (six base64 characters)
- An unlikely Jython27 Python tag

For cases that are valid but are never going to be available during
tests.

See https://github.com/zanieb/packse/pull/109
 2024-02-12 22:14:38 -06:00
Zanie Blue b5dd8b7de2
Track yanked versions as incompatibilities (#1290) 
Moves yanked version filtering from `VersionMap::from_metadata` to the
resolver and tracks it as a PubGrub unavailable incompatibility so
yanked versions are reflected in error messages.

e.g. before
```
╰─▶ Because only albatross<=0.1.0 is available and you require albatross>0.1.0, 
       we can conclude that the requirements are unsatisfiable.
```

after

```
╰─▶ Because only the following versions of albatross are available:
            albatross<=0.1.0
            albatross==1.0.0
      and albatross==1.0.0 is unusable because it was yanked, we can conclude that albatross>0.1.0 cannot be used.
      And because you require albatross>0.1.0, we can conclude that the requirements are unsatisfiable.
```
 2024-02-12 22:01:17 -06:00
Charlie Marsh d8619f668a
Surface errors for offline `--find-links` URLs (#1271) 
## Summary

Ensures that if the user passes `--no-index` with `--find-links`, and
we're unable to access the HTML page, we show an appropriate hint.
 2024-02-13 03:41:00 +00:00
Charlie Marsh 16bb80132f
Add an `--offline` mode (#1270) 
## Summary

This PR adds an `--offline` flag to Puffin that disables network
requests (implemented as a Reqwest middleware on our registry client).
When `--offline` is provided, we also allow the HTTP cache to return
stale data.

Closes #942.
 2024-02-13 03:35:23 +00:00
Zanie Blue 0cd6b7be8c
Fix incompatible wheel test scenarios (#1284) 
I had specified the tags incorrectly
https://github.com/zanieb/packse/pull/105
 2024-02-12 18:51:49 +00:00
Zanie Blue 6d24d998e0
Add scenarios for yanked packages (#1283) 2024-02-12 12:44:59 -06:00
Zanie Blue 336d12556c
Add scenario tests for `--only-binary` and `--no-binary` (#1279) 2024-02-12 11:21:14 -06:00
Charlie Marsh b386590b3c
Add some compatibility arguments to `puffin venv` (#1282) 
See: https://github.com/astral-sh/puffin/issues/1276.
 2024-02-12 03:19:55 +00:00
Charlie Marsh 93b7a1140f
Allow virtualenv creation at existing, empty directories (#1281) 
## Summary

If the directory exists but is empty, we should allow `puffin venv`
without erroring.

Also adds test cases for a variety of error cases.
 2024-02-12 03:13:13 +00:00
Charlie Marsh b7e3933fe7
Place editable requirements before non-editable requirements (#1278) 
## Summary

`pip-compile` puts the editable requirements first.

Closes https://github.com/astral-sh/puffin/issues/1275.
 2024-02-12 02:26:40 +00:00
Charlie Marsh a16ec45d1f
Set an exclude cutoff for virtualenv tests (#1280) 
## Summary

This test is failing since a new version of one of the seed packages was
uploaded.
 2024-02-12 02:21:05 +00:00
Zanie Blue a37b08808e
Implement pip compatible `--no-binary` and `--only-binary` options (#1268) 
Updates our `--no-binary` option and adds a `--only-binary` option for
compatibility with `pip` which uses `:all:`, `:none:` and `<name>` for
specifying packages.

This required adding support for `--only-binary <name>` into our
resolver, previously it was only a boolean toggle.

Retains`--no-build` which is equivalent to `--only-binary :all:`. This
is common enough for safety that I would prefer it is available without
pip's awkward `:all:` syntax.

---------

Co-authored-by: konsti <konstin@mailbox.org>
 2024-02-11 19:31:41 -06:00
Charlie Marsh d98b3c3070
Strip UNC prefix when setting working directory (#1277) 
## Summary

For PEP 517 builds, the current working directory needs to be set to the
directory of the source distribution. It turns out that on Windows, if
you use a UNC path for the working directory, then relative paths are
interpreted relative to the root of the current drive
([source](https://www.fileside.app/blog/2023-03-17_windows-file-paths/#paths-relative-to-the-root-of-the-current-drive)).
So, when builds attempted to resolve relative paths, they always
errored...

This PR ensures that we remove the UNC prefix when setting the current
working directory.

Closes #1238.

## Test Plan

I tested this on my Windows machine by installing `ujson` with
`--no-binary ujson`. (I don't want to add that specific test, since it's
really slow to build.)
 2024-02-12 00:51:36 +00:00
Charlie Marsh ba4c6e1a55
Remove unused deps (#1273) 2024-02-11 18:53:58 +00:00
Charlie Marsh 32aacc35a9
Bump version to v0.0.4 (#1269) 2024-02-09 16:42:17 -05:00
konsti 561e33e353
Validate instead of discovering python patch version (#1266) 
Contrary to our prior assumption, we can't reliably select a specific
patch version. With the deadsnakes PPA for example, `python3.12` is
installed into `PATH`, but `python3.12.1` isn't. Based on the assumption
(or rather, observation) that users have a single python patch version
per python minor version installed, generally the latest, we only check
if the installed patch version matches the selected patch version, if
any, instead of search for one.

In the process, i deduplicated the python discovery logic.
 2024-02-08 22:38:00 +01:00
konsti 1dc9904f8c
Run the test suite on windows in CI (#1262) 
Run `cargo test` on windows in CI, pulling the switch on tier 1 windows
support.

These changes make the bootstrap script virtually required for running
the tests. This gives us consistency between and CI, but it also locks
our tests to python-build-standalone and an articificial `PATH`.

I've deleted the shell bootstrap script in favor of only the python one,
which also runs on windows. I've left the (sym)link creation of the
bootstrap in place, even though it is not used by the tests anymore.

I've reactivated the three tests that would previously stack overflow by
doubling their stack sizes. The stack overflows only happen in debug
mode, so this is neither a user facing problem nor an actual problem
with our code and this workaround seems better than optimizing our code
for case that the (release) compiler can optimize much better for.

The handling of patch versions will be fixed in a follow-up PR.

Closes #1160 
Closes #1161

---------

Co-authored-by: Charlie Marsh <charlie.r.marsh@gmail.com>
 2024-02-08 22:09:55 +01:00
Andrew Gallant 96276d9e3e
puffin-resolver: simplify version map construction (#1267) 
In the process of making VersionMap construction lazy, I realized this
refactoring would be useful to me. It also simplifies a fair bit of case
analysis and does fewer BTreeMap lookups during construction. With that
said, this doesn't seem to matter for perf:

```
$ hyperfine -w10 --runs 50 \
    "puffin-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null" \
    "puffin-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null"
Benchmark 1: puffin-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
  Time (mean ± σ):     146.8 ms ±   4.1 ms    [User: 350.1 ms, System: 314.2 ms]
  Range (min … max):   140.7 ms … 158.0 ms    50 runs

Benchmark 2: puffin-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
  Time (mean ± σ):     146.8 ms ±   4.5 ms    [User: 359.8 ms, System: 308.3 ms]
  Range (min … max):   138.2 ms … 160.1 ms    50 runs

Summary
  puffin-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null ran
    1.00 ± 0.04 times faster than puffin-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
```

But the simplification is still nice, and will decrease the delta
between what we have now and a lazy version map.
 2024-02-08 15:33:33 -05:00
Zanie Blue fc2ab611d5
Use "locations" instead of "listings" for find links errors (#1263) 2024-02-07 10:28:22 -06:00
konsti ab45485eb5
Reduce stack sizes further and ignore remaining tests (#1261) 
This PR reduces the stack sizes a windows a little further using the
stack traces from stack overflows combined with looking at the type
sizes. Ultimately, it ignore the three remaining tests failing in debug
on windows due to stack overflows to unblock `cargo test` for windows on
CI.

444 tests run: 444 passed (39 slow), 1 skipped
 2024-02-06 23:08:18 +01:00
konsti e0cdf1a16f
Use anstream consistently and remove clippy lints (#1260) 
We need to use the anstream print macros instead of the std print
macros, otherwise we risk wrong color behavior
(https://github.com/astral-sh/puffin/pull/1258#discussion_r1480428236).
Luckily, the `print_stderr` and `print_stdout` lints catch usages of the
std prints.

This PR switches over to anstream consistently and removes the now
redundant clippy lints. The lints should catch missing anstream usage in
the future.
 2024-02-06 22:16:26 +01:00
konsti f4ca175df4
Search and replace windows specific tests in deps (#1255) 
Remove windows-only dependencies from the snapshot output using regex.
We now do the filtering entirely on our without relying on insta
settings.

435 tests run: 430 passed (30 slow), 5 failed, 1 skipped
 2024-02-06 19:31:42 +00:00
konsti ac49dec4a2
Multiple entries in PUFFIN_PYTHON_PATH for windows tests (#1254) 
There are no binary installers for the latests patch versions of cpython
for windows, and building them is hard. As an alternative, we download
python-build-standanlone cpythons and put them into `<project
root>/bin`. On unix, we can symlink `pythonx.y.z` into this directory
and point `PUFFIN_PYTHON_PATH` to it. On windows, all pythons are called
`python.exe` and they don't like being linked. Instead, we add the path
to each directory containing a `python.exe` to `PUFFIN_PYTHON_PATH`,
similar to the regular `PATH`. The python discovery on windows was
extended to respect `PUFFIN_PYTHON_PATH` where needed.

These changes mean that we don't need to (sym)link pythons anymore and
could drop that part to the script.

435 tests run: 389 passed (21 slow), 46 failed, 1 skipped
 2024-02-06 20:28:30 +01:00
Charlie Marsh 91118a962a
Offer tip when users omits pip prefix (#1257) 
## Summary

Open to other opinions here. We could just continue (and warn), prompt
the user with a confirmation, etc.

(The weird thing about those two options is we might need to validate
the command-line arguments _before_ we do that -- so you could get
errors for bad arguments, and then get a warning that your subcommand is
wrong. I can probably avoid that with more work if it feels like a
better out come though.)

Closes https://github.com/astral-sh/puffin/issues/1256.
 2024-02-06 19:25:07 +00:00
Charlie Marsh 62416286e2
Remove `add` and `remove` commands (#1259) 
## Summary

These add and remove dependencies from a `pyproject.toml` -- but they're
currently hidden, and don't match the rest of the workflow. We can
re-add them when the time is right.
 2024-02-06 14:18:27 -05:00
Zanie Blue d4bbaf1755
Add hint for `--no-index` without `--find-links` (#1258) 
Since unavailable packages with `--no-index` can be confusing when the
user does not also provide `--find-links` we add a hint for this case.
Required some plumbing to get the required information to the
`NoSolution` error.

---------

Co-authored-by: konstin <konstin@mailbox.org>
 2024-02-06 11:04:14 -06:00
konsti b2a810fe37
Add windows specific filters for tests (#1231) 
Add more windows specific filters in various places.

435 tests run: 333 passed (21 slow), 102 failed, 1 skipped
 2024-02-06 15:58:16 +01:00
Andrew Gallant d4b4c21133
initial implementation of zero-copy deserialization for SimpleMetadata (#1249) 
(Please review this PR commit by commit.)

This PR closes an initial loop on zero-copy deserialization. That
is, provides a way to get a `Archived<SimpleMetadata>` (spelled
`OwnedArchive<SimpleMetadata>` in the code) from a `CachedClient`. The
main benefit of zero-copy deserialization is that we can read bytes
from a file, cast those bytes to a structured representation without
cost, and then start using that type as any other Rust type. The
"catch" is that the structured representation is not the actual type
you started with, but the "archived" version of it.

In order to make all this work, we ended up needing to shave a rather
large yak: we had to re-implement HTTP cache semantics. Previously,
we were using the `http-cache-semantics` crate. While it does support
Serde, it doesn't support `rkyv`. Moreover, even simple support for
`rkyv` wouldn't be enough. What we actually want is for the HTTP cache
semantics to be implemented on the *archived* type so that we can
decide whether our cached response is stale or not without needing to
do a full deserialization into the unarchived type. This is why, in
this PR, you'll see `impl ArchivedCachePolicy { ... }` instead of
`impl CachePolicy { ... }`. (The `derive(rkyv::Archive)` macro
automatically introduces the `ArchivedCachePolicy` type into the
current namespace.)

Unfortunately, this PR does not fully realize the dream that is
zero-copy deserialization. Namely, while a `CachedClient` can now
provide an `OwnedArchive<SimpleMetadata>`, the rest of our code
doesn't really make use of it. Indeed, as soon as we go to build a
`VersionMap`, we eagerly convert our archived metadata into an owned
`SimpleMetadata` via deserialization (that *isn't* zero-copy). After
this change, a lot of the work now shifts to `rkyv` deserialization
and `VersionMap` construction. More precisely, the main thing we drop
here is `CachePolicy` deserialization (which is now truly zero-copy)
and the parsing of the MessagePack format for `SimpleMetadata`. But we
are still paying for deserialization. We're just paying for it in a
different place.

This PR does seem to bring a speed-up, but it is somewhat underwhelming.
My measurements have been pretty noisy, but I get a 1.1x speedup fairly
often:

```
$ hyperfine -w5 "puffin-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null" "puffin-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null" ; A kang
Benchmark 1: puffin-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
  Time (mean ± σ):     164.4 ms ±  18.8 ms    [User: 427.1 ms, System: 348.6 ms]
  Range (min … max):   131.1 ms … 190.5 ms    18 runs

Benchmark 2: puffin-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
  Time (mean ± σ):     148.3 ms ±  10.2 ms    [User: 357.1 ms, System: 319.4 ms]
  Range (min … max):   136.8 ms … 184.4 ms    19 runs

Summary
  puffin-test pip compile --cache-dir ~/astral/tmp/cache-test ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null ran
    1.11 ± 0.15 times faster than puffin-main pip compile --cache-dir ~/astral/tmp/cache-main ~/astral/tmp/reqs/home-assistant-reduced.in -o /dev/null
```

One downside is that this does increase cache size (`rkyv`'s
serialization format is not as compact as MessagePack). On disk size
increases by about 1.8x for our `simple-v0` cache.

```
$ sort-filesize cache-main
4.0K    cache-main/CACHEDIR.TAG
4.0K    cache-main/.gitignore
8.0K    cache-main/interpreter-v0
8.7M    cache-main/wheels-v0
18M     cache-main/archive-v0
59M     cache-main/simple-v0
109M    cache-main/built-wheels-v0
193M    cache-main
193M    total

$ sort-filesize cache-test
4.0K    cache-test/CACHEDIR.TAG
4.0K    cache-test/.gitignore
8.0K    cache-test/interpreter-v0
8.7M    cache-test/wheels-v0
18M     cache-test/archive-v0
107M    cache-test/simple-v0
109M    cache-test/built-wheels-v0
242M    cache-test
242M    total
```

Also, while I initially intended to do a simplistic implementation of
HTTP cache semantics, I found that everything was somewhat
inter-connected. I could have wrote code that _specifically_ only worked
with the present behavior of PyPI, but then it would need to be special
cased and everything else would need to continue to use
`http-cache-sematics`. By implementing what we need based on what Puffin
actually is (which is still less than what `http-cache-semantics` does),
we can avoid special casing and use zero-copy deserialization for our
cache policy in _all_ cases.
 2024-02-05 16:47:53 -05:00
Charlie Marsh 398659a9b0
Show yank warnings for `pip install` (#1253) 
Closes https://github.com/astral-sh/puffin/issues/1252.
 2024-02-05 17:15:44 +00:00
Zanie Blue d090acf13d
Improve error messaging when a dependency is not found (#1241) 
Previously, whenever we encountered a missing package we would throw an
error without information about why the package was requested. This
meant that if a transitive dependency required a missing package, the
user would have no idea why it was even selected. Here, we track
`NotFound` and `NoIndex` errors as `NoVersions` incompatibilities with
an attached reason. Improves our test coverage for `--no-index` without
`--find-links`.

The
[snapshots](https://github.com/astral-sh/puffin/pull/1241/files#diff-3eea1658f165476252f1f061d0aa9f915aabdceafac21611cdf45019447f60ec)
show a nice improvement.

I think this will also enable backtracking to another version if some
version of transitive dependency has a missing dependency. I'll write a
scenario for that next.

Requires https://github.com/zanieb/pubgrub/pull/22
 2024-02-05 08:43:05 -06:00
Charlie Marsh be9125b0f0
Remove unnecessary `is_dir` in `clone_recursive` (#1247) 2024-02-04 23:54:22 +00:00
Charlie Marsh 9d42cfd09b
Clarify documentation for `--no-index` (#1243) 
Closes #1242.
 2024-02-04 18:46:01 -05:00
Andrew Gallant 586eeb6eca
tests: update snapshot for new `pip` release (#1245) 
See: https://pypi.org/project/pip/#history
 2024-02-03 15:44:13 -05:00
Zanie Blue bc2f8f5b1e
Fix direct use of `range.simplify` (#1236) 2024-02-02 18:08:25 +00:00
Zanie Blue 6db9db0079
Invert display of "no versions" incompatibilities with multiple ranges (#1233) 
Closes #884 

e.g.

```
❯ cargo run -q -- pip compile --python-version 3.12 requirements.in
  × No solution found when resolving dependencies:
  ╰─▶ Because the requested Python version (3.12) does not satisfy Python>=3.6,<3.10 and recommenders==1.0.0 depends on Python>=3.6,<3.9, we can conclude that recommenders==1.0.0 cannot be used.
      And because only the following versions of recommenders are available:
          recommenders<=0.7
          recommenders==1.0.0
          recommenders==1.1.0
          recommenders==1.1.1
      we can conclude that recommenders>0.7,<1.1.0 cannot be used. (1)

      Because the requested Python version (3.12) does not satisfy Python>=3.6,<3.10 and recommenders>=1.1.0 depends on Python>=3.6,<3.10, we can conclude that recommenders>=1.1.0 cannot be used.
      And because we know from (1) that recommenders>0.7,<1.1.0 cannot be used, we can conclude that recommenders>0.7 cannot be used.
      And because you require recommenders>0.7, we can conclude that the requirements are unsatisfiable.
```
 2024-02-02 12:00:25 -06:00
konsti f10f902570
Yield after channel send and move cpu tasks to thread (#1163) 
## Summary

Previously, we were blocking operations that could run in parallel. We
would send request through our main requests channel, but not yield so
that the receiver could only start processing requests much later than
necessary. We solve this by switching to the async
`tokio::sync::mpsc::channel`, where send is an async functions that
yields.

Due to the increased parallelism cache deserialization and the
conversion from simple api request to version map became bottlenecks, so
i moved them to `spawn_blocking`. Together these result in a 30-60%
speedup for larger warm cache resolution. Small cases such as black
already resolve in 5.7 ms on my machine so there's no speedup to be
gained, refresh and no cache were to noisy to get signal from.

Note for the future: Revisit the bounded channel if we want to produce
requests from `process_request`, too, (this would be good for
prefetching) to avoid deadlocks.

## Details

We can look at the behavior change through the spans:

```
RUST_LOG=puffin=info TRACING_DURATIONS_FILE=target/traces/jupyter-warm-branch.ndjson cargo run --features tracing-durations-export --bin puffin-dev --profile profiling -- resolve jupyter 2> /dev/null
```

Below, you can see how on main, we have discrete phases: All (cached)
simple api requests in parallel, then all (cached) metadata requests in
parallel, repeat until done. The solver is mostly waiting until it has
it's version map from the simple API query to be able to choose a
version. The main thread is blocked by process requests.

In the PR branch, the simple api requests succeeds much earlier,
allowing the solver to advance and also to schedule more prefetching.
Due to that `parse_cache` and `from_metadata` became bottlenecks, so i
moved them off the main thread (green color, and their spans can now
overlap because they can run on multiple threads in parallel). The main
thread isn't blocked on `process_request` anymore, instead it has
frequent idle times. The spans are all much shorter, which indicates
that on main they could have finished much earlier, but a task didn't
yield so they weren't scheduled to finish (though i haven't dug deep
enough to understand the exact scheduling between the process request
stream and the solver here).

**main**


![jupyter-warm-main](https://github.com/astral-sh/puffin/assets/6826232/693c53cc-1090-41b7-b02a-a607fcd2cd99)

**PR**


![jupyter-warm-branch](https://github.com/astral-sh/puffin/assets/6826232/33435f34-b39b-4b0a-a9d7-4bfc22f55f05)

## Benchmarks

```
$ hyperfine --warmup 3 "target/profiling/main-dev resolve jupyter" "target/profiling/branch-dev resolve jupyter"
Benchmark 1: target/profiling/main-dev resolve jupyter
  Time (mean ± σ):      29.1 ms ±   0.7 ms    [User: 22.9 ms, System: 11.1 ms]
  Range (min … max):    27.7 ms …  32.2 ms    103 runs
 
Benchmark 2: target/profiling/branch-dev resolve jupyter
  Time (mean ± σ):      18.8 ms ±   1.1 ms    [User: 37.0 ms, System: 22.7 ms]
  Range (min … max):    16.5 ms …  21.9 ms    154 runs
 
Summary
  target/profiling/branch-dev resolve jupyter ran
    1.55 ± 0.10 times faster than target/profiling/main-dev resolve jupyter

$ hyperfine --warmup 3 "target/profiling/main-dev resolve meine_stadt_transparent" "target/profiling/branch-dev resolve meine_stadt_transparent"
Benchmark 1: target/profiling/main-dev resolve meine_stadt_transparent
  Time (mean ± σ):      37.8 ms ±   0.9 ms    [User: 30.7 ms, System: 14.1 ms]
  Range (min … max):    36.6 ms …  41.5 ms    79 runs
 
Benchmark 2: target/profiling/branch-dev resolve meine_stadt_transparent
  Time (mean ± σ):      24.7 ms ±   1.5 ms    [User: 47.0 ms, System: 39.3 ms]
  Range (min … max):    21.5 ms …  28.7 ms    113 runs
 
Summary
  target/profiling/branch-dev resolve meine_stadt_transparent ran
    1.53 ± 0.10 times faster than target/profiling/main-dev resolve meine_stadt_transparent

$ hyperfine --warmup 3 "target/profiling/main pip compile scripts/requirements/home-assistant.in" "target/profiling/branch pip compile scripts/requirements/home-assistant.in"
Benchmark 1: target/profiling/main pip compile scripts/requirements/home-assistant.in
  Time (mean ± σ):     229.0 ms ±   2.8 ms    [User: 197.3 ms, System: 63.7 ms]
  Range (min … max):   225.8 ms … 234.0 ms    13 runs
 
Benchmark 2: target/profiling/branch pip compile scripts/requirements/home-assistant.in
  Time (mean ± σ):      91.4 ms ±   5.3 ms    [User: 289.2 ms, System: 176.9 ms]
  Range (min … max):    81.0 ms … 104.7 ms    32 runs
 
Summary
  target/profiling/branch pip compile scripts/requirements/home-assistant.in ran
    2.50 ± 0.15 times faster than target/profiling/main pip compile scripts/requirements/home-assistant.in
```
 2024-02-02 18:18:24 +01:00
konsti 3771f6656e
Allow additional assertions on command output (#1226) 
In the scenario tests, we want to make sure we're actually conforming to
the scenario's expectations, so we now have an extra assertion on
whether resolution failed or succeeded as well as that it includes the
given packages.

Closes #1112
Closes #1030
 2024-02-02 09:41:35 +00:00
konsti b16422a108
Remove insta_cmd (#1225) 
We need more flexible filters than those `inta` offers, and `insta_cmd`
makes it impossible to plug in programmatic filters. At the same time we
use barely any of `insta_cmd`'s features. We can replace the subset we
need in about 50 loc.
 2024-02-02 09:37:04 +00:00
konsti 0925e446a8
Refactor remaining integration tests (#1220) 
Mostly a mechanical refactor to use the `puffin_snapshot!` and
`TestContext` infrastructure in the add, remove, venv and pip uninstall
tests, in preparation for adding programmatic windows testing filters.
The is only one remaining usage of `assert_cmd_snapshot!` now in the
`puffin_snapshot!` macro.
 2024-02-02 10:26:59 +01:00
konsti 6b050a1972
Refactor pip install and sync tests (#1213) 
Mostly a mechanical refactor to use the `puffin_snapshot!` and
`TestContext` infrastructure in the pip install and pip sync tests, in
preparation for adding programmatic windows testing filters.
 2024-02-02 10:26:31 +01:00
Charlie Marsh d77d129e8d
Run `cargo update` (#1230) 2024-02-01 11:14:38 -05:00
Charlie Marsh bb49ebee1e
Avoid race condition in clone file replacement (#1229) 
## Summary

I've never seen this in practice but in theory it is possible, and we
have the same guardrail in the hardlink path.
 2024-02-01 10:55:23 -05:00
konsti 809c6d676f
Use normalized display in tests and other small windows fixes (#1228) 
Split out from the large test refactoring PR. Use `normalized_display`
in tests and two more thiserror derives to match snapshots and output,
and other small windows fixes.
 2024-02-01 16:12:30 +01:00
Charlie Marsh 9487378ef9
Avoid TOCTOU errors in data directory installations (#1227) 
## Summary

See: https://github.com/astral-sh/puffin/issues/1224

## Test Plan

Ran `python -m scripts.bench --puffin
scripts/requirements/compiled/jupyter.txt --min-runs 100 --benchmark
install-warm --verbose` several times, which failed eventually on `main`
but not on this branch.
 2024-02-01 14:55:29 +00:00
konsti ea0bfc565d
Refactor pip scenario tests (#1212) 
Mostly a mechanical refactor to use the `puffin_snapshot!` and
`TestContext` infrastructure in the pip compile and pip install
scenarios, in preparation for adding programmatic windows testing
filters.
 2024-02-01 10:31:40 +01:00
Charlie Marsh 0757862a7a
Accommodate minute-level filters in Insta (#1219) 
I don't know why `compile_editable` took over a minute in this case, but
seems like it did? Hard to test this fix.


https://github.com/astral-sh/puffin/actions/runs/7734769259/job/21089338951?pr=1216
 2024-02-01 09:43:09 +01:00
Charlie Marsh 8cbe1d220c
Remove double-download for source distributions (#1218) 
## Summary

Oops -- this was using a different cache key than the route above (this
is the wheel _metadata_ route vs. the wheel build route), so we were
saving and building source distributions twice in `pip install`.
 2024-02-01 04:41:29 +00:00
Charlie Marsh 51e8609ee8
Use Python 3.12 in benchmarks (#1215) 
I originally used Python 3.10, since 3.10 and 3.11 are by far the most
common (at least for [Ruff](https://pypistats.org/packages/ruff)). But
3.12 should give Python tools the most favorable benchmarks.
 2024-01-31 15:51:13 -05:00
Charlie Marsh c4bfb6efee
Add a `BENCHMARKS.md` with rendered benchmarks (#1211) 
As a precursor to the release, I want to include a structured document
with detailed benchmarks.

Closes https://github.com/astral-sh/puffin/issues/1210.
 2024-01-31 20:11:52 +00:00
Andrew Gallant b9d89e7624
puffin-client: generalize SimpleMetadaRaw into OwnedArchive<A> (#1208) 
It turns out that the pattern I coded up for SimpleMetadataRaw is
generally useful when working with rkyv. This commit makes it generic by
supporting any type that implements rkyv's traits, and makes a few
simplifying assumptions by picking a concrete serializer, validator and
deserializer. In effect, this lets use own any archived value.

We also rejigger the API a little bit and double-down on
`OwnedArchive<A>` just being a owned wrapper for `Archived<A>`. Namely,
we implement `Deref` and turn its inherent methods into methods that
require fully qualified syntax. (As is standard for things that
implement `Deref` to avoid ambiguity with the deref target's methods.)

(This PR also makes a couple small simplifications to our custom rkyv
serializer since we no longer need to use it directly. We do still need
to name the type in trait bounds, so it has to be public.)
 2024-01-31 11:56:34 -05:00
konsti 234e8d0bb7
Abstract away test duplication in pip-compile (#1187) 
In preparation for the new windows handling, i want to introduce a
`TestContext` and `puffin_snapshot!` abstraction. This PR applies those
changes for pip-compile. My plan is to use those for all venv-based
integration tests and build the custom windows filters on top of
`puffin_snapshot!`.
 2024-01-31 16:11:10 +00:00
Charlie Marsh 01258c1bb3
Report number of bytes deleted when clearing cache (#1203) 
## Summary

This is based on Cargo's `clean` implementation, with modifications
based on some of my own preferences, and to better adhere to patterns we
use in our codebase:

![Screenshot 2024-01-31 at 1 31
10 AM](https://github.com/astral-sh/puffin/assets/1309177/38704798-b17f-4972-ab67-00484ce63d62)
 2024-01-31 10:48:28 -05:00
Charlie Marsh 8f9258fae3
Invert default feature for testing (#1200) 
## Summary

We have some flags in Puffin that enable us to opt-in to certain tests.
To date, they've been opt-in, so we've run our tests with
`--all-features`. This PR makes them opt-out, and we now run tests with
default features.

The main motivation here is that I want to get tests working for macOS
on CI, but for unknown reasons, macOS can't compile the PyO3 features at
the same time as everything else due to strange linker issues. By
avoiding `--all-features` for tests, we thus avoid unnecessarily
including features that we don't actually use in Puffin.

I verified that the exact same number of tests (439) are run before and
after this change. For users, the primary difference is that you now
need to specify `--no-default-features --features pypi --features
python` to avoid (e.g.) including the Git tests.
 2024-01-31 09:44:26 -05:00
Charlie Marsh b2f1bbaa63
Add a Ctrl+C handler to the confirm workflow (#1202) 
Fixes an issue whereby exiting the confirmation prompt can lead to your
cursor disappearing: https://github.com/console-rs/dialoguer/issues/294.

See:
b839a2c5b7/rye/src/main.rs (L36-L48).
 2024-01-31 02:08:27 +00:00
Charlie Marsh 262f29b558
Add missing `--exclude-newer` to executable tests (#1201) 
A new version of `platformdirs` came out, which broke these.
 2024-01-30 20:26:11 -05:00
Charlie Marsh b88b9e1f3d
Remove dedicated `flate2` features from Puffin (#1199) 
We should be able to enable and disable these without crate-internal
features.
 2024-01-30 19:41:08 -05:00
Andrew Gallant b47f70917f
puffin-client: simplify use of http-cache-semantics (#1197) 
The `http-cache-semantics` crate is polymorphic on the types of requests
and responses it accepts. We had previously been explicitly converting
between `http` and `reqwest` types, but this isn't necessary. We can
provide impls of the traits in `http-cache-semantics` for `reqwest`'s
types (via a wrapper). This saves us from the awkward request/response
type conversions.

While this does clone the request, this is:

1. Not new. We were previously cloning the request to do the conversion.
2. An artifact (I believe) of http-cache-semantics API. (It kind of
   seems like an API bug to me?)

There is also a little bit of messiness around inter-operating between
http::uri::Uri and url::Url. But overall shouldn't be a big deal.
 2024-01-30 18:20:44 -05:00
Charlie Marsh 3f5e7306a5
Remove `WaitMap` dependency (#1183) 
## Summary

This is an attempt to https://github.com/astral-sh/puffin/pull/1163 by
removing the `WaitMap` and gaining more granular control over the values
that we hold over `await` boundaries.
 2024-01-30 15:25:22 -05:00
Charlie Marsh c129717b41
Add support for `--no-deps` to `pip install` (#1191) 
## Summary

Closes https://github.com/astral-sh/puffin/issues/1188.
 2024-01-30 19:54:57 +00:00
Charlie Marsh 8305acc584
Add a builder for resolution options (#1192) 2024-01-30 19:50:16 +00:00
Charlie Marsh aa3b79ec63
Prompt user for missing `-r` and `-e` flags in `pip install` (#1180) 
## Summary

If the user runs a command like `pip install requirements.txt`, we now
prompt them to ask if they meant to include the `-r` flag:

![Screenshot 2024-01-29 at 8 38
29 PM](https://github.com/astral-sh/puffin/assets/1309177/82b9f7a2-2526-4144-b200-a5015e5b8a4b)

![Screenshot 2024-01-29 at 8 38
33 PM](https://github.com/astral-sh/puffin/assets/1309177/bd8ebb51-2537-4540-a0e0-718e66a1c69c)

The specific logic is: if the requirement ends in `.txt` or `.in`, and
the file exists locally, prompt the user for `-r`. If the requirement
contains a directory separator, and the directory exists locally, prompt
the user for `-e`.

Closes #1166.
 2024-01-30 18:58:45 +00:00
Charlie Marsh 7a937e0f60
Error when parsing `requirements.txt`-like packages in `requirements.txt` file (#1179) 
## Summary

Like https://github.com/astral-sh/puffin/pull/1180, this PR adds logic
for `requirements.txt` parsing whereby if a requirement _looks like_ a
local requirements file or an editable directory, we prompt the user to
correct the error (typically, by adding `-r`).
 2024-01-30 18:55:11 +00:00
konsti 4ad0dc8b9e
Add windows aarch64 trampolines (#1190) 
Lacking windows compatible aarch64 hardware, i cross compiled the
trampoline from x86_64 linux to aarch64-pc-windows-msvc; I added the
instructions to the puffin-trampoline readme. With some testing on an
aarch64 windows machine, this should be sufficient to build working
win_arm64 tagged wheels.

i686-pc-windows-msvc is failing with an error:

```
error: linking with `lld-link` failed: exit status: 1
  = note: lld-link: error: undefined symbol: __aulldiv
          >>> referenced by libcompiler_builtins-2fb09dee087e9f64.rlib(compiler_builtins-2fb09dee087e9f64.compiler_builtins.597f0152646f1b8-cgu.0.rcgu.o):(compiler_builtins::int::specialized_div_rem::u128_div_rem::h06aed1e23a3f8f5c)
          >>> referenced by libcompiler_builtins-2fb09dee087e9f64.rlib(compiler_builtins-2fb09dee087e9f64.compiler_builtins.597f0152646f1b8-cgu.0.rcgu.o):(compiler_builtins::int::specialized_div_rem::u128_div_rem::h06aed1e23a3f8f5c)
          >>> referenced by libcompiler_builtins-2fb09dee087e9f64.rlib(compiler_builtins-2fb09dee087e9f64.compiler_builtins.597f0152646f1b8-cgu.0.rcgu.o):(compiler_builtins::int::specialized_div_rem::u128_div_rem::h06aed1e23a3f8f5c)
          >>> referenced 4 more times

          lld-link: error: undefined symbol: __aullrem
          >>> referenced by libcompiler_builtins-2fb09dee087e9f64.rlib(compiler_builtins-2fb09dee087e9f64.compiler_builtins.597f0152646f1b8-cgu.0.rcgu.o):(compiler_builtins::int::specialized_div_rem::u128_div_rem::h06aed1e23a3f8f5c)
          >>> referenced by libcompiler_builtins-2fb09dee087e9f64.rlib(compiler_builtins-2fb09dee087e9f64.compiler_builtins.597f0152646f1b8-cgu.0.rcgu.o):(compiler_builtins::int::specialized_div_rem::u128_div_rem::h06aed1e23a3f8f5c)
          >>> referenced by libcompiler_builtins-2fb09dee087e9f64.rlib(compiler_builtins-2fb09dee087e9f64.compiler_builtins.597f0152646f1b8-cgu.0.rcgu.o):(compiler_builtins::int::specialized_div_rem::u128_div_rem::h06aed1e23a3f8f5c)
          >>> referenced 4 more times
```
 2024-01-30 17:51:27 +00:00
Charlie Marsh c479c26cab
Add compatibility arguments for `pip sync` (#1185) 
## Summary

As with `pip compile`, we can provide useful error messages and warnings
when people pass `pip sync` arguments.

Closes https://github.com/astral-sh/puffin/issues/1184.
 2024-01-30 08:48:55 -05:00
konsti ab27913f68
Instrument the main function and add jupyter.in (#1186) 
Instrument the main function as anchor span for checking overhead and
update tracing-durations-export to 0.2.0 for differentiating
blocking/non-blocking tasks.

Add a `jupyter.in` requirement since `pip install jupyter` is a common
operation. I tried `jupyterlab` too but there is no difference in
performance (1.00 ± 0.07).
 2024-01-30 11:03:24 +00:00
konsti a6c4cbfe55
Cleanup puffin interpreter errors (#1169) 
Use `virtualenv` consistently, remove unused error variants and hint the
user towards installing missing python versions.

I didn't touch the Readme but i replaced `virtualenv environment` with
`virtualenv` in the strings i found.

Fixes https://github.com/astral-sh/puffin/issues/1167
 2024-01-30 10:52:46 +01:00
Charlie Marsh bd934207e4
Accept relative file paths in CLI requirements (#1182) 
## Summary

See: https://github.com/astral-sh/puffin/issues/1181.

## Test Plan

```
❯ cargo run -- pip install packse@../../zanieb/packse
    Finished dev [unoptimized + debuginfo] target(s) in 0.15s
     Running `target/debug/puffin pip install 'packse@../../zanieb/packse'`
error: Distribution not found at: file:///Users/crmarsh/zanieb/packse
```
 2024-01-30 03:31:24 +00:00
konsti d4ed5ea858
Fix the `compile_python_37` test with python 3.7 installed (#1172) 
Make the test `compile_python_37` pass whether python 3.7 is installed
or not by muting the warning for a missing 3.7. The resolution error is
independent of whether 3.7 is installed or not.
 2024-01-29 18:59:28 +01:00
Charlie Marsh 67a09649f2
Support parsing `--find-links`, `--index-url`, and `--extra-index-url` in `requirements.txt` (#1146) 
## Summary

This PR adds support for `--find-links`, `--index-url`, and
`--extra-index-url` arguments when specified in a `requirements.txt`.

It's a mostly-straightforward change. The only uncertain piece is what
to do when multiple files include these flags, and/or when we include
them on the CLI and in other files.

In general:

- If _anything_ specifies `--no-index`, we respect it.
- We combine all `--extra-index-url` and `--find-links` across all
sources, since those are just vectors.
- If we see multiple `--index-url` in requirements files, we error.
- We respect the `--index-url` from the command line over any provided
in a requirements file.

(`pip-compile` seems to just pick one semi-arbitrarily when multiple are
provided.)

Closes https://github.com/astral-sh/puffin/issues/1143.
 2024-01-29 15:06:40 +00:00
Charlie Marsh 4b9daf9604
Use tokio_tar instead of async_tar (#1170) 
## Summary

`tokio_tar` is a fork of `async_tar` that uses Tokio instead of
`async-std`. Using it removes a significant dependency from our tree.

(There is an open PR
(https://github.com/dignifiedquire/async-tar/pull/41) in `async-tar` to
add Tokio support, but it's over a year old.)

See:
https://github.com/astral-sh/puffin/pull/1157#discussion_r1469190249.
 2024-01-29 10:00:30 -05:00
Andrew Gallant a42b385e9b
puffin-client: add SimpleMetadataRaw (#1150) 
This adds what is effectively an owned wrapper around
`Archived<SimpleMetadata>`. Normally, an `Archived<SimpleMetadata>`
has to be used behind a pointer (since it has a lifetime
attached to its underlying byte buffer), but we create a
wrapper around it that owns the underlying buffer and provides
free access to the archived type.

This in effect creates an anchor point for the archived type
and lets us pass it around easily. (There has to be an anchor
point for it somewhere.)

An alternative to this approach would be to store it as a file
backed memory map. But in practice, we're dealing with small
files, and just reading them on to the heap is likely to be
faster. (Memory maps also have wildly different perf characteristics
across platforms.)

Note that this commit just defines the type. It isn't actually
used anywhere yet.
 2024-01-29 09:37:06 -05:00
konsti be48200642
Small instrumentation improvements (#1164) 
Less verbose span fields for `Dist`s by using the display impl and no
more min length in the tracing durations plot config for comparability
(we lose spans due to a speedup otherwise). Both wait points in the
solver loop are now instrumented so we can inspect what we're waiting
for to progress in the solver.
 2024-01-29 10:55:19 +00:00
konsti 8bfc3c1b37
Trim `get_cached_with_callback` and `send_cached` down some more. (#1128) 
I noticed that `get_cached_with_callback` and `send_cached` are large
both in terms of llvm lines and in terms of types (and large types can
cause buffer overflows on windows). `get_cached_with_callback`
specifically is large because it's monomorphized for each callback. I've
split both functions into smaller units and boxed the callback.

llvm lines, before:

```
  Lines                 Copies               Function name
  -----                 ------               -------------
  909511                21625                (TOTAL)
   36026 (4.0%,  4.0%)     33 (0.2%,  0.2%)  <&mut rmp_serde::decode::Deserializer<R,C> as serde:🇩🇪:Deserializer>::deserialize_any
   14688 (1.6%,  5.6%)      8 (0.0%,  0.2%)  puffin_client::cached_client::CachedClient::get_cached_with_callback::{{closure}}::{{closure}}
   13748 (1.5%,  7.1%)      5 (0.0%,  0.2%)  puffin_client::cached_client::CachedClient::send_cached::{{closure}}
   12460 (1.4%,  8.5%)     35 (0.2%,  0.4%)  alloc::raw_vec::RawVec<T,A>::grow_amortized
   10731 (1.2%,  9.6%)    122 (0.6%,  0.9%)  <alloc::boxed::Box<T,A> as core::ops::drop::Drop>::drop
    8952 (1.0%, 10.6%)      9 (0.0%,  1.0%)  core::slice::sort::partition_in_blocks
    8216 (0.9%, 11.5%)    323 (1.5%,  2.5%)  <core::result::Result<T,E> as core::ops::try_trait::Try>::branch
    7745 (0.9%, 12.4%)    205 (0.9%,  3.4%)  core::result::Result<T,E>::map_err
    6862 (0.8%, 13.1%)     54 (0.2%,  3.7%)  <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter
    6720 (0.7%, 13.9%)    133 (0.6%,  4.3%)  std::panicking::try
    6600 (0.7%, 14.6%)     45 (0.2%,  4.5%)  <alloc::sync::Weak<T,A> as core::ops::drop::Drop>::drop
    5899 (0.6%, 15.2%)     33 (0.2%,  4.6%)  rmp_serde::decode::Deserializer<R,C>::read_str_data
    5610 (0.6%, 15.9%)     33 (0.2%,  4.8%)  alloc::raw_vec::RawVec<T,A>::allocate_in
    5187 (0.6%, 16.4%)    133 (0.6%,  5.4%)  std::panicking::try::do_catch
    4740 (0.5%, 17.0%)    268 (1.2%,  6.7%)  core::ops::function::FnOnce::call_once
    4670 (0.5%, 17.5%)     40 (0.2%,  6.8%)  puffin_client::cached_client::CachedClient::get_cached_with_callback::{{closure}}::{{closure}}::{{closure}}
    4527 (0.5%, 18.0%)     54 (0.2%,  7.1%)  core::iter::traits::iterator::Iterator::try_fold
```

after:

```
  Lines                 Copies               Function name
  -----                 ------               -------------
  910275                21712                (TOTAL)
   36026 (4.0%,  4.0%)     33 (0.2%,  0.2%)  <&mut rmp_serde::decode::Deserializer<R,C> as serde:🇩🇪:Deserializer>::deserialize_any
   12460 (1.4%,  5.3%)     35 (0.2%,  0.3%)  alloc::raw_vec::RawVec<T,A>::grow_amortized
   10935 (1.2%,  6.5%)    124 (0.6%,  0.9%)  <alloc::boxed::Box<T,A> as core::ops::drop::Drop>::drop
    8952 (1.0%,  7.5%)      9 (0.0%,  0.9%)  core::slice::sort::partition_in_blocks
    8714 (1.0%,  8.5%)      5 (0.0%,  0.9%)  puffin_client::cached_client::CachedClient::send_cached_handle_stale::{{closure}}
    8216 (0.9%,  9.4%)    323 (1.5%,  2.4%)  <core::result::Result<T,E> as core::ops::try_trait::Try>::branch
    8192 (0.9%, 10.3%)      8 (0.0%,  2.5%)  puffin_client::cached_client::CachedClient::get_cached_with_callback::{{closure}}::{{closure}}
    7745 (0.9%, 11.1%)    205 (0.9%,  3.4%)  core::result::Result<T,E>::map_err
    6862 (0.8%, 11.9%)     54 (0.2%,  3.7%)  <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter
    6778 (0.7%, 12.6%)      5 (0.0%,  3.7%)  puffin_client::cached_client::CachedClient::send_cached::{{closure}}
    6720 (0.7%, 13.4%)    133 (0.6%,  4.3%)  std::panicking::try
    6600 (0.7%, 14.1%)     45 (0.2%,  4.5%)  <alloc::sync::Weak<T,A> as core::ops::drop::Drop>::drop
    5899 (0.6%, 14.7%)     33 (0.2%,  4.7%)  rmp_serde::decode::Deserializer<R,C>::read_str_data
    5610 (0.6%, 15.3%)     33 (0.2%,  4.8%)  alloc::raw_vec::RawVec<T,A>::allocate_in
    5187 (0.6%, 15.9%)    133 (0.6%,  5.4%)  std::panicking::try::do_catch
    4740 (0.5%, 16.4%)    268 (1.2%,  6.7%)  core::ops::function::FnOnce::call_once
    4527 (0.5%, 16.9%)     54 (0.2%,  6.9%)  core::iter::traits::iterator::Iterator::try_fold
```

Stack sizes diff:
https://gist.github.com/konstin/a3f38276aacf1170038a756c8c49793c
 2024-01-29 08:31:27 +00:00
Charlie Marsh fa3f0d7a55
Remove cache `purge` methods to `clean` (#1159) 
This is more consistent with the public interface.
 2024-01-28 21:15:11 -05:00
Charlie Marsh d88ce76979
Stream unpacking of source distribution downloads (#1157) 
This PR migrates our source distribution downloads to unzip as we
stream, similar to our approach for wheels.

In my testing, this showed a consistent speedup (e.g., 6% here for a few
representative source distributions):

```text
❯ python -m scripts.bench --puffin-path ./target/release/main --puffin-path ./target/release/puffin --benchmark install-cold requirements.in
Benchmark 1: ./target/release/main (install-cold)
  Time (mean ± σ):      1.503 s ±  0.039 s    [User: 1.479 s, System: 0.537 s]
  Range (min … max):    1.466 s …  1.605 s    10 runs

Benchmark 2: ./target/release/puffin (install-cold)
  Time (mean ± σ):      1.421 s ±  0.024 s    [User: 1.505 s, System: 0.593 s]
  Range (min … max):    1.381 s …  1.454 s    10 runs

Summary
  './target/release/puffin (install-cold)' ran
    1.06 ± 0.03 times faster than './target/release/main (install-cold)'
```
 2024-01-28 20:09:24 -05:00
Andrew Gallant 5219d37250
add initial rkyv support (#1135) 
This PR adds initial support for [rkyv] to puffin. In particular,
the main aim here is to make puffin-client's `SimpleMetadata` type
possible to deserialize from a `&[u8]` without doing any copies. This
PR **stops short of actuallying doing that zero-copy deserialization**.
Instead, this PR is about adding the necessary trait impls to a variety
of types, along with a smattering of small refactorings to make rkyv
possible to use.

For those unfamiliar, rkyv works via the interplay of three traits:
`Archive`, `Serialize` and `Deserialize`. The usual flow of things is
this:

* Make a type `T` implement `Archive`, `Serialize` and `Deserialize`.
rkyv
helpfully provides `derive` macros to make this pretty painless in most
  cases.
* The process of implementing `Archive` for `T` *usually* creates an
entirely
new distinct type within the same namespace. One can refer to this type
without naming it explicitly via `Archived<T>` (where `Archived` is a
clever
  type alias defined by rkyv).
* Serialization happens from `T` to (conceptually) a `Vec<u8>`. The
serialization format is specifically designed to reflect the in-memory
layout
  of `Archived<T>`. Notably, *not* `T`. But `Archived<T>`.
* One can then get an `Archived<T>` with no copying (albeit, we will
likely
need to incur some cost for validation) from the previously created
`&[u8]`.
This is quite literally [implemented as a pointer cast][rkyv-ptr-cast].
* The problem with an `Archived<T>` is that it isn't your `T`. It's
something
  else. And while there is limited interoperability between a `T` and an
`Archived<T>`, the main issue is that the surrounding code generally
demands
a `T` and not an `Archived<T>`. **This is at the heart of the tension
for
  introducing zero-copy deserialization, and this is mostly an intrinsic
problem to the technique and not an rkyv-specific issue.** For this
reason,
  given an `Archived<T>`, one can get a `T` back via an explicit
deserialization step. This step is like any other kind of
deserialization,
although generally faster since no real "parsing" is required. But it
will
  allocate and create all necessary objects.

This PR largely proceeds by deriving the three aforementioned traits
for `SimpleMetadata`. And, of course, all of its type dependencies. But
we stop there for now.

The main issue with carrying this work forward so that rkyv is actually
used to deserialize a `SimpleMetadata` is figuring out how to deal
with `DataWithCachePolicy` inside of the cached client. Ideally, this
type would itself have rkyv support, but adding it is difficult. The
main difficulty lay in the fact that its `CachePolicy` type is opaque,
not easily constructable and is internally the tip of the iceberg of
a rat's nest of types found in more crates such as `http`. While one
"dumb"-but-annoying approach would be to fork both of those crates
and add rkyv trait impls to all necessary types, it is my belief that
this is the wrong approach. What we'd *like* to do is not just use
rkyv to deserialize a `DataWithCachePolicy`, but we'd actually like to
get an `Archived<DataWithCachePolicy>` and make actual decisions used
the archived type directly. Doing that will require some work to make
`Archived<DataWithCachePolicy>` directly useful.

My suspicion is that, after doing the above, we may want to mush
forward with a similar approach for `SimpleMetadata`. That is, we want
`Archived<SimpleMetadata>` to be as useful as possible. But right
now, the structure of the code demands an eager conversion (and thus
deserialization) into a `SimpleMetadata` and then into a `VersionMap`.
Getting rid of that eagerness is, I think, the next step after dealing
with `DataWithCachePolicy` to unlock bigger wins here.

There are many commits in this PR, but most are tiny. I still encourage
review to happen commit-by-commit.

[rkyv]: https://rkyv.org/
[rkyv-ptr-cast]:
https://docs.rs/rkyv/latest/src/rkyv/util/mod.rs.html#63-68
 2024-01-28 12:14:59 -05:00
Charlie Marsh a25a1f2958
Avoid re-creating directories in async unzip (#1155) 
This PR extends the optimizations from #1154 to other unzip paths.
 2024-01-28 14:30:38 +00:00
Charlie Marsh 3d10f344f3
Only include visited packages in error message derivation (#1144) 
## Summary

This is my guess as to the source of the resolver flake, based on
information and extensive debugging from @zanieb. In short, if we rely
on `self.index.packages` as a source of truth during error reporting, we
open ourselves up to a source of non-determinism, because we fetch
package metadata asynchronously in the background while we solve -- so
packages _could_ be included in or excluded from the index depending on
the order in which those requests are returned.

So, instead, we now track the set of packages that _were_ visited by the
solver. Visiting a package _requires_ that we wait for its metadata to
be available. By limiting analysis to those packages that were visited
during solving, we are faithfully representing the state of the solver
at the time of failure.

Closes #863
 2024-01-28 09:27:22 -05:00
Charlie Marsh 6f2c235d21
Avoid re-creating directories during unzip (#1154) 
## Summary

We have this optimization in `wheel.rs`, in the installer, but it makes
a huge difference for zips with many small files:

```
Benchmarking file_reader/Django-5.0.1-py3-none-any.whl: Warming up for 3.0000 s
Warning: Unable to complete 100 samples in 5.0s. You may wish to increase target time to 74.2s, or reduce sample count to 10.
file_reader/Django-5.0.1-py3-none-any.whl
                        time:   [751.63 ms 757.78 ms 764.27 ms]
                        change: [-1.0290% +0.0841% +1.2289%] (p = 0.88 > 0.05)
                        No change in performance detected.
Found 4 outliers among 100 measurements (4.00%)
  4 (4.00%) high mild

Benchmarking buffered_reader/Django-5.0.1-py3-none-any.whl: Warming up for 3.0000 s
Warning: Unable to complete 100 samples in 5.0s. You may wish to increase target time to 53.4s, or reduce sample count to 10.
buffered_reader/Django-5.0.1-py3-none-any.whl
                        time:   [529.86 ms 536.44 ms 543.35 ms]
                        change: [+0.0293% +1.5543% +3.1426%] (p = 0.05 > 0.05)
                        No change in performance detected.
Found 3 outliers among 100 measurements (3.00%)
  3 (3.00%) high mild
```

That's almost 30% faster...
 2024-01-28 00:07:54 -05:00
Charlie Marsh 888a9e6f53
Remove an unnecessary `Path` clone (#1153) 2024-01-28 03:16:51 +00:00
Charlie Marsh d243250dec
Avoid unnecessary permissions changes for copy paths (#1152) 
In Rust, `fs::copy` automatically preserves permissions (see:
https://doc.rust-lang.org/std/fs/fn.copy.html).

Elsewhere, when copying from the zip archive out to the cache, we can
set permissions during file creation, rather than as a separate call.

Both of these should be slightly more efficient.
 2024-01-27 22:11:55 -05:00
Charlie Marsh d6795da0ea
Set permissions after streaming unzip (#1151) 
## Summary

When we migrated to an "unzip while we stream" solution, we lost the
logic to set permissions on the extracted files, so executables in
wheels were no longer executable. It turns out this is a little tricky,
since the permissions metadata is in the central directory at the _end_
of the zip file, and the async ZIP reader explicitly stops iteration
once it hits the central directory. (Specifically, it goes 4 bytes into
the central directory, since it sees the 4-byte signature header and
then stops.)

So, to solve that, I've added a `CentralDirectoryReader` that continues
where that iterator left off. This required forking the async zip crate:
https://github.com/charliermarsh/rs-async-zip/pull/1. It took a lot of
fiddling but I'm quite confident in the code now, especially since the
async zip crate validates the signature kind on every read.

The central directory is typically quite small (even for the Zig wheel,
which is enormous, it's just around 1MB), so I don't expect this to have
a high cost.

Closes https://github.com/astral-sh/puffin/issues/1148.
 2024-01-27 19:22:44 -05:00
Charlie Marsh 15ca17a68d
Support relative `file:` paths for `--find-links` (#1147) 
Just for consistency.
 2024-01-27 03:48:25 +00:00
Charlie Marsh 4e19e6846d
Accept long form of pip arguments in `requirements.txt` (#1145) 2024-01-26 21:56:10 -05:00
Charlie Marsh addb94fbd6
Add support for emitting index URLs and --find-links (#1142) 
Closes https://github.com/astral-sh/puffin/issues/1140.
 2024-01-27 01:37:55 +00:00
Charlie Marsh a2ef2010d2
Add arguments for pip-compile compatibility (#1139) 
## Summary

This ensures that we warn when redundant options are passed (like
`--allow-unsafe`, which is really common for forwards compatibility
since it's going to be the default in a future release), and errors when
known variants are passed that we _don't_ support (like
`--resolver=backtracking`).

Closes https://github.com/astral-sh/puffin/issues/1127.
 2024-01-26 16:54:02 -05:00
Charlie Marsh 06024653f9
Reduce visibility of some methods in `wheel.rs` (#1125) 2024-01-26 16:34:51 -05:00
Zanie Blue 5cc4e5d31e
Add `pip compile` test where specific Python versions are available on the system (#1111) 
Extends https://github.com/astral-sh/puffin/pull/1106 with the scenario
from https://github.com/zanieb/packse/pull/95 which tests that `pip
compile` will use the matching system Python version for builds when
available
 2024-01-26 18:38:24 +00:00
Zanie Blue 91f421cf97
Do not allow `pip compile` scenario tests to discover other Python versions (#1106) 
In https://github.com/astral-sh/puffin/pull/1040 we broke the pip
compile scenarios designed to test failure when a required Python
version is not available — resolution succeeded because all of the
Python versions were available in CI. Following #1105 we have the
ability to isolate tests from Python versions available in the system.
Here, we limit the scenarios to only the Python version in the current
environment, restoring our ability to test the error messages.

With https://github.com/zanieb/packse/pull/95, we will be able to
specify scenarios with access to additional system Python versions. This
will allow us to include test coverage where resolution can succeed by
using a version available elsewhere on the system. See #1111 for this
follow-up.
 2024-01-26 18:18:15 +00:00
Zanie Blue 21577ad002
Add bootstrapping and isolation of development Python versions (#1105) 
Replaces https://github.com/astral-sh/puffin/pull/1068 and #1070 which
were more complicated than I wanted.

- Introduces a `.python-versions` file which defines the Python versions
needed for development
- Adds a Bash script at `scripts/bootstrap/install` which installs the
required Python versions from `python-build-standalone` to `./bin`
- Checks in a `versions.json` file with metadata about available
versions on each platform and a `fetch-version` Python script derived
from `rye` for updating the versions
- Updates CI to use these Python builds instead of the `setup-python`
action
- Updates to the latest packse scenarios which require Python 3.8+
instead of 3.7+ since we cannot use 3.7 anymore and includes new test
coverage of patch Python version requests
- Adds a `PUFFIN_PYTHON_PATH` variable to prevent lookup of system
Python versions for isolation during development

Tested on Linux (via CI) and macOS (locally) — presumably it will be a
bit more complicated to do proper Windows support.
 2024-01-26 12:12:48 -06:00
Charlie Marsh cc0e211074
Avoid embedding launcher scripts on non-Windows (#1124) 
Just to reduce binary size on all other platforms.
 2024-01-26 17:19:05 +01:00
Charlie Marsh f946d46273
Avoid allocating a max-size buffer (#1123) 
This seems potentially-dangerous with no upside.
 2024-01-26 14:27:19 +00:00
konsti 39021263dd
Windows launchers using posy trampolines (#1092) 
## Background

In virtual environments, we want to install python programs as console
commands, e.g. `black .` over `python -m black .`. They may be called
[entrypoints](https://packaging.python.org/en/latest/specifications/entry-points/)
or scripts. For entrypoints, we're given a module name and function to
call in that module.

On Unix, we generate a minimal python script launcher. Text files are
runnable on unix by adding a shebang at their top, e.g.

```python
#!/usr/bin/env python
```

will make the operating system run the file with the current python
interpreter. A venv launcher for black in `/home/ferris/colorize/.venv`
(module name: `black`, function to call: `patched_main`) would look like
this:

```python
#!/home/ferris/colorize/.venv/bin/python
# -*- coding: utf-8 -*-
import re
import sys
from black import patched_main
if __name__ == "__main__":
    sys.argv[0] = re.sub(r"(-script\.pyw|\.exe)?$", "", sys.argv[0])
    sys.exit(patched_main())
```

On windows, this doesn't work, we can only rely on launching `.exe`
files.

## Summary

We use posy's rust implementation of a trampoline, which is based on
distlib's c++ implementation. We pre-build a minimal exe and append the
launcher script as stored zip archive behind it. The exe will look for
the venv python interpreter next to it and use it to execute the
appended script.

The changes in this PR make the `black` entrypoint work:

```powershell
cargo run -- venv .venv
cargo run -q -- pip install black
.\.venv\Scripts\black --version
```

Integration with our existing tests will be done in follow-up PRs.

## Implementation and Details

I've vendored the posy trampoline crate. It is a formatted, renamed and
slightly changed for embedding version of
https://github.com/njsmith/posy/pull/28.

The posy launchers are smaller than the distlib launchers, 16K vs 106K
for black. Currently only `x86_64-pc-windows-msvc` is supported. The
crate requires a nightly compiler for its no-std binary size tricks.

On windows, an application can be launched with a console or without (to
create windows instead), which needs two different launchers. The gui
launcher will subsequently use `pythonw.exe` while the console launcher
uses `python.exe`.
 2024-01-26 13:54:11 +00:00
konsti f1d3b08c12
Add missing version to pip sync test (#1121) 
The test started failing due to a newer version on pypi.
 2024-01-26 13:36:25 +00:00
Charlie Marsh 361a2039d2
Add `--no-annotate` and `--no-header` flags (#1117) 
Closes #1107.
Closes #1108.
 2024-01-26 12:14:18 +00:00
Charlie Marsh 7755f986c3
Support extras in editable requirements (#1113) 
## Summary

This PR adds support for requirements like `-e .[d]`.

Closes #1091.
 2024-01-26 12:07:51 +00:00
Charlie Marsh f593b65447
Remove refresh checks from the install plan (#1119) 
## Summary

Rather than checking cache freshness in the install plan, it's a lot
simple to have the install plan _never_ return cached data when the
refresh policy is in place, and then rely on the distribution database
to check for freshness. The original implementation didn't support this,
since the distribution database was rebuilding things too often. Now, it
rarely rebuilds (it's much better about this), so it seems conceptually
much simpler to split up the responsibilities like this.
 2024-01-25 22:48:16 -05:00
Charlie Marsh 50057cd5f2
Re-add Cargo's known hosts checking (#1118) 
## Summary

This ensures that (like Cargo) we don't suffer from
https://github.com/advisories/GHSA-r5w3-xm58-jv6j, by way of checking
known hosts when fetching via `libgit2`.

The implementation is taken from Cargo itself, modified to remove all
configuration, since we don't yet support configuration for known hosts,
etc.

Closes #285.
 2024-01-25 22:29:36 -05:00
Charlie Marsh 67b41427cc
Store source distribution directly in the cache (#1116) 
I want to move towards using the archive bucket exclusively for wheels.
We never overwrite source distributions, so there's no need to symlink
them.
 2024-01-25 20:52:31 -05:00
Charlie Marsh 77351c7874
Use snapshots for requirements.txt error tests (#1115) 
## Summary

I find these too difficult to edit and maintain. This brings them closer
to the rest of our testing setups.
 2024-01-25 20:35:52 -05:00
Charlie Marsh 57c116ee9a
Move Black editable to flit backend (#1114) 
I ran into a bug in PDM that's making it impossible to use the Black
example for extras: https://github.com/pdm-project/pdm/issues/2591.

I've confirmed that Flit handles it correctly.
 2024-01-25 19:54:54 -05:00
Zanie Blue 3a05ef5285
Add venv tests for missing Python versions (#1096) 
These demonstrate some lackluster error messages.
 2024-01-25 13:57:05 -06:00
Charlie Marsh f36c167982
Use a consolidated error for distribution failures (#1104) 
## Summary

Use a single error type in `puffin_distribution`, rather than two
confusingly similar types between `DistributionDatabase` and the source
distribution module.

Also removes the `#[from]` for IO errors and replaces with explicit
wrapping, which is verbose but removes a bunch of incorrect error
messages.
 2024-01-25 14:49:11 -05:00
Charlie Marsh 8ef819e07e
Remove `Option` wrapper from requirement extras (#1103) 
There's no semantic difference between `None` and empty, so seems
simpler to represent this way.
 2024-01-25 13:21:53 -05:00
Andrew Gallant 067acfe79e
puffin-client: rejigger error type (#1102) 
This PR changes the error type to be boxed internally so that it uses
less size on the stack. This makes functions returning `Result<T,
Error>`, in particular, return something much smaller.

The specific thing that motivated this was Clippy lints firing when I
tried to refactor code in this crate.

I chose to achieve boxing by splitting the enum out into a separate
type, and then wiring up the necessary `From` impl to make error
conversions easy, and then making `Error` itself opaque. We could expose
the `Box`, but there isn't a ton of benefit in doing so because one
cannot pattern match through a `Box`.

This required using more explicit error conversions in several places.
And as a result, I was able to remove all `#[from]` attributes on
non-transparent error variants.
 2024-01-25 13:13:21 -05:00
Charlie Marsh 3e86c80874
Set buffer size when unzipping (#1101) 
The zip archive includes an uncompressed size header, which we can use
to preallocate.
 2024-01-25 17:58:36 +00:00
Charlie Marsh e0902d7d5a
Make `puffin-fs` `tokio` dependency opt-in (#1100) 2024-01-25 12:47:46 -05:00
Charlie Marsh 5ad2e60561
Use `same-file` to detect interpreter shims (#1099) 
Our existing detection doesn't work on Windows, because we canoncalize
the interpreter path but not `info.sys_executable`, so the former
includes the UNC prefix, etc. This is cross-platform and gets at the
intent of the check.
 2024-01-25 12:27:49 -05:00
Charlie Marsh f4939e50a6
Remove UNC prefixes on Windows (#1086) 
## Summary

This PR adds a `NormalizedDisplay` trait that we can use for user-facing
paths, to strip the UNC prefix on Windows.

On other platforms, the implementation is a no-op (vs. `Display`).

I audited all usages of `.display()`, and changed any that were
user-facing, either via `println!` or `eprintln!`, or by way of being
included in error messages. I did _not_ change uses that were only in
tests or only went to tracing.

Closes https://github.com/astral-sh/puffin/issues/1084.
 2024-01-25 11:44:22 -05:00
konsti 035cd81ac8
Fix venv PATH on windows (#1095) 
Windows uses `;` instead of `:` to separate `PATH` entries. This pull
request switches from manually using `:` to the `std::env` functions.
This fixes

```
puffin pip install -e scripts/editable-installs/maturin_editable
```

on windows.
 2024-01-25 15:40:52 +00:00
Charlie Marsh 904db967af
Use junctions instead of symlinks on Windows (#1087) 
## Summary

When we unzip wheels in the cache, we write the directories out to an
`archive-v0` bucket, and then symlink into that bucket from the
`wheels-v0` and `built-wheels-v0` buckets.

On Windows, symlinks are not well supported. Specifically, they need to
be explicitly enabled by the user. So, instead of symlinks, we now use
junctions, which are well-supported on Windows, and allow you to
(effectively) symlink a directory to another directory. This PR
implements said junction support, which gets the core installer working
on Windows.

In the past, we also used symlinks to implement another primitive: we
wanted to be able to replace a directory "atomically" (I put
"atomically" in quotes because I don't know if it's actually a
guaranteed atomic operation), in case someone was trying to use the
directory while we were replacing it (as opposed to deleting the
directory, then moving it into place).

On Windows, it doesn't appear to be possible to atomically replace a
junction. So instead, I'm using a new design, whereby the cache always
returns canonicalized paths. We know these canonicalized paths are
unique and won't be replaced, so they're safe for writers to rely on. In
general, when we write new data to the cache, we now return the
canonicalized path. When we read from the cache, and try to identify
(e.g.) the set of wheels available to us, we canonicalize the links
immediately and consider them non-existent if that operation fails.

Closes #1085.

---------

Co-authored-by: konstin <konstin@mailbox.org>
 2024-01-25 10:06:38 +01:00
Charlie Marsh 036b7e5f43
Use `parse_headers` rather than parsing body (#1090) 
Looking at the internals, this should make almost no difference in
performance, but anyway...
 2024-01-25 09:41:21 +01:00
Zanie Blue ed1ac640b9
Consolidate `UnusableDependencies` into a generic `Unavailable` incompatibility (#1088) 
Requires https://github.com/zanieb/pubgrub/pull/20

In short, `UnusableDependencies` can be generalized into `Unavailable`
which encompasses incompatibilities where a package range which is
unusable for some inherent reason as well as when its dependencies are
unusable. We can eventually use this to track more incompatibilities in
the solver. I made the reason string required because I can't see a case
where we should leave it out.

Additionally, this improves the display of conflicts in the root
requirements.
 2024-01-24 22:10:44 -06:00
Zanie Blue 091f8e09ff
Use a cache directory for venv tests (#1089) 2024-01-24 22:09:37 -06:00
konsti ed6a1606b9
Use `which::which` instead of `which::which_global` (#1083) 
`which::which_global` does not resolve relative paths, which we want to
support, while `which::which` does.
 2024-01-24 18:35:57 -06:00
Charlie Marsh cedd2e0b3f
Use a buffered reader for wheel metadata (#1082) 
## Summary

It turns out this is significantly faster when reading (e.g.) _just_ the
`METADATA` file from a zipped wheel.

I audited other `File::open` usages, and everything else seems to be
using a buffered reader already (directly, or in whatever third-party
crate it's passed to) _or_ is read immediately in full.

See the criterion benchmark:

```
file_reader/numpy-1.26.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
                        time:   [6.9618 ms 6.9664 ms 6.9713 ms]
Found 4 outliers among 100 measurements (4.00%)
  4 (4.00%) high mild
file_reader/flask-3.0.1-py3-none-any.whl
                        time:   [237.50 µs 238.25 µs 239.13 µs]
Found 7 outliers among 100 measurements (7.00%)
  3 (3.00%) high mild
  4 (4.00%) high severe

buffered_reader/numpy-1.26.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
                        time:   [648.92 µs 653.85 µs 660.09 µs]
Found 4 outliers among 100 measurements (4.00%)
  3 (3.00%) high mild
  1 (1.00%) high severe
buffered_reader/flask-3.0.1-py3-none-any.whl
                        time:   [39.578 µs 39.712 µs 39.869 µs]
Found 8 outliers among 100 measurements (8.00%)
  3 (3.00%) high mild
  5 (5.00%) high severe
```
 2024-01-24 15:22:55 -05:00
Zanie Blue 0019fe71f6
Add warning when target version does not match build version (#1072) 
Follow-up to https://github.com/astral-sh/puffin/pull/1040 adding a
user-facing warning when we cannot build with their requested version.

e.g.

```
❯ cargo run -- pip compile requirements.in --python-version 3.11.4 --no-build
Resolved 8 packages in 483ms
❯ cargo run -- pip compile requirements.in --python-version 3.11.4
warning: The requested Python version 3.11.4 is not available; 3.11.7 will be used to build dependencies instead.
Resolved 8 packages in 71ms
❯ cargo run -- pip compile requirements.in --python-version 3.11
Resolved 8 packages in 71ms
```
 2024-01-24 13:42:19 -06:00
Charlie Marsh 738e8341e2
Use a consistent `Timestamp` struct (#1081) 
## Summary

This PR uses `ctime` consistently on Unix as a more conservative
approach to change detection. It also ensures that our timestamp
abstraction is entirely internal, so we can change the representation
and logic easily across the codebase in the future.
 2024-01-24 14:21:31 -05:00
Zanie Blue bdfabfb088
Fixup doc for `find_best` (#1079) 2024-01-24 12:55:01 -06:00
konsti 2e0ce70d13
Initial windows support (#940) 
## Summary

First batch of changes for windows support. Notable changes:

* Fixes all compile errors and added windows specific paths.
* Working venv creation on windows, both from a base interpreter and
from a venv. This requires querying `stdlib` from the sysconfig paths to
find the launcher.
* Basic url/path conversion handling for windows.
* `if cfg!(...)` instead of `#[cfg()]`. This should make it easier to
keep everything compiling across platforms.

## Outlook

Test summary: 402 tests run: 299 passed (15 slow), 103 failed, 1 skipped

There are various reason for the remaining test failure:
* Windows-specific colorama and tzdata dependencies that change the
snapshot slightly. This is by far the biggest batch.
* Some url-path handling issues. I fixed some in the PR, some remain.
* Lack of the latest python patch versions for older pythons on my
machine, since there are no builds for windows and we need to register
them in the registry for them to be picked up for `py --list-paths` (CC
@zanieb RE #1070).
* Lack of entrypoint launchers.
* ... likely more
 2024-01-24 18:27:49 +01:00
Zanie Blue ea4ab29bad
Prefer target Python version over current version for builds (#1040) 
Extends #1029 
Closes https://github.com/astral-sh/puffin/issues/1038

Instead of always using the current Python version for builds when a
target version is provided, we will do our best to use a compatible
Python version for builds.

Removes behavior where Python versions without patch versions were
always assumed to be the latest known patch version (previously
discussed in https://github.com/astral-sh/puffin/pull/534). While this
was convenient for resolutions which include packages which require
minimum patch versions e.g. `requires-python=">=3.7.4"`, it conflicts
with the idea that the target Python version you provide is the
_minimum_ compatible version. Additionally, it complicates interpreter
lookup as we cannot tell if the user has asked for that specific patch
version or not.
 2024-01-24 11:12:02 -06:00
Charlie Marsh 0519375bd6
Remove some unused dependencies (#1077) 2024-01-24 11:58:21 -05:00
Charlie Marsh afb571643f
Avoid unzipping local wheels when fresh (#1076) 
Since the archive is a single file in this case, we can rely on the
modification timestamp to check for freshness.
 2024-01-24 15:01:16 +00:00
konsti 411613a24e
No python prefix in packse scenarios (#1066) 
In windows, `python3.9` and `python3.11` are not in `PATH`. Instead, we
should pass only the python version to `puffin venv -p` in packse
scenarios (#1039).
 2024-01-24 11:22:48 +00:00
Charlie Marsh 63f3434b21
Use nanoid instead of uuid (#1074) 
## Summary

Gives us equivalent randomness with ~half as many characters.
 2024-01-24 05:05:14 +00:00
Andrew Gallant eebc2f340a
make some things guaranteed to be deterministic (#1065) 
This PR replaces a few uses of hash maps/sets with btree maps/sets and
index maps/sets. This has the benefit of guaranteeing a deterministic
order of iteration.

I made these changes as part of looking into a flaky test.
Unfortunately, I'm not optimistic that anything here will actually fix
the flaky test, since I don't believe anything was actually dependent
on the order of iteration.
 2024-01-23 20:30:33 -05:00
Charlie Marsh 1b3a3f4e80
Add `--refresh` behavior to the cache (#1057) 
## Summary

This PR is an alternative approach to #949 which should be much safer.
As in #949, we add a `Refresh` policy to the cache. However, instead of
deleting entries from the cache the first time we read them, we now
check if the entry is sufficiently new (created after the start of the
command) if the refresh policy applies. If the entry is stale, then we
avoid reading it and continue onward, relying on the cache to
appropriately overwrite based on "new" data. (This relies on the
preceding PRs, which ensure the cache is append-only, and ensure that we
can atomically overwrite.)

Unfortunately, there are just a lot of paths through the cache, and
didn't data is handled with different policies, so I really had to go
through and consider the "right" behavior for each case. For example,
the HTTP requests can use `max-age=0, must-revalidate`. But for the
routes that are based on filesystem modification, we need to do
something slightly different.

Closes #945.
 2024-01-23 18:30:26 -05:00
Charlie Marsh cf8b452414
Track HTTP caches for URL wheels (#1071) 
## Summary

This PR ensures that we store HTTP caching information for wheels.
Previously, we only stored these for source distributions. This will be
helpful for refresh, since we can avoid re-downloading wheels that are
unchanged per HTTP caching semantics.

There should be zero performance hit here for warm installs, and only an
extremely small hit for cold installs (writing the HTTP cache data to
disk). The hyperfine benchmarks reflect this.
 2024-01-23 17:31:42 -05:00
Charlie Marsh 09f5884f28
Avoid revalidating immutable HTTP responses (#1069) 
## Summary

If you send a revalidation request to a resource that returns an
`immutable` directive, the server apparently returns a 200 instead of a
304? In other words, the server can ignore the revalidation request.
This PR adds handling on top of the HTTP cache semantics to respect
immutable resources, which is especially useful since all PyPI files are
immutable.
 2024-01-23 16:22:21 -05:00
Charlie Marsh 5621c414cf
Use symlinks for directories entries in cache (#1037) 
## Summary

One problem we have in the cache today is that we can't overwrite
entries atomically, because we store unzipped _directories_ in the cache
(which makes installation _much_ faster than storing zipped
directories). So, if you ignore the existing contents of the cache when
writing, you might run into an error, because you might attempt to write
a directory where a directory already exists.

This is especially annoying for cache refresh, because in order to
refresh the cache, we have to purge it (i.e., delete a bunch of stuff),
which is also highly unsafe if Puffin is running across multiple threads
or multiple processes.

The solution I'm proposing here is that whenever we persist a
_directory_ to the cache, we persist it to a special "archive" bucket.
Then, within the other buckets, directory entries are actually symlinks
into that "archive" bucket. With symlinks, we can atomically replace,
which means we can easily overwrite cache entries without having to
delete from the cache.

The main downside is that we'll now accumulate dangling entries in the
"archive" bucket, and so we'll need to implement some form of garbage
collection to ensure that we remove entries with no symlinks. Another
downside is that cache reads and writes will be a bit slower, since we
need to deal with creating and resolving these symlinks.

As an example... after this change, the cache entry for this unzipped
wheel is actually a symlink:

![Screenshot 2024-01-22 at 11 56
18 AM](https://github.com/astral-sh/puffin/assets/1309177/99ff6940-5096-4246-8d16-2a7bdcdd8d4b)

Then, within the archive directory, we actually have two unique entries
(since I intentionally ran the command twice to ensure overwrites were
safe):

![Screenshot 2024-01-22 at 11 56
22 AM](https://github.com/astral-sh/puffin/assets/1309177/717d04e2-25d9-4225-b190-bad1441868c6)
 2024-01-23 19:52:37 +00:00
Charlie Marsh 556080225d
Use ctime for interpreter timestamps (#1067) 
Per https://apenwarr.ca/log/20181113, `ctime` should be a lot more
conservative, and should detect things like the issue we see with the
python-build-standalone builds, where the `mtime` is identical across
builds.

On Windows, I'm just using `last_write_time`. But we should probably add
`volume_serial_number` and other attributes via
[`winapi_util`](https://docs.rs/winapi-util/latest/winapi_util/index.html).
 2024-01-23 19:52:20 +00:00
Charlie Marsh 6561617c56
Store source distribution builds under a unique manifest ID (#1051) 
## Summary

This is a refactor of the source distribution cache that again aims to
make the cache purely additive. Instead of deleting all built wheels
when the cache gets invalidated (e.g., because the source distribution
changed on PyPI or something), we now treat each invalidation as its own
cache directory. The manifest inside of the source distribution
directory now becomes a pointer to the "latest" version of the source
distribution cache.

Here's a visual example:

![Screenshot 2024-01-22 at 5 35
41 PM](https://github.com/astral-sh/puffin/assets/1309177/ca103c83-e116-4956-b91c-8434fe62cffe)

With this change, we avoid deleting built distributions that might be
relied on elsewhere and maintain our invariant that the cache is purely
additive. The cost is that we now preserve stale wheels, but we should
add a garbage collection mechanism to deal with that.
 2024-01-23 19:49:11 +00:00
Charlie Marsh e32027e384
Avoid persisting manifest data in standalone file (#1044) 
## Summary

This PR gets rid of the manifest that we store for source distributions.
Historically, that manifest included the source distribution metadata,
plus a list of built wheels.

The problem with the manifest is that it duplicates state, since we now
have to look at both the manifest and the filesystem to understand the
cache state. Instead, I think we should treat the cache as the source of
truth, and get rid of the duplicated state in the manifest.

Now, we store the manifest (which is merely used to check for cache
freshness -- in future PRs, I will repurpose it though, so I left it
around), then the distribution metadata as its own file, then any
distributions in the same directory. When we want to see if there are
any valid distributions, we `readdir` on the directory. This is also
much more consistent with how the install plan works.
 2024-01-23 19:46:48 +00:00
Zanie Blue 1f0a21d127
Write an `Into<anstream::ColorChoice>` implementation for more idiomatic code (#1064) 
Follow-up to #1049
 2024-01-23 15:43:16 +00:00
konsti 1131341cbc
Support more formats in `puffin venv`, incl. windows support (#1039) 
Mirroring `virtualenv -p` and driven by the lack of `pythonx.y` in
`PATH` on windows, this PR adds `-p x.y` support to `puffin venv` (first
commit).

Supported formats:
* NEW: `-p 3.10` searches for an installed Python 3.10 (Looking for
`python3.10` on linux/mac).
  Specifying a patch version is not supported
* `-p python3.10` or `-p python.exe` looks for a binary in `PATH`
* `-p /home/ferris/.local/bin/python3.10` uses this exact Python

In the second commit, we add python interpreter search on windows using
`py --list-paths`. On windows, all python are called `python.exe` so the
unix trick of looking for `python{}.{}` in `PATH` doesn't work. Instead,
we ask the python launcher for windows to tell us about all installed
packages. We should eventually migrate this to [PEP
514](https://peps.python.org/pep-0514/) by reading the registry entries
ourselves.
 2024-01-23 15:35:07 +00:00
Charlie Marsh cb04fa4496
Hide `--exclude-newer` from the command line (#1058) 
This exists for our own test suite.
 2024-01-23 00:29:47 -05:00
Zanie Blue 5db81c7caa
Add `--color always|never|auto` interface (#1049) 
Extends #1048 interface providing a more general interface that I think
should be standard.

Allows forcing colors to be on _or_ off. e.g. `NO_COLOR=1 pip install
pip-tools --color always` would be colored.

Hides the `--no-color` option as it only exists for compatibility (and
seems better than throwing an error when people assume it will exist).

Has a nice side-effect of documenting our coloring behaviors e.g.

```
--color <COLOR>
    Control colors in output
    
    [default: auto]

    Possible values:
    - auto:   Enables colored output only when the output is going to a terminal or TTY with support
    - always: Enables colored output regardless of the detected environment
    - never:  Disables colored output
```
 2024-01-22 23:01:36 -06:00
Zanie Blue a9a7b0069b
Add `--force-reinstall` alias for `--reinstall` to match pip interface (#1045) 
Tested with `cargo run -- pip install pip-tools --force-reinstall`.

The alias is hidden.
 2024-01-22 22:59:43 -06:00
Zanie Blue a87e071b5e
Add `--no-color` support for `pip` compatibility (#1048) 
Adds `--no-color` as provided by `pip`.

See #1049 for follow-up.
 2024-01-22 22:56:51 -06:00
Charlie Marsh 81401a17e5
Use `archive_mtime` in another call site (#1056) 
_Not_ using this was an oversight.
 2024-01-23 04:51:18 +00:00
Charlie Marsh 9fd3b8298d
Use `fs_err::tokio` consistently in distribution database (#1055) 2024-01-22 19:14:29 -05:00
Zanie Blue f3562e5a25
Canonicalize paths to interpreter executables before checking modified time (#1046) 
If the executable is a symbolic link, checking the modified time will
not reflect changes to the source file e.g.

```
❯ touch foo
❯ ln -s foo foobar
❯ gstat -c %Y foo
1705958431
❯ gstat -c %Y foobar
1705958438
❯ touch foo
❯ gstat -c %Y foobar
1705958438
```

This can result in a stale cache being treated as fresh; for example,
when Rye changes the interpreter linked in a virtual environment.
 2024-01-22 15:44:22 -06:00
Zanie Blue c06bc335c4
Fix failing test cases (#1047) 
These tests from #1041 failing on `main`
https://github.com/astral-sh/puffin/actions/runs/7616995716/job/20745019216
due to conflict with #1042
 2024-01-22 21:31:12 +00:00
Zanie Blue a2efd74209
Add complex Python requirement scenarios (#1041) 
Follows #1011 with some more scenarios
 2024-01-22 14:31:06 -06:00
Charlie Marsh c8941d4799
Rename metadata.msgpack to manifest.msgpack (#1043) 
We store the `Manifest` at this path, so this name feels more
appropriate.
 2024-01-22 15:00:41 -05:00
Zanie Blue 89eb8547ce
Fix missing comma before conclusions (#1042) 
Closes https://github.com/astral-sh/puffin/issues/1010
 2024-01-22 13:31:09 -06:00
Zanie Blue e21948f353
Improve display of Python versions (#1029) 
In https://github.com/astral-sh/puffin/pull/986 there was some confusion
about what these values are set to and I noticed that we never actually
display the target version being used for a resolution.

- Consistently display the Python interpreter being used, i.e. make it
clear that we are referring the the interpreter/installed Python version
and always show the version number
- Display the target Python version during solving
 2024-01-22 18:46:18 +00:00
Charlie Marsh e6f5c8360c
Use a separate memory index for each requirement (#1036) 
Closes #1005.
 2024-01-22 16:22:03 +00:00
Charlie Marsh b0e73d796c
Add support for PyPy wheels (#1028) 
## Summary

This PR adds support for PyPy wheels by changing the compatible tags
based on the implementation name and version of the current interpreter.

For now, we only support CPython and PyPy, and explicitly error out when
given other interpreters. (Is this right? Should we just fallback to
CPython tags...? Or skip the ABI-specific tags for unknown
interpreters?)

The logic is based on
4d85340613/src/packaging/tags.py (L247).
Note, however, that `packaging` uses the `EXT_SUFFIX` variable from
`sysconfig`... Instead, I looked at the way that PyPy formats the tags,
and recreated them based on the Python and implementation version. For
example, PyPy wheels look like
`cchardet-2.1.7-pp37-pypy37_pp73-win_amd64.whl` -- so that's `pp37` for
PyPy with Python version 3.7, and then `pypy37_pp73` for PyPy with
Python version 3.7 and PyPy version 7.3.

Closes https://github.com/astral-sh/puffin/issues/1013.

## Test Plan

I tested this manually, but I couldn't find macOS universal PyPy
wheels... So instead I added `cchardet` to a `requirements.in`, ran
`cargo run pip sync requirements.in --index-url
https://pypy.kmtea.eu/simple --verbose`, and added logging to verify
that the platform tags matched (even if the architecture didn't).
 2024-01-22 14:22:27 +00:00
Charlie Marsh 145ba0e5ab
Allow relative paths in requirements.txt (#1027) 
This PR attempts to fix a common footgun in `requirements.txt` files.
Previously, to provide a file, you had to use `package_name @
file:///Users/crmarsh/...` -- in other words, an absolute path.

Now, these requirements follow the exact same rules as editables, so you
can do:
```
package_name @ ./file.zip
```

And similar.

The way the parsing is setup, this is intentionally _not_ supported when
reading metadata -- only when parsing `requirements.txt` directly.

Closes #984.
 2024-01-22 14:20:30 +00:00
Charlie Marsh e09a51653e
Propagate cancellation errors in `OnceMap` (#1032) 
## Summary

Ensures that if an operation is cancelled in one thread, we propagate it
to others rather than panicking.

Related to https://github.com/astral-sh/puffin/issues/1005.
 2024-01-22 09:00:21 -05:00
Charlie Marsh db0c76c4ba
Improve `requirements-txt` error formatting (#1026) 
- Wrap filename in quotes
- Only show the start position (I think the end is a bit noisy)
 2024-01-22 13:42:17 +00:00
konsti 765e3175e1
Make windows compile (#1035) 
Minimal changes to make `cargo check`/`cargo run` work to unblock the
remaining PR stacking
 2024-01-22 13:11:20 +00:00
Charlie Marsh b9bee013ce
Use full Python version for installed version (#1033) 
## Summary

`interpreter.version()` returns the `python_full_version`, but the
marker variant uses `python_version` instead of `python_full_version` --
so it's omitting the patch.
 2024-01-22 00:44:39 -06:00
Zanie Blue 6202c9e1b5
Use current and requested Python versions in `requires-python` incompatibility errors (#986) 
Closes https://github.com/astral-sh/puffin/issues/806
 2024-01-22 00:32:02 -06:00
Charlie Marsh 23f73592b1
Add test to avoid invalidating virtualenv (#1031) 
## Summary

I think if we used symlinks (instead of hardlinks), this test would fail
-- so it's worth including.
 2024-01-21 19:53:58 -05:00
Charlie Marsh 540442b8de
Treat missing package name error as an unsupported requirement (#1025) 
## Summary

Based on user feedback. Calling it a "parse error" is misleading, since
this is really something we don't support, but that users can work
around.
 2024-01-21 19:53:10 -05:00
Zanie Blue 4026710189
Add scenario tests for `pip-compile` (#1011) 
e.g. for scenarios that test resolution _without_ installation.

This refactors the `update` script to generate scenario test files for
`pip compile` _and_ `pip install`. We don't overlap scenarios to save
time. We only generate `pip compile` test cases for scenarios we cannot
represent with `pip install` e.g. a `--python-version` override.

The _one_ scenario I added happened to reveal a bug in our resolver
where we were incorrectly filtering versions by the installed version
when wheels were available. Per the comment at
https://github.com/astral-sh/puffin/issues/883#issuecomment-1890773112,
we should _only_ need to check for a compatible installed Python version
when using a different _target_ Python version if we need to build a
source distribution.
53bce68400
resolves this by removing the excessive constraints — the correct Python
version incompatibilities are applied elsewhere.
 2024-01-21 17:47:42 -06:00
Charlie Marsh d9cc9dbf88
Improve error message when editable requirement doesn't exist (#1024) 
Making these a lot clearer in the common case by reducing the depth of
the error.
 2024-01-20 12:59:18 -05:00
Charlie Marsh 69d2791a43
Remove URL clone in requirements-txt parser (#1020) 2024-01-19 17:30:17 -05:00
Charlie Marsh b3954f2449
Enable PowerPC builds (#1017) 
Closes #1015.
 2024-01-19 17:29:11 -05:00
Charlie Marsh 459c2abc81
Avoid canonicalizing paths in `requirements-txt` (#1019) 
## Summary

When you specify an editable that doesn't exist, it should error, but
not in the parser -- the error should be downstream.
 2024-01-19 16:28:04 -05:00
Charlie Marsh d55e34c310
Make editable URL parsing more robust (#1018) 
This just generalizes the parsing to handle arbitrary schemes instead of
encoding a fixed list.
 2024-01-19 16:01:33 -05:00
Charlie Marsh c66395977d
Rename `pep440-rs` to `Readme.md` (#1014) 
This is due to a bug in Maturin
(https://github.com/PyO3/maturin/pull/1915), so I'll just fix our setup
to work with existing versions.

Closes https://github.com/astral-sh/puffin/issues/991.
 2024-01-19 15:16:12 -05:00
Zanie Blue 33b35f7020
Add support for disabling installation from pre-built wheels (#956) 
Adds support for disabling installation from pre-built wheels i.e. the
package must be built from source locally.
We will still always use pre-built wheels for metadata during
resolution.

Available via `--no-binary` and `--no-binary-package <name>` flags in
`pip install` and `pip sync`. There is no flag for `pip compile` since
no installation happens there.

```
--no-binary

    Don't install pre-built wheels.
    
    When enabled, all installed packages will be installed from a source distribution. 
    The resolver will still use pre-built wheels for metadata.


--no-binary-package <NO_BINARY_PACKAGE>

    Don't install pre-built wheels for a specific package.
    
    When enabled, the specified packages will be installed from a source distribution. 
    The resolver will still use pre-built wheels for metadata.
```

When packages are already installed, the `--no-binary` flag will have no
affect without the `--reinstall` flag. In the future, I'd like to change
this by tracking if a local distribution is from a pre-built wheel or a
locally-built wheel. However, this is significantly more complex and
different than `pip`'s behavior so deferring for now.

For reference, `pip`'s flag works as follows:

```
--no-binary <format_control>

    Do not use binary packages. Can be supplied multiple times, and each time adds to the
    existing value. Accepts either ":all:" to disable all binary packages, ":none:" to empty the
    set (notice the colons), or one or more package names with commas between them (no colons).
    Note that some packages are tricky to compile and may fail to install when this option is
    used on them.
```

Note we are not matching the exact `pip` interface here because it seems
complicated to use. I think we may want to consider adjusting our
interface for this behavior since we're not entirely compatible anyway
e.g. I think `--force-build` and `--force-build-package` are clearer
names. We could also consider matching the `pip` interface or only
allowing `--no-binary <package>` for compatibility. We can of course do
whatever we want in our _own_ install interfaces later.

Additionally, we may want to further consider the semantics of
`--no-binary`. For example, if I run `pip install pydantic --no-binary`
I expect _just_ Pydantic to be installed without binaries but by default
we will build all of Pydantic's dependencies too.

This work was prompted by #895, as it is much easier to measure
performance gains from building source distributions if we have a flag
to ensure we actually build source distributions. Additionally, this is
a flag I have used frequently in production to debug packages that ship
Cythonized wheels.
 2024-01-19 11:24:27 -06:00
Zanie Blue 8b49d900bd
Refer to the user instead of "root" when mentioning direct dependencies (#982) 
Closes https://github.com/astral-sh/puffin/issues/857
 2024-01-19 11:17:42 -06:00
Zanie Blue ae7a2cddc2
Avoid showing negations of ranges in error messages (#981) 
Closes https://github.com/astral-sh/puffin/issues/980
 2024-01-19 11:07:14 -06:00
Zanie Blue 02ed195982
Improve simple no version messages using complement of range (#979) 
Improves some of the "no versions of <package> are available" messages
by showing the complement or inversion of the package.

Does not address cases like

```
Because there are no versions of crow that satisfy any of:
    crow>1.0.0,<2.0.0a5
    crow>2.0.0a7,<2.0.0b1
    crow>2.0.0b1,<2.0.0b5
...
```

which are a bit more complicated; I'll focus on those cases in a
follow-up.
 2024-01-19 16:48:20 +00:00
Zanie Blue 7bb4fda8af
Say "depend on" instead of "depends on" when proper in error messages (#968) 
I would like to spend some additional time working on the package range
display abstractions, but maybe that is best done _after_ I've done a
good bit of fiddling with the error messages.

Addresses
https://github.com/astral-sh/puffin/pull/868#discussion_r1447593081
 2024-01-19 16:08:17 +00:00
Zanie Blue 5fe3444e5a
Use more realistic names in scenario snapshots (#978) 
This is helpful to make the error messages more realistic and the names
are indisputably cuter.
 2024-01-19 10:01:34 -06:00
Charlie Marsh 5adb08a304
Allow relative paths and environment variables in all editable representations (#1000) 
## Summary

I don't know if this is actually a good change, but it tries to make the
editable install experience more consistent. Specifically, we now
support...

```
# Use a relative path with a `file://` prefix.
# Prior to this PR, we supported `file:../foo`, but not `file://../foo`, which felt inconsistent.
-e file://../foo

# Use environment variables with paths, not just URLs.
# Prior to this PR, we supported `file://${PROJECT_ROOT}/../foo`, but not the below.
-e ${PROJECT_ROOT}/../foo
```

Importantly, `-e file://../foo` is actually not supported by pip... `-e
file:../foo` _is_ supported though. We support both, as of this PR. Open
to feedback.
 2024-01-19 09:00:37 -05:00
konsti cd2fb6fd60
Box `PrioritizedDistribution` (#948) 
On top of https://github.com/astral-sh/puffin/pull/947, we can also box
`PrioritizedDistribution`.

In a simple benchmark, this seems to slightly improve performance when
comparing only this commit to main, even though the benchmark is too
noisy to establish significance:

```
$ hyperfine --warmup 30 --runs 300 "target/profiling/main-dev resolve meine_stadt_transparent" "target/profiling/puffin-dev resolve meine_stadt_transparent"
  Benchmark 1: target/profiling/main-dev resolve meine_stadt_transparent
    Time (mean ± σ):      83.6 ms ±   2.0 ms    [User: 77.7 ms, System: 20.0 ms]
    Range (min … max):    81.4 ms …  98.2 ms    300 runs

    Warning: Statistical outliers were detected. Consider re-running this benchmark on a quiet system without any interferences from other programs. It might help to use the '--warmup' or '--prepare' options.

  Benchmark 2: target/profiling/puffin-dev resolve meine_stadt_transparent
    Time (mean ± σ):      80.8 ms ±   2.2 ms    [User: 75.4 ms, System: 19.5 ms]
    Range (min … max):    78.6 ms …  98.6 ms    300 runs

    Warning: Statistical outliers were detected. Consider re-running this benchmark on a quiet system without any interferences from other programs. It might help to use the '--warmup' or '--prepare' options.

  Summary
    target/profiling/puffin-dev resolve meine_stadt_transparent ran
      1.03 ± 0.04 times faster than target/profiling/main-dev resolve meine_stadt_transparent
```

The effect on type sizes however is considerable ([downstack
PR](https://gist.github.com/konstin/38e6c774db541db46d61f1d4ea6b498f)
vs. [this
PR](https://gist.github.com/konstin/003a77fe7d7d246b0d535e3fc843cb36)):

```patch
--- branch.txt  2024-01-17 14:26:01.826085176 +0100
+++ boxed-prioritized-dist.txt  2024-01-17 14:25:57.101900963 +0100
@@ -1,19 +1,3 @@
-9264 alloc::collections::btree::node::InternalNode<pep440_rs::version::Version, distribution_types::PrioritizedDistribution> align=8
-   9168 data
-     96 edges
-
-9264 alloc::collections::btree::node::InternalNode<pep440_rs::Version, distribution_types::PrioritizedDistribution> align=8
-   9168 data
-     96 edges
-
-9168 alloc::collections::btree::node::LeafNode<pep440_rs::version::Version, distribution_types::PrioritizedDistribution> align=8
-   9064 vals
-     88 keys
-
-9168 alloc::collections::btree::node::LeafNode<pep440_rs::Version, distribution_types::PrioritizedDistribution> align=8
-   9064 vals
-     88 keys
-
 8992 tokio::sync::mpsc::block::Block<hyper::client::dispatch::Envelope<http::request::Request<reqwest::async_impl::body::ImplStream>, http::response::Response<hyper::body::body::Body>>> align=8
    8960 values
      32 header
@@ -74,10 +58,23 @@
          40 __tracing_attr_span
      64 variant Unresumed, Returned, Panicked

+5648 {async fn body@crates/puffin-client/src/registry_client.rs:224:5: 224:30} align=8
+   5647 variant Suspend0
+       5576 __awaitee align=8
+         40 __tracing_attr_span
```
 2024-01-19 10:44:41 +01:00
konsti 47fc90d1b3
Reduce stack usage by boxing `File` in `Dist`, `CachePolicy` and large futures (#1004) 
This is https://github.com/astral-sh/puffin/pull/947 again but this time
merging into main instead of downstack, sorry for the noise.

---

Windows has a default stack size of 1MB, which makes puffin often fail
with stack overflows. The PR reduces stack size by three changes:

* Boxing `File` in `Dist`, reducing the size from 496 to 240.
* Boxing the largest futures.
* Boxing `CachePolicy`

## Method

Debugging happened on linux using
https://github.com/astral-sh/puffin/pull/941 to limit the stack size to
1MB. Used ran the command below.

```
RUSTFLAGS=-Zprint-type-sizes cargo +nightly build -p puffin-cli -j 1 > type-sizes.txt && top-type-sizes -w -s -h 10 < type-sizes.txt > sizes.txt
```

The main drawback is top-type-sizes not saying what the `__awaitee` is,
so it requires manually looking up with a future with matching size.

When the `brotli` features on `reqwest` is active, a lot of brotli types
show up. Toggling this feature however seems to have no effect. I assume
they are false positives since the `brotli` crate has elaborate control
about allocation. The sizes are therefore shown with the feature off.

## Results

The largest future goes from 12208B to 6416B, the largest type
(`PrioritizedDistribution`, see also #948) from 17448B to 9264B. Full
diff: https://gist.github.com/konstin/62635c0d12110a616a1b2bfcde21304f

For the second commit, i iteratively boxed the largest file until the
tests passed, then with an 800KB stack limit looked through the
backtrace of a failing test and added some more boxing.

Quick benchmarking showed no difference:

```console
$ hyperfine --warmup 2 "target/profiling/main-dev resolve meine_stadt_transparent" "target/profiling/puffin-dev resolve meine_stadt_transparent" 
Benchmark 1: target/profiling/main-dev resolve meine_stadt_transparent
  Time (mean ± σ):      49.2 ms ±   3.0 ms    [User: 39.8 ms, System: 24.0 ms]
  Range (min … max):    46.6 ms …  63.0 ms    55 runs
 
  Warning: Statistical outliers were detected. Consider re-running this benchmark on a quiet system without any interferences from other programs. It might help to use the '--warmup' or '--prepare' options.
 
Benchmark 2: target/profiling/puffin-dev resolve meine_stadt_transparent
  Time (mean ± σ):      47.4 ms ±   3.2 ms    [User: 41.3 ms, System: 20.6 ms]
  Range (min … max):    44.6 ms …  60.5 ms    62 runs
 
  Warning: Statistical outliers were detected. Consider re-running this benchmark on a quiet system without any interferences from other programs. It might help to use the '--warmup' or '--prepare' options.
 
Summary
  target/profiling/puffin-dev resolve meine_stadt_transparent ran
    1.04 ± 0.09 times faster than target/profiling/main-dev resolve meine_stadt_transparent
```
 2024-01-19 09:38:36 +00:00
konsti 66e651901e
Add an env var to artificially limit the stack size (#941) 
By default, windows has a stack size limit of 1MB which we run against
in debug without any explicit culprit. A new environment variable
`PUFFIN_STACK_SIZE` allows setting an artificially smaller stack size.
 2024-01-19 09:34:46 +00:00
Charlie Marsh 69c72b6fa1
Validate wheel metadata against filename (#1002) 
Closes #983.
 2024-01-19 05:48:55 +00:00
Charlie Marsh f86d9b1c31
Add tests for missing file errors (#1001) 2024-01-19 05:47:25 +00:00
Charlie Marsh c8285cb5ef
Bump version to v0.0.3 (#999) 2024-01-18 23:39:35 -05:00
Charlie Marsh 9b24fcd306
Remove verbatim URL from path file location (#998) 
## Summary

I got confused by why `VerbatimUrl` was on `Path`. Since it's directly
computed from it, I think we should just compute it as-needed. I think
it's also possibly-buggy because the URL is the URL of the _directory_,
not the artifact itself, which differs from other distributions.
 2024-01-18 22:40:48 -05:00
Charlie Marsh 732ef7adb7
Bump version to v0.0.2 (#987) 
Bumping the version so that I can test the release process again
(including PyPI publish).
 2024-01-18 20:56:09 -05:00
Charlie Marsh fe180804b5
Avoid encoding current version in test output (#988) 2024-01-19 01:50:23 +00:00
Charlie Marsh 3a1cd44fc6
Add Puffin Docker image (#985) 
Missing piece for the release.

## Test Plan

Built the image locally:

```shell
❯ docker run 99956098e1f8f04e209dcfc4a0afcee67df1fe8a726c164884e67f035b1a0f42
Usage: puffin [OPTIONS] <COMMAND>

Commands:
  pip    Resolve and install Python packages
  venv   Create a virtual environment
  clean  Clear the cache
  help   Print this message or the help of the given subcommand(s)

Options:
  -q, --quiet                  Do not print any output
  -v, --verbose                Use verbose output
  -n, --no-cache               Avoid reading from or writing to the cache
      --cache-dir <CACHE_DIR>  Path to the cache directory [env: PUFFIN_CACHE_DIR=]
  -h, --help                   Print help
  -V, --version                Print version
```
 2024-01-18 20:21:31 -05:00
Charlie Marsh 5e2b715366
Rename `puffin-cli` crate to `puffin` (#976) 
## Summary

Like in Ruff, this simplifies a few things.
 2024-01-18 19:02:52 -05:00
Charlie Marsh 6cad0f609c
Mark `puffin-dev` as `publish = false` (#975) 2024-01-18 17:20:44 -05:00
Charlie Marsh 8eadca4f8d
Remove unused path method (#974) 2024-01-18 21:59:12 +00:00
Charlie Marsh a262936366
Allow file:-relative paths in editable installs (#970) 
Supports editable install via (e.g.) `puffin pip install -e file:.`,
which pip seems to support.

Closes #964.
 2024-01-18 21:15:42 +00:00
Charlie Marsh f9154e8297
Add release workflow (#961) 
## Summary

This PR adds a release workflow powered by `cargo-dist`. It's similar to
the version that's PR'd in Ruff
(https://github.com/astral-sh/ruff/pull/9559), with the exception that
it doesn't include the Docker build or the "update dependents" step for
pre-commit.
 2024-01-18 15:44:11 -05:00
Charlie Marsh a883de4fb0
Enforce modification freshness checks against virtual environment (#959) 
## Summary

This PR is like #957, but for validating the virtual environment, rather
than the cache. So, if you have a local wheel, and you rebuild it, we'll
now correctly uninstall and reinstall it in the virtual environment.
 2024-01-18 20:21:16 +00:00
Charlie Marsh 96a61fb351
Remove RFC2047 decoder (#967) 
## Summary

- This was inherited from
d719988323/src/metadata.rs (LL78C2-L91C26)
- ...which introduced this code here:
9cd1d43f7c
- ...with the originating issue here:
https://github.com/PyO3/maturin/issues/612
- ...and the upstream issue here:
https://github.com/staktrace/mailparse/issues/50

It seems like the goal was to support Unicode in certain header fields,
but I don't think this is necessary for us. We only use
`get_first_value` for `Requires-Python`, which has to be ASCII, doesn't
it?

In my testing, it seems like the `charset` hack can also be removed. The
tests I copied over actually work without it, which makes me a bit
skeptical.

The main benefit here is that we get to a remove a _big_ dependency
stack, including Chumsky and Stacker and psm which have limited
cross-platform support.
 2024-01-18 15:09:45 -05:00
Charlie Marsh f17bad0a75
Mark path-based cache entries as stale during install plan (#957) 
## Summary

This is a small correctness improvement that ensures that we avoid using
stale cache entries for local dependencies in the install plan. We
already have some logic like this in the source distribution builder,
but it didn't apply in the install plan, and so we'd end up using stale
wheels.

Specifically, now, if you create a new local wheel, and run `pip sync`,
we'll mark the cache entries as stale and make sure we unzip it and
install it. (If the wheel is _already_ installed, we won't reinstall it
though, which will be a separate change. This is just about reading from
the cache, not the environment.)
 2024-01-18 19:13:29 +00:00
konsti a11744e438
Normalize base python in venv creation (#966) 
Fixes #965

We have to canonicalize the interpreter path, otherwise the home is set
to the venv dir instead of the real root. This would make
python-build-standalone fail with the encodings module not being found
because its home is wrong.
 2024-01-18 15:32:30 +00:00
konsti 7acde5a9a0
Fix `pep508_rs` doc test (#963) 
Since nextest does not run doctests, this did not show up on CI.
 2024-01-18 14:24:30 +00:00
konsti 5ec5a3243c
Set miette hook in all of puffin-cli (#962) 
Fixes #938
 2024-01-18 08:37:26 -05:00
Charlie Marsh 8ae8ddc7d9
Fix 3-to-2 reference in pip sync test (#958) 2024-01-18 04:33:46 +00:00
Charlie Marsh fbe70f4218
Split install plan into builder and struct (#955) 
The `InstallPlan` does a lot of work in the constructor, which I tend to
feel is an anti-pattern. With cache refresh, it's also going to need to
be made `async`, so it really feels like it should be a clearer method
rather than an async, fallible constructor that does a bunch of IO. This
PR splits into a `Planner` (with a `build` method) and a `Plan`.
 2024-01-17 15:28:46 -05:00
Charlie Marsh 055fd64eb1
Add an `--update-package` setting to allow individual package upgrades (#953) 
Closes #950.
 2024-01-17 14:31:52 -05:00
Zanie Blue a4204d00c1
Bump to latest packse version with "extras" scenarios (#935) 
Includes:

- https://github.com/zanieb/packse/pull/83 (replaces some of the
post-processing here)
- https://github.com/zanieb/packse/pull/82
- https://github.com/zanieb/packse/pull/81
 2024-01-17 13:25:48 -06:00
Charlie Marsh a0420114c3
Avoid storing absolute URLs for files (#944) 
## Summary

It turns out that storing an absolute URL for every file caused a
significant performance regression. This PR attempts to address the
regression with two changes.

The first is that we now store the raw string if the URL is an absolute
URL. If the URL is relative, we store the base URL alongside the raw
relative string. As such, we avoid serializing and deserializing URLs
until we need them (later on), except for the base URL.

The second is that we now use the internal `Url` crate methods for
serializing and deserializing. If you look inside `Url`, its standard
serializer and deserialization actually convert it to a string, then
parse the string. But the crate exposes some other methods for faster
serialization and deserialization (with fewer guarantees). I think this
is totally fine since the cache is entirely internal.

If we _just_ change the `Url` serialization (and no other code -- so
continue to store URLs for every file), then the regression goes down to
about 5%:

```shell
❯ python -m scripts.bench \
        --puffin-path ./target/release/main \
        --puffin-path ./target/release/relative --puffin-path ./target/release/puffin \
        scripts/requirements/home-assistant.in --benchmark resolve-warm
Benchmark 1: ./target/release/main (resolve-warm)
  Time (mean ± σ):     496.3 ms ±   4.3 ms    [User: 452.4 ms, System: 175.5 ms]
  Range (min … max):   487.3 ms … 502.4 ms    10 runs

Benchmark 2: ./target/release/relative (resolve-warm)
  Time (mean ± σ):     284.8 ms ±   2.1 ms    [User: 245.8 ms, System: 165.6 ms]
  Range (min … max):   280.3 ms … 288.0 ms    10 runs

Benchmark 3: ./target/release/puffin (resolve-warm)
  Time (mean ± σ):     300.4 ms ±   3.2 ms    [User: 255.5 ms, System: 178.1 ms]
  Range (min … max):   295.4 ms … 305.1 ms    10 runs

Summary
  './target/release/relative (resolve-warm)' ran
    1.05 ± 0.01 times faster than './target/release/puffin (resolve-warm)'
    1.74 ± 0.02 times faster than './target/release/main (resolve-warm)'
```

So I considered _just_ making that change. But 5% is kind of
borderline...

With both of these changes, the regression is down to 1-2%:

```
Benchmark 1: ./target/release/relative (resolve-warm)
  Time (mean ± σ):     282.6 ms ±   7.4 ms    [User: 244.6 ms, System: 181.3 ms]
  Range (min … max):   275.1 ms … 318.5 ms    30 runs

Benchmark 2: ./target/release/puffin (resolve-warm)
  Time (mean ± σ):     286.8 ms ±   2.2 ms    [User: 247.0 ms, System: 169.1 ms]
  Range (min … max):   282.3 ms … 290.7 ms    30 runs

Summary
  './target/release/relative (resolve-warm)' ran
    1.01 ± 0.03 times faster than './target/release/puffin (resolve-warm)'
```

It's consistently ~2%-ish, but at this point it's unclear if that's due
to the URL change or something other change between now and then.

Closes #943.
 2024-01-17 09:15:21 -05:00
Charlie Marsh b8fbd529a1
Move `OnceMap` into its own crate (#946) 
## Summary

This is extremely generic (like `WaitMap`), and I want to use it in the
cache.
 2024-01-17 04:09:15 +00:00
konsti 5051b2c004
Use tempfile to prevent install io race crashes (#929) 
On ubuntu and python 3.10,

```
cargo run -q -- pip-install --find-links https://storage.googleapis.com/jax-releases/jax_cuda_releases.html "jax[cuda12_pip]==0.4.23"
```

non-deterministically but for me consistently fails to install with
messages such as

```
error: Failed to install: nvidia_nccl_cu12-2.19.3-py3-none-manylinux1_x86_64.whl (nvidia-nccl-cu12==2.19.3)
  Caused by: failed to remove file `/home/konsti/projects/puffin/.venv/lib/python3.10/site-packages/nvidia/__init__.py`
  Caused by: No such file or directory (os error 2)
```

```
error: Failed to install: nvidia_cublas_cu12-12.3.4.1-py3-none-manylinux1_x86_64.whl (nvidia-cublas-cu12==12.3.4.1)
  Caused by: Replacing an existing file or directory failed
```

```
error: Failed to install: nvidia_cuda_nvcc_cu12-12.3.107-py3-none-manylinux1_x86_64.whl (nvidia-cuda-nvcc-cu12==12.3.107)
  Caused by: failed to hardlink file from /home/konsti/.cache/puffin/wheels-v0/pypi/nvidia-cuda-nvcc-cu12/nvidia_cuda_nvcc_cu12-12.3.107-py3-none-manylinux1_x86_64/nvidia/__init__.py to /home/konsti/projects/puffin/.venv/lib/python3.10/site-packages/nvidia/__init__.py
  Caused by: File exists (os error 17)
```

We install a lot of nvidia package, that all contain
`nvidia/__init__.py`, since they all install themselves into the
`nvidia` module:

```
nvidia-cublas-cu12==12.3.4.1
nvidia-cuda-cupti-cu12==12.3.101
nvidia-cuda-nvcc-cu12==12.3.107
nvidia-cuda-nvrtc-cu12==12.3.107
nvidia-cuda-runtime-cu12==12.3.101
nvidia-cudnn-cu12==8.9.7.29
nvidia-cufft-cu12==11.0.12.1
nvidia-cusolver-cu12==11.5.4.101
nvidia-cusparse-cu12==12.2.0.103
nvidia-nccl-cu12==2.19.3
nvidia-nvjitlink-cu12==12.3.101
```

```
$  tree -L 1 .venv/lib/python3.10/site-packages/nvidia
.venv/lib/python3.10/site-packages/nvidia
├── cublas
├── cuda_cupti
├── cuda_nvcc
├── cuda_nvrtc
├── cuda_runtime
├── cudnn
├── cufft
├── cusolver
├── cusparse
├── __init__.py
├── nccl
└── nvjitlink
```

When installing we get a race condition, each package installation is
its own thread:
* Installer Thread 1 creates `nvidia/__init__.py`
* Installer Thread 2 sees an existing  `nvidia/__init__.py`
* Installer Thread 3 sees an existing  `nvidia/__init__.py`
* Installer Thread 2 removes `nvidia/__init__.py`
* Installer Thread 3 tries to remove `nvidia/__init__.py`, it doesn't
exist anymore -> failure.

We switch to a new strategy: When the target files exists, we don't
remove it, but instead hardlink the source file to a tempfile first,
then renaming the tempfile to the target file. Renaming is considered an
atomic operation.

I've put the logging on debug level because they cases indicate a
conflict between two packages while being rare.

Closes #925

---------

Co-authored-by: Charlie Marsh <charlie.r.marsh@gmail.com>
 2024-01-16 21:07:39 +00:00
Charlie Marsh b50e5fcbc5
Fetch `--find-links` indexes in parallel (#934) 
## Summary

Removes a TODO.

## Test Plan

Tested manually with:

```shell
cargo run -p puffin-cli -- \
    pip compile requirements.in -n \
    --find-links 'https://download.pytorch.org/whl/torch_stable.html' \
    --find-links 'https://storage.googleapis.com/jax-releases/jax_cuda_releases.html' \
    --verbose
```

And inspecting the logs to ensure that the two requests were kicked off
concrurently.
 2024-01-16 11:37:35 +01:00
Charlie Marsh 2f8f126f2f
Share a single `Index` across resolutions (#906) 
## Summary

This PR uses a single `Index` that's shared between the top-level
resolver and any sub-resolutions happen in the course of that top-level
resolution (namely, to resolve build dependencies for any source
distributions).

In theory it's an optimization, since (e.g.) if we have two packages
that both need the `flit-core` build system, and we attempt to build
them both at once, we'll only fetch its metadata _once_, and share it
across the two resolutions. In practice, I haven't been able to get this
to show up in benchmarks. I suspect you'd need a _lot_ of source
distributions for it to matter... Though it may still be worth doing, it
strikes me as a cleaner design.

Closes #200.

Closes #541.
 2024-01-16 05:37:15 +00:00
Charlie Marsh 0f592b67bb
Remove clone from `RegistryWheelIndex` (#937) 
Doesn't need to own the package names.
 2024-01-15 16:18:12 -05:00
Charlie Marsh 2a69b273ce
Use a standalone error type for `--find-links` registry (#936) 2024-01-15 19:48:48 +00:00
Charlie Marsh e71e3e8dd1
Refresh `BuildDispatch` when running pip install with `--reinstall` (#933) 
## Summary

This fixes an extremely subtle bug in `pip install --reinstall`, whereby
if you depend on `setuptools` at the top level, we end up uninstalling
it after resolving, which breaks some cached state. If we have
`--reinstall`, we need to reset that cached state between resolving and
installing.

## Test Plan

Running `pip install --reinstall` with:

```txt
setuptools
devpi @ e334eb4dc9bb023329e4b610e4515b/devpi-2.2.0.tar.gz
```

Fails on `main`, but passes.
 2024-01-15 18:56:18 +00:00
Charlie Marsh 116da6b7de
Share in-flight map across resolutions (#932) 
## Summary

This PR fixes a subtle bug in `pip install` when using `--reinstall`. If
a package depends on a build system directly (e.g., `waitress` depends
on `setuptools`), and then you have other packages that also need the
build system to build a source distribution, right now, we don't share
the `OnceMap` between those cases.

This lifts the `InFlight` tracking up a level, so that it's initialized
once per command, then shared everywhere.

## Test Plan

I'm having trouble coming up with an identical test-case and hesitant to
add this slow test to the suite... But if you run `pip install
--reinstall` with:

```
waitress @ git+https://github.com/zanieb/waitress
devpi-server @ git+https://github.com/zanieb/devpi#subdirectory=server
```

It fails consistently on `main` and passes here.
 2024-01-15 13:11:22 -05:00
Charlie Marsh 249ca10765
Move Puffin subcommands to a pip namespace (#921) 
## Summary

This makes the separation clearer between the legacy `pip` API and the
API we'll add in the future for the package manager itself. It also
enables seamless `puffin pip` aliasing for those that want it.

Closes #918.
 2024-01-15 16:36:45 +00:00
Charlie Marsh e54fdea93f
Continue to respect `--find-links` with `--no-index` (#931) 
Like `pip`, we should allow `--find-links` with `--no-index`.
 2024-01-15 16:19:27 +00:00
Charlie Marsh 42888a9609
Share flat index across resolutions (#930) 
## Summary

This PR restructures the flat index fetching in a few ways:

1. It now lives in its own `FlatIndexClient`, since it felt a bit
awkward (in my opinion) for it to live in `RegistryClient`.
2. We now fetch the `FlatIndex` outside of the resolver. This has a few
benefits: (1) the resolver construct is no longer `async` and no longer
returns `Result`, which feels better for a resolver; and (2) we can
share the `FlatIndex` across resolutions rather than re-fetching it for
every source distribution build.
 2024-01-15 11:02:02 -05:00
Charlie Marsh e6d7124147
Add an extra struct around the package-to-flat index map (#923) 
## Summary

`FlatIndex` is now the thing that's keyed on `PackageName`, while
`FlatDistributions` is what used to be called `FlatIndex` (a map from
version to `PrioritizedDistribution`, for a single package). I find this
a bit clearer, since we can also remove the `from_files` that doesn't
return `Self`, which I had trouble following.
 2024-01-15 14:48:10 +00:00
Charlie Marsh 9a3f3d385c
Remove `PubGrubVersion` (#924) 
## Summary

I'm running into some annoyances converting `&Version` to
`&PubGrubVersion` (which is just a wrapper type around `Version`), and I
realized... We don't even need `PubGrubVersion`?

The reason we "need" it today is due to the orphan trait rule: `Version`
is defined in `pep440_rs`, but we want to `impl
pubgrub::version::Version for Version` in the resolver crate.

Instead of introducing a new type here, which leads to a lot of
awkwardness around conversion and API isolation, what if we instead just
implement `pubgrub::version::Version` in `pep440_rs` via a feature? That
way, we can just use `Version` everywhere without any confusion and
conversion for the wrapper type.
 2024-01-15 08:51:12 -05:00
konsti 8860a9c29e
Add flat index urls to registry wheel index (#928) 
Previously, we were missing flat index wheels in the cache.
 2024-01-15 10:21:59 +00:00
konsti 95f3cca28d
Use fs_err in more places (#926) 
Before:

```
error: Failed to download distributions
  Caused by: Failed to fetch wheel: jaxlib==0.4.23+cuda12.cudnn89
  Caused by: Directory not empty (os error 39)
```

After:

```
error: Failed to download distributions
  Caused by: Failed to fetch wheel: jaxlib==0.4.23+cuda12.cudnn89
  Caused by: failed to rename file from /home/konsti/.cache/puffin/.tmpcG7tVP/jaxlib-0.4.23+cuda12.cudnn89-cp310-cp310-manylinux2014_x86_64.whl to /home/konsti/.cache/puffin/wheels-v0/index/9ff50b883297fa9d/jaxlib/jaxlib-0.4.23+cuda12.cudnn89-cp310-cp310-manylinux2014_x86_64
  Caused by: Directory not empty (os error 39)
```
 2024-01-15 09:39:33 +00:00
konsti 82ff136a74
Add find links supports to pip-sync (#914) 
Closes #877
 2024-01-15 03:04:55 +00:00
konsti f63776b894
Support HTML indexes in `--find-links` (#913) 
The simple html format parser luckily seems to work for find links too,
at least it can parse
https://storage.googleapis.com/jax-releases/jax_cuda_releases.html.
 2024-01-15 02:54:34 +00:00
konsti e9b6b6fa36
Implement `--find-links` as flat indexes (directories in pip-compile) (#912) 
Add directory `--find-links` support for local paths to pip-compile.

It seems that pip joins all sources and then picks the best package. We
explicitly give find links packages precedence if the same exists on an
index and locally by prefilling the `VersionMap`, otherwise they are
added as another index and the existing rules of precedence apply.

Internally, the feature is called _flat index_, which is more meaningful
than _find links_: We're not looking for links, we're picking up local
directories, and (TBD) support another index format that's just a flat
list of files instead of a nested index.

`RegistryBuiltDist` and `RegistrySourceDist` now use `WheelFilename` and
`SourceDistFilename` respectively. The `File` inside `RegistryBuiltDist`
and `RegistrySourceDist` gained the ability to represent both a url and
a path so that `--find-links` with a url and with a path works the same,
both being locked as `<package_name>@<version>` instead of
`<package_name> @ <url>`. (This is more of a detail, this PR in general
still work if we strip that and have directory find links represented as
`<package_name> @ file:///path/to/file.ext`)

`PrioritizedDistribution` and `FlatIndex` have been moved to locations
where we can use them in the upstack PR.

I added a `scripts/wheels` directory with stripped down wheels to use
for testing.

We're lacking tests for correct tag priority precedence with flat
indexes, i only confirmed this manually since it is not covered in the
pip-compile or pip-sync output.

Closes #876
 2024-01-15 02:04:10 +00:00
konsti 5ffbfadf66
Make hashes optional (#910) 
There is no guarantee that indexes provide hashes at all or the sha256
we support specifically. [PEP
503](https://peps.python.org/pep-0503/#specification):

> The URL SHOULD include a hash in the form of a URL fragment with the
following syntax: #<hashname>=<hashvalue>, where <hashname> is the
lowercase name of the hash function (such as sha256) and <hashvalue> is
the hex encoded digest.

We instead use the url as input to generate a hash when caching.
 2024-01-14 16:32:55 -05:00
Zanie Blue 9ad19b7e54
Bump to the latest packse version (#916) 2024-01-14 12:49:23 -06:00
konsti a53bdeba4c
Remove `base` from `RegistryBuiltDist` and `RegistrySourceDist` (#919) 
Follow-up to https://github.com/astral-sh/puffin/pull/917 i found
rebasing the find-links PRs, this field became unused through the
absolute URLs.
 2024-01-14 17:46:16 +00:00
Charlie Marsh 0374000ec0
Normalize extras when evaluating PEP 508 markers (#915) 
## Summary

We always normalize extra names in our requirements (e.g., `cuda12_pip`
to `cuda12-pip`), but we weren't normalizing within PEP 508 markers,
which meant we ended up comparing `cuda12-pip` (normalized) against
`cuda12_pip` (unnormalized).

Closes https://github.com/astral-sh/puffin/issues/911.
 2024-01-14 17:16:54 +00:00
konsti a99e5e00f2
Use absolute urls in `distribution_type::File` (#917) 
Previously, the url on file could either be a relative or an absolute
url, depending on the index, and we would finalize it lazily. Now we
finalize the url when converting `pypi_types::File` to
`distribution_types::File`. This change is required to make the hashes
on `File` optional (https://github.com/astral-sh/puffin/pull/910), which
are currently the only unique field usable for caching.
 2024-01-14 17:15:24 +00:00
Charlie Marsh 6e18e56789
Adjust markers to match target Python version (#909) 
## Summary

This PR ensures that when the user passes in `--python-version`, we
adjust the _markers_ to match the target version, thus forcing us to
select compatible wheels for the `--python-version`, rather than the
installed version.

## Context

Let's call Python 3.10 the "installed" environment and Python 3.12 the
"target" environment. For each version, we have _both_ a Python version
(to match against `Requires-Python`) and a set of tags (to match against
wheels).

The rules for resolution are as follows...

- For each package, for each version, we try to find the "best
candidate" for resolution and installation.
- We first look for a wheel that's compatible with the _target_
environment. This requires testing against both the `Requires-Python`
and the markers. (We won't have to build or run this code, so the
_installed_ version is irrelevant.) **(This PR corrects _this_ bullet --
previously, we validated against the _installed_ markers, rather than
the target markers.)**
- If we can't find a compatible wheel, we accept any _incompatible_
wheel as long as there's a source distribution. The source distribution
_must_ be compatible with the target environment. (We won't have to
build or run this code, so the _installed_ version is irrelevant.)
- If there are no wheels, then the source distribution must be
compatible with _both_ the installed and target environments, since we
need to build it.

This is all true for the top-level resolution. When we perform a
sub-resolution (when resolving the build dependencies of a source
distribution), we should _only_ use the installed environment, and
ignore the target environment, since we assume that the dependencies
will be the same in both environments once built -- so our goal is
"just" to build the distribution, without concern for which build
dependencies it uses.

Closes https://github.com/astral-sh/puffin/issues/883.
 2024-01-14 15:39:15 +00:00
Charlie Marsh 8187c05d8a
Use `DashMap` for redirects (#908) 
## Summary

We don't need to wait on these, so it's simpler to use a standard
concurrent hash map.
 2024-01-13 20:36:02 +00:00
Charlie Marsh f527f2add9
Remove erroneous local `Index` in resolver (#907) 2024-01-13 15:19:00 -05:00
Charlie Marsh 231686e71b
Remove `incompatibilities` from index (#905) 
This isn't really part of the "index", it's part of the resolution.
 2024-01-13 02:57:15 +00:00
Charlie Marsh 477186dcb3
Remove `ResolutionGraph#requirements` (#903) 2024-01-12 20:09:19 +00:00
Charlie Marsh d3f65c317d
Avoid some additional clones for `PackageName` (#896) 2024-01-12 17:54:40 +00:00
konsti aee6aed684
Make install_editable test faster (#901) 
Remove a test case from the `install_editable` that slows it down from
3.6s to 6.5s while providing low test coverage. It also seems to block
other tests sometimes, `cargo nextest run -E "test(editable)"
--all-features` has more consistent and lower runtimes. Surprisingly
this seems to have bigger effect than switching from pyo3 to cffi.

Used test commands:
```
rm -rf scripts/editable-installs/maturin_editable/target/ && time cargo nextest run -E "test(=install_editable)" --all-features
rm -rf scripts/editable-installs/maturin_editable/target/ && time cargo nextest run -E "test(editable)" --all-features
 ```

Part of #878
 2024-01-12 18:50:27 +01:00
konsti 878bc4bf8d
Stub out DTLSsocket test (#900) 
Replace the DTLSsocket test with a dummy package that does nothing but
contain the build system specs that we need. This should speed up one of
the slowest tests.

Part of #878
 2024-01-12 18:50:16 +01:00
Charlie Marsh 06039e1293
Add hashes to `pip-compile` output (#894) 
## Summary

Adds hashes to `pip-compile` output, though we don't actually check
those hashes in `pip-sync` yet.

Closes https://github.com/astral-sh/puffin/issues/131.
 2024-01-12 12:44:19 -05:00
konsti 0cc98c771e
Fix a tracing panic (#899) 2024-01-12 14:47:58 +00:00
Charlie Marsh 11b11d04a7
Ignore installed version when determining wheel compatibility (#890) 2024-01-12 08:57:00 -05:00
Charlie Marsh 5fd2c380a7
Add `into_cached_dist` to `LocalWheel` (#893) 
Simplifies `unzip_wheel` a bit and avoids unnecessarily cloning in the
common case.
 2024-01-12 09:01:30 +00:00
Charlie Marsh 35c1faa575
Move in-flight tracking to the download level (#892) 
## Summary

Now that `get_or_build_wheel` will often _also_ handle the unzip step,
we need to move our per-target locking (`OnceMap`) up a level.
Previously, it was only applied to the unzip step, to prevent us from
attempting to unzip into the same target concurrently; now, it's applied
at the `get_wheel` level, which includes both downloading and unzipping.

## Test Plan

It seems like none of our existing tests catch this -- perhaps because
they're too "simple"? You need to run into a situation in which you're
doing multiple source distribution builds concurrently (since they'll
all try to download `setuptools`):

```
rm -rf foo && virtualenv --clear .venv && cargo run -p puffin-cli -- pip-compile ./scripts/requirements/pydantic.in  --verbose --cache-dir foo
```
 2024-01-12 09:52:22 +01:00
Charlie Marsh 60cea0f07d
Use consistent parse terminology in pyproject error (#891) 
We use `parse` for the other file types.
 2024-01-11 21:25:47 -05:00
bojanserafimov 4c047f858f
Remove InMemoryWheel and dead code (#879) 2024-01-11 10:11:07 -05:00
bojanserafimov 10227a74f8
Unzip while downloading (#856) 2024-01-11 09:41:46 -05:00
konsti 0dfbddd275
Shorten resolve many dev output (#885) 2024-01-11 13:53:13 +00:00
konsti 8c2b7d55af
Cleanup deps and docs (#882) 
Fix warnings from `cargo +nightly udeps` and `cargo doc`.

Removes all mentions of regex from pep440_rs.
 2024-01-11 10:43:40 +00:00
Zanie Blue d6fa628e11
Fix failing test (#880) 2024-01-11 00:41:37 +00:00
Zanie Blue 811332eacc
Improve handling of "full" version ranges (#868) 
Reduces the number of implementation branches handling `Range:full`,
deferring it to `PackageRange`.
Improves some user-facing messages, e.g. saying `all versions of
<package>` instead of `<package>*`.
Changes the member names of the `PackageRangeKind` enum — they were not
very clear.
 2024-01-10 21:03:55 +00:00
Zanie Blue a65c55ff4a
Say "cannot be used" and "must be used" instead of "forbidden" and "mandatory" (#867) 
Closes #858
 2024-01-10 20:49:40 +00:00
Zanie Blue 845ba6801d
Improve formatting of incompatible terms when there are two items (#866) 2024-01-10 20:36:54 +00:00
Zanie Blue 93d3093a2a
Improve formatting of package ranges in error messages (#864) 
Closes #810
Closes https://github.com/astral-sh/puffin/issues/812
Requires https://github.com/zanieb/pubgrub/pull/19 and
https://github.com/zanieb/pubgrub/pull/18

- Always pair package ranges with names e.g. `... of a matching a<1.0`
instead of `... of a matching <1.0`
- Split range segments onto multiple lines when not a singleton as
suggested in
[#850](https://github.com/astral-sh/puffin/pull/850#discussion_r1446419610)
- Improve formatting when ranges are split across multiple lines e.g. by
avoiding extra spaces and improving wording

Note review will require expanding the hidden files as there are
significant changes to the report formatter and snapshots.

Bear with me here as these are definitely not perfect still.

The following changes build on top of this independently for further
improvements:
- #868 
- #867 
- #866 
- #871
 2024-01-10 14:16:23 -06:00
konsti 4d8bfd7f61
Split source dist error type into error and kind (#872) 
It's a better, less redundant error type. It will come in handy when
adding a second parse function.
 2024-01-10 17:42:54 +00:00
Charlie Marsh fbb57b24dd
Add `--seed` flag to `venv` to allow seed package environments (#865) 
## Summary

Installs the seed packages you get with `virtualenv`, but opt-in rather
than opt-out.

Closes https://github.com/astral-sh/puffin/issues/852.

## Test Plan

```
❯ ./scripts/benchmarks/venv.sh
+ hyperfine --runs 20 --warmup 3 --prepare 'rm -rf .venv' './target/release/puffin venv' --prepare 'rm -rf .venv' 'virtualenv --without-pip .venv' --prepare 'rm -rf .venv' 'python -m venv --without-pip .venv'
Benchmark 1: ./target/release/puffin venv
  Time (mean ± σ):       4.6 ms ±   0.2 ms    [User: 2.4 ms, System: 3.6 ms]
  Range (min … max):     4.3 ms …   4.9 ms    20 runs

  Warning: Command took less than 5 ms to complete. Note that the results might be inaccurate because hyperfine can not calibrate the shell startup time much more precise than this limit. You can try to use the `-N`/`--shell=none` option to disable the shell completely.

Benchmark 2: virtualenv --without-pip .venv
  Time (mean ± σ):      73.3 ms ±   0.3 ms    [User: 57.4 ms, System: 14.2 ms]
  Range (min … max):    72.8 ms …  74.0 ms    20 runs

Benchmark 3: python -m venv --without-pip .venv
  Time (mean ± σ):      22.5 ms ±   0.3 ms    [User: 17.0 ms, System: 4.9 ms]
  Range (min … max):    22.0 ms …  23.2 ms    20 runs

Summary
  './target/release/puffin venv' ran
    4.92 ± 0.20 times faster than 'python -m venv --without-pip .venv'
   16.00 ± 0.63 times faster than 'virtualenv --without-pip .venv'
+ hyperfine --runs 20 --warmup 3 --prepare 'rm -rf .venv' './target/release/puffin venv --seed' --prepare 'rm -rf .venv' 'virtualenv .venv' --prepare 'rm -rf .venv' 'python -m venv .venv'
Benchmark 1: ./target/release/puffin venv --seed
  Time (mean ± σ):      20.2 ms ±   0.4 ms    [User: 8.6 ms, System: 15.7 ms]
  Range (min … max):    19.7 ms …  21.2 ms    20 runs

Benchmark 2: virtualenv .venv
  Time (mean ± σ):     135.1 ms ±   2.4 ms    [User: 66.7 ms, System: 65.7 ms]
  Range (min … max):   133.2 ms … 142.8 ms    20 runs

Benchmark 3: python -m venv .venv
  Time (mean ± σ):      1.656 s ±  0.014 s    [User: 1.447 s, System: 0.186 s]
  Range (min … max):    1.641 s …  1.697 s    20 runs

Summary
  './target/release/puffin venv --seed' ran
    6.67 ± 0.17 times faster than 'virtualenv .venv'
   81.79 ± 1.70 times faster than 'python -m venv .venv'
```
 2024-01-09 20:45:56 -05:00
Charlie Marsh 55f2be72e2
Default to PEP 517-based builds (#843) 
## Summary

Our current setup uses the legacy `setup.py`-based builds if a
`pyproject.toml` file isn't present. This matches pip's behavior.
However, `pypa/build` uses PEP 517-based builds in such cases, and it
looks like pip plans to make that the default
(https://github.com/pypa/pip/issues/9175), with the limiting factor
being performance issues related to isolated builds.

This is now the default behavior, but the `--legacy-setup-py` flag
allows users to opt-in to using `setup.py` directly for distributions
that lack a `pyproject.toml`.
 2024-01-10 01:27:06 +00:00
Charlie Marsh e26dc8e33d
Add support for `prepare_metadata_for_build_wheel` (#842) 
## Summary

This PR adds support for `prepare_metadata_for_build_wheel`, which
allows us to determine source distribution metadata without building the
source distribution. This represents an optimization for the resolver,
as we can skip the expensive build phase for build backends that support
it.

For reference, `prepare_metadata_for_build_wheel` seems to be supported
by:

- `hatchling` (as of
[1.0.9](https://hatch.pypa.io/latest/history/hatchling/#hatchling-v1.9.0)).
- `flit`
- `setuptools`

In fact, it seems to work for every backend _except_ those using legacy
`setup.py`.

Closes #599.
 2024-01-10 00:07:37 +00:00
konsti 858d5584cc
Use `Dist` in `VersionMap` (#851) 
Refactoring split out from find links support: Find links files can be
represented as `Dist`, but not really as `File`, they don't have url nor
hashes.

`DistRequiresPython` is somewhat odd as an in between type.
 2024-01-10 00:14:42 +01:00
konsti 1203f8f9e8
Gourgeist updates (#862) 
* Use caching again
* Make clap feature only required for the cli/bin optional
 2024-01-09 23:04:15 +00:00
Zanie Blue 34d548de21
Improve error messages when there are no versions of a singleton range (#855) 2024-01-09 15:09:52 -06:00
Charlie Marsh 33982efb25
Remove a TOCTOU read in build (#860) 
We should just read and handle the not-found case, rather than checking
if the file doesn't exist first.
 2024-01-09 20:33:08 +00:00
Charlie Marsh 31139aa88d
Add derive feature to `gourgeist` (#854) 
Needed to build `gourgeist` directly, probably dropped during a
refactor.
 2024-01-09 17:46:16 +00:00
konsti ee6d809b60
Remove unused `Result` (#849) 
Remove some dead code, seems to be a refactoring oversight
 2024-01-09 16:35:10 +00:00
konsti 643e5e4a49
Use pdm for black editable as PEP 621 test case (#848) 
This gives us a PEP 621 test package in tree and increases the diversity
for the editable tests a bit.
 2024-01-09 16:33:05 +00:00
konsti 5b0b072e3c
Allow files >4GB on 32-bit platforms (#847) 
Changes `File::size` from a `usize` to a `u64`.

The motivations are that with tensorflow wheels being 475 MB
(https://pypi.org/project/tensorflow/2.15.0.post1/#files), we're already
only one order of magnitude away and to avoid target dependent failures.
 2024-01-09 17:31:49 +01:00
Charlie Marsh ee3a6431c7
Show available pre-releases in error hints (#844) 
## Summary

If pre-releases are available for a package that we otherwise couldn't
resolve, we now show a hint that includes one of the example versions.

Closes https://github.com/astral-sh/puffin/issues/811.
 2024-01-09 09:58:38 -05:00
konsti b1edecdf1f
Filter out files with invalid requires python specifiers (#775) 
Instead of trying to fixup _all_ the invalid version specifiers on pypi
and elsewhere, this filters out distributions with invalid
`requires-python` version specifiers that even
`LenientVersionSpecifiers` couldn't parse, as opposed to failing
entirely, which we currently do.

I would be nicer to model through an invalid distribution pubgrub type,
together with e.g. source dists with an unknown extension, so that the
version itself still shows up in the error trace.

At the same time, we reduce the log level for fixups from warning to
trace, as they are not actionable for the user.
 2024-01-09 02:46:27 +00:00
Zanie Blue 64da1f0306
Always pair package names with ranges in error messages (#838) 
Adjusts display of "no versions available" in error messages to be
consistent with other package/range pairings i.e. we usually display
"<package-name><range>".
 2024-01-08 22:11:10 +00:00
Charlie Marsh 19c6d655b5
Avoid duplicated source distribution handling in url (#841) 
## Summary

Right now, both the callback _and_ the "We have no compatible wheel"
paths have a lot of repeated code. This PR changes the callback to
_just_ remove all the wheels and handle the download, and the rest of
the method following the callback is responsible for finding and
building any wheels.
 2024-01-08 16:19:54 -05:00
Charlie Marsh cc9140643e
Rename `metadata` to `built_wheel` in `source/mod.rs` (#840) 2024-01-08 19:20:20 +00:00
Charlie Marsh df254087d9
Break `source_dist.rs` into a module (#839) 
## Summary

Finding this file hard to edit and work in since it's gotten quite
large.
 2024-01-08 19:14:45 +00:00
Zanie Blue 2b0c2e294b
Fix formatting of negated singleton versions in error messages (#836) 
Closes #805 
Requires https://github.com/zanieb/pubgrub/pull/17
 2024-01-08 12:33:01 -06:00
Charlie Marsh aeefe65227
Fix `tracing-duration-export` compilation (#835) 
## Summary

I'm unable to run `puffin-cli` on `main` as the
`tracing-durations-export` is marked as optional, but the crate actually
depends on it to compile. Further, without `tracing-durations-export`,
there are `Option` types that can't resolve to a concrete type.

This PR fixes compilation with and without the feature.
 2024-01-08 18:04:23 +00:00
Charlie Marsh c06bf658bb
Remove some filesystem calls from the installer (#834) 
Noticed these when working on something unrelated. Generally:

- Prefer `entry.file_type()` over `entry.path().is_file()` or similar,
as the former is almost always free on Unix.
- Call `entry.path()` once, since it allocates internally (returns a
`PathBuf`).
 2024-01-08 12:59:01 -05:00
konsti 004147d441
Add tracing_durations_export feature to puffin-cli (#830) 
The optional `tracing-durations-export` feature allows creating
parallelism plots from all puffin-cli commands without affecting
production builds.

Usage:

```
virtualenv --clear -p 3.10 .venv310 && TRACING_DURATIONS_FILE=target/traces/jupyter-no-cache.ndjson RUST_LOG=puffin=info VIRTUAL_ENV=.venv310 cargo run --bin puffin --profile profiling --features tracing-durations-export -- pip-install -v --no-cache jupyter
virtualenv --clear -p 3.10 .venv310 && TRACING_DURATIONS_FILE=target/traces/jupyter.ndjson RUST_LOG=puffin=info VIRTUAL_ENV=.venv310 cargo run --bin puffin --profile profiling --features tracing-durations-export -- pip-install -v jupyter
 ```

Output, plotted in collapsed mode for readability:

Cached jupyter:

![jupyter](https://github.com/astral-sh/puffin/assets/6826232/f7e03c68-0438-4cf4-bceb-9a4a146cc506)

Uncached jupyter:

![image](https://github.com/astral-sh/puffin/assets/6826232/cfdd3383-7a9d-43d6-b8d0-201f64611596)
 2024-01-08 16:20:45 +01:00
konsti b6338b5e4a
Use tracing-durations-export to visualize parallelism bottlenecks (dev commands) (#816) 
Example usage:

```
# Cached
TRACING_DURATIONS_FILE=target/traces/black.ndjson RUST_LOG=puffin=info cargo run --bin puffin-dev --profile profiling -- resolve black
TRACING_DURATIONS_FILE=target/traces/meine_stadt_transparent.ndjson RUST_LOG=puffin=info cargo run --bin puffin-dev --profile profiling -- resolve meine_stadt_transparent
TRACING_DURATIONS_FILE=target/traces/jupyter.ndjson RUST_LOG=puffin=info cargo run --bin puffin-dev --profile profiling -- resolve jupyter

# No cache
TRACING_DURATIONS_FILE=target/traces/black-no-cache.ndjson RUST_LOG=puffin=info cargo run --bin puffin-dev --profile profiling -- resolve --no-cache black
TRACING_DURATIONS_FILE=target/traces/meine_stadt_transparent-no-cache.ndjson RUST_LOG=puffin=info cargo run --bin puffin-dev --profile profiling -- resolve --no-cache meine_stadt_transparent
TRACING_DURATIONS_FILE=target/traces/jupyter-no-cache.ndjson RUST_LOG=puffin=info cargo run --bin puffin-dev --profile profiling -- resolve --no-cache jupyter
```

Uncached black output example:


![black-no-cache](https://github.com/astral-sh/puffin/assets/6826232/38497b89-7214-453b-9456-c9d9cbf7d2d5)
 2024-01-08 16:20:38 +01:00
konsti 243392f718
`cargo run` run `puffin` by default (#831) 
`cargo run` now runs `puffin` by default. `cargo run --bin puffin-dev`
remains working.
 2024-01-08 12:49:06 +00:00
konsti 3f587156ec
Improve install instrumentation (#829) 
Add tracing spans to different phases of the wheel installation.
 2024-01-08 10:13:59 +00:00
konsti 60ba7dd14f
Use `std::io::read_to_string` (#826) 
The `std::io::read_to_string` shorthand was stabilized in 1.65.
 2024-01-08 09:15:38 +00:00
Charlie Marsh 54838914be
Migrate back to `owo-colors` (#824) 
In the past, I moved us to `owo-colors`
(https://github.com/astral-sh/puffin/pull/121); then, we moved back,
because we ran into issues with overriding the settings to force-disable
colors. But `anstream` solved those problems, so I'm moving us _back_ to
`owo-colors`, since it's what `anstream` recommends, and it's already
used by many of our dependencies (`miette`, `configparser`).

---------

Co-authored-by: konstin <konstin@mailbox.org>
 2024-01-08 08:54:57 +00:00
Charlie Marsh 17452e3e64
Simplify ranges in pre-release hints (#825) 
Closes https://github.com/astral-sh/puffin/issues/807.
 2024-01-07 12:40:22 -05:00
Charlie Marsh e6fcb9c4d3
Use `anstream` for all color control (#823) 
## Summary

We can use `anstream` for all color control, rather than going through
`colored`. Note that we still need the `colored` crate, since `colored`
and `anstream` solve different problems. (`anstream` recommends using
`owo-colors` alongside it, but `colored` seems to work fine?)

Resolves the issue raised in
https://github.com/astral-sh/puffin/pull/742 via `anstream` rather than
`colored`.

Closes https://github.com/astral-sh/puffin/issues/782.
 2024-01-06 20:44:05 -05:00
Charlie Marsh fed492831a
Inline some format placeholders (#822) 2024-01-06 23:13:44 +00:00
Charlie Marsh 77c3a67029
Remove `pub(crate)` from `RegistryClient` fields (#821) 2024-01-06 22:05:18 +00:00
Charlie Marsh 9ded337870
Remove unused `proxy` field from client (#820) 2024-01-06 17:02:35 -05:00
Zanie Blue 88adba83a0
Add scenarios with unresolvable dependencies due to excluded versions (#801) 
Scenarios added in https://github.com/zanieb/packse/pull/71
 2024-01-05 16:21:47 -06:00
Zanie Blue 9a75703973
Bump packse to hide `requires-python` in docstrings when not relevant (#797) 2024-01-05 20:49:09 +00:00
Zanie Blue def7f79f20
Add pre-release test scenario reproducing hint simplification bug (#796) 
A reproduction of #751 

Scenarios added in https://github.com/zanieb/packse/pull/68
 2024-01-05 14:41:40 -06:00
konsti 65efee1d76
Add compare_release fast path (#799) 
Looking at the profile for tf-models-nightly after #789,
`compare_release` is the single biggest item. Adding a fast path, we
avoid paying the cost for padding releases with 0s when they are the
same length, resulting in a 16% for this pathological case. Note that
this mainly happens because tf-models-nightly is almost all large dev
releases that hit the slow path.

**Before**


![image](https://github.com/astral-sh/puffin/assets/6826232/0d2b4553-da69-4cdb-966b-0894a6dd5d94)

**After**


![image](https://github.com/astral-sh/puffin/assets/6826232/6d484808-9d16-408d-823e-a12d321802a5)

```
$ hyperfine --warmup 1 --runs 3 "target/profiling/main pip-compile -q scripts/requirements/tf-models-nightly.txt"
 "target/profiling/puffin pip-compile -q scripts/requirements/tf-models-nightly.txt"
Benchmark 1: target/profiling/main pip-compile -q scripts/requirements/tf-models-nightly.txt
  Time (mean ± σ):     11.963 s ±  0.225 s    [User: 11.478 s, System: 0.451 s]
  Range (min … max):   11.747 s … 12.196 s    3 runs

Benchmark 2: target/profiling/puffin pip-compile -q scripts/requirements/tf-models-nightly.txt
  Time (mean ± σ):     10.317 s ±  0.720 s    [User: 9.885 s, System: 0.404 s]
  Range (min … max):    9.501 s … 10.860 s    3 runs

Summary
  target/profiling/puffin pip-compile -q scripts/requirements/tf-models-nightly.txt ran
    1.16 ± 0.08 times faster than target/profiling/main pip-compile -q scripts/requirements/tf-models-nightly.txt
```
 2024-01-05 15:14:11 -05:00
Andrew Gallant 6c98ae9d77
pep440: rewrite the parser and make version comparisons cheaper (#789) 
This PR builds on #780 by making both version parsing faster, and
perhaps more importantly, making version comparisons much faster.
Overall, these changes result in a considerable improvement for the
`boto3.in` workload. Here's the status quo:

```
$ time puffin pip-compile --no-build --cache-dir ~/astral/tmp/cache/ -o /dev/null ./scripts/requirements/boto3.in
Resolved 31 packages in 34.56s

real    34.579
user    34.004
sys     0.413
maxmem  2867 MB
faults  0
```

And now with this PR:

```
$ time puffin pip-compile --no-build --cache-dir ~/astral/tmp/cache/ -o /dev/null ./scripts/requirements/boto3.in
Resolved 31 packages in 9.20s

real    9.218
user    8.919
sys     0.165
maxmem  463 MB
faults  0
```

This particular workload gets stuck in pubgrub doing resolution, and
thus benefits mightily from a faster `Version::cmp` routine. With that
said, this change does also help a fair bit with "normal" runs:

```
$ hyperfine -w10 \
    "puffin-base pip-compile --cache-dir ~/astral/tmp/cache/ -o /dev/null ./scripts/benchmarks/requirements.in" \
    "puffin-cmparc pip-compile --cache-dir ~/astral/tmp/cache/ -o /dev/null ./scripts/benchmarks/requirements.in"
Benchmark 1: puffin-base pip-compile --cache-dir ~/astral/tmp/cache/ -o /dev/null ./scripts/benchmarks/requirements.in
  Time (mean ± σ):     337.5 ms ±   3.9 ms    [User: 310.5 ms, System: 73.2 ms]
  Range (min … max):   333.6 ms … 343.4 ms    10 runs

Benchmark 2: puffin-cmparc pip-compile --cache-dir ~/astral/tmp/cache/ -o /dev/null ./scripts/benchmarks/requirements.in
  Time (mean ± σ):     189.8 ms ±   3.0 ms    [User: 168.1 ms, System: 78.4 ms]
  Range (min … max):   185.0 ms … 196.2 ms    15 runs

Summary
  puffin-cmparc pip-compile --cache-dir ~/astral/tmp/cache/ -o /dev/null ./scripts/benchmarks/requirements.in ran
    1.78 ± 0.03 times faster than puffin-base pip-compile --cache-dir ~/astral/tmp/cache/ -o /dev/null ./scripts/benchmarks/requirements.in
```

There is perhaps some future work here (detailed in the commit
messages), but I suspect it would be more fruitful to explore ways of
making resolution itself and/or deserialization faster.

Fixes #373, Closes #396
 2024-01-05 11:57:32 -05:00
Zanie Blue 74777c01ea
Improve documentation for scenario tests (#795) 
- Fix documentation of scenario test module
- Add instructions to scenario update script for local development
 2024-01-05 16:51:25 +00:00
konsti 5820a9d937
Update dependencies (#794) 
Pull in a bunch of updates so they get some testing before we announce
the project. textwrap 0.16 is blocked on miette updating, http 1.0 on
reqwest.
 2024-01-05 11:40:12 -05:00
Zanie Blue 08edbc9f60
Add assertions of expected scenario results (#791) 
Uses new metadata added in https://github.com/zanieb/packse/pull/61 to
assert that resolution succeeded or failed _and_ that the installed
package versions match the expected result.
 2024-01-05 10:32:37 -06:00
konsti 673bece595
Allow `pip-compile` without a venv (#494) 
The semantics are a bit unintuitive because `--python-version` is a
preference when looking for a python version without a venv, but if we
don't find that exact version we'll take `python3` and patch the
markers. This will make more sense once we start provisioning python
builds.

We can now resolve black with both python 3.8 and 3.12, with or without
that python version being in scope. In the example below,
`PATH=$HOME/.cargo/bin:/usr/bin` removes the pyenv builds and leaves
only `python3`, which is python 3.11.

```console
$ RUST_LOG=puffin::commands=debug cargo run --bin puffin -q -- pip-compile -v scripts/benchmarks/requirements/black.in --python-version py38
    0.004108s DEBUG puffin::commands::pip_compile Using Python 3.8 at /home/konsti/.local/bin/python3.8
Resolved 8 packages in 44ms
# This file was autogenerated by Puffin v0.0.1 via the following command:
#    puffin pip-compile -v scripts/benchmarks/requirements/black.in --python-version py38
black==23.11.0
[...]
platformdirs==4.0.0
    # via black
tomli==2.0.1
    # via black
typing-extensions==4.8.0
    # via black
$ PATH=$HOME/.cargo/bin:/usr/bin RUST_LOG=puffin::commands=debug cargo run --bin puffin -q -- pip-compile -v scripts/benchmarks/requirements/black.in --python-version py38
    0.004315s DEBUG puffin::commands::pip_compile Using Python 3.11 at /usr/bin/python3
Resolved 8 packages in 43ms
# This file was autogenerated by Puffin v0.0.1 via the following command:
#    puffin pip-compile -v scripts/benchmarks/requirements/black.in --python-version py38
black==23.11.0
[...]
platformdirs==4.0.0
    # via black
tomli==2.0.1
    # via black
typing-extensions==4.8.0
    # via black
```

```console
$ RUST_LOG=puffin::commands=debug cargo run --bin puffin -q -- pip-compile -v scripts/benchmarks/requirements/black.in --python-version py312
    0.004216s DEBUG puffin::commands::pip_compile Using Python 3.12 at /home/konsti/.local/bin/python3.12
Resolved 6 packages in 37ms
# This file was autogenerated by Puffin v0.0.1 via the following command:
#    puffin pip-compile -v scripts/benchmarks/requirements/black.in --python-version py312
black==23.11.0
[...]
platformdirs==4.0.0
    # via black
$ PATH=$HOME/.cargo/bin:/usr/bin RUST_LOG=puffin::commands=debug cargo run --bin puffin -q -- pip-compile -v scripts/benchmarks/requirements/black.in --python-version py312
    0.004190s DEBUG puffin::commands::pip_compile Using Python 3.11 at /usr/bin/python3
Resolved 6 packages in 39ms
# This file was autogenerated by Puffin v0.0.1 via the following command:
#    puffin pip-compile -v scripts/benchmarks/requirements/black.in --python-version py312
black==23.11.0
[...]
platformdirs==4.0.0
    # via black
```

Fixes #235.

Co-authored-by: Charlie Marsh <charlie.r.marsh@gmail.com>
 2024-01-05 15:01:06 +00:00
Charlie Marsh 76064cdec2
Document Python interpreter discovery in README (#792) 2024-01-05 09:44:06 -05:00
Zanie Blue 0cd57a6cd8
Add pre-release scenarios (#790) 
Scenarios added in https://github.com/zanieb/packse/pull/58
 2024-01-05 03:10:43 +00:00
Zanie Blue 3d6ea7809a
Update scenario tests to include `requires-python` coverage (#769) 
Includes creating a virtual env with the relevant environment python
version.

Scenarios added in https://github.com/zanieb/packse/pull/55
 2024-01-04 14:15:13 -06:00
konsti 57c96df288
Explain ld errors (#773) 
One of the most common ways source dists fail to build (on linux) is
when the linker fails because the shared library of a native dependency
is not installed. These errors are hard to understand when you're not a
c programmer:

```
       In file included from /usr/include/python3.10/unicodeobject.h:1046,
                        from /usr/include/python3.10/Python.h:83,
                        from Modules/3.x/readline.c:8:
       Modules/3.x/readline.c: In function ‘on_completion’:
       /usr/include/python3.10/cpython/unicodeobject.h:744:29: warning: initialization discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
         744 | #define _PyUnicode_AsString PyUnicode_AsUTF8
             |                             ^~~~~~~~~~~~~~~~
       Modules/3.x/readline.c:842:23: note: in expansion of macro ‘_PyUnicode_AsString’
         842 |             char *s = _PyUnicode_AsString(r);
             |                       ^~~~~~~~~~~~~~~~~~~
       Modules/3.x/readline.c: In function ‘readline_until_enter_or_signal’:
       Modules/3.x/readline.c:1044:9: warning: ‘sigrelse’ is deprecated: Use the sigprocmask function instead [-Wdeprecated-declarations]
        1044 |         sigrelse(SIGINT);
             |         ^~~~~~~~
       In file included from Modules/3.x/readline.c:10:
       /usr/include/signal.h:359:12: note: declared here
         359 | extern int sigrelse (int __sig) __THROW
             |            ^~~~~~~~
       Modules/3.x/readline.c: In function ‘PyInit_readline’:
       Modules/3.x/readline.c:1179:34: warning: assignment to ‘char * (*)(FILE *, FILE *, const char *)’ from incompatible pointer type ‘char * (*)(FILE *, FILE *, char *)’ [-Wincompatible-pointer-types]
        1179 |     PyOS_ReadlineFunctionPointer = call_readline;
             |                                  ^
       In file included from /usr/include/string.h:535,
                        from /usr/include/python3.10/Python.h:30,
                        from Modules/3.x/readline.c:8:
       In function ‘strncpy’,
           inlined from ‘call_readline’ at Modules/3.x/readline.c:1124:9:
       /usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘__builtin_strncpy’ output truncated before terminating nul copying as many bytes from a string as its length [-Wstringop-truncation]
          95 |   return __builtin___strncpy_chk (__dest, __src, __len,
             |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          96 |                                   __glibc_objsize (__dest));
             |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~
       Modules/3.x/readline.c: In function ‘call_readline’:
       Modules/3.x/readline.c:1099:9: note: length computed here
        1099 |     n = strlen(p);
             |         ^~~~~~~~~
       /usr/bin/ld: cannot find -lncurses: No such file or directory
       collect2: error: ld returned 1 exit status
       error: command '/usr/bin/x86_64-linux-gnu-gcc' failed with exit code 1
       ---
```

We parse these errors out, tell the user about the missing shared
library and even the most likely debian/ubuntu package name:

```
This error likely indicates that you need to install the library that provides a shared library for ncurses for pygraphviz-1.11 (e.g. libncurses-dev)
```
 2024-01-04 20:56:38 +01:00
Zanie Blue 8ac6f9a198
Wrap scenario descriptions in docstrings (#787) 
Otherwise, the lines can get kind of long.
 2024-01-04 19:43:50 +00:00
Zanie Blue f89c6456e3
Explicitly pin scenarios to a packse commit (#788) 
Previously, we just pulled the latest commit from `main` on every
update. This causes problems when you do not intend to update the
scenarios as in #787.

This bumps to the latest `packse` commit without new scenarios.
 2024-01-04 19:38:48 +00:00
Zanie Blue 5e04a95c45
Disable line wrapping during scenario tests (#784) 
Adds support for a `PUFFIN_NO_WRAP` environment variable which disables
line wrapping in `miette` output.

We set this variable in the scenario tests to improve the readability of
snapshots.

I contributed the ability to disable line wrapping upstream at
https://github.com/zkat/miette/pull/328
 2024-01-04 19:07:16 +00:00
Andrew Gallant d7c9b151fb
pep440: some minor refactoring, mostly around error types (#780) 
This PR does a bit of refactoring to the pep440 crate, and in
particular around the erorr types. This PR is meant to be a precursor
to another PR that does some surgery (both in parsing and in `Version`
representation) that benefits somewhat from this refactoring.

As usual, please review commit-by-commit.
 2024-01-04 12:28:36 -05:00
Andrew Gallant 1cc3250e76
puffin-cli: fix botched merge (#785) 
This fixes a compilation error with tests on current `main`. I didn't
track down the exact provenance, but I'd guess it's the result of a
botched merge. (i.e., Two or more PRs that pass CI independently, but
when merged cause failures.)
 2024-01-04 17:03:45 +00:00
Charlie Marsh c6bdc43f37
Add missing feature to `Cargo.toml` (#777) 2024-01-04 11:39:11 -05:00
Zanie Blue e75fde7bfe
Filter prefixes from scenario snapshots to improve readability (#779) 
I'm a _little_ unsure since this could be confusing but the prefixes can
be pretty long and this is much easier to read.
 2024-01-04 09:57:41 -06:00
konsti 9b77a8873e
Disable color output when redirecting stderr (#742) 
I'm still confused about it, but this seems to do the right thing?

`HierarchicalLayer` internally has [`let ansi =
io::stderr().is_terminal();`](fcd9eed252/src/lib.rs (L74)),
so the logging itself is already correctly uncolored, but errors in the
log weren't.

Test command, ran with network deactivated:

```shell
RUST_LOG=debug cargo run --bin puffin -- pip-compile -v ./scripts/popular_packages/pypi_8k_downloads.txt 2> log.txt
```

**Before**

```
error: Request error: error sending request for url (https://pypi.org/simple/apache-airflow-providers-dbt-cloud/): error trying to connect: dns error: failed to lookup address information: Temporary failure in name resolution
  Caused by: error sending request for url (https://pypi.org/simple/apache-airflow-providers-dbt-cloud/): error trying to connect: dns error: failed to lookup address information: Temporary failure in name resolution
  Caused by: error trying to connect: dns error: failed to lookup address information: Temporary failure in name resolution
  Caused by: dns error: failed to lookup address information: Temporary failure in name resolution
  Caused by: failed to lookup address information: Temporary failure in name resolution
  ```

  **After**

  ```
  error: Request error: error sending request for url (https://pypi.org/simple/fissix/): error trying to connect: dns error: failed to lookup address information: Temporary failure in name resolution
    Caused by: error sending request for url (https://pypi.org/simple/fissix/): error trying to connect: dns error: failed to lookup address information: Temporary failure in name resolution
    Caused by: error trying to connect: dns error: failed to lookup address information: Temporary failure in name resolution
    Caused by: dns error: failed to lookup address information: Temporary failure in name resolution
    Caused by: failed to lookup address information: Temporary failure in name resolution
```
 2024-01-04 16:43:44 +01:00
konsti 92c780ec2f
Run custom insta filters before generic filters (#781) 
I've noticed some non-deterministic test failures when a temp dir looks
like a timestamp
(https://github.com/astral-sh/puffin/actions/runs/7410022542/job/20161416805).
Running the custom filters for e.g. the temp dirs before the generic
time filters should fix that.
 2024-01-04 16:40:28 +01:00
Charlie Marsh b2230e7f4d
Make index URLs insensitive to trailing slashes (#771) 
Closes https://github.com/astral-sh/puffin/issues/770.
 2024-01-04 08:45:50 -05:00
konsti 7d6e6fae25
Requirement fixup for trailing comma after trailing quote (#776) 
Fixup for
7349527ceadde8fc265a33e6a4e662/boto3-1.2.0-py2.py3-none-any.whl:

```
botocore>=1.3.0,<1.4.0',
```

Note that neither the quote nor the comma are right.
 2024-01-04 08:45:41 -05:00
konsti 0c5ca1cdd8
Delete unused file (#772) 
This is a duplicate that's not used anymore, probably a refactoring
artifact.
 2024-01-04 11:32:12 +00:00
Zanie Blue e18a6a0c03
Include permalink to scenarios used to generate test cases (#767) 2024-01-03 20:41:14 -06:00
Zanie Blue 0d5252580c
Improve scenario update script (#759) 
Following #757, improves the script for generating scenario test cases
with:

- A requirements file
- Support for downloading packse scenarios from GitHub dynamically
- Running rustfmt on the generated test file
- Updating snapshots / running tests
 2024-01-03 20:13:11 -06:00
Charlie Marsh bf9e9daa39
Make editable installs their own test feature flag (#766) 
For whatever reason these fail for me with mold, and it's not worth it
to me to disable the linker.
 2024-01-03 20:33:22 -05:00
Charlie Marsh 252d53e83a
Make environment validation a `--strict` flag (#765) 
I don't necessarily want users to pay this cost every time. We could
consider making this `true` by default.

Closes https://github.com/astral-sh/puffin/issues/763.
 2024-01-04 01:29:06 +00:00
Charlie Marsh ae8c7d11e3
Use `create_venv_py312` in pip-uninstall tests (#764) 2024-01-04 01:16:13 +00:00
Charlie Marsh 286145bc7f
Add a dedicated error for missing RECORD files (#762) 
Related to: https://github.com/astral-sh/puffin/issues/716
 2024-01-04 00:28:50 +00:00
Charlie Marsh 2d1d6ac0dd
Add context and diagnostics for missing `METADATA` (#761) 
Closes https://github.com/astral-sh/puffin/issues/717.
 2024-01-03 19:09:23 -05:00
Zanie Blue 1f2112191f
Unpack scenario root requirements in test cases (#757) 
As mentioned in #746, instead of just installing the scenario root we
will unpack the root dependencies into the install command to allow
better coverage of direct user requests with scenarios.

I added display of the package tree provided by each scenario.

Use a mustache template for iterative replacements.
 2024-01-03 17:31:29 -06:00
Charlie Marsh 02b157085e
Add INSTALLER file to install-wheel-rs (#760) 
See:
https://packaging.python.org/en/latest/specifications/recording-installed-packages/#the-installer-file
 2024-01-03 17:30:54 -05:00
Zanie Blue c9f43e915c
Add packse scenario tests (#746) 
Adds tests using packse test scenarios! Uses `test.pypi.org` as a
backing index.

Tests are generated by a simple Python script. Requires
https://github.com/zanieb/packse/pull/49.

This opens us to a slight attack surface, as we cannot force use of
`test.pypi.org` only and someone could register these package names on
the real `pypi.org` index with malicious content. I could publish these
packages there too.
 2024-01-03 15:50:06 -06:00
Charlie Marsh aa75d264cd
Clean up the Puffin CLI (#755) 
- Rename to `puffin pip-freeze` for consistency.
- Add a `virtualenv` alias to `venv`.
- Hide the `add` and `remove` commands.
 2024-01-03 21:22:06 +00:00
Charlie Marsh cfffcbb269
Cancel waiting tasks on resolution error (#753) 
## Summary

I don't understand why this works (because I don't understand why it's
erroring) but it does. See:
https://github.com/astral-sh/puffin/pull/746#issuecomment-1875722454.

## Test Plan

```
cargo run --bin puffin pip-install requires-transitive-incompatible-with-transitive-8329cfc0 --extra-index-url https://test.pypi.org/simple -n
```
 2024-01-03 20:18:27 +00:00
Charlie Marsh a8e52d2899
Split `resolver.rs` into a module (#752) 
This is just getting hard to navigate. No code changes, just moving
stuff around.
 2024-01-03 14:02:30 -05:00
Charlie Marsh 48c7359622
Always simplify dependency sets (#748) 
`simplify_set` can itself simplify to the full range, so it seems like
we should be checking if the set is `Range::full` _after_ simplifying
rather than before.
 2024-01-03 13:21:03 -05:00
Charlie Marsh 607a5bee6d
Use `register_owned` in prefetch path (#750) 2024-01-03 17:31:23 +00:00
Charlie Marsh fd556ccd44
Model Python version as a PubGrub package (#745) 
## Summary

This PR modifies the resolver to treat the Python version as a package,
which allows for better error messages (since we no longer treat
incompatible packages as if they "don't exist at all").

There are a few tricky pieces here...

First, we need to track both the interpreter's Python version and the
_target_ Python version, because we support resolving for other versions
via `--python 3.7`.

Second, we allow using incompatible wheels during resolution, as long as
there's a compatible source distribution. So we still need to test for
`requires-python` compatibility when selecting distributions.

This could use more testing, but it feels like an area where `packse`
would be more productive than writing PyPI tests.

Closes https://github.com/astral-sh/puffin/issues/406.
 2024-01-03 15:20:45 +00:00
Charlie Marsh 5a98add54e
Always pre-fetch distribution metadata (#744) 
This PR fixes our prefetching logic to ensure that we always attempt to
prefetch the "best-guess" distribution for all dependencies. This logic
already existed, but because we only attempted to prefetch when package
metadata was available, it almost never triggered. Now, we wait for the
package metadata to become available, _then_ kick off the "best-guess"
prefetch (for every package).

In my testing, this dramatically improves performance (like 2x). I'm
wondering if this regressed at some point?

Closes #743.

Co-authored-by: konsti <konstin@mailbox.org>
 2024-01-03 11:37:45 +01:00
Charlie Marsh ba23115465
Remove some package clones (#749) 2024-01-02 23:21:46 -05:00
Charlie Marsh 94076d6000
Use dependency package when simplifying dependency set (#747) 
This manifested itself here:
https://github.com/astral-sh/puffin/pull/745/files#r1439912440.
 2024-01-02 20:26:56 -06:00
konsti 26f597a787
Add spans to all significant tasks (#740) 
I've tried to investigate puffin's performance wrt to builds and
parallelism in general, but found the previous instrumentation to
granular. I've tried to add spans to every function that either needs
noticeable io or cpu resources without creating duplication. This also
fixes some wrong tracing usage on async functions
(https://docs.rs/tracing/latest/tracing/struct.Span.html#in-asynchronous-code)
and some spans that weren't actually entered.
 2024-01-02 16:17:03 +00:00
konsti a3d8b3d9ca
Don't install incompatible path and url wheels (#739) 
Add early tag checking for path and url wheels.

This does not check for resolve for consistency with index wheels.
 2024-01-02 15:00:50 +00:00
konsti cd43708369
Flag to force latest version in resolve-many (#741) 
Also fixes color when redirecting puffin-dev to a log file.
 2024-01-02 11:04:26 +00:00
konsti 35f6ea204b
Remove Box::pin usages (#738) 
Rust 1.75 update follow-up, simplifies the code.
 2023-12-29 15:49:12 +00:00
Charlie Marsh 2cfa4a3574
Add a dedicated error message to hint users towards enabling pre-releases (#697) 
This PR adds a dedicated error message for resolutions that fail, but
might've succeeded if pre-releases were allowed. Specifically, if we see
a failed resolution, and failed to find a version for a package that
included a pre-release marker, we add a hint nudging the user to
explicitly enable all pre-releases.

We'd prefer a solution like
https://github.com/astral-sh/puffin/pull/666, but believe that it will
break some assumptions in PubGrub, so this is the lighter-weight
solution.

Closes https://github.com/astral-sh/puffin/issues/659.
 2023-12-28 21:44:35 -05:00
konsti 2d4cb1ebf2
Rust 1.75 (#736) 
The `async fn` and return-position `impl Trait` in traits improve
`BuildContext` ergonomics. The traits use `impl Future` over `async fn`
to make the send bound explicit
(https://blog.rust-lang.org/2023/12/21/async-fn-rpit-in-traits.html).

The remaining changes are due to clippy.
 2023-12-28 16:08:35 -04:00
konsti 7bf2790a25
Remove all quotes from (lenient) version specifiers (#735) 
Found in
https://pypi.org/simple/algoliasearch/?format=application/vnd.pypi.simple.v1+json
and
https://pypi.org/simple/okta/?format=application/vnd.pypi.simple.v1+json
 2023-12-28 14:40:42 +00:00
konsti 0ebff943e4
Finish install-many with pypi 10k most dependents (#732) 
This PR combines three small changes to finish up the install-many
testing.

* Download pypi_10k_most_dependents.txt in script I'd like to have the
setup process of the large scale checks automated.
* Some install-many dev script improvements 
* Fix mkl_fft-1.3.6-58-cp310-cp310-manylinux2014_x86_64.whl:
mkl_fft-1.3.6-58-cp310-cp310-manylinux2014_x86_64.whl has multiple
Wheel-Version entries, we have to ignore that like pip

Apart from the mkl-fft fix the only other errors i've seen showing up
are
https://github.com/astral-sh/puffin/issues/520#issuecomment-1869625642.
 2023-12-27 09:42:51 -05:00
Charlie Marsh 007f52bb4e
Add support for relative URLs in simple metadata responses (#721) 
## Summary

This PR adds support for relative URLs in the simple JSON responses. We
already support relative URLs for HTML responses, but the handling has
been consolidated between the two. Similar to index URLs, we now store
the base alongside the metadata, and use the base when resolving the
URL.

Closes #455.

## Test Plan

`cargo test` (to test HTML indexes). Separately, I also ran `cargo run
-p puffin-cli -- pip-compile requirements.in -n
--index-url=http://localhost:3141/packages/pypi/+simple` on the
`zb/relative` branch with `packse` running, and forced both HTML and
JSON by limiting the `accept` header.
 2023-12-27 08:53:21 -05:00
Charlie Marsh ae83a74309
Review feedback for HTML indexes (#733) 
See: https://github.com/astral-sh/puffin/pull/719
 2023-12-26 21:57:20 +00:00
Charlie Marsh bbe0246205
Change internal representation of `CacheEntry` to avoid allocations (#730) 
Removes a TODO.
 2023-12-26 02:10:30 +00:00
Charlie Marsh 188ab75769
Split `File` into internal and external type (#729) 
## Summary

This PR makes the `pypi_types::File` a response-only type (i.e., a type
that's only used when deserializing over the wire), and adds a separate
internal `File` type. Right now, the representations are similar, but
already, we can avoid the "lenient" deserialization on our internal
`File` type, and avoid the special-casing of the property names that's
required in the JSON. Over time, we can evolve this representation
entirely separately from the representation we receive from PyPI and
other indexes.
 2023-12-25 15:42:28 -05:00
Charlie Marsh 6ff21374dc
Split `puffin-cache` into Puffin-specific and generic utilities (#728) 
This crate started off as generic caching utilities, but we started
adding a lot of Puffin-specific stuff (like the cache buckets
abstraction that knows about Git vs. direct URL vs. indexes and so on).
This PR moves the generic stuff into a new `cache-key` crate.
 2023-12-25 14:38:56 +00:00
Charlie Marsh 187ccef4e1
Cache `Tags` on `Interpreter` (#726) 2023-12-25 13:41:10 +00:00
Charlie Marsh 5b2e381f87
Remove `platform-tags` dependency on `puffin-interpreter` (#725) 
Cuts off a large internal dependency chain from what is otherwise a very
general crate.
 2023-12-24 23:06:50 +00:00
Charlie Marsh ad34bb02a9
Modify some inconsistent exports (#724) 2023-12-24 22:30:03 +00:00
Charlie Marsh 343880820b
Un-escape HTML entities when decoding (#723) 
I don't have a good testing strategy here (I'm manually testing against
`devpi` via `packse`), but the HTML index uses (e.g.)
`data-requires-python="&gt;=3.8"`, so we need to decode.
 2023-12-24 16:35:45 -05:00
Charlie Marsh 2d721a497e
Add a `SimpleHttp` abstraction similar to `SimpleJson` (#722) 
Just an internal refactor to turn some standalone functions into
associated methods (and reduce the diff in the next PR).
 2023-12-24 20:55:57 +00:00
konsti e23292641f
Add pypi 10k packages with most dependents dataset (#711) 
From manual inspection, this dataset generated through the [libraries.io
API](https://libraries.io/api#project-search) seems more mainstream than
the current 8k one, which is also preserved. I've added the dataset to
the repo because the API requires an API key.
 2023-12-24 18:31:52 +00:00
Charlie Marsh 5bce699ee1
Add support for HTML indexes (#719) 
## Summary

This PR adds support for HTML index responses (as with
`--index-url=https://download.pytorch.org/whl`).

Closes https://github.com/astral-sh/puffin/issues/412.
 2023-12-24 16:04:00 +00:00
Charlie Marsh 9e6cb706a0
Update test fixtures (#720) 2023-12-24 15:50:10 +00:00
konsti b7ad97a823
Show resource and lockfile when waiting (#715) 
We lock git checkout directories and the virtualenv to avoid two puffin
instances running in parallel changing files at the same time and
leading to a broken state. When one instance is blocking another, we
need to inform the user (why is the program hanging?) and also add some
information for them to debug the situation.

The new messages will print

```
Waiting to acquire lock for /home/konsti/projects/puffin/.venv (lockfile: /home/konsti/projects/puffin/.venv/.lock)
```

or

```
Waiting to acquire lock for git+https://github.com/pydantic/pydantic-extra-types@0ce9f207a1e09a862287ab77512f0060c1625223 (lockfile: /home/konsti/projects/puffin/cache-all-kinds/git-v0/locks/f157fd329a506a34)
```

The messages aren't perfect but clear enough to see what the contention
is and in the worst case to delete the lockfile.

Fixes #714
 2023-12-21 00:05:49 +01:00
konsti e60f0ec732
Update pubgrub (#713) 
Easier than i expected: We simply never construct the pubgrub error
variants since we have our own main loop. The `unreachable!()`s can be
removed when never is stabilized
 2023-12-20 23:56:59 +01:00
Zanie Blue e705267dac
Fix fallback download when index does not support HTTP range requests (#702) 
Otherwise, when a server does not support HTTP range requests we throw
an error instead of downloading without range requests.

---------

Co-authored-by: konstin <konstin@mailbox.org>
 2023-12-20 10:55:23 +00:00
Zanie Blue 665a59dae6
Fix deserialization of index response when `requires_python` field is missing (#708) 
Closes https://github.com/astral-sh/puffin/issues/707
 2023-12-20 11:53:48 +01:00
Zanie Blue 4e437ba7e5
Allow the default index url to be configured with `PUFFIN_INDEX_URL` (#704) 
This allows the default index URL to be easily overridden with a local
index e.g. a `packse` server

```
export PUFFIN_INDEX_URL="http://localhost:3141/packages/all/+simple"
```
 2023-12-20 11:52:00 +01:00
Zanie Blue ab15b08cbe
Perform 3 retries by default instead of 0 on failed index requests (#710) 
As a user, I'd expect retries to occur by default.

We should also expose this via a setting probably.
 2023-12-20 11:51:24 +01:00
konsti 9f8b7e7e12
Refactor `DistFinder` to allow handling errors (#709) 
For the install tests, i need the ability to ignore failures in the
`DistFinder`. To avoid just copy&pasting a version that collects errors
separately, i followed
https://gendignoux.com/blog/2021/04/01/rust-async-streams-futures-part1.html
and switched the custom channel over to an async stream yielding
`Result` items.

I like the async streams mirror the normal iterator api.
 2023-12-20 04:07:55 +00:00
Zanie Blue 12eedb1c12
Include `Accept` header specifying that we can only parse JSON responses (#701) 
Otherwise, when an index does not support the query variable we get an
HTML response and a JSON parse error.
 2023-12-19 12:22:53 -06:00
Zanie Blue 52ba65aa9c
Derive `Debug` for `CachedClientError` (#703) 
Discovered while debugging https://github.com/astral-sh/puffin/pull/702
 2023-12-19 12:22:39 -06:00
Andrew Gallant aa9f47bbde
improve tests for version parser (#696) 
The high level goal here is to improve the tests for the version parser.
Namely, we now check not just that version strings parse successfully,
but that they parse to the expected result.

We also do a few other cleanups. Most notably, `Version` is now an
opaque type so that we can more easily change its representation going
forward.

Reviewing commit-by-commit is suggested. :-)
 2023-12-19 12:25:32 -05:00
Charlie Marsh 6f90edda78
Reduce visibility of `PubGrubReportFormatter` (#699) 2023-12-19 08:53:38 -06:00
konsti 9e2bbee7f0
Name the directory whose lock we're waiting on (#700) 2023-12-19 12:19:27 +00:00
konsti 114548d945
Test that cache errors are non-fatal (#685) 
The test creates a cache from multiple sources and injects faults (once
using invalid data and once by making the files unreadable on the fs
level), then resolves again.

I didn't test git because it has its own locking and correctness logic.

The main drawback is that this test is slow (2.5s for me), we could
`#[ignore]` it.
 2023-12-19 12:02:49 +00:00
Charlie Marsh 878bb5c035
Remove remaining snapshot files from resolver test (#698) 2023-12-19 05:41:50 +00:00
Charlie Marsh 3660d8a08e
Introduce separate traits for ahead-of-time and installed metadata (#692) 
This is a pure refactor to follow-up #690, to separate the metadata that
we know upfront about distributions (like the version, for
registry-based distributions) vs. the metadata that requires building
(like the version, for URL-based distributions).
 2023-12-18 22:37:45 +00:00
Charlie Marsh 31afb39a10
Show URLs and version together for installed, URL-based dependencies (#690) 
The snapshot test changes will give you a sense for the impact of the
change and the output formatting.

Closes https://github.com/astral-sh/puffin/issues/686.
 2023-12-18 22:21:37 +00:00
Charlie Marsh 365c860e27
Show fully-resolved URLs in non-resolution contexts (#689) 
We now show the fully-resolved URL, rather than the URL as given by the
user, _everywhere_ except for the output resolution file (which should
retain relative paths, unexpanded environment variables, etc.).

Closes https://github.com/astral-sh/puffin/issues/687.
 2023-12-18 22:10:24 +00:00
konsti 43c837f7bb
Show enum defaults in `--help` output (#693) 
With `Option<T>` and `.unwrap_or_default()` later, the default of `T`
isn't shown in the help output.

Old:

```
      --link-mode <LINK_MODE>
          The method to use when installing packages from the global cache

          Possible values:
          - clone:    Clone (i.e., copy-on-write) packages from the wheel into the site packages
          - copy:     Copy packages from the wheel into the site packages
          - hardlink: Hard link packages from the wheel into the site packages

      -q, --quiet
      Do not print any output

      --resolution <RESOLUTION>
          Possible values:
          - highest:       Resolve the highest compatible version of each package
          - lowest:        Resolve the lowest compatible version of each package
          - lowest-direct: Resolve the lowest compatible version of any direct dependencies, and the highest compatible version of any transitive dependencies

      --prerelease <PRERELEASE>
          Possible values:
          - disallow:                 Disallow all pre-release versions
          - allow:                    Allow all pre-release versions
          - if-necessary:             Allow pre-release versions if all versions of a package are pre-release
          - explicit:                 Allow pre-release versions for first-party packages with explicit pre-release markers in their version requirements
          - if-necessary-or-explicit: Allow pre-release versions if all versions of a package are pre-release, or if the package has an explicit pre-release marker in its version requirements
```

![Screenshot from 2023-12-18
21-04-16](https://github.com/astral-sh/puffin/assets/6826232/6b3cb47a-f224-408a-8d7a-186ebeb88ecd)

New:

```
      --link-mode <LINK_MODE>
          The method to use when installing packages from the global cache

          [default: hardlink]

          Possible values:
          - clone:    Clone (i.e., copy-on-write) packages from the wheel into the site packages
          - copy:     Copy packages from the wheel into the site packages
          - hardlink: Hard link packages from the wheel into the site packages

  -q, --quiet
          Do not print any output

      --resolution <RESOLUTION>
          [default: highest]

          Possible values:
          - highest:       Resolve the highest compatible version of each package
          - lowest:        Resolve the lowest compatible version of each package
          - lowest-direct: Resolve the lowest compatible version of any direct dependencies, and the highest compatible version of any transitive dependencies

      --prerelease <PRERELEASE>
          [default: if-necessary-or-explicit]

          Possible values:
          - disallow:                 Disallow all pre-release versions
          - allow:                    Allow all pre-release versions
          - if-necessary:             Allow pre-release versions if all versions of a package are pre-release
          - explicit:                 Allow pre-release versions for first-party packages with explicit pre-release markers in their version requirements
          - if-necessary-or-explicit: Allow pre-release versions if all versions of a package are pre-release, or if the package has an explicit pre-release marker in its version requirements
```


![image](https://github.com/astral-sh/puffin/assets/6826232/26c2c391-d959-4769-999d-481b3f179502)
 2023-12-18 21:50:47 +00:00
Charlie Marsh 98fcb76015
Lock entire virtualenv during modifying commands (#695) 
These commands all assume that the `site-packages` are constant
throughout.

Closes #691.
 2023-12-18 16:44:45 -05:00
Charlie Marsh 207bb83a1c
Rename puffin-warnings macros to avoid tracing collision (#694) 
Also more consistent with Ruff.
 2023-12-18 21:33:21 +00:00
Charlie Marsh e98804141c
Re-add tf-models-nightly filter in `resolve_many.rs` (#688) 
I accidentally resolved this in a prior PR.
 2023-12-18 16:56:04 +00:00
Charlie Marsh dbf055fe6f
Use borrowed data in `BuildDispatch` (#679) 
This PR uses borrowed data in `BuildDispatch` which makes creating a
`BuildDispatch` extremely cheap (only one allocation, for the Python
executable). I can be talked out of this, it will have no measurable
impact.
 2023-12-18 16:43:03 +00:00
Charlie Marsh c400ab7d07
Add support for `file://` URLs in editable requirements (#680) 2023-12-18 14:55:37 +00:00
Charlie Marsh 74ca9128b4
Canonicalize virtualenv path once (#678) 
This avoids filesystem calls when creating a `BuildDispatch`.

Co-authored-by: konsti <konstin@mailbox.org>
 2023-12-18 14:42:58 +00:00
konsti 89ca0d68b9
`exclude_newer` in puffin-dev resolve-cli (#684) 
Internal dev tool change.
 2023-12-18 14:06:54 +00:00
konsti 7926749296
Fixup for `>=2.7,!=3.0.*,!=3.1.*,<3.4.*` (#683) 
Found in
https://pypi.org/simple/wincertstore/?format=application/vnd.pypi.simple.v1+json
 2023-12-18 12:56:48 +00:00
konsti f4f67ebde0
Rebase: Uninstall existing non-editable versions when installing editable requirements bug (#682) 
Separate branch for rebasing #677 onto main because i don't trust the
rebase enough to force push.

Closes #677.

---

If you install `black` from PyPI, then `-e ../black`, we need to
uninstall the existing `black`. This sounds simple, but that in turn
requires that we _know_ `-e ../black` maps to the package `black`, so
that we can mark it for uninstallation in the install plan. This, in
turn, means that we need to build editable dependencies prior to the
install plan.

This is just a bunch of reorganization to fix that specific bug
(installing multiple versions of `black` if you run through the above
workflow): we now run through the list of editables upfront, mark those
that are already installed, build those that aren't, and then ensure
that `InstallPlan` correctly removes those that need to be removed, etc.

Closes #676.

Co-authored-by: Charlie Marsh <charlie.r.marsh@gmail.com>
 2023-12-18 09:28:14 +00:00
Charlie Marsh 0bb2c92246
Add editable install support to `pip-install` (#675) 
Per the title: adds support for `-e` installs to `puffin pip-install`.
There were some challenges here around threading the editable installs
to the right places. Namely, we want to build _once_, then reuse the
editable installs from the resolution. At present, we were losing the
`editable: true` flag on the `Dist` that came back through the
resolution, so it required some changes to the resolver.

Closes https://github.com/astral-sh/puffin/issues/672.
 2023-12-18 09:52:32 +01:00
konsti 8c6463d220
Allow identical `VIRTUAL_ENV` and `CONDA_PREFIX` env vars (#681) 
Port of https://github.com/PyO3/maturin/pull/1879 for
https://github.com/PyO3/maturin/issues/1878
 2023-12-18 08:42:31 +00:00
Charlie Marsh 77c6e6fa6c
Add support for `reinstall` to editable packages (#674) 
Closes https://github.com/astral-sh/puffin/issues/673.
 2023-12-17 15:41:57 +00:00
Charlie Marsh 00e1c33af4
Add an editable index to the site-packages registry (#671) 
This PR modifies `SitePackages` to store all distributions in a flat
vector, and maintain two indexes (hash maps) from "per-element data for
an element in the vector" to "index of that element". This enables us to
maintain a map on both package name and editable URL.
 2023-12-17 03:44:36 +00:00
Charlie Marsh 08edd173db
Add support for editable packages in `pip-uninstall` (#670) 2023-12-17 02:56:37 +00:00
konsti f059c6e6a6
Support editable in pip-sync and pip-compile (#587) 
Support `-e path/do/dir` in pip-sync and and pip-compile.
 2023-12-16 22:37:34 +00:00
Charlie Marsh f62458f600
Add explicit error message for URLs without package names (#669) 
`pip` supports installing packages without names (e.g.,
`git+https://github.com/pallets/flask.git`), but it doesn't adhere to
the PEP grammar, and we don't yet support it (and may never) (#313).

This PR adds a dedicated error path for such cases, to ensure that we
can give meaningful feedback to the user:

```
error: Couldn't parse requirement in requirements.in position 0 to 18
  Caused by: URL requirement is missing a package name; expected: `package_name @ https://google.com`
https://google.com
^^^^^^^^^^^^^^^^^^
```

Closes https://github.com/astral-sh/puffin/issues/650.
 2023-12-16 21:14:34 +00:00
konsti 71964ec7a8
Switch to msgpack in the cached client (#662) 
This gives a 1.23 speedup on transformers-extras. We could change to
msgpack for the entire cache if we want. I only tried this format and
postcard so far, where postcard was much slower (like 1.6s).

I don't actually want to merge it like this, i wanted to figure out the
ballpark of improvement for switching away from json.

```
hyperfine --warmup 3 --runs 10 "target/profiling/puffin pip-compile --cache-dir cache-msgpack scripts/requirements/transformers-extras.in" "target/profiling/branch pip-compile scripts/requirements/transformers-extras.in"
Benchmark 1: target/profiling/puffin pip-compile --cache-dir cache-msgpack scripts/requirements/transformers-extras.in
  Time (mean ± σ):     179.1 ms ±   4.8 ms    [User: 157.5 ms, System: 48.1 ms]
  Range (min … max):   174.9 ms … 188.1 ms    10 runs

Benchmark 2: target/profiling/branch pip-compile scripts/requirements/transformers-extras.in
  Time (mean ± σ):     221.1 ms ±   6.7 ms    [User: 208.1 ms, System: 46.5 ms]
  Range (min … max):   213.5 ms … 235.5 ms    10 runs

Summary
  target/profiling/puffin pip-compile --cache-dir cache-msgpack scripts/requirements/transformers-extras.in ran
    1.23 ± 0.05 times faster than target/profiling/branch pip-compile scripts/requirements/transformers-extras.in
```

Disadvantage: We can't manually look into the cache anymore to debug
things

- [ ] Check more formats, i currently only tested json, msgpack and
postcard, there should be other formats, too
- [x] Switch over `CachedByTimestamp` serialization (for the interpreter
caching)
- [x] Switch over error handling and make sure puffin is still resilient
to cache failure
 2023-12-16 21:01:35 +00:00
Charlie Marsh e4673a0c52
Modify PEP 508 cursor to use byte offsets (#668) 
This enables us to remove a number of allocations (in particular,
`peek_while` and `take_while` no longer allocate). It also makes it
trivial to move the cursor to a new location, since you can just slice
and call `.chars()`. At present, moving to a new location would require
converting the iterator to a string, then back to a character iterator.
 2023-12-15 22:05:28 +00:00
Charlie Marsh 875c9a635e
Rename `CharIter` to `Cursor` (#667) 
This better aligns with the analogous struct that we have in Ruff.
 2023-12-15 21:57:59 +00:00
konsti 620f73b38b
Speed up version parsing for a 1.27±0.03 speedup in transformers-extras with conservative changes (#660) 
Two low-hanging fruits as optimizations for version parsing: A fast path
for release only versions and removing the regex from version specifiers
(still calling into version's parsing regex if required). This enables
optimizing the serde format since we now see the serde part instead of
only PEP 440 parsing. I intentionally didn't rewrite the full PEP 440 at
this step.

```console
$ hyperfine --warmup 5 --runs 50 "target/profiling/puffin pip-compile scripts/requirements/transformers-extras.in" "target/profiling/main pip-compile scripts/requirements/transformers-extras.in"
  Benchmark 1: target/profiling/puffin pip-compile scripts/requirements/transformers-extras.in
    Time (mean ± σ):     217.1 ms ±   3.2 ms    [User: 194.0 ms, System: 55.1 ms]
    Range (min … max):   211.0 ms … 228.1 ms    50 runs

  Benchmark 2: target/profiling/main pip-compile scripts/requirements/transformers-extras.in
    Time (mean ± σ):     276.7 ms ±   5.7 ms    [User: 252.4 ms, System: 54.6 ms]
    Range (min … max):   268.9 ms … 303.5 ms    50 runs

  Summary
    target/profiling/puffin pip-compile scripts/requirements/transformers-extras.in ran
      1.27 ± 0.03 times faster than target/profiling/main pip-compile scripts/requirements/transformers-extras.in
```

---------

Co-authored-by: Andrew Gallant <andrew@astral.sh>
 2023-12-15 14:03:35 -05:00
Charlie Marsh 305b9b080a
Show resolution error once on pip-install failure (#665) 
Closes https://github.com/astral-sh/puffin/issues/664.
 2023-12-15 18:43:23 +00:00
Charlie Marsh 47290f784e
Add fixup for invalid double quotes (#663) 
Closes https://github.com/astral-sh/puffin/issues/658.
 2023-12-15 18:11:22 +00:00
Charlie Marsh 9470c20e7a
Avoid double resolution during source builds (#656) 
## Summary

This PR ensures that we re-use the resolution to install the build
dependencies when building a source distribution. Currently, we only
pass along the list of requirements, and then use the `Finder` to map
each requirement to a distribution. But we already determine the correct
distribution when resolving!

Closes https://github.com/astral-sh/puffin/issues/655.
 2023-12-15 17:27:16 +00:00
Charlie Marsh 1129661a22
Ignore missing manifest entries in the built wheel cache (#654) 
## Summary

This is more of a hypothetical problem, but the cache manifest could in
theory get out-of-sync with the contents on disk. This PR modifies the
`BuiltWheelMetadata` lookup to warn (but not fail) if the manifest
includes a wheel that no longer exists on disk. You can mimic this by
removing a wheel from the `built-wheels-v0` cache without modifying the
manifest correspondingly.
 2023-12-15 17:24:09 +00:00
Charlie Marsh 84093773ef
Store source distribution sources in the cache (#653) 
## Summary

This PR modifies `source_dist.rs` to store source distributions (from
remote URLs) in the cache. The cache structure for registries now looks
like:

<img width="1053" alt="Screen Shot 2023-12-14 at 10 43 43 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/3c2dbf6b-5926-41f2-b69b-74031741aba8">

(I will update the docs prior to merging, if approved.)

The benefit here is that we can reuse the source distribution (avoid
download + unzipping it) if we need to build multiple wheels. In the
future, it will be even more relevant, since we'll need to reuse the
source distribution to support
https://github.com/astral-sh/puffin/issues/599.

I also included some misc. refactors to DRY up repeated operations and
add some more abstraction to `source_dist.rs`.
 2023-12-15 17:19:33 +00:00
Charlie Marsh a361ccfbb3
Remove additional metadata call in `source_dist.rs` (#652) 2023-12-14 19:45:31 +00:00
Charlie Marsh 22c7057b35
Expand environment variables in URLs (#640) 
## Summary

This PR enables users to express relative dependencies via environment
variables. Like pip, PDM, Hatch, Rye, and others, we now allow users to
express dependencies like:

```text
flask @ file://${PROJECT_ROOT}/flask-3.0.0-py3-none-any.whl
```

In the compiled requirements file, we'll also preserve the unexpanded
environment variable.

Closes https://github.com/astral-sh/puffin/issues/592.
 2023-12-14 15:09:12 +00:00
Charlie Marsh ed8dfbfcf7
Preserve verbatim URLs (#639) 
## Summary

This PR adds a `VerbatimUrl` struct to preserve verbatim URLs throughout
the resolution and installation pipeline. In short, alongside the parsed
`Url`, we also keep the URL as written by the user. This enables us to
display the URL exactly as written by the user, rather than the
serialized path that we use internally.

This will be especially useful once we start expanding environment
variables since, at that point, we'll be able to write the version of
the URL that includes the _unexpected_ environment variable to the
output file.
 2023-12-14 15:03:39 +00:00
Charlie Marsh eef9612719
Allow reporters to take `dyn Metadata` (#645) 2023-12-14 12:36:28 +01:00
Charlie Marsh 1a62ca0c62
Move source dist extraction into extract crate (#649) 2023-12-14 05:56:49 +00:00
Charlie Marsh 402b728bf7
Use `fs_err` with `AutoStream` (#648) 2023-12-14 04:56:55 +00:00
Charlie Marsh db7e2dedbb
Move archive extraction into its own crate (#647) 
We have some shared utilities beyond `puffin-build` and
`puffin-distribution`, and further, I want to be able to access the
sdist archive extraction logic from `puffin-distribution`. This is
really generic, so moving into its own crate.
 2023-12-14 04:49:09 +00:00
Charlie Marsh 388641643d
Remove `SourceDistDownload` struct (#646) 
This is created in one place, then immediately destructed into fields.
 2023-12-14 02:34:50 +00:00
Charlie Marsh e0127581b6
Use `fs_err` in more places (#644) 2023-12-14 01:11:45 +00:00
Charlie Marsh 4fd69c74b6
Use URL rather than String in direct URL types (#643) 2023-12-14 01:01:27 +00:00
Charlie Marsh 8071a23863
Add dedicated ID types to avoid opaque strings (#642) 
This allows us to enforce type safety within the resolver. For example,
in the index, we can remove `String` as a key type and enforce that
callers _must_ present us with a `PackageId`. (This actually caught one
bug, where we were using the SHA rather than the package ID. That bug
shouldn't have had any effect given where it was, since those are 1:1,
but it's still problematic.)
 2023-12-14 00:53:33 +00:00
Charlie Marsh 3549d9638e
Inline all snapshot files (#641) 
Right now, we're inconsistent between checking in and inlining these.
The outputs are small in Puffin, so let's just inline them in all cases.
 2023-12-14 00:35:38 +00:00
Charlie Marsh 2da6563a64
Use `Manifest::simple` in tests (#638) 2023-12-13 17:41:29 +00:00
Charlie Marsh eb1a630db2
Avoid hard-error for non-existent extras (#627) 
## Summary

When resolving `transformers[tensorboard]`, the `[tensorboard]` extra
doesn't exist. Previously, we returned "unknown" dependencies for this
variant, which leads the resolution to try all versions, then fail. This
PR instead warns, but returns the base dependencies for the package,
which matches `pip`. (Poetry doesn't even warn, it just proceeds as
normal.)

Arguably, it would be better to return a custom incompatibility here and
then propagate... But this PR is better than the status quo, and I don't
know if we have support for that behavior yet...? (\cc @zanieb)

Closes #386.

Closes https://github.com/astral-sh/puffin/issues/423.
 2023-12-13 17:36:27 +00:00
konsti 5c38825b93
Don't preserve tar mtime to work around tar-rs bug. (#634) 
Don't preserve mtime to work around
https://github.com/alexcrichton/tar-rs/issues/349 to fix #579.
 2023-12-13 15:11:02 +00:00
Charlie Marsh 69581c03c3
Enable package overrides in `pip-compile` (#631) 
## Summary

This PR enables overrides to be passed to `pip-compile` and
`pip-install` via a new `--overrides` flag.

When overrides are provided, we effectively replace any requirements
that are overridden with the overridden versions. This is applied at all
depths of the tree.

The merge semantics are such that we replace _all_ requirements of a
package with _all_ requirements from the overrides files. So, for
example, if a package declares:

```
foo >= 1.0; python_version < '3.11'
foo < 1.0; python_version >= '3.11'
```

And the user provides an override like:
```
foo >= 2.0
```

Then _both_ of the `foo` requirements in the package will be replaced
with the override.

If instead, the user provided an override like:
```
foo >= 2.0; python_version < '3.11'
foo < 3.0; python_version >= '3.11'
```

Then we'd replace _both_ of the original `foo` requirements with both of
these overrides. (In technical terms, for each package in the
requirements file, we flat-map over its overrides.)

Closes https://github.com/astral-sh/puffin/issues/511.
 2023-12-13 15:03:38 +00:00
konsti e51b397779
Typo: editable -> editables (#637) 
Split out to minimize the diff in #587
 2023-12-13 13:24:28 +00:00
konsti 0b20f6a25a
Proper unzip error type (#636) 
Move the `Unzip` trait from anyhow to `ZipError|io::Error`.
 2023-12-13 12:55:59 +00:00
konsti 0dde84dd27
Fix main (#635) 
Seems to be a PR timing error
 2023-12-13 13:55:06 +01:00
Charlie Marsh ea920e22d1
Validate environment after `pip-sync` (#629) 
Not 100% sure that we actually want to do this, it seems reasonable
though.

Closes https://github.com/astral-sh/puffin/issues/410.
 2023-12-13 09:13:43 +01:00
Charlie Marsh cbfd39093e
Clean up some function signatures (#633) 2023-12-13 06:21:47 +00:00
Charlie Marsh 920e10fc8f
Use `FxHash` consistently (#632) 2023-12-13 05:36:03 +00:00
Charlie Marsh edd741bf13
Add a diagnostic to detect invalid Python versions (#630) 
Related to: https://github.com/astral-sh/puffin/issues/410.
 2023-12-13 03:45:02 +00:00
Charlie Marsh a24eb57e93
Make warnings user-facing (#628) 
## Summary

Now, `puffin_warnings::warn_once` and `puffin_warnings::warn` will go to
`stderr`, as long as the user isn't running under `--quiet`. Previously,
these went through `tracing`, and so were only visible when running
under `--verbose`.
 2023-12-12 21:24:38 -05:00
Zanie Blue 490fb55ac5
Use available versions to simplify unsat error reports (#547) 
Uses https://github.com/pubgrub-rs/pubgrub/pull/156 to consolidate
version ranges in error reports using the actual available versions for
each package.

Alternative to https://github.com/zanieb/pubgrub/pull/8 which implements
this behavior as a method in the `Reporter` — here it's implemented in
our custom report formatter (#521) instead which requires no upstream
changes.

Requires https://github.com/zanieb/pubgrub/pull/11 to only retrieve the
versions for packages that will be used in the report.

This is a work in progress. Some things to do:
- ~We may want to allow lazy retrieval of the version maps from the
formatter~
- [x] We should probably create a separate error type for no solution
instead of mixing them with other resolve errors
- ~We can probably do something smarter than creating vectors to hold
the versions~
- [x] This degrades error messages when a single version is not
available, we'll need to special case that
- [x] It seems safer to coerce the error type in `resolve` instead of
`solve` if feasible
 2023-12-12 23:25:16 +00:00
Charlie Marsh a8512d7d51
Remove one string clone (#626) 2023-12-12 20:56:15 +00:00
konsti a24a681db9
Towards using `prepare_metadata_for_build_wheel` in the resolver (#616) 
Make `prepare_metadata_for_build_wheel` accessible across the puffin
codebase by splitting the built call into a setup, a metadata and a
wheel call. This does not actually use the hook yet, but it's the
required refactoring for it.

Part of #599.
 2023-12-12 20:45:37 +00:00
Charlie Marsh 85c37b2b9c
Add extra to debug logging (#625) 2023-12-12 20:09:09 +00:00
Charlie Marsh f459e1ee50
Use a non-async `Mutex` in `OnceMap` (#624) 
I don't know why, but this seems to resolve
https://github.com/astral-sh/puffin/issues/619. The Tokio docs also say
that using Tokio's Mutex is _not_ recommended unless you need to hold
the Mutex across an `.await`, which we don't.

Since this is a non-deterministic failure, I just ran it a bunch of
times and ensured it didn't hang (whereas it did hang occasionally prior
to this PR).

Closes https://github.com/astral-sh/puffin/issues/619
 2023-12-12 14:59:45 -05:00
Charlie Marsh 4fb2e0955e
Add a fast-path to skip resolution when installation is complete (#613) 
For a very large resolution (a few hundred packages), I see 13ms vs.
400ms for a no-op. It's worth optimizing this case, in my opinion.
 2023-12-12 17:43:12 +00:00
Charlie Marsh 3aaab32a9d
Omit extra in resolver progress (#623) 
Closes #621.
 2023-12-12 12:41:18 -05:00
Charlie Marsh 6c7f5cb846
Validate installed packages in virtual environment (#611) 
## Summary

Now, after running `pip-install`, we validate that the set of installed
packages is consistent -- that is, that we don't have any packages that
are missing dependencies, or incompatible versions of installed
dependencies.
 2023-12-12 17:33:38 +00:00
Charlie Marsh c764155988
Avoid double-resolving during `pip-install` (#610) 
## Summary

At present, when performing a `pip-install`, we first do a resolution,
then take the set of requirements and basically run them through our
`pip-sync`, which itself includes re-resolving the dependencies to get a
specific `Dist` for each package. (E.g., the set of requirements might
say `flask==3.0.0`, but the installer needs a specific _wheel_ or source
distribution to install.)

This PR removes this second resolution by exposing the set of pinned
packages from the resolution. The main challenge here is that we have an
optimization in the resolver such that we let the resolver read metadata
from an incompatible wheel as long as a source distribution exists for a
given package. This lets us avoid building source distributions in the
resolver under the assumption that we'll be able to install the package
later on, if needed. As such, the resolver now needs to track the
resolution and installation filenames separately.
 2023-12-12 17:29:09 +00:00
Charlie Marsh a0b3815d84
Respect existing versions when pip-installing (#608) 
## Summary

When running `puffin pip-install`, we should respect versions that are
already installed in the environment. For example, if you run `puffin
pip-install flask==2.0.0` and then `puffin pip-install flask`, we should
avoid upgrading Flask. The most natural way to model this is to mark
them as "preferences".

(It's not enough to just filter those requirements out prior to
resolving, since we may not have the _dependencies_ of those packages
installed. We _could_ recursively verify this across the
`site-packages`, but that would be a larger PR.)
 2023-12-12 17:22:47 +00:00
Charlie Marsh 974cb4cc15
Add a `pip-install` subcommand (#607) 
## Summary

This PR adds a `pip-install` command that operates like, well, `pip
install`. In short, it resolves the provided dependency, then makes sure
they're all installed in the environment. The primary differences with
`pip-sync` are that (1) `pip-sync` ignores dependencies, and assumes
that the packages represent a complete set; and (2) `pip-sync`
uninstalls any unlisted packages.

There are a bunch of TODOs that I'll resolve in subsequent PRs.

Closes https://github.com/astral-sh/puffin/issues/129.
 2023-12-12 12:16:00 -05:00
Charlie Marsh 3e837da5b8
Avoid unicode decoding in name normalization (#617) 2023-12-12 10:01:02 -05:00
konsti 5ae4023cda
Activate venv before source dist build (#567) 
Fixes #552
 2023-12-12 15:46:37 +01:00
konsti 7c1dd71f66
Implement editable installs in dev command (#566) 
First step, sufficient to run
```shell
cargo run --bin puffin-dev -- build --editable -w target/editables/ scripts/editable-installs/poetry_editable/
```
and check the wheel to confirm its working. Tests will be added with the
pip-sync integration.
 2023-12-12 15:45:55 +01:00
Charlie Marsh c25d5240f1
Remove regular expressions for package name normalization (#614) 
Very random but the hand-written version is about 3-4x faster
(benchmarked in a standalone repo).
 2023-12-12 05:50:48 +00:00
Charlie Marsh edcb71b1be
Remove some unused fields from `SimpleJson` (#612) 2023-12-11 23:01:37 -05:00
Charlie Marsh 1181288078
Download, build, and install in a single pipeline phase (#605) 
## Summary

At present, we have two separate phases within the installation pipeline
related to populating wheels into the cache. The first phase downloads
the distribution, and then builds any source distributions into wheels;
the second phase unzips all the built wheels into the cache.

This PR merges those two phases into one, such that we seamlessly
download, build, and unzip wheels in one pass. This is more efficient,
since we can start unzipping while we build. It also ensures that if the
install _fails_ partway through, we don't end up with a bunch of
downloaded wheels that we never had a chance to unzip. The code is also
much simpler.

The main downside is that the user-facing feedback isn't as granular,
since we only have one phase and one progress bar for what was
originally three distinct phases.

Closes https://github.com/astral-sh/puffin/issues/571.

## Test Plan

I ran the benchmark script on two separate requirements files, and saw a
7% and 31% speedup respectively:

```text
+ TARGET=./scripts/benchmarks/requirements.txt
+ hyperfine --runs 100 --warmup 10 --prepare 'virtualenv --clear .venv' './target/release/main pip-sync ./scripts/benchmarks/requirements.txt --no-cache' --prepare 'virtualenv --clear .venv' './target/release/puffin pip-sync ./scripts/benchmarks/requirements.txt --no-cache'
Benchmark 1: ./target/release/main pip-sync ./scripts/benchmarks/requirements.txt --no-cache
  Time (mean ± σ):     269.4 ms ±  33.0 ms    [User: 42.4 ms, System: 117.5 ms]
  Range (min … max):   221.7 ms … 446.7 ms    100 runs

Benchmark 2: ./target/release/puffin pip-sync ./scripts/benchmarks/requirements.txt --no-cache
  Time (mean ± σ):     250.6 ms ±  28.3 ms    [User: 41.5 ms, System: 127.4 ms]
  Range (min … max):   207.6 ms … 336.4 ms    100 runs

Summary
  './target/release/puffin pip-sync ./scripts/benchmarks/requirements.txt --no-cache' ran
    1.07 ± 0.18 times faster than './target/release/main pip-sync ./scripts/benchmarks/requirements.txt --no-cache'
```

```text
+ TARGET=./scripts/benchmarks/requirements-large.txt
+ hyperfine --runs 100 --warmup 10 --prepare 'virtualenv --clear .venv' './target/release/main pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache' --prepare 'virtualenv --clear .venv' './target/release/puffin pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache'
Benchmark 1: ./target/release/main pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache
  Time (mean ± σ):      5.053 s ±  0.354 s    [User: 1.413 s, System: 6.710 s]
  Range (min … max):    4.584 s …  6.333 s    100 runs

Benchmark 2: ./target/release/puffin pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache
  Time (mean ± σ):      3.845 s ±  0.225 s    [User: 1.364 s, System: 6.970 s]
  Range (min … max):    3.482 s …  4.715 s    100 runs

Summary
  './target/release/puffin pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache' ran
```
 2023-12-11 15:42:29 +00:00
konsti b84fbb86b2
Impl Version debug as display (#606) 
Currently, `dbg!` is hard to read because versions are verbose, showing
all optional fields, and we have a lot of versions. Changing debug
formatting to displaying the version number (which can be losslessly
converted to the struct and back) makes this more readable.

See e.g.
https://gist.github.com/konstin/38c0f32b109dffa73b3aa0ab86b9662b

**Before**

```text
version: Version {
    epoch: 0,
    release: [
        1,
        2,
        3,
    ],
    pre: None,
    post: None,
    dev: None,
    local: None,
},
```

**After**

```text
version: "1.2.3",
```
 2023-12-11 16:38:14 +01:00
Charlie Marsh 00f1703111
Avoid storing partial wheels in the cache (#604) 
Closes https://github.com/astral-sh/puffin/issues/603.
 2023-12-09 19:11:30 -05:00
Charlie Marsh 32f54a5947
Use async `Command` for wheel build operations (#601) 
Incredibly, this speeds up the install on a large project from 2m6s to
50s.
 2023-12-09 16:20:52 +00:00
Charlie Marsh f1c05dcd66
Buffer streamed file writes (#602) 2023-12-09 16:20:31 +00:00
Charlie Marsh 0499fe0613
Fix incorrect unknown size marker in traces (#600) 
It said `(unknown size)` for _all_ disk-based wheels.
 2023-12-09 04:46:01 +00:00
Charlie Marsh 24d81912cf
Use consistent change event order (#598) 
Closes #591.
 2023-12-09 04:12:40 +00:00
Charlie Marsh 714a64549b
Use a progress bar for the build phase (#597) 
I think this might've been an oversight when copying over the build
reporting during the source distribution refactor.
 2023-12-09 04:05:13 +00:00
Charlie Marsh 5878f8dde7
Misc. tweaks to puffin-lib's `lib.rs` (#596) 2023-12-09 03:37:47 +00:00
Charlie Marsh 600c5d072f
Avoid walrus operator in PEP 517 scripts (#595) 
I believe this unnecessarily puts a Python 3.7+ requirement on these
scripts.
 2023-12-09 01:25:22 +00:00
Charlie Marsh a24534b0ce
Use `rustc-hash` instead of `fxhash` crate (#594) 
`fxhash` is the old, less maintained version of this crate
(`rustc-hash`). We use the latter in Ruff.
 2023-12-08 20:27:49 +00:00
konsti 6005d7a552
Keep track of in flight unzips using `OnceMap` (#544) 
I saw warnings when we were e.g. unzipping wheel and setuptools in two
tasks at the same time. We now keep track of in flight unzips.

This introduces a `OnceMap` abstraction which we also use in the
resolver.
 2023-12-08 20:18:11 +00:00
Charlie Marsh ffb8480087
Add `--reinstall` flag to `pip-sync` (#590) 
## Summary

This PR adds two flags to `pip-sync`: `--reinstall`, and
`--reinstall-package [PACKAGE]`. The former reinstalls all packages in
the requirements, while the latter can be repeated and reinstalls all
specified packages.

For our purposes, a reinstall includes (1) purging the cache, and (2)
marking any already-installed versions as extraneous.

Closes #572.

Closes https://github.com/astral-sh/puffin/issues/271.
 2023-12-08 19:58:42 +00:00
Charlie Marsh 4b8642c6f7
Enable selective cache purging in `puffin clean` (#589) 
## Summary

This PR enables `puffin clean` to accept package names as command line
arguments, and selectively purge entries from the cache tied to the
given package.

Relate to #572.

## Test Plan

Modified all the caching tests to run an additional step to (1) purge
the cache, and (2) re-install the package.
 2023-12-08 19:51:32 +00:00
Charlie Marsh cbe1cb4229
Avoid race when unpacking wheels (#593) 
## Summary

If someone else beats us to the unzip, we should let them win.

We already have a check for this at the top of the unzip method, but
it's also possible that two source distributions get built in parallel
that both try to unpack the same build dependency.
 2023-12-08 17:46:19 +00:00
Charlie Marsh 5ae3a8b1cb
Restructure Git cache to include package name (#588) 
## Summary

This PR modifies the Git wheel cache to: (1) use a shorter version of
the SHA, to save space; and (2) include the package name, for
consistency with all other buckets.

I considered removing the URL hash entirely, and _just_ using the SHA,
which would be even _more_ consistent with other buckets. But if we
remove the URL, then we won't have separate directories for
subdirectories (which are part of the URL).

Before:

<img width="1035" alt="Screen Shot 2023-12-07 at 7 23 42 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/86afce67-682f-464f-9ba1-0b60d5b7f19f">

After:

<img width="1232" alt="Screen Shot 2023-12-07 at 8 09 23 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/eda42a19-974f-47fe-8c83-54a602ddfd2d">
 2023-12-07 20:17:41 -05:00
Zanie Blue ef7be9103c
Parse `SimpleJson` into categorized data in the client (#522) 
Extends #517 with a suggestion from @konstin to parse the `SimpleJson`
into an intermediate type `SimpleMetadata(BTreeMap<Version,
VersionFiles>)` before converting to a `VersionMap`. This reduces the
number of times we need to parse the response. Additionally, we cache
the parsed response now instead of `SimpleJson`.

`VersionFiles` stores two vectors with
`WheelFilename`/`SourceDistFilename` and `File` tuples. These can be
iterated over together or separately. A new enum `DistFilename` was
added to capture the `SourceDistFilename` and `WheelFilename` variants
allowing iteration over both vectors.
 2023-12-07 11:04:47 -06:00
Charlie Marsh 5d3ce963b2
Raise an error when `pip-sync` manifest contains duplicates (#584) 
Also ensures that we filter out any incompatible requirements when
building the install plan. In general, we assume that requirements were
generated by `pip-compile`, in which case all requirements should be
compatible and there should be no duplicates; but we should handle this
case gracefully.

Closes https://github.com/astral-sh/puffin/issues/582.
 2023-12-07 05:26:42 +00:00
Charlie Marsh a825b2db06
Shard the registry cache by package (#583) 
## Summary

This PR modifies the cache structure in a few ways. Most notably, we now
shard the set of registry wheels by package, and index them lazily when
computing the install plan.

This applies both to built wheels:

<img width="989" alt="Screen Shot 2023-12-06 at 4 42 19 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/0e8a306f-befd-4be9-a63e-2303389837bb">

And remote wheels:

<img width="836" alt="Screen Shot 2023-12-06 at 4 42 30 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/7fd908cd-dd86-475e-9779-07ed067b4a1a">

For other distributions, we now consistently cache using the package
name, which is really just for clarity and debuggability (we could
consider omitting these):

<img width="955" alt="Screen Shot 2023-12-06 at 4 58 30 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/3e8d0f99-df45-429a-9175-d57b54a72e56">

Obliquely closes https://github.com/astral-sh/puffin/issues/575.
 2023-12-07 05:02:46 +00:00
Charlie Marsh aa065f5c97
Modify install plan to support all distribution types (#581) 
This PR adds caching support for built wheels in the installer.
Specifically, the `RegistryWheelIndex` now indexes both downloaded and
built wheels (from registries), and we have a new `BuiltWheelIndex` that
takes a subdirectory and returns the "best-matching" compatible wheel.

Closes #570.
 2023-12-07 04:43:34 +00:00
Charlie Marsh edaeb9b0e8
Add tests for repeated installs with source distributions (#580) 
Adds a few more tests for re-installs with various kinds of source
distributions, and changes the tests to use packages that we can safely
import (via `check_command`) for extra validation.

Once we properly respect cached built wheels, we should expect these
snapshots to change, since we'll no longer download and re-build
unnecessarily.
 2023-12-06 20:02:32 +00:00
Zanie Blue 2bb04771ce
Allow switching out the resolver's IO (#517) 
I'm working off of @konstin's commit here to implement arbitrary unsat
test cases for the resolver.

The entirety of the resolver's io are two functions: Get the version map
for a package (PEP 440 version -> distribution) and get the metadata for
a distribution. A new trait `ResolverProvider` abstracts these two away and
allows replacing the real network requests e.g. with stored responses
(https://github.com/pradyunsg/pip-resolver-benchmarks/blob/main/scenarios/pyrax_198.json).

---------

Co-authored-by: konsti <konstin@mailbox.org>
 2023-12-06 11:53:16 -06:00
konsti 366c389385
Parse editable installs (#564) 
Parse `-e` for editable installs in `requirements.txt`.

Unlike all the other requirements, editable installs don't have the name
of the package specified.
 2023-12-06 18:21:15 +01:00
konsti 3f4d7b7826
Improve path source dist caching (#578) 
Path distribution cache reading errors are no longer fatal.

We now invalidate the path file source dists if its modification
timestamp changed, and invalidate path dir source dists if
`pyproject.toml` or alternatively `setup.py` changed, which seems good
choices since changing pyproject.toml should trigger a rebuild and the
user can `touch` the file as part of their workflow.

`CachedByTimestamp` is now a shared util. It doesn't have methods as i
don't think it's worth it yet for two users.

Closes #478

TODO(konstin): Write a test. This is probably twice as much work as that
fix itself, so i made that PR without one for now.
 2023-12-06 11:47:01 -05:00
konsti 1bf754556f
Add test for cache source dist installing (#545) 
The code changes are outdated, now it's only adding a test
 2023-12-06 11:37:55 +00:00
Charlie Marsh 218894375a
Avoid removing existing directories when unzipping and building (#577) 
Now that we don't store zipped and unzipped wheels at the same location,
we can avoid these safeguards that entail removing existing directories
when writing. This supersedes
https://github.com/astral-sh/puffin/pull/545.

Closes https://github.com/astral-sh/puffin/issues/554.
 2023-12-06 02:36:12 +00:00
Charlie Marsh 5fec63bff5
Add caching for path source distributions (#576) 
Follows the strategy that we use for other source distributions.

Closes https://github.com/astral-sh/puffin/issues/557.
 2023-12-06 01:33:52 +00:00
Charlie Marsh 5370484307
Remove `.whl` extension for cached, unzipped wheels (#574) 
## Summary

This PR uses the wheel stem (e.g., `foo-1.2.3-py3-none-any`) instead of
the wheel name (e.g., `foo-1.2.3-py3-none-any.whl`) when storing
unzipped wheels in the cache, which removes a class of confusing issues
around overwrites and directory-vs.-file collisions.

For now, we retain _both_ the zipped and unzipped wheels in the cache,
though we can easily change this by storing the zipped wheels in a
temporary directory.

Closes https://github.com/astral-sh/puffin/issues/573.

## Test Plan

Some examples from my local cache:

<img width="835" alt="Screen Shot 2023-12-05 at 4 09 55 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/784146aa-b080-416e-9767-40c843fe5d6a">
<img width="847" alt="Screen Shot 2023-12-05 at 4 12 14 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/4bc7f30f-bef3-47f1-b4e8-da9cabf87f28">
<img width="637" alt="Screen Shot 2023-12-05 at 4 09 50 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/25ca4944-4a06-4a08-ac85-c6f7d8b5c8ea">
 2023-12-05 22:41:22 +00:00
Charlie Marsh a15da36d74
Avoid removing local wheels when unzipping (#560) 
## Summary

When installing a local wheel, we need to avoid removing the zipped
wheel (since it lives outside of the cache), _and_ need to ensure that
we unzip the wheel into the cache (rather than replacing the zipped
wheel, which may even live outside of the project).

Closes https://github.com/astral-sh/puffin/issues/553.
 2023-12-05 17:50:08 +00:00
Charlie Marsh 6f055ecf3b
Remove existing built wheels when building source distributions (#559) 
This PR modifies the source distribution building to replace any
existing targets after building the new wheel. In some cases, the
existence of an existing target may be indicative of a bug, so we warn.
It's partially a workaround for some (but not all) of the errors in
https://github.com/astral-sh/puffin/issues/554.
 2023-12-05 12:45:24 -05:00
Charlie Marsh f99e3560e8
Avoid returning zipped wheels from registry and URL indexes (#558) 
## Summary

This is hard to reproduce, but if you run a long installation process
that errors part-way through, you can end up with zipped wheels in the
`Wheels` cache, which is intended to contain only unzipped wheels. This
PR avoids returning those entries from the registry, which will then
lead to errors downstream when we treat them as directories.
 2023-12-05 09:53:45 +01:00
Charlie Marsh 2d1e19e474
Allow yanked versions when specified via `==` (#561) 
## Summary

This enables users to rely on yanked versions via explicit `==` markers,
which is necessary in some projects (and, in my opinion, reasonable).

Closes #551.
 2023-12-05 09:44:06 +01:00
Charlie Marsh c3a917bbf6
Support granular target Python versions (#534) 
## Summary

Allows, e.g., `--python-version 3.7` or `--python-version 3.7.9`. This
was also feedback I received in the original PR.

Closes https://github.com/astral-sh/puffin/issues/533.
 2023-12-05 02:38:49 +00:00
Charlie Marsh 06ee321e9c
Use `u64` instead of `u32` in `Version` fields (#555) 
It turns out that it's not uncommon to use timestamps as patch versions
(e.g., `20230628214621`). I believe this is the ISO 8601 "basic format".
These can't be represented by a `u32`, so I think it makes sense to just
bump to `u64` to remove this limitation.
 2023-12-04 21:00:55 -05:00
Charlie Marsh af13c83177
Overwrite individual files when reflinking (#556) 
Similar to #516, but for individual files.

## Test Plan

Ran:

```sh
cargo run -p puffin-cli -- pip-uninstall plaid-python
mkdir -p /Users/crmarsh/workspace/puffin/.venv/lib/python3.10/site-packages/tests
echo "x=1" > /Users/crmarsh/workspace/puffin/.venv/lib/python3.10/site-packages/tests/__init__.py
cargo run -p puffin-cli -- pip-sync requirements.txt --no-cache --verbose
```
 2023-12-04 23:59:35 +00:00
Charlie Marsh 5fddcc362e
Improve error messages for 'file not found' case (#550) 
Right now, if you specify a wheel that doesn't exist, you get: `no such
file or directory` with no additional context. Oops!
 2023-12-04 22:01:51 +00:00
Charlie Marsh 4e05cd5dfd
Show build progress for path source distributions (#549) 2023-12-04 20:56:56 +00:00
konsti d5abd33813
Use atomic writes for the cache consistently (#546) 
Ensure we're using atomic writes everywhere in our cache to avoid broken
cache records and error with parallel puffin actions
(https://github.com/astral-sh/puffin/pull/544#issuecomment-1838841581).

All json files that are written to the cache are written atomically and
the build wheels are written to temp dir and then moved atomically. I
didn't touch venv creation though, i don't think that's worth it since
python does not support atomic package installation through its design.
 2023-12-04 12:02:01 -05:00
konsti e9c9e9718e
Use version in `RegistryIndex` (#543) 
When building up the `RegistryIndex`, index by both package name and
version to fix #537.
 2023-12-04 17:26:14 +01:00
Charlie Marsh 95b8316023
Preserve seed packages for non-Puffin-created virtualenvs (#535) 
## Summary

This PR modifies the install plan to avoid removing seed packages if the
virtual environment was created by anyone other than Puffin.

Closes https://github.com/astral-sh/puffin/issues/414.

## Test Plan

- Ran: `virtualenv .venv`.
- Ran: `cargo run -p puffin-cli -- pip-sync
scripts/benchmarks/requirements.txt --verbose --no-cache`.
- Verified that `pip` et al were not removed, and that the logging
including a message around preserving seed packages.
 2023-12-04 09:31:00 -05:00
konsti 77b3921b7a
Fix cargo warning (#542) 
It's odd that `dev-dependencies` don't default to `dependencies` for
workspace versions.
 2023-12-04 11:10:36 +00:00
Charlie Marsh 0ac4254a7e
Enforce target and interpreter `requires-python` versions (#532) 
## Summary

This PR modifies the behavior of our `--python-version` override in two
ways:

1. First, we always use the "real" interpreter in the source
distribution builder. I think this is correct. We don't need to use the
fake markers for recursive builds, because all we care about is the
top-level resolution, and we already assume that a single source
distribution will always return the same metadata regardless of its
build environment.
2. Second, we require that source distributions are compatible with
_both_ the "real" interpreter version and the marker environment. This
ensures that we don't try to build source distributions that are
compatible with our interpreter, but incompatible with the target
version.

Closes https://github.com/astral-sh/puffin/issues/407.
 2023-12-04 11:27:36 +01:00
Charlie Marsh d96c18b3a8
Respect `requires` for non-`build-backend` PEP 517 builds (#530) 
## Summary

This PR modifies `puffin-build` to be closer in behavior to
[pip](a15dd75d98/src/pip/_internal/pyproject.py (L53))
and
[build](de5b44b0c2/src/build/__init__.py (L94)).

Specifically, if a project contains a `[build-system]` field, but no
`build-backend`, we now perform a PEP 517 build (instead of using
`setup.py` directly) _and_ respect the `requires` of the
`[build-system]`. Without this change, we were failing to build source
distributions for packages like `ujson`.

Closes #527.

---------

Co-authored-by: konstin <konstin@mailbox.org>
 2023-12-04 10:13:42 +00:00
konsti 6dc8ebcb90
Test interpreter cache invalidation (#540) 
Add missing test for #529/#508.
 2023-12-04 10:03:43 +00:00
konsti 811c088603
Improve wheel cache docs: Unzipping is lazy (#539) 
Also sneaking `fs_err::rename(staging.into_path(), &normalized_path)?`
in here, for a better resolution of
https://github.com/astral-sh/puffin/pull/524#discussion_r1412459016
 2023-12-04 10:01:35 +00:00
Charlie Marsh ee009ace86
Remove target directory prior to unzipping (#538) 
## Summary

This is not a _fix_ for https://github.com/astral-sh/puffin/issues/537,
but it does ensure that we avoid hard-failing on what's really an
optimization and caching case.
 2023-12-04 05:18:45 +00:00
Charlie Marsh fc20d01593
Ignore empty `VIRTUAL_ENV` variables (#536) 
I'm not sure how my interpreter gets into this state, but it's certainly
wrong to respect these.
 2023-12-04 04:53:26 +00:00
Charlie Marsh 3b55d0b295
Deduplicate various `.dist-info/METADATA` read implementations (#531) 
Closes https://github.com/astral-sh/puffin/issues/484.
 2023-12-03 21:29:00 -05:00
Charlie Marsh fa3107b173
Use full Python version when determining compatibility (#528) 
## Summary

When resolving with Python 3.7.13, I was failing to find a matching
distribution that required Python 3.7.9 or later.
 2023-12-04 01:02:24 +00:00
Charlie Marsh 2613382747
Invalidate interpreter marker cache (#529) 
In a refactor, we lost the cache invalidation behavior for interpreter
markers, leading to stale interpreter errors for me when creating
environments with different Python versions. Specifically, the
modification timestamp used to be part of the _cache key_ when we used
`cacache`. Now it's not -- but it's stored within the cache. So we need
to validate the key after-the-fact.
 2023-12-03 22:44:43 +00:00
Charlie Marsh ee2fca3a48
Add CACHEDIR and .gitignore tags to cache directories (#526) 
## Summary

Even if this will typically be in the user's application folder (rather
than a local directory), it's still a good practice.

Closes https://github.com/astral-sh/puffin/issues/280.
 2023-12-02 00:37:51 +00:00
konsti 9806901a16
Consolidate wheel caches (#524) 
After this change, two wheel caches remain: `built-wheels-v0` and
`wheels-v0`, docs screenshots below. Each contains both the wheel
metadata, cache policy and zip or unzipped wheels under the same name.

The zipped/unzipped strategy is as follows: In `pip-compile`, when we
build a wheel, we store it zipped. When `pip-sync` or a source dist
build in `pip-compile` need to install the wheel, we unzip it, remove
the file and replace it with the unzipped wheel.

This removes `WheelCache` and `UrlIndex` in favor of `Cache` plus
`WheelCache`. The non-built wheel cache now considers index urls and the
url for url wheels.

I'm unsure if we need the `Unzipper` type, this could just be a
function.

I move `no_index` into `IndexUrls` and started using `IndexUrl` up to
the clap level.

I left a number of TODOs in the code, namely performing the actual
invalidation of unzipped wheels and making the `InstallPlan` understand
cache invalidation (i.e. uninstall wheels when their remote changed).


![image](https://github.com/astral-sh/puffin/assets/6826232/c4d45979-485b-4954-848d-fd3347ee2510)
 2023-12-01 20:16:33 +00:00
konsti 4551994b7d
Clear built wheels when remote changed (#519) 
Remove built wheels alongside their metadata when their index source
dist or url source dist changed. For git source dists, we currently
don't clear the previous build but use a new directory (not sure what's
right here - are there any generic cache GC approaches out there? I've
seen that e.g. spotify keeps its cache at 10GB max, but i also haven't
seen any reusable, well tested approaches for this). Path distributions
are unchanged (#478).

I like the structure of metadata alongside the wheel for cache
invalidation, i'll try to do that for `wheels-v0`/`wheel-metadata-v0`
too. (The unzipped wheels afaik currently lack cache invalidation when
the remote changed.) This should give is roughly the same structure for
wheel and built wheels and a very similar pattern of invalidation.
 2023-12-01 14:56:47 -05:00
Zanie Blue 2a8544df9e
Use a custom pubgrub report formatter (#521) 
Uses https://github.com/zanieb/pubgrub/pull/10 to drastically simplify
our reporter implementation. This will allow us to make use of upstream
improvements to the reporter e.g.
https://github.com/zanieb/pubgrub/pull/8 without multiple duplicative
pull requests.
 2023-12-01 13:36:12 -06:00
Zanie Blue 5f1f207628
Recursively merge existing package directories on installation (#516) 
Previously, when installing a package we would delete the target
directory before copying (or linking) the contents of the package.
However, this means that we do not properly support namespace packages
which can share a target directory. Instead the last package to be
installed would be override existing packages. Since we install packages
in parallel, this could result in a race condition where the target
directory already exists which is not allowed when using `clonefile`.
See example error in #515.
c7e63d2dce
provides a regression test for this — it fails on `main`.

Here, we implement a recursive merge when the target directory already
exists. Both packages will be installed into the same directory. We no
longer delete the target directory, which seems okay since we uninstall
packages before installing now.

When files conflict, we will likely throw an error still. The correct
behavior to implement in this case is unclear, as if we just take "first
write wins" or "last write wins" we could end up with some files from
one package and some from another resulting in two broken packages. A
possible solution here is to lock the target directories while copying.
 2023-11-30 10:14:51 -06:00
konsti 6841c06e2d
Show error paths in install-wheel-rs (#514) 
Ensure that we consistently show a path for all io errors in
install-wheel-rs either (preferred) through `fs_err`, or as fallback by
a custom error type. For zip reading errors, we rely on the caller to
add the name and/or location of the wheel.
 2023-11-29 20:14:34 +01:00
konsti 2539f00952
Better tracing span (#513) 
This will help us get better insight into what is happening and how long
it takes. I'm particularly interested in how long the different source
dist steps take (download, extract, build step(s)), to make better
decisions about their caching, which i want to report through tracing.

Example output:

```console
$ RUST_LOG=puffin=info cargo run --bin puffin -q -- pip-compile -v --no-cache scripts/requirements/all-kinds.in > /dev/null
  puffin_distribution::source_dist::download_source_dist filename="werkzeug-3.0.1.tar.gz", source_dist=werkzeug @ ff1904eb5e2853bf83db817a7dd53d/werkzeug-3.0.1.tar.gz
  puffin_dispatch::build_source source_dist="werkzeug @ ff1904eb5e2853bf83db817a7dd53d/werkzeug-3.0.1.tar.gz", subdirectory=None
    puffin_build::extract_archive sdist="werkzeug-3.0.1.tar.gz"
    puffin_dispatch::resolve requirements="flit-core <4"
    puffin_dispatch::install requirements="flit-core ==3.9.0", venv="/tmp/.tmpgZAEAh/.venv"
    puffin_build::get_requires_for_build_wheel name="build_wheel", python_version=3.12
    puffin_build::build package_id="werkzeug @ ff1904eb5e2853bf83db817a7dd53d/werkzeug-3.0.1.tar.gz"
      puffin_build::run_python_script name="build_wheel", python_version=3.12
  puffin_dispatch::build_source source_dist="pydantic-extra-types @ git+https://github.com/pydantic/pydantic-extra-types.git@843b753e9e8cb74e83cac55598719b39a4d5ef1f", subdirectory=None
    puffin_dispatch::resolve requirements="hatchling"
    puffin_dispatch::install requirements="hatchling ==1.18.0, trove-classifiers ==2023.11.22, editables ==0.5, pathspec ==0.11.2, pluggy ==1.3.0, packaging ==23.2", venv="/tmp/.tmpJjweUn/.venv"
    puffin_build::get_requires_for_build_wheel name="build_wheel", python_version=3.12
    puffin_build::build package_id="pydantic-extra-types @ git+https://github.com/pydantic/pydantic-extra-types.git@843b753e9e8cb74e83cac55598719b39a4d5ef1f"
      puffin_build::run_python_script name="build_wheel", python_version=3.12
  puffin_distribution::source_dist::download_source_dist filename="django-allauth-0.51.0.tar.gz", source_dist=django-allauth==0.51.0
  puffin_dispatch::build_source source_dist="django-allauth==0.51.0", subdirectory=None
    puffin_build::extract_archive sdist="django-allauth-0.51.0.tar.gz"
    puffin_dispatch::resolve requirements="wheel, setuptools, pip"
    puffin_dispatch::install requirements="setuptools ==69.0.2, pip ==23.3.1, wheel ==0.42.0", venv="/tmp/.tmplSZisu/.venv"
    puffin_build::build package_id="django-allauth==0.51.0"
 Resolved 35 packages in 11.71s
```
 2023-11-29 10:34:18 +00:00
konsti 929df586fb
Skip tf-models-nightly in resolve-many dev script for now (#510) 
`tf-models-nightly` has pathologic backtracking behaviour, skip it for
now so we can benchmark the rest.
 2023-11-28 18:25:32 +00:00
konsti d89fbeb642
Migrate interpreter query to custom caching (#508) 
This removes the last usage of cacache by replacing it with a custom,
flat json caching keyed by the digest of the executable path.


![image](https://github.com/astral-sh/puffin/assets/6826232/8f777c4c-1f1b-4656-ba7b-002175270556)

A step towards #478. I've made `CachedByTimestamp<T>` generic over `T`
but intentionally not moved it to `puffin-cache` yet.
 2023-11-28 17:14:59 +00:00
konsti 5435d44756
Introduce `Cache`, `CacheBucket` and `CacheEntry` (#507) 
This is mostly a mechanical refactor that moves 80% of our code to the
same cache abstraction.

It introduces cache `Cache`, which abstracts away the path of the cache
and the temp dir drop and is passed throughout the codebase. To get a
specific cache bucket, you need to requests your `CacheBucket` from
`Cache`. `CacheBucket` is the centralizes the names of all cache
buckets, moving them away from the string constants spread throughout
the crates.

Specifically for working with the `CachedClient`, there is a
`CacheEntry`. I'm not sure yet if that is a strict improvement over
`cache_dir: PathBuf, cache_file: String`, i may have to rotate that
later.

The interpreter cache moved into `interpreter-v0`.

We can use the `CacheBucket` page to document the cache structure in
each bucket:


![image](https://github.com/astral-sh/puffin/assets/6826232/b023fdfb-e34d-4c2d-8663-b5f73937a539)
 2023-11-28 17:11:14 +00:00
Charlie Marsh 3d47d2b1da
Error when `ldd` is not in path (#506) 
Closes https://github.com/astral-sh/puffin/issues/493.
 2023-11-28 05:55:04 +00:00
konsti 8855f44b5f
Move simple index queries to `CachedClient` (#504) 
Replaces the usage of `http-cache-reqwest` for simple index queries with
our custom cached client, removing `http-cache-reqwest` altogether.

The new cache paths are `<cache>/simple-v0/<index>/<package_name>.json`.
I could not test with a non-pypi index since i'm not aware of any other
json indices (jax and torch are both html indices).

In a future step, we can transform the response to be a
`HashMap<Version, {source_dists: Vec<(SourceDistFilename, File)>,
wheels: Vec<(WheeFilename, File)>}` (independent of python version, this
cache is used by all environments together). This should speed up cache
deserialization a bit, since we don't need to try source dist and wheel
anymore and drop incompatible dists, and it should make building the
`VersionMap` simpler. We can speed this up even further by splitting
into a version lists and the info for each version. I'm mentioning this
because deserialization was a major bottleneck in the rust part of the
old python prototype.

Fixes #481
 2023-11-28 00:11:03 +00:00
konsti 1142a14f4d
Check compatibility for cached unzipped wheels (#501) 
**Motivation** Previously, we would install any wheel with the correct
package name and version from the cache, even if it doesn't match the
current python interpreter.

**Summary** The unzipped wheel cache for registries now uses the entire
wheel filename over the name-version (`editables-0.5-py3-none-any.whl`
over `editables-0.5`).

Built wheels are not stored in the `wheels-v0` unzipped wheels cache
anymore. For each source distribution, there can be multiple built
wheels (with different compatibility tags), so i argue that we need a
different cache structure for them (follow up PR).

For `all-kinds.in` with

```bash
rm -rf cache-all-kinds
virtualenv --clear -p 3.12 .venv
cargo run --bin puffin -- pip-sync --cache-dir cache-all-kinds target/all-kinds.txt
```

we get:

**Before**
```
cache-all-kinds/wheels-v0/
├── registry
│   ├── annotated_types-0.6.0
│   ├── asgiref-3.7.2
│   ├── blinker-1.7.0
│   ├── certifi-2023.11.17
│   ├── cffi-1.16.0
│   ├── [...]
│   ├── tzdata-2023.3
│   ├── urllib3-2.1.0
│   └── wheel-0.42.0
└── url
    ├── 4b8be67c801a7ecb
    │   ├── flask
    │   └── flask-3.0.0.dist-info
    ├── 6781bd6440ae72c2
    │   ├── werkzeug
    │   └── werkzeug-3.0.1.dist-info
    └── a67db8ed076e3814
        ├── pydantic_extra_types
        └── pydantic_extra_types-2.1.0.dist-info

48 directories, 0 files
```

**After**

```
cache-all-kinds/wheels-v0/
├── registry
│   ├── annotated_types-0.6.0-py3-none-any.whl
│   ├── asgiref-3.7.2-py3-none-any.whl
│   ├── blinker-1.7.0-py3-none-any.whl
│   ├── certifi-2023.11.17-py3-none-any.whl
│   ├── cffi-1.16.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
│   ├── [...]
│   ├── tzdata-2023.3-py2.py3-none-any.whl
│   ├── urllib3-2.1.0-py3-none-any.whl
│   └── wheel-0.42.0-py3-none-any.whl
└── url
    └── 4b8be67c801a7ecb
        └── flask-3.0.0-py3-none-any.whl

39 directories, 0 files
```

**Outlook** Part of #477 "Fix wheel caching". Further tasks:
* Replace the `CacheShard` with `WheelMetadataCache` which handles urls
properly.
* Delete unzipped wheels when their remote wheel changed
* Store built wheels next to the `metadata.json` in the source dist
directory; delete built wheels when their source dist changed (different
cache bucket, but it's the same problem of fixing wheel caching) I'll
make stacked PRs for those
 2023-11-27 16:03:58 -08:00
konsti 71295702bf
Reduce pip_sync test duplication (#502) 
Move venv creation and running python to check the installation into
function instead of copy&pasting them every time
 2023-11-27 10:21:40 +00:00
Charlie Marsh afda835544
Avoid clone for `WheelMetadataCache` (#500) 
This doesn't need to own the underlying data which allows us to remove a
number of clones.
 2023-11-25 23:33:59 +00:00
Charlie Marsh 3eb0a43995
Perform a single Git fetch when building source distributions (#499) 
## Summary

We need to pass in the distribution with the "precise" URL to avoid
refetching.

## Test Plan

Ran `cargo run -p puffin-cli -- pip-compile requirements.in --verbose`
with `flask @ git+https://github.com/pallets/flask.git` and verified
that we only checked out Flask once.
 2023-11-25 23:29:41 +00:00
konsti d54e780843
Source dist metadata refactor (#468) 
## Summary and motivation

For a given source dist, we store the metadata of each wheel built
through it in `built-wheel-metadata-v0/pypi/<source dist
filename>/metadata.json`. During resolution, we check the cache status
of the source dist. If it is fresh, we check `metadata.json` for a
matching wheel. If there is one we use that metadata, if there isn't, we
build one. If the source is stale, we build a wheel and override
`metadata.json` with that single wheel. This PR thereby ties the local
built wheel metadata cache to the freshness of the remote source dist.
This functionality is available through `SourceDistCachedBuilder`.

`puffin_installer::Builder`, `puffin_installer::Downloader` and
`Fetcher` are removed, instead there are now `FetchAndBuild` which calls
into the also new `SourceDistCachedBuilder`. `FetchAndBuild` is the new
main high-level abstraction: It spawns parallel fetching/building, for
wheel metadata it calls into the registry client, for wheel files it
fetches them, for source dists it calls `SourceDistCachedBuilder`. It
handles locks around builds, and newly added also inter-process file
locking for git operations.

Fetching and building source distributions now happens in parallel in
`pip-sync`, i.e. we don't have to wait for the largest wheel to be
downloaded to start building source distributions.

In a follow-up PR, I'll also clear built wheels when they've become
stale.

Another effect is that in a fully cached resolution, we need neither zip
reading nor email parsing.

Closes #473

## Source dist cache structure 

Entries by supported sources:
 * `<build wheel metadata cache>/pypi/foo-1.0.0.zip/metadata.json`
* `<build wheel metadata
cache>/<sha256(index-url)>/foo-1.0.0.zip/metadata.json`
* `<build wheel metadata
cache>/url/<sha256(url)>/foo-1.0.0.zip/metadata.json`
But the url filename does not need to be a valid source dist filename

(<https://github.com/search?q=path%3A**%2Frequirements.txt+master.zip&type=code>),
so it could also be the following and we have to take any string as
filename:
* `<build wheel metadata
cache>/url/<sha256(url)>/master.zip/metadata.json`

Example:
```text
# git source dist
pydantic-extra-types @ git+https://github.com/pydantic/pydantic-extra-types.git
# pypi source dist
django_allauth==0.51.0
# url source dist
werkzeug @ ff1904eb5e2853bf83db817a7dd53d/werkzeug-3.0.1.tar.gz
```
will be stored as
```text
built-wheel-metadata-v0
├── git
│   └── 5c56bc1c58c34c11
│       └── 843b753e9e8cb74e83cac55598719b39a4d5ef1f
│           └── metadata.json
├── pypi
│   └── django-allauth-0.51.0.tar.gz
│       └── metadata.json
└── url
    └── 6781bd6440ae72c2
        └── werkzeug-3.0.1.tar.gz
            └── metadata.json
```

The inside of a `metadata.json`:
```json
{
  "data": {
    "django_allauth-0.51.0-py3-none-any.whl": {
      "metadata-version": "2.1",
      "name": "django-allauth",
      "version": "0.51.0",
      ...
    }
  }
}
```
 2023-11-24 17:47:58 +00:00
konsti 8d247fe95b
Add `Tags::from_interpreter` (#498) 
Small refactoring
 2023-11-24 11:36:01 +00:00
konsti f7976ce5cc
Write docs for distribution types (#495) 
Document the type hierarchy, excluding the traits.
 2023-11-23 13:39:39 +00:00
konsti 1c0e03f807
puffin_interpreter cleanup ahead of #235 (#492) 
Preparing for #235, some refactoring to `puffin_interpreter`.

* Added a dedicated error type instead of anyhow
* `InterpreterInfo` -> `Interpreter`
* `detect_virtual_env` now returns an option so it can be chained for
#235
 2023-11-23 08:57:33 +00:00
Charlie Marsh 9d35128840
Use Clippy lint table over Cargo config (#490) 
Closes https://github.com/astral-sh/puffin/issues/482.
 2023-11-22 15:10:27 +00:00
Charlie Marsh 443a0a9df2
Use a sparse Metadata 2.1 representation (#488) 
This is an optimization to avoid parsing the entire Metadata 2.1 when we
only need a small subset of the fields.

Closes #175.
 2023-11-22 13:25:35 +00:00
konsti a030a466e6
Error before download with no_build (#487) 
This is fixes a performance regression where when `--no-build` was set,
the fetcher would still download the source dist only to error
afterwards.
 2023-11-22 10:38:10 +00:00
konsti e1dafe7203
Allow applying multiple fixups for version specifiers (#486) 
Allow applying multiple fixups for version specifiers, remove the
duplication from the code and add another test case.
 2023-11-22 10:26:12 +00:00
konsti ff1100a1ab
Fixup for `>= '2.7'` (#485) 
Fixup to allow parsing
https://pypi.org/simple/shellingham/?format=application/vnd.pypi.simple.v1+json
 2023-11-22 10:00:12 +00:00
konsti 7c7daa8f83
Consistent Cargo.toml syntax (#483) 
Remove the last Cargo.toml inconsistencies, see
1526b3458a (r1401083681).
Now all `[dependencies]` are workspace dependencies.
 2023-11-22 08:34:08 +00:00
konsti 934e32ea98
Remove outdated todos (#476) 2023-11-21 13:57:40 +00:00
Charlie Marsh 17228ba04e
Add support for path dependencies (#471) 
## Summary

This PR adds support for local path dependencies. The approach mostly
just falls out of our existing approach and infrastructure for Git and
URL dependencies.

Closes https://github.com/astral-sh/puffin/issues/436. (We'll open a
separate issue for editable installs.)

## Test Plan

Added `pip-compile` tests that pre-download a wheel or source
distribution, then install it via local path.
 2023-11-21 11:49:42 +00:00
Charlie Marsh f1aa70d9d3
Refactor distribution types to return `Result` (#470) 
## Summary

A variety of small refactors to the distribution types crate to (1)
return `Result` if we find an invalid wheel, rather than treating it as
a source distribution with a `.whl` suffix, and (2) DRY up some repeated
code around URLs.
 2023-11-20 23:08:54 +00:00
konsti f0841cdb6e
Wheel metadata refactor (#462) 
A consistent cache structure for remote wheel metadata:

 * `<wheel metadata cache>/pypi/foo-1.0.0-py3-none-any.json`
* `<wheel metadata
cache>/<digest(index-url)>/foo-1.0.0-py3-none-any.json`
* `<wheel metadata cache>/url/<digest(url)>/foo-1.0.0-py3-none-any.json`

The source dist caching will use a similar structure (#468).
 2023-11-20 17:26:36 +01:00
konsti d3e9e1783f
Refactor lenient parsing (#467) 
Deduplicate lenient parsing code between version specifiers and
Requirement. Use `warn_once!` since the warnings did show up multiple
times in my code. Fix the macro hygiene in `warn_once!`.
 2023-11-20 15:35:38 +00:00
Charlie Marsh 60f595b469
Prefer future stream over `JoinSet` in downloader (#469) 
This avoids introducing a static lifetime requirement and, in my
benchmarks, is even a little faster.
 2023-11-20 13:23:30 +00:00
Charlie Marsh 8decb29bad
Use a dedicated error type for `puffin-distribution` (#466) 2023-11-20 11:38:27 +00:00
Charlie Marsh 342fc628f0
Store downloaded wheels in a local cache (#463) 
This PR modifies the `Fetcher` to cache remote wheels that we _already_
store to-disk. We might read these again in the future, so we might as
well store them in the cache for consistency (rather than using a
temporary directory).
 2023-11-20 11:32:22 +00:00
Charlie Marsh 35fd86631b
Unify distribution operations into a single crate (#460) 
## Summary

This PR unifies the behavior that lived in the resolver's `distribution`
crates with the behaviors that were spread between the various structs
in the installer crate into a single `Fetcher` struct that is intended
to manage all interactions with distributions. Specifically, the
interface of this struct is such that it can access distribution
metadata, download distributions, return those downloads, etc., all with
a common cache.

Overall, this is mostly just DRYing up code that was repeated between
the two crates, and putting it behind a reasonable shared interface.
 2023-11-20 11:22:52 +00:00
konsti 45d032dd7d
Fix wheel filename serialization (#465) 
We need an underscore in the wheel filename, not a dash
 2023-11-20 11:21:22 +00:00
konsti 46bb18f06e
Track file index (#452) 
Track the index (or at least its url) where we got a file from across
the source code.

Fixes #448
 2023-11-20 08:48:16 +00:00
Charlie Marsh 6fd582f8b9
Rename `puffin-distribution` to `distribution-types` (#458) 
## Summary

This crate only contains types, and I want to introduce a new crate for
all _operations_ on distributions, so this feels like a more natural
name given we also have `pypi-types`.
 2023-11-20 09:40:26 +01:00
konsti 2fed14fdc6
Optional serde feature for distribution-filename (#461) 
https://github.com/astral-sh/puffin/pull/459#discussion_r1398482972
 2023-11-19 19:53:32 +00:00
konsti 255edf4445
Serde support for WheelFilename through str repr (#459) 
I need this later, splitting out for PR size
 2023-11-19 19:43:14 +00:00
Charlie Marsh 3df3110800
Use shortened `anyhow::Result` everywhere (#457) 2023-11-19 19:26:21 +00:00
Charlie Marsh 380030bb5c
Pin all resolver tests using `--exclude-newer` (#456) 
Uses yesterday's date, which should make it much less likely that our
tests become stale over time.

Closes https://github.com/astral-sh/puffin/issues/449.
 2023-11-19 15:10:57 +00:00
konsti 24f00f5a33
Create cache dir before canonicalize (#454) 
`fs::canonicalize` fails when the directory does not exist, which i
missed in #453
 2023-11-19 13:49:13 +00:00
konsti ab60233131
Use absolute cache paths (#453) 
Previously, git requirements would fail when setting `--cache-dir`:

```console
$ cargo run --bin puffin -- pip-compile --cache-dir cache-all-kinds scripts/benchmarks/requirements/all-kinds.in
error: Failed to build distribution from URL: git+https://github.com/pydantic/pydantic-extra-types.git
  Caused by: Invalid path URL: cache-all-kinds/git-v0/db/b49ffcfeb6c2e9d8
  ```

The cause is using a relative and not an absolute path, which `Url` needs, the solution is to turn the cache dir into an absolute path.

This never showed up in the tests since the tests use absolute temp dirs for everything.
 2023-11-19 13:32:32 +00:00
konsti dd4347980a
Fix tests: Certifi got an update (#451) 2023-11-19 12:10:54 +00:00
Zanie Blue 5dedfeb097
Fix import of `CacheArgs` in `puffin-cli` (#447) 
```
error[E0432]: unresolved imports `puffin_cache::CacheArgs`, `puffin_cache::CacheDir`
  --> crates/puffin-cli/src/main.rs:11:20
   |
11 | use puffin_cache::{CacheArgs, CacheDir};
   |                    ^^^^^^^^^  ^^^^^^^^ no `CacheDir` in the root
   |                    |
   |                    no `CacheArgs` in the root
   |
note: found an item that was configured out
  --> /Users/mz/eng/src/astral-sh/puffin/crates/puffin-cache/src/lib.rs:7:15
   |
7  | pub use cli::{CacheArgs, CacheDir};
   |               ^^^^^^^^^
   = note: the item is gated behind the `clap` feature
note: found an item that was configured out
  --> /Users/mz/eng/src/astral-sh/puffin/crates/puffin-cache/src/lib.rs:7:26
   |
7  | pub use cli::{CacheArgs, CacheDir};
   |                          ^^^^^^^^
   = note: the item is gated behind the `clap` feature

For more information about this error, try `rustc --explain E0432`.
error: could not compile `puffin-cli` (bin "puffin") due to previous error
```
 2023-11-17 15:35:01 -05:00
Charlie Marsh 03599d2bb4
Split resolver inputs into manifest and options (#446) 
## Summary

This is a refactor to address a TODO in the build context whereby we
aren't respecting the resolution options in recursive resolutions. Now,
the options are split out from the resolution _manifest_, and shared
across the build context tree.
 2023-11-17 18:53:53 +00:00
konsti 9db6644be6
Test requirements script (#382) 
This script can compare different requirements between pip(-compile) and
puffin across python versions, with debug and release builds.

Examples:
```shell
scripts/compare_with_pip/compare_with_pip.py
scripts/compare_with_pip/compare_with_pip.py -p 3.10
scripts/compare_with_pip/compare_with_pip.py --release -p 3.9 --target 'transformers[deepspeed-testing,dev-tensorflow]'
```

It found a bunch of fixed bugs, e.g. the lack of yanked package handling
and source dist handling, as well as #423, which is currently most of
the output.

Example output:
https://gist.github.com/konstin/9ccf8dc7c2dcca737bf705429ced4892

#443 should be merged first
 2023-11-17 18:26:55 +00:00
konsti bf71e7adcf
Add graphviz output to puffin-dev resolve-cli (#443) 
I added output in graphviz DOT format to `puffin-dev resolve-cli` to
help with debugging resolutions. This requires tracking the requested
ranges in the graph. I also fixed the direction of the graph.

 Output for `black`:

```dot
digraph {
    0 [ label="click\n8.1.7"]
    1 [ label="black\n23.11.0"]
    2 [ label="packaging\n23.2"]
    3 [ label="mypy-extensions\n1.0.0"]
    4 [ label="tomli\n2.0.1"]
    5 [ label="pathspec\n0.11.2"]
    6 [ label="typing-extensions\n4.8.0"]
    7 [ label="platformdirs\n4.0.0"]
    1 -> 0 [ label=">=8.0.0"]
    1 -> 3 [ label=">=0.4.3"]
    1 -> 5 [ label=">=0.9.0"]
    1 -> 4 [ label=">=1.1.0"]
    1 -> 6 [ label=">=4.0.1"]
    1 -> 2 [ label=">=22.0"]
    1 -> 7 [ label=">=2"]
}
```


![image](https://github.com/astral-sh/puffin/assets/6826232/4a440fcd-6248-4349-8e1a-c3e0363e42b1)

transformers:


![image](https://github.com/astral-sh/puffin/assets/6826232/a13a693c-a8c0-4a4f-95d9-3458431c678a)

jupyter:


![graphviz](https://github.com/astral-sh/puffin/assets/6826232/ef730033-6fd9-4ea9-ac93-8c874c19a101)
 2023-11-17 18:16:24 +00:00
Zanie Blue d39e9b3499
Remove duplicate `cache_dir` argument from `puffin-dev resolve-cli` (#445) 2023-11-17 17:17:00 +00:00
Zanie Blue 221751487c
Use `UnusableDependencies` for URL dependency conflicts (#425) 
Extends #424 with support for URL dependency incompatibilities.

Requires changes to `miette` to prevent URLs from being word wrapped;
accepted upstream in https://github.com/zkat/miette/pull/321
 2023-11-17 08:28:12 -06:00
Charlie Marsh 2094680cdd
Add a `warn_user_once!` macro (#442) 
Closes https://github.com/astral-sh/puffin/issues/429.
 2023-11-17 02:34:06 +00:00
Charlie Marsh 25fcee0d9f
Avoid using incompatible wheels for source distribution-less packages (#441) 
We're willing to use platform-incompatible wheels during resolution, to
quicken access to metadata... But we should avoid choosing an
incompatible wheel if the package lacks a source distribution since, in
that case, we definitely won't be able to install it.

Closes https://github.com/astral-sh/puffin/issues/439.
 2023-11-17 02:10:54 +00:00
Charlie Marsh b1c29447df
Use `temp_dir` casing everywhere (#440) 2023-11-16 21:04:10 +00:00
konsti 1883dbdc21
Always¹ clear temporary directories (#437) 
Always¹ clear the temporary directories we create.

* Clear source dist downloads: Previously, the temporary directories
would remain in the cache dir, now they are cleared properly
* Clear wheel file downloads: Delete the `.whl` file, we only need to
cache the unpacked wheel
* Consistent handling of cache arguments: Abstract the handling for CLI
cache args away, again making sure we remove the `--no-cache` temp dir.

There are no more `into_path()` calls that persist `TempDir`s that i
could find.

¹Assuming drop is run, and deleting the directory doesn't silently
error.
 2023-11-16 20:49:48 +00:00
Zanie Blue 0d9d4f9fca
Add an `UnusableDependencies` incompatibility kind and use for conflicting versions (#424) 
Addresses
https://github.com/astral-sh/puffin/issues/309#issuecomment-1792648969

Similar to #338 this throws an error when merging versions results in an
empty set. Instead of propagating that error, we capture it and return a
new dependency type of `Unusable`. Unusable dependencies are a new
incompatibility kind which includes an arbitrary "reason" string that we
present to the user. Adding a new incompatibility kind requires changes
to the vendored pubgrub crate.

We could use this same incompatibility kind for conflicting urls as in
#284 which should allow the solver to backtrack to another valid version
instead of failing (see #425).

Unlike #383 this does not require changes to PubGrub's package mapping
model. I think in the long run we'll want PubGrub to accept multiple
versions per package to solve this specific issue, but we're interested
in it being merged upstream first. This pull request is just using the
issue as a simple case to explore adding a new incompatibility type.

We may or may not be able convince them to add this new incompatibility
type upstream. As discussed in
https://github.com/pubgrub-rs/pubgrub/issues/152, we may want a more
general incompatibility kind instead which can be used for arbitrary
problems. An upstream pull request has been opened for discussion at
https://github.com/pubgrub-rs/pubgrub/pull/153.

Related to:
- https://github.com/pubgrub-rs/pubgrub/issues/152
- #338 
- #383

---------

Co-authored-by: konsti <konstin@mailbox.org>
 2023-11-16 20:02:06 +00:00
Zanie Blue 832058dbba
Switch from vendored PubGrub to a fork (#438) 
A fork will let us stay up to date with the upstream while replaying our
work on top of it.

I expect a similar workflow to the RustPython-Parser fork we maintained,
except that I wrote an automation to create tags for each commit on the
fork (https://github.com/zanieb/pubgrub/pull/2) so we do not need to
manually tag and document each commit.

To update with the upstream:

- Rebase our fork's `main` branch on top of the latest changes in
upstream's `dev` branch
- Force push, overwriting our `main` branch history
- Change the commit hash here to the last commit on `main` in our fork

Since we automatically tag each commit on the fork, we should never lose
the commits that are dropped from `main` during rebase.
 2023-11-16 13:49:19 -06:00
konsti e41ec12239
Option to resolve at a fixed timestamp with `pip-compile --exclude-newer YYYY-MM-DD` (#434) 
This works by filtering out files with a more recent upload time, so if
the index you use does not provide upload times, the results might be
inaccurate. pypi provides upload times for all files. This is, the field
is non-nullable in the warehouse schema, but the simple API PEP does not
know this field.

If you have only pypi dependencies, this means deterministic,
reproducible(!) resolution. We could try doing the same for git repos
but it doesn't seem worth the effort, i'd recommend pinning commits
since git histories are arbitrarily malleable and also if you care about
reproducibility and such you such not use git dependencies but a custom
index.

Timestamps are given either as RFC 3339 timestamps such as
`2006-12-02T02:07:43Z` or as UTC dates in the same format such as
`2006-12-02`. Dates are interpreted as including this day, i.e. until
midnight UTC that day. Date only is required to make this ergonomic and
midnight seems like an ergonomic choice.

In action for `pandas`:

```console
$ target/debug/puffin pip-compile --exclude-newer 2023-11-16 target/pandas.in
Resolved 6 packages in 679ms
# This file was autogenerated by Puffin v0.0.1 via the following command:
#    target/debug/puffin pip-compile --exclude-newer 2023-11-16 target/pandas.in
numpy==1.26.2
    # via pandas
pandas==2.1.3
python-dateutil==2.8.2
    # via pandas
pytz==2023.3.post1
    # via pandas
six==1.16.0
    # via python-dateutil
tzdata==2023.3
    # via pandas
$ target/debug/puffin pip-compile --exclude-newer 2022-11-16 target/pandas.in
Resolved 5 packages in 655ms
# This file was autogenerated by Puffin v0.0.1 via the following command:
#    target/debug/puffin pip-compile --exclude-newer 2022-11-16 target/pandas.in
numpy==1.23.4
    # via pandas
pandas==1.5.1
python-dateutil==2.8.2
    # via pandas
pytz==2022.6
    # via pandas
six==1.16.0
    # via python-dateutil
$ target/debug/puffin pip-compile --exclude-newer 2021-11-16 target/pandas.in
Resolved 5 packages in 594ms
# This file was autogenerated by Puffin v0.0.1 via the following command:
#    target/debug/puffin pip-compile --exclude-newer 2021-11-16 target/pandas.in
numpy==1.21.4
    # via pandas
pandas==1.3.4
python-dateutil==2.8.2
    # via pandas
pytz==2021.3
    # via pandas
six==1.16.0
    # via python-dateutil
```
 2023-11-16 19:46:17 +00:00
konsti 0d455ebd06
Always use puffin as binary name (#435) 
It doesn't matter how exactly the user called puffin, the lockfile
should look the same either way.
 2023-11-16 19:05:46 +01:00
konsti 751f7fa9c6
Improve PEP 691 compatibility (#428) 
[PEP 691](https://peps.python.org/pep-0691/#project-detail) has slightly
different, more relaxed rules around file metadata. These changes are
now reflected in the `File` struct. This will make it easier to support
alternative indices.

I had expected that i need to introduce a separate type for that, so i'm
happy it's two `Option`s more and an alias.

Part of #412
 2023-11-16 19:03:44 +01:00
konsti 3a4988f999
Small test cleanup after #431 (#433) 
Remove unused filters after #431
 2023-11-16 11:22:47 +00:00
konsti c0339893e7
Use `sys.executable` as python root path (#431) 
Previously, we were assuming that `which <python>` return the path to
the python executable. This is not true when using pyenv shims, which
are bash scripts. Instead, we have to use `sys.executable`. Luckily,
we're already querying the python interpreter and can do it in that
pass.

We are also not allowed to cache the execution of the python interpreter
through the shim because pyenv might change the target. As a heuristic,
we check whether `sys.executable`, the real binary, is the same our
canonicalized `which` result.

---------

Co-authored-by: Zanie Blue <contact@zanie.dev>
 2023-11-16 12:16:49 +01:00
Charlie Marsh d3caf9ae86
Choose most-compatible wheel in resolver and installer (#422) 
## Summary

This PR implements logic to sort wheels by priority, where priority is
defined as preferring more "specific" wheels over less "specific"
wheels. For example, in the case of Black, my machine now selects
`black-23.11.0-cp311-cp311-macosx_11_0_arm64.whl`, whereas sorting by
lowest priority instead gives me `black-23.11.0-py3-none-any.whl`.

As part of this change, I've also modified the resolver to fallback to
using incompatible wheels when determining package metadata, if no
compatible wheels are available.

The `VersionMap` was also moved out of `resolver.rs` and into its own
file with a wrapper type, for clarity.

Closes https://github.com/astral-sh/puffin/issues/380.
Closes https://github.com/astral-sh/puffin/issues/421.
 2023-11-15 18:22:11 +00:00
konsti 1147a4de14
Simpler and more resilient pip compile tests (#426) 
The pip compile test now explicitly set their python version and `puffin
venv` resolves e.g. `python3.12` correctly now. The venv creation is
moved to a shared method
 2023-11-15 18:32:33 +01:00
Charlie Marsh a20325f184
Remove unnecessary clones in resolver (#420) 2023-11-13 21:00:52 -05:00
Charlie Marsh 13ba4405aa
Update README and crates manifest (#419) 2023-11-14 01:20:07 +00:00
konsti bacf1dc911
Filter out yanked files (#413) 
Implement two behaviors for yanked versions:

* During `pip-compile`, yanked versions are filtered out entirely, we
currently treat them is if they don't exist. This is leads to confusing
error messages because a version that does exist seems to have suddenly
disappeared.
* During `pip-sync`, we warn when we fetch a remote distribution and it
has been yanked. We currently don't warn on cached or installed
distributions that have been yanked.
 2023-11-13 20:58:50 +00:00
Charlie Marsh 28ec4e79f0
Co-locate lenient requirement parsing (#418) 
No behavior changes.
 2023-11-13 15:46:21 -05:00
Charlie Marsh 437d4fb87e
Add trailing-comma fix to lenient requirements (#417) 
Closes https://github.com/astral-sh/puffin/issues/408.
 2023-11-13 20:20:57 +00:00
Charlie Marsh 582c94cec3
Add missing-dot fix to lenient requirements (#416) 
Part of https://github.com/astral-sh/puffin/issues/408.
 2023-11-13 20:17:01 +00:00
Charlie Marsh 0af2f7e39f
Use `anstream` to avoid writing colorized output (#415) 
A more robust solution to avoiding colorized output by ensuring we write
to `stdout` and `stderr` via the
[`anstream`](https://docs.rs/anstream/latest/anstream/) crate.

Closes https://github.com/astral-sh/puffin/issues/393.
 2023-11-13 20:00:12 +00:00
konsti 76a41066ac
Filter out incompatible dists (#398) 
Filter out source dists and wheels whose `requires-python` from the
simple api is incompatible with the current python version.

This change showed an important problem: When we use a fake python
version for resolving, building source distributions breaks down because
we can only build with versions we actually have.

This change became surprisingly big. The tests now require python 3.7 to
be installed, but changing that would mean an even bigger change.

Fixes #388
 2023-11-13 17:14:07 +01:00
konsti 81c9cd0d4a
Print url for bad json error (#409) 
Split out from #382
 2023-11-13 11:41:20 +00:00
konsti fa423b8751
Backend path is supported (#405) 
The check is outdated now
 2023-11-13 08:19:20 +00:00
Zanie Blue beadd3274a
Improve debug log version display (#403) 
Follow-up to https://github.com/astral-sh/puffin/pull/346 for some debug
messages
 2023-11-10 17:07:29 -06:00
Charlie Marsh 06b312de7e
Overwrite existing files when hardlinking (#402) 
## Summary

Closes https://github.com/astral-sh/puffin/issues/390.

## Test Plan

Installed `jupyter_core==5.5.0`, then removed the `jupyter_core` and
`jupyter_core-5.5.0.dist-info` directories from my virtualenv manually,
but left `jupyter.py`. I then re-ran `puffin pip-compile`, and verified
that it errored on `main` but succeeded here.
 2023-11-10 20:24:19 +00:00
Charlie Marsh 56a4b51eb6
Refactor hardlink fallback to use an enum (#401) 
Makes an invalid state unrepresentable (`first_try_hard_linking = true`,
`use_copy_fallback` = true`).
 2023-11-10 15:18:51 -05:00
Andrew Gallant ff4d079dc9
pep508-rs: remove \x20 trailing whitespace hack (#400) 
... we just remove the trailing whitespace from the input and that
resolves things.

Thanks @konstin for pointing this out!

Ref https://github.com/astral-sh/puffin/pull/399#discussion_r1389854823
 2023-11-10 15:11:29 -05:00
Charlie Marsh e8108cb28b
Remove `__pycache__` directories when uninstalling (#397) 
According to the [packaging
documentation](https://packaging.python.org/en/latest/specifications/binary-distribution-format/#binary-distribution-format),
"uninstallers should be smart enough to remove .pyc even if it is not
mentioned in RECORD". Previously, we weren't handling this case, so if
you installed via Puffin, then imported a file (to trigger bytecode
compilation), then uninstalled, we'd leave spare `__pycache__`
directories around.

Closes https://github.com/astral-sh/puffin/issues/395.
 2023-11-10 14:55:33 -05:00
Andrew Gallant 63f7f65190
change global allocator to jemalloc (and mimalloc on Windows) (#399) 
This copies the allocator configuration used in the Ruff project. In
particular, this gives us an instant 10% win when resolving the top 1K
PyPI packages:

    $ hyperfine \
"./target/profiling/puffin-dev-main resolve-many --cache-dir
cache-docker-no-build --no-build pypi_top_8k_flat.txt --limit 1000 2>
/dev/null" \
"./target/profiling/puffin-dev resolve-many --cache-dir
cache-docker-no-build --no-build pypi_top_8k_flat.txt --limit 1000 2>
/dev/null"
Benchmark 1: ./target/profiling/puffin-dev-main resolve-many --cache-dir
cache-docker-no-build --no-build pypi_top_8k_flat.txt --limit 1000 2>
/dev/null
Time (mean ± σ): 974.2 ms ± 26.4 ms [User: 17503.3 ms, System: 2205.3
ms]
      Range (min … max):   943.5 ms … 1015.9 ms    10 runs

Benchmark 2: ./target/profiling/puffin-dev resolve-many --cache-dir
cache-docker-no-build --no-build pypi_top_8k_flat.txt --limit 1000 2>
/dev/null
Time (mean ± σ): 883.1 ms ± 23.3 ms [User: 14626.1 ms, System: 2542.2
ms]
      Range (min … max):   849.5 ms … 916.9 ms    10 runs

    Summary
'./target/profiling/puffin-dev resolve-many --cache-dir
cache-docker-no-build --no-build pypi_top_8k_flat.txt --limit 1000 2>
/dev/null' ran
1.10 ± 0.04 times faster than './target/profiling/puffin-dev-main
resolve-many --cache-dir cache-docker-no-build --no-build
pypi_top_8k_flat.txt --limit 1000 2> /dev/null'

I was moved to do this because I noticed `malloc`/`free` taking up a
fairly sizeable percentage of time during light profiling.

As is becoming a pattern, it will be easier to review this
commit-by-commit.

Ref #396 (wouldn't call this issue fixed)

-----

I did also try adding a `smallvec` optimization to the
`Version::release` field, but it didn't bare any fruit. I still think
there is more to explore since the results I observed don't quite line
up with what I expect. (So probably either my mental model is off or my
measurement process is flawed.) You can see that attempt with a little
more explanation here:
f9528b4ecd

In the course of adding the `smallvec` optimization, I also shrunk the
`Version` fields from a `usize` to a `u32`. They should at least be a
fixed size integer since version numbers aren't used to index memory,
and I shrunk it to `u32` since it seems reasonable to assume that all
version numbers will be smaller than `2^32`.
 2023-11-10 14:48:59 -05:00
konsti d8408b1783
Add source to failing metadata parsing (#387) 
Before:
```
cargo run --bin puffin-dev -q -- resolve-cli "transformers[accelerate, agents, all, audio, codecarbon, deepspeed, deepspeed-testing, dev, dev-tensorflow, dev-torch, docs, docs_specific, flax, flax-speech, ftfy, integrations, ja, modelcreation, onnx, onnxruntime, optuna, quality, ray, retrieval, sagemaker, sentencepiece, serving, sigopt, sklearn, speech, testing, tf, tf-cpu, tf-speech, timm, tokenizers, torch, torch-speech, torch-vision, torchhub, video, vision]"
puffin-dev failed
  Caused by: No solution found when resolving: transformers[accelerate,agents,all,audio,codecarbon,deepspeed,deepspeed-testing,dev,dev-tensorflow,dev-torch,docs,docs-specific,flax,flax-speech,ftfy,integrations,ja,modelcreation,onnx,onnxruntime,optuna,quality,ray,retrieval,sagemaker,sentencepiece,serving,sigopt,sklearn,speech,testing,tf,tf-cpu,tf-speech,timm,tokenizers,torch,torch-speech,torch-vision,torchhub,video,vision]
  Caused by: Not a valid package or extra name: ".none". Names must start and end with a letter or digit and may only contain -, _, ., and alphanumeric characters
```
After:
```
cargo run --bin puffin-dev -q -- resolve-cli "transformers[accelerate, agents, all, audio, codecarbon, deepspeed, deepspeed-testing, dev, dev-tensorflow, dev-torch, docs, docs_specific, flax, flax-speech, ftfy, integrations, ja, modelcreation, onnx, onnxruntime, optuna, quality, ray, retrieval, sagemaker, sentencepiece, serving, sigopt, sklearn, speech, testing, tf, tf-cpu, tf-speech, timm, tokenizers, torch, torch-speech, torch-vision, torchhub, video, vision]"
puffin-dev failed
  Caused by: No solution found when resolving: transformers[accelerate,agents,all,audio,codecarbon,deepspeed,deepspeed-testing,dev,dev-tensorflow,dev-torch,docs,docs-specific,flax,flax-speech,ftfy,integrations,ja,modelcreation,onnx,onnxruntime,optuna,quality,ray,retrieval,sagemaker,sentencepiece,serving,sigopt,sklearn,speech,testing,tf,tf-cpu,tf-speech,timm,tokenizers,torch,torch-speech,torch-vision,torchhub,video,vision]
  Caused by: Couldn't parse metadata in fastapi-0.10.1-py3-none-any.whl (97ac91cb7cd2baab1a50b0c7a17d83/fastapi-0.10.1-py3-none-any.whl)
  Caused by: Not a valid package or extra name: ".none". Names must start and end with a letter or digit and may only contain -, _, ., and alphanumeric characters
```
 2023-11-10 18:33:49 +00:00
Charlie Marsh b3edf7c2b2
Delete any directories listed in the RECORD file (#394) 
## Summary

It looks like, when you install `pip`, it includes a bunch of
`__pycache__` directories in the RECORD file (although these directories
don't exist until you run `pip`). Our uninstaller assumed that the
RECORD file only contained _files_.

Closes https://github.com/astral-sh/puffin/issues/389.
 2023-11-10 18:17:52 +00:00
Charlie Marsh 6a15950cb5
Rename `Distribution` to `Dist` in all structs and traits (#384) 
We tend to avoid abbreviations, but this one is just so long and
absolutely ubiquitous.
 2023-11-10 14:55:11 +00:00
konsti 5cef40d87a
Add proper caching for pypi metadata fetching kinds (#368) 
I intend this to become the main form of caching for puffin: You can
make http requests, you tranform the data to what you really need, you
have control over the cache key, and the cache is always json (or
anything else much faster we want to replace it with as long as it's
serde!)
 2023-11-10 11:03:40 +00:00
konsti d1b57acaa8
Implement PEP 517 backend-path (#385) 
Closes #192
 2023-11-10 11:54:23 +01:00
Charlie Marsh a148f9d0be
Refactor distribution types to adhere to a clear hierarchy (#369) 
## Summary

This PR refactors our `RemoteDistribution` type such that it now follows
a clear hierarchy that matches the actual variants, and encodes the
differences between source and built distributions:

```rust
pub enum Distribution {
    Built(BuiltDistribution),
    Source(SourceDistribution),
}

pub enum BuiltDistribution {
    Registry(RegistryBuiltDistribution),
    DirectUrl(DirectUrlBuiltDistribution),
}

pub enum SourceDistribution {
    Registry(RegistrySourceDistribution),
    DirectUrl(DirectUrlSourceDistribution),
    Git(GitSourceDistribution),
}

/// A built distribution (wheel) that exists in a registry, like `PyPI`.
pub struct RegistryBuiltDistribution {
    pub name: PackageName,
    pub version: Version,
    pub file: File,
}

/// A built distribution (wheel) that exists at an arbitrary URL.
pub struct DirectUrlBuiltDistribution {
    pub name: PackageName,
    pub url: Url,
}

/// A source distribution that exists in a registry, like `PyPI`.
pub struct RegistrySourceDistribution {
    pub name: PackageName,
    pub version: Version,
    pub file: File,
}

/// A source distribution that exists at an arbitrary URL.
pub struct DirectUrlSourceDistribution {
    pub name: PackageName,
    pub url: Url,
}

/// A source distribution that exists in a Git repository.
pub struct GitSourceDistribution {
    pub name: PackageName,
    pub url: Url,
}
```

Most of the PR just stems downstream from this change. There are no
behavioral changes, so I'm largely relying on lint, tests, and the
compiler for correctness.
 2023-11-10 02:45:41 +00:00
Andrew Gallant 33c0901a28
distribution-filename: speed up is_compatible (#367) 
This PR tweaks the representation of `Tags` in order to offer a
faster implementation of `WheelFilename::is_compatible`. We now use a
nested map of tags that lets us avoid looping over every supported
platform tag. As the code comments suggest, that is the essential gain.
We still do not mind looping over the tags in each wheel name since they
tend to be quite small. And pushing our thumb on that side of things can
make things worse overall since it would likely slow down WheelFilename
construction itself.

For micro-benchmarks, we improve considerably for compatibility
checking:

    $ critcmp base test3
group base test3
----- ---- -----
build_platform_tags/burntsushi-archlinux 1.00 46.2±0.28µs ? ?/sec 2.48
114.8±0.45µs ? ?/sec
wheelname_parsing/flyte-long-compatible 1.00 624.8±3.31ns 174.0 MB/sec
1.01 629.4±4.30ns 172.7 MB/sec
wheelname_parsing/flyte-long-incompatible 1.00 743.6±4.23ns 165.4 MB/sec
1.00 746.9±4.62ns 164.7 MB/sec
wheelname_parsing/flyte-short-compatible 1.00 526.7±4.76ns 54.3 MB/sec
1.01 530.2±5.81ns 54.0 MB/sec
wheelname_parsing/flyte-short-incompatible 1.00 540.4±4.93ns 60.0 MB/sec
1.01 545.7±5.31ns 59.4 MB/sec
wheelname_parsing_failure/flyte-long-extension 1.00 13.6±0.13ns 3.2
GB/sec 1.01 13.7±0.14ns 3.2 GB/sec
wheelname_parsing_failure/flyte-short-extension 1.00 14.0±0.20ns 1160.4
MB/sec 1.01 14.1±0.14ns 1146.5 MB/sec
wheelname_tag_compatibility/flyte-long-compatible 11.33 159.8±2.79ns
680.5 MB/sec 1.00 14.1±0.23ns 7.5 GB/sec
wheelname_tag_compatibility/flyte-long-incompatible 237.60
1671.8±37.99ns 73.6 MB/sec 1.00 7.0±0.08ns 17.1 GB/sec
wheelname_tag_compatibility/flyte-short-compatible 16.07 223.5±8.60ns
128.0 MB/sec 1.00 13.9±0.30ns 2.0 GB/sec
wheelname_tag_compatibility/flyte-short-incompatible 149.83 628.3±2.13ns
51.6 MB/sec 1.00 4.2±0.10ns 7.6 GB/sec

We do regress slightly on the time it takes for `Tags::new` to run, but
this is somewhat expected. And in absolute terms, 114us is perfectly
acceptable given that it's only executed ~once for each `puffin`
invocation.

Ad hoc benchmarks indicate an overall 25% perf improvement in `puffin
pip-compile` times. This roughly corresponds with how much time
`is_compatible` was taking. Indeed, profiling confirms that it has
virtually disappeared from the profile.

Fixes #157
 2023-11-09 09:01:03 -05:00
konsti bdb89b4072
Allow setting num tasks in puffin-dev parallel resolve (#374) 2023-11-09 13:12:03 +00:00
Charlie Marsh 6144de0a7e
Implement some minor optimizations to version match (#371) 
`Range::intersection` goes from 74.2% to 64.9%, and `sortable_tuple`
goes from 2.3% to 1.5%.
 2023-11-09 02:11:40 +00:00
Charlie Marsh cfd84d6365
Support resolving for an alternate Python distribution (#364) 
## Summary

Low-priority but fun thing to end the day. You can now pass
`--target-version py37`, and we'll generate a resolution for Python 3.7.

See: https://github.com/astral-sh/puffin/issues/183.
 2023-11-08 23:19:16 +00:00
konsti d407bbbee6
Special case missing header build errors (on linux) (#354) 
One of the most common errors i observed are build failures due to
missing header files. On ubuntu, this generally means that you need to
install some `<...>-dev` package that the documentation tells you about,
e.g. [mysqlclient](https://github.com/PyMySQL/mysqlclient#linux) needs
`default-libmysqlclient-dev`, [some psycopg
versions](https://www.psycopg.org/psycopg3/docs/basic/install.html#local-installation)
(i remember that this was always required at some earlier point) require
`libpq-dev` and pygraphviz wants `graphviz-dev`. This is quite common
for many scientific packages (where conda has an advantage because they
can provide those package as a dependency).

The error message can be completely inscrutable if you're just a python
programmer (or user) and not a c programmer (example: pygraphviz):

```
warning: no files found matching '*.png' under directory 'doc'
warning: no files found matching '*.txt' under directory 'doc'
warning: no files found matching '*.css' under directory 'doc'
warning: no previously-included files matching '*~' found anywhere in distribution
warning: no previously-included files matching '*.pyc' found anywhere in distribution
warning: no previously-included files matching '.svn' found anywhere in distribution
no previously-included directories found matching 'doc/build'
pygraphviz/graphviz_wrap.c:3020:10: fatal error: graphviz/cgraph.h: No such file or directory
 3020 | #include "graphviz/cgraph.h"
      |          ^~~~~~~~~~~~~~~~~~~
compilation terminated.
error: command '/usr/bin/gcc' failed with exit code 1
```

The only relevant part is `Fatal error: graphviz/cgraph.h: No such file
or directory`. Why is this file not there and how do i get it to be
there?

This is even harder to spot in pip's output, where it's 11 lines above
the last line:


![image](https://github.com/astral-sh/puffin/assets/6826232/7a3d7279-e7b1-4511-ab22-d0a35be5e672)

I've special cased missing headers and made sure that the last line
tells you the important information: We're missing some header, please
check the documentation of {package} {version} for what to install:


![image](https://github.com/astral-sh/puffin/assets/6826232/4bbb8923-5a82-472f-ab1f-9e1471aa2896)

Scrolling up:


![image](https://github.com/astral-sh/puffin/assets/6826232/89a2495a-e188-4288-b534-ad885ee08763)

The difference gets even clearer with a default ubuntu terminal with its
80 columns:


![image](https://github.com/astral-sh/puffin/assets/6826232/49fb27bc-07c6-4b10-a1a1-30ec8e112438)

---

Note that the situation is better for a missing compiler, there i get:

```
[...]
warning: no previously-included files matching '*~' found anywhere in distribution
warning: no previously-included files matching '*.pyc' found anywhere in distribution
warning: no previously-included files matching '.svn' found anywhere in distribution
no previously-included directories found matching 'doc/build'
error: command 'gcc' failed: No such file or directory
---
```
Putting the last line into google, the first two results tell me to
`sudo apt-get install gcc`, the third even tells me about `sudo apt
install build-essential`
 2023-11-08 15:26:39 +00:00
konsti 2ebe40b986
Add `--no-build` (#358) 
By default, we will build source distributions for both resolving and
installing, running arbitrary code. `--no-build` adds an option to ban
this and only install from wheels, no source distributions or git builds
allowed. We also don't fetch these and instead report immediately.

I've heard from users for whom this is a requirement, i'm implementing
it now because it's helpful for testing.

I'm thinking about adding a shared `PuffinSharedArgs` struct so we don't
have to repeat each option everywhere.
 2023-11-08 10:05:15 -05:00
Charlie Marsh 4fe583257e
Use a custom PubGrub error type to always show resolution report (#365) 
Closes https://github.com/astral-sh/puffin/issues/356.

The example from the issue now renders as:

```
❯ cargo run --bin puffin-dev -q -- resolve-cli tensorflow-cpu-aws
puffin-dev failed
  Caused by: No solution found when resolving build dependencies for source distribution:
  Caused by: Because there is no available version for tensorflow-cpu-aws and root depends on tensorflow-cpu-aws, version solving failed.
```
 2023-11-08 09:57:26 -05:00
Charlie Marsh 3c24301193
Avoid removing progress bars (#362) 
This was dumb of me. We pass out indexes when adding progress bars, but
were then removing entries on completion, so any outstanding indexes
were now _invalid_. We just shouldn't remove them. The `MultiProgress`
retains a reference anyway, IIUC.

Closes https://github.com/astral-sh/puffin/issues/360.
 2023-11-07 18:58:17 +00:00
Charlie Marsh 7abe141d3f
Add SSL to possible spurious errors (#361) 
\cc @konstin
 2023-11-07 18:53:39 +00:00
Andrew Gallant 294955ecff
fix platform detection on Linux (#359) 
Rejigger Linux platform detection

This change makes some very small improvements to the Linux platform
detection logic. In particular, the existing logic did not work on my
Archlinux machine since /lib64/ld-linux-x86-64.so.2 isn't a symlink. In
that case, the detection logic should have fallen back to the slower
`ldd --version` technique, but `read_link` fails outright when its
argument isn't a symbolic link. So we tweak the logic to allow it to
fail, and if it does, we still try the `ldd --version` approach instead
of giving up completely.

I also made some cosmetic improvements to the regex matching, as well as
ensuring that the regexes are only compiled exactly once.
 2023-11-07 11:39:35 -05:00
konsti 692d2eb26f
puffin-dev resolve many improvements (#357) 
Print the current step, the time for and also respect the cache dir arg.
 2023-11-07 14:56:35 +00:00
Charlie Marsh b0286a8939
Add user feedback when building source distributions in the resolver (#347) 
It looks like Cargo, notice the bold green lines at the top (which
appear during the resolution, to indicate Git fetches and source
distribution builds):

<img width="868" alt="Screen Shot 2023-11-06 at 11 28 47 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/9647a480-7be7-41e9-b1d3-69faefd054ae">

<img width="868" alt="Screen Shot 2023-11-06 at 11 28 51 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/6bc491aa-5b51-4b37-9ee1-257f1bc1c049">

Closes https://github.com/astral-sh/puffin/issues/287 although we can do
a lot more here.
 2023-11-07 14:17:31 +00:00
Charlie Marsh 2c32bc5a86
Respect direct URLs in puffin installer (#345) 
We now write the `direct_url.json` when installing, and _skip_
installing if we find a package installed via the direct URL that the
user is requesting.

A lot of TODOs, especially around cleaning up the `Source` abstraction
and its relationship to `DirectUrl`. I'm gonna keep working on these
today, but this works and makes the requirements clear.

Closes #332.
 2023-11-07 09:11:27 -05:00
konsti c11586f2f0
Fix index out of bounds in SourceDistributionFilename::parse (#353) 
Found this one in the top 8k pypi tests too
 2023-11-07 11:44:40 +00:00
konsti c883b123ac
Allow greater than star (`torch (>=1.9.*)`) in lenient requirement (#351) 
This appeared in the pypi top 8k testing.
 2023-11-07 11:37:23 +00:00
konsti fbe28d3b7c
Fix mastodon-py dist-info handling (#336) 
mastodon-py 1.5.1 uses a dot in its dist-info dir name, which we
previously didn't handle, causing home-assistant to fail. The new
implementation is based on
2f83540272/src/packaging/utils.py (L146-L172).

Part of #199

```
unzip -l  Mastodon.py-1.5.1-py2.py3-none-any.whl
Archive:  Mastodon.py-1.5.1-py2.py3-none-any.whl
  Length      Date    Time    Name
---------  ---------- -----   ----
   153929  2020-02-29 17:39   mastodon/Mastodon.py
     1029  2019-10-11 19:15   mastodon/__init__.py
     7357  2019-10-11 20:24   mastodon/streaming.py
       10  2020-03-14 18:14   Mastodon.py-1.5.1.dist-info/DESCRIPTION.rst
     1398  2020-03-14 18:14   Mastodon.py-1.5.1.dist-info/metadata.json
        9  2020-03-14 18:14   Mastodon.py-1.5.1.dist-info/top_level.txt
      110  2020-03-14 18:14   Mastodon.py-1.5.1.dist-info/WHEEL
     1543  2020-03-14 18:14   Mastodon.py-1.5.1.dist-info/METADATA
      753  2020-03-14 18:14   Mastodon.py-1.5.1.dist-info/RECORD
---------                     -------
   166138                     9 files
```
 2023-11-07 12:36:11 +01:00
konsti aac8ae997f
Rename source distribution build to source build (#334) 
This is less verbose and better reflects that we're building both source
distributions and source trees passed into the function.
 2023-11-07 03:55:23 +00:00
Charlie Marsh 620afc3caf
Avoid refreshing Git repo twice (#350) 
This was a bug in the Git code (that I wrote, not from Cargo) -- when we
`precise` the reference, we should store the resolved commit.
 2023-11-07 02:52:15 +00:00
Charlie Marsh 243549876c
Upgrade PubGrub (#349) 
Upgrades to `fe309ffb63b2f3ce9b35eb7746b2350cd704515e`, with our changes
layered on top.
 2023-11-07 02:00:57 +00:00
Charlie Marsh 2c114592bd
Only store small wheels in-memory (#348) 
Closes https://github.com/astral-sh/puffin/issues/246.
 2023-11-07 00:50:00 +00:00
Zanie Blue e952557bf1
Improve root message when version solving fails (#344) 
Matching description at
https://github.com/dart-lang/pub/blob/master/doc/solver.md#linear-error-reporting
 2023-11-06 20:07:50 +00:00
Zanie Blue b0720ea5b2
Improve error message for dependencies with no versions available (#342) 
Partially addresses https://github.com/astral-sh/puffin/issues/310
Addresses case at
https://github.com/astral-sh/puffin/issues/309#issuecomment-1793541558
Follow-up to #300 ensuring `PuffinExternal` is used consistently when
formatting messages

Example at
https://github.com/astral-sh/puffin/pull/342/files#diff-5c74a74ef34ef1d6e7453de8d2d19134813156e8b6a657e6b5ed71fda5a3a870
 2023-11-06 14:04:29 -06:00
Zanie Blue 1748cfb522
Display dependency versions in pip-like format during solve failure (#346) 
- Display `==` for exact version ranges
- Remove space between dependency and version range
 2023-11-06 13:53:15 -06:00
Charlie Marsh a5e535f6fb
Remove `virtualenv` setup from gourgeist (#339) 
We now only support building bare environments.
 2023-11-06 18:32:45 +00:00
Charlie Marsh b013ea9c93
Move `DirectUrl` into `pypi-types` (#343) 
This needs to be reused elsewhere, and there's nothing specific to wheel
installation about it.
 2023-11-06 18:26:33 +00:00
Charlie Marsh 24e30e6557
Split `puffin-package` into requirements.txt parser and `pypi-types` (#341) 
There are only two things left in this crate and they don't really have
anything to do with one another.
 2023-11-06 18:19:49 +00:00
Charlie Marsh 1f447892f3
Rename `PartitionedRequirements` to `InstallPlan` (#340) 
@konstin named this file at some point and I like it, it feels
appropriate for the struct itself too.
 2023-11-06 12:44:35 -05:00
Charlie Marsh d9bcfafa16
Write `direct_url.json` in wheel installer (#337) 
## Summary

This PR just adds the logic in `install-wheel-rs` to write
`direct_url.json`. We're not actually taking advantage of it yet (or
wiring it through) in Puffin.

Part of https://github.com/astral-sh/puffin/issues/332.
 2023-11-06 17:09:28 +00:00
konsti 9b077f3d0f
`cargo upgrade --incompatible` (#330) 
Ran `cargo upgrade --incompatible`, seems there are no changes required.

From cacache 0.12.0:
> BREAKING CHANGE: some signatures for copy have changed, and copy no
longer automatically reflinks

`which` 5.0.0 seems to have only error message changes.
 2023-11-06 14:14:47 +00:00
konsti d99ca3159b
Cache the setup.py resolution (#327) 
Cache the resolution for the setup.py requirements (`pip`, `setuptools`,
`wheels`) across builds.
 2023-11-06 14:14:24 +00:00
konsti b2439b24a1
Fetch wheel metadata by async range requests on the remote wheel (#301) 
Use range requests and async zip to extract the METADATA file from a
remote wheel.

We currently only cache when the remote says the remote declares the
resource as immutable, see
https://github.com/06chaynes/http-cache/issues/57 and
https://github.com/baszalmstra/async_http_range_reader/pull/1 . The
cache is stored as json with the description omitted, this improve cache
deserialization performance.
 2023-11-06 15:06:49 +01:00
konsti 6f83a44fea
Improve error messages and make cache failures non fatal (#333) 2023-11-06 15:06:27 +01:00
konsti 3defe233e6
Use dist info name in cache again (#331) 
Fixup for the `PackageName`/`DistInfoName` refactor that would lead to
invalid cache entries
 2023-11-06 13:47:38 +00:00
Charlie Marsh 6d672b8951
Add source distribution support to `pip-compile` (#323) 
## Summary

This is a first-pass at adding source distribution support to the
installer.

The previous installation flow was:

1. Come up with a plan.
1. Find a distribution (specific file) for every package that we'll need
to download.
1. Download those distributions.
1. Unzip them (since we assumed they were all wheels).
1. Install them into the virtual environment.

Now, Step (3) downloads both wheels and source distributions, and we
insert a step between Steps (3) and (4) to build any source
distributions into zipped wheels.

There are a bunch of TODOs, the most important (IMO) is that we
basically have two implementations of downloading and building, between
the stuff in `puffin_installer` and `puffin_resolver` (namely in
`crates/puffin-resolver/src/distribution`). I didn't attempt to clean
that up here -- it's already a problem, and it's related to the overall
problem we need to solve around unified caching and resource management.

Closes #243.
 2023-11-06 08:22:36 -05:00
konsti b79a15b458
Update pyproject-toml to 0.8.0 (#329) 2023-11-06 13:16:36 +00:00
konsti 81f380b10e
Validate package and extra name (#290) 
`PackageName` and `ExtraName` can now only be constructed from valid
names. They share the same rules, so i gave them the same
implementation. Constructors are split between `new` (owned) and
`from_str` (borrowed), with the owned version avoiding allocations.

Closes #279

---------

Co-authored-by: Zanie <contact@zanie.dev>
 2023-11-06 10:04:31 +00:00
Charlie Marsh ea28b3d0d3
Add a git feature to tests (#325) 2023-11-06 05:32:43 +00:00
Charlie Marsh 8463e92121
Fix bad Flask reference in tests (#324) 2023-11-06 05:20:43 +00:00
Charlie Marsh 1637f1c216
Add source distribution support to the `DistributionFinder` (#322) 
## Summary

This just enables the `DistributionFinder` (previously known as the
`WheelFinder`) to select source distributions when there are no matching
wheels for a given platform. As a reminder, the `DistributionFinder` is
a simple resolver that doesn't look at any dependencies: it just takes a
set of pinned packages, and finds a distribution to install to satisfy
each requirement.
 2023-11-06 00:16:04 -05:00
Charlie Marsh d785ffdbff
Move `Source` abstraction into `puffin-distribution` (#321) 
No code changes, but this will allow it to be shared between the
installer and the resolver.
 2023-11-06 02:31:15 +00:00
Charlie Marsh 4b83d8e949
Require URL dependencies to be declared upfront (#319) 
In the resolver, our current model for solving URL dependencies requires
that we visit the URL dependency _before_ the registry-based dependency.
This PR encodes a strict requirement that all URL dependencies be
declared upfront, either as requirements or constraints.

I wrote more about how it works and why it's necessary in documentation
[here](https://github.com/astral-sh/puffin/pull/319/files#diff-2b1c4f36af0c62a2b7bebeae9473ae083588f2a6b18a3ec52393a24266adecbbR20).
I think we could relax this constraint over time, but it requires a more
sophisticated model -- and for now, I just want something that's (1)
correct, (2) easy for us to reason about, and (3) easy for users to
reason about.

As additional motivation... allowing arbitrary URL dependencies anywhere
in the tree creates some really confusing situations in which I'm not
even sure what the right answers are. For example, assume you declare a
direct dependency on `Werkzeug==2.0.0`. You then depend on a version of
Flask that depends on a version of `Werkzeug` from some arbitrary URL.
You build the source distribution at that arbitrary URL, and it turns
out it _does_ build to a declared version of 2.0.0. What should happen?
(And if it resolves to a version that _isn't_ 2.0.0, what should happen
_then_?) I suspect different tools handle this differently, but it must
lead to a lot of "silent" failures. In my testing of Poetry, it seems
like Poetry just ignores the URL dependency, which seems wrong, but is
also a behavior we could implement in the future.

Closes https://github.com/astral-sh/puffin/issues/303.
Closes https://github.com/astral-sh/puffin/issues/284.
 2023-11-05 17:09:58 +00:00
Charlie Marsh c03b4da3a2
Properly remove `.git ` extension even for URLs with `@` commit markers (#320) 2023-11-04 19:45:30 +00:00
Charlie Marsh a53188cac7
Avoid unnecessarily fetching non-marker-required first-party dependencies (#318) 
E.g., given:

```
flask; python_version < '3.7'
requests
```

We shouldn't request the metadata for Flask when on Python versions 3.7
or later.
 2023-11-04 17:03:43 +00:00
Charlie Marsh 051188dce0
Use separate representations for canonical repository vs. commit (#317) 
Given `https://github.com/pypa/package.git#subdirectory=pkg_a` and
`https://github.com/pypa/package.git#subdirectory=pkg_b`, we want these
to map to the same shared _resource_ (for locking and cloning), but
different _packages_ (for determining whether the wheel already exists
in the cache). As such, we need two distinct concepts for "canonical
equality".

Closes #316.
 2023-11-04 11:46:42 -04:00
Charlie Marsh b589813e59
Enforce that built package name matches declared package name (#315) 
Closes https://github.com/astral-sh/puffin/issues/306.
 2023-11-03 22:58:12 +00:00
Charlie Marsh 643cf3b3aa
Unify subdirectory handling in `source.rs` (#314) 
Avoids having to encode all the `git+` and `subdirectory=` logic in
multiple places.
 2023-11-03 19:33:38 +00:00
Charlie Marsh edce4ccb24
Add support for subdirectories in URL dependencies (#312) 
Closes https://github.com/astral-sh/puffin/issues/307.
 2023-11-03 15:28:38 -04:00
Zanie Blue cbfd6af125
Error if `--all-extras` is used without a `pyproject.toml` source (#292) 
Closes https://github.com/astral-sh/puffin/issues/260
 2023-11-03 12:07:32 -05:00
Charlie Marsh aa9882eee8
Use locks to prevent concurrent accesses to the same Git repo (#304) 
Ensures that if we need to access the same Git repo twice in a
resolution, we only have one handler to that repo at a time. (Otherwise,
`git2` panics.)
 2023-11-03 16:33:14 +00:00
Charlie Marsh fa1bbbbe08
Write fully-precise Git SHAs to `pip-compile` output (#299) 
This PR adds a mechanism by which we can ensure that we _always_ try to
refresh Git dependencies when resolving; further, we now write the fully
resolved SHA to the "lockfile". However, nothing in the code _assumes_
we do this, so the installer will remain agnostic to this behavior.

The specific approach taken here is minimally invasive. Specifically,
when we try to fetch a source distribution, we check if it's a Git
dependency; if it is, we fetch, and return the exact SHA, which we then
map back to a new URL. In the resolver, we keep track of URL
"redirects", and then we use the redirect (1) for the actual source
distribution building, and (2) when writing back out to the lockfile. As
such, none of the types outside of the resolver change at all, since
we're just mapping `RemoteDistribution` to `RemoteDistribution`, but
swapping out the internal URLs.

There are some inefficiencies here since, e.g., we do the Git fetch,
send back the "precise" URL, then a moment later, do a Git checkout of
that URL (which will be _mostly_ a no-op -- since we have a full SHA, we
don't have to fetch anything, but we _do_ check back on disk to see if
the SHA is still checked out). A more efficient approach would be to
return the path to the checked-out revision when we do this conversion
to a "precise" URL, since we'd then only interact with the Git repo
exactly once. But this runs the risk that the checked-out SHA changes
between the time we make the "precise" URL and the time we build the
source distribution.

Closes #286.
 2023-11-03 16:26:57 +00:00
Zanie Blue addcfe533a
Implement custom resolution failure reporter to hide root package versions (#300) 
Extends #295 
Closes #214 

Copies some of the implementations from `pubgrub::report` so we can
implement Puffin `PubGrubPackage` specific display when explaining
failed resolutions.

Here, we just drop the dummy version number if it's a
`PubGrubPackage::Root` package. In the future, we can further customize
reporting.
 2023-11-03 10:47:01 -05:00
Zanie Blue e1382cc747
Report project name instead of `root` when using `pyproject.toml` files (#295) 
Part of https://github.com/astral-sh/puffin/issues/214

Adds a `project: Option<PackageName>` to the `Manifest`, `Resolver`, and
`RequirementsSpecification`.
To populate an optional `name` for `PubGubPackage::Root`.

I'll work on removing the version number next.

Should we consider using the parent directory name when a
`pyproject.toml` file is not present?
 2023-11-03 10:22:10 -05:00
konsti e008c43f29
Add PackageName::as_dist_info_name (#305) 
From
https://packaging.python.org/en/latest/specifications/recording-installed-packages/#recording-installed-packages

> This directory is named as {name}-{version}.dist-info, with name and
version fields corresponding to Core metadata specifications. Both
fields must be normalized (see Package name normalization and PEP 440
for the definition of normalization for each field respectively), and
replace dash (-) characters with underscore (_) characters, so the
.dist-info directory always has exactly one dash (-) character in its
stem, separating the name and version fields.

Follow up to #278
 2023-11-03 08:16:44 +00:00
Charlie Marsh e47d3f1f66
Respect pip-like Git branch, tag, and commit references (#297) 
We need to parse revisions out from URLs like `MyProject @
git+https://git.example.com/MyProject.git@v1.0`, per [VCS
Support](https://pip.pypa.io/en/stable/topics/vcs-support/). Cargo has
the advantage that it uses a TOML table in its configuration, so the
user has to specify whether they're fetching a commit, a tag, a branch,
etc. We have to instead assume that anything that isn't clearly a commit
is _either_ a branch or a tag.

Closes https://github.com/astral-sh/puffin/issues/296.
 2023-11-02 15:10:02 -04:00
Charlie Marsh a4002fe132
Make cache non-optional in most crates (#293) 
This PR makes the cache non-optional in most of Puffin, which simplifies
the code, allows us to reuse the cache within a single command (even
with `--no-cache`), and also allows us to use the cache for disk storage
across an invocation.

I left the cache as optional for the `Virtualenv` and `InterpreterInfo`
abstractions, since those are generic enough that it seems nice to have
a non-cached version, but it's kind of arbitrary.
 2023-11-02 13:40:20 -04:00
Charlie Marsh a02bf2e415
Split `source_distribution.rs` into separate wheel and sdist fetchers (#291) 2023-11-02 16:04:51 +00:00
konsti c6f2dfd727
Use shared insta filters (#270) 
Internal refactoring for consistency between tests
 2023-11-02 16:42:59 +01:00
Charlie Marsh 62c474d880
Add support for Git dependencies (#283) 
## Summary

This PR adds support for Git dependencies, like:

```
flask @ git+https://github.com/pallets/flask.git
```

Right now, they're only supported in the resolver (and not the
installer), since the installer doesn't yet support source distributions
at all.

The general approach here is based on Cargo's Git implementation.
Specifically, I adapted Cargo's
[`git`](23eb492cf9/src/cargo/sources/git/mod.rs)
module to perform the cloning, which is based on `libgit2`.

As compared to Cargo's implementation, I made the following changes:

- Removed any unnecessary code.
- Fixed any Clippy errors for our stricter ruleset.
- Removed the dependency on `curl`, in favor of `reqwest` which we use
elsewhere.
- Removed the ability to use `gix`. Cargo allows the use of `gix` as an
experimental flag, but it only supports a small subset of the
operations. When Cargo fully adopts `gix`, we should plan to do the
same.
- Removed Cargo's host key checking. We need to re-add this! I'll do it
shortly.
- Removed Cargo's progress bars. We should re-add this too, but we use
`indicatif` and Cargo had their own thing.

There are a few follow-ups to consider:

- Adding support in the installer.
- When we lock, we should write out the Git URL that includes the exact
SHA. This lets us cache in perpetuity and avoids dependencies changing
without re-locking.
- When we resolve, we should _always_ try to refresh Git dependencies.
(Right now, we skip if the wheel was already built.)

I'll work on the latter two in follow-up PRs.

Closes #202.
 2023-11-02 15:14:55 +00:00
konsti 4adaa9a700
Wheel filename distribution package name (#278) 
The normalized name abstractions were not consistently, this PR uses
them where they were previously missing:
* `WheelFilename::distribution`
* `Requirement::name`
* `Requirement::extras`
* `Metadata21::name`
* `Metadata21::provides_dist`

With `puffin-package` depending on `pep508_rs` this would be cyclical
crate dependency, so `puffin-normalize` gets split out from
`puffin-package`.

`DistInfoName` has the same task and semantics as `PackageName`, so it's
merged into the latter.

`PackageName` and `ExtraName` documentation is moved onto the type and
their constructors are called `new` instead of `normalize`. We now use
these constructors rarely enough the implicit allocation by
`to_string()` shouldn't matter anymore, while more actual cloning
becomes visible.
 2023-11-02 11:15:27 +00:00
konsti 9488804024
Add docker builder (#238) 
This docker container provides isolation of source distribution builds,
whether [intended to be
helpful](https://pypi.org/project/nvidia-pyindex/) or other more or less
malicious forms of host system modification.

Fixes #194

---------

Co-authored-by: Zanie Blue <contact@zanie.dev>
 2023-11-02 12:03:56 +01:00
Charlie Marsh 2ee555df7b
Use `puffin_cache::digest` in another site (#289) 2023-11-02 04:48:14 +00:00
Charlie Marsh 0c9e975f75
Rename `distribution.rs` to `file.rs` in `puffin-resolver` (#288) 2023-11-01 23:52:53 -04:00
Zanie Blue b8ff32f6be
Respect markers on constraints (#282) 
Closes #252
 2023-11-01 20:20:32 -05:00
Charlie Marsh 8123e1a8f6
Add stable hash crate (#281) 
This PR adds a `puffin-cache` crate that we can share across a variety of
other crates to generate stable hashes.
 2023-11-01 23:41:45 +00:00
Zanie Blue 67e3e45839
Add support for `--all-extras` to `pip-compile` (#259) 
Closes #244

Notable decision to error if `--all-extra` and `--extra <name>` are both
provided.
 2023-11-01 13:39:49 -05:00
konsti c6aa1cd7a3
Only fall back to copy when the first hard linking failed (#268) 
Hard linking might not be supported but we (afaik) can't detect this
ahead of time, so we'll try hard linking the first file, if this
succeeds we'll know later hard linking errors are not due to lack of
os/fs support, if it fails we'll switch to copying for the rest of the
install. Follow up to
https://github.com/astral-sh/puffin/pull/237#discussion_r1376705137
 2023-11-01 18:35:52 +01:00
konsti b0678aa6fc
Show dev resolve output (#277) 
Show the resolution in a concise format for puffin-dev. Note that this
doesn't affect the main puffin output, it's just more convenient for me
when developing.
 2023-11-01 15:54:47 +00:00
konsti d1af90163b
Improve client reqwest errors (#276) 
I had to debug a failure involving these errors and had to improve their
output.
 2023-11-01 16:52:58 +01:00
konsti 997228f4be
Add resolve from cli dev command (#272) 
I don't want to create a new file for every requirement i test
 2023-11-01 15:46:37 +00:00
Zanie Blue 3d5f8249ef
Add validation of extra names (#257) 
Extends #254 

Adds validation of extra names provided by users in `pip-compile` e.g. 

```
error: invalid value 'foo!' for '--extra <EXTRA>': Extra names must start and end with a
letter or digit and may only contain -, _, ., and alphanumeric characters
```

We'll want to add something similar to `PackageName`. I'd be curious to
improve the AP, making the unvalidated nature of `::normalize` clear?
Perhaps worth pursuing later though as I don't have a better idea.
 2023-11-01 10:40:43 -05:00
Charlie Marsh 2652caa3e3
Add support for URL dependencies (#251) 
## Summary

This PR adds support for resolving and installing dependencies via
direct URLs, like:

```
werkzeug @ 960bb4017c4aed12b5ed8b78e0153e/Werkzeug-2.0.0-py3-none-any.whl
```

These are fairly common (e.g., with `torch`), but you most often see
them as Git dependencies.

Broadly, structs like `RemoteDistribution` and friends are now enums
that can represent either registry-based dependencies or URL-based
dependencies:

```rust
/// A built distribution (wheel) that exists as a remote file (e.g., on `PyPI`).
#[derive(Debug, Clone)]
#[allow(clippy::large_enum_variant)]
pub enum RemoteDistribution {
    /// The distribution exists in a registry, like `PyPI`.
    Registry(PackageName, Version, File),
    /// The distribution exists at an arbitrary URL.
    Url(PackageName, Url),
}
```

In the resolver, we now allow packages to take on an extra, optional
`Url` field:

```rust
#[derive(Debug, Clone, Eq, Derivative)]
#[derivative(PartialEq, Hash)]
pub enum PubGrubPackage {
    Root,
    Package(
        PackageName,
        Option<DistInfoName>,
        #[derivative(PartialEq = "ignore")]
        #[derivative(PartialOrd = "ignore")]
        #[derivative(Hash = "ignore")]
        Option<Url>,
    ),
}
```

However, for the purpose of version satisfaction, we ignore the URL.
This allows for the URL dependency to satisfy the transitive request in
cases like:

```
flask==3.0.0
werkzeug @ 254c3e9b5f5941e900b71206e6313b/werkzeug-3.0.1-py3-none-any.whl
```

There are a couple limitations in the current approach:

- The caching for remote URLs is done separately in the resolver vs. the
installer. I decided not to sweat this too much... We need to figure out
caching holistically.
- We don't support any sort of time-based cache for remote URLs -- they
just exist forever. This will be a problem for URL dependencies, where
we need some way to evict and refresh them. But I've deferred it for
now.
- I think I need to redo how this is modeled in the resolver, because
right now, we don't detect a variety of invalid cases, e.g., providing
two different URLs for a dependency, asking for a URL dependency and a
_different version_ of the same dependency in the list of first-party
dependencies, etc.
- (We don't yet support VCS dependencies.)
 2023-11-01 09:21:44 -04:00
Zanie Blue fa9f8df396
Fix test snapshot filter when runtime is greater than 1s (#267) 
Tests would sometimes flake with this locally e.g. "1.50s" was not
filtered correctly.

Verified with

```diff
diff --git a/crates/puffin-cli/src/commands/pip_compile.rs b/crates/puffin-cli/src/commands/pip_compile.rs
index 0193216..2d6f8af 100644
--- a/crates/puffin-cli/src/commands/pip_compile.rs
+++ b/crates/puffin-cli/src/commands/pip_compile.rs
@@ -150,6 +150,8 @@ pub(crate) async fn pip_compile(
         result => result,
     }?;
 
+    std:🧵:sleep(std::time::Duration::from_secs(1));
+
     let s = if resolution.len() == 1 { "" } else { "s" };
     writeln!(
         printer,
```
 2023-11-01 13:15:06 +00:00
Charlie Marsh 079b685c8c
Use distributions for `Reporter` signatures (#266) 2023-11-01 03:19:13 +00:00
Charlie Marsh bee1b0f5ad
Avoid re-parsing wheel filename in source distribution tree (#265) 2023-10-31 21:02:09 +00:00
Charlie Marsh aff26f2301
Reuse distribution structs in Resolver's `source_distribution.rs` (#264) 2023-10-31 20:50:34 +00:00
Zanie Blue 4be9ba483f
Remove implicit clone from `ExtraName` and document requirement in `PackageName` (#262) 
per discussion in #137


https://discord.com/channels/1039017663004942429/1148719284013510676/1169000261746962473
 2023-10-31 15:24:27 -05:00
Zanie Blue 0dc7e6335e
Default to `puffin venv` path to `.venv` (#261) 
Closes https://github.com/astral-sh/puffin/issues/236
 2023-10-31 15:24:19 -05:00
Zanie Blue e00d208318
Add documentation to `PackageName::normalize` (#263) 2023-10-31 15:24:08 -05:00
Charlie Marsh 89dad0c9ad
Move distribution abstraction in shared crate (#258) 
This also allows us to get rid of `PinnedPackage` _and_ to remove some
`Result<...>` types due to needless conversions between
otherwise-identical types.
 2023-10-31 15:30:06 -04:00
Zanie Blue 1ddb7d2827
Add error when user requests extras that do not exist (#254) 
Extends #253 
Closes #241 

Adds `extras` to `RequirementsSpecification` to track extras used to
construct the requirements so we can throw an error when not all of the
requested extras are used.
 2023-10-31 19:17:36 +00:00
Zanie Blue 322532d6f9
Normalize optional dependency group names in pyproject files (#253) 
Going to add some tests.

Extends #239 
Closes #245 

Normalizes optional dependency group names found in pyproject files
before comparing them to the normalized user-requested extras.
 2023-10-31 14:15:00 -05:00
Charlie Marsh 3312ce30f5
Upgrade crates and remove unused dependencies (#256) 2023-10-31 13:16:58 -04:00
Charlie Marsh 16aac834ee
Move PyPI-oriented types out of `puffin-client` crate (#255) 
Just an internal change to avoid a dependency on `puffin-client` for
those crates that need access to PyPI-metadata types.
 2023-10-31 17:10:23 +00:00
Zanie Blue 08f09e4743
Add support for `pip-compile --extra <name>` (#239) 
Adds support for `pip-compile --extra <name> ...` which includes
optional dependencies in the specified group in the resolution.

Following precedent in `pip-compile`, if a given extra is not found,
there is no error. ~We could consider warning in this case.~ We should
probably add an error but it expands scope and will be considered
separately in #241
 2023-10-31 11:59:40 -05:00
Charlie Marsh 9244404102
Resolve interpreter symlinks when creating virtual environments (#250) 
Closes https://github.com/astral-sh/puffin/issues/249.
 2023-10-31 08:22:52 -04:00
Charlie Marsh 2f38701008
Remove unused wheel cache argument from downloader (#248) 2023-10-31 02:23:50 +00:00
Charlie Marsh ae203f998a
Rename `Unzipper#download` to `Unzipper#unzip` (#247) 2023-10-31 01:19:27 +00:00
Charlie Marsh 1f059b30dd
Remove `Box<Pin<...>>` from `process_request` (#242) 2023-10-30 16:34:57 -04:00
konsti 35d6bd761b
Fallback to copy if hardlinking failed (#237) 2023-10-30 19:10:01 +00:00
konstin 1529def563 Implement mixed PEP 517 and setup.py build 
There are packages such as DTLSSocket 0.1.16 that say
```toml
[build-system]
requires = ["Cython<3", "setuptools", "wheel"]
```
In this case we need to install requires PEP 517 style but then call setup.py in the
legacy way

Part of making home-assistant work
 2023-10-30 19:11:52 +01:00
konsti 29bd0a4ed8
Fix musl compilation (#234) 
musl (which we already use in ruff) allows statically linked binaries on
linux. This PR switches to rustls and vendors and fixes the glibc
detection. Using static musl builds makes it easier to avoid glibc
errors in docker and we'll need it later for alpine users anyway.

An alternative is using vendored openssl.
 2023-10-30 18:10:17 +01:00
konsti d47dc64974
Ignore self requirements (#233) 
gps3 0.33.3 depends on itself, which we can ignore. I've also added the
home assistant requirements since it occurred when testing with this.
 2023-10-30 17:13:52 +01:00
Charlie Marsh 0be20a41a4
Make version selection wheel-vs.-sdist-agnostic (#232) 
Closes https://github.com/astral-sh/puffin/issues/231.
 2023-10-30 11:21:10 -04:00
Charlie Marsh 8d992dca3f
Fail gracefully when invalid markers are stored (#230) 2023-10-30 04:02:51 +00:00
Charlie Marsh e73d3f0ff8
Use bounded ranges rather than constructing manual ranges (#228) 
I didn't realize this, but they made a bunch of improvements to how
PubGrub represents versions which lets us greatly simplify our own
PubGrub version wrapper
(https://github.com/pubgrub-rs/guide/pull/6/files).
 2023-10-30 03:58:43 +00:00
Charlie Marsh fb2d4fc421
Set style before message (#229) 
Prevents flickering in the resolver case.
 2023-10-30 03:57:03 +00:00
Charlie Marsh ffbf6b6c16
Avoid symlinking `RECORD` file (#227) 
This is the one file that gets modified during installation. Hardlinking
it is bad!
 2023-10-30 03:10:38 +00:00
Charlie Marsh 1d3ea242d4
Re-export from PubGrub module (#226) 2023-10-30 02:03:52 +00:00
Charlie Marsh f2dd0d90be
Add a resolver reporter (#225) 
Closes https://github.com/astral-sh/puffin/issues/223.
 2023-10-30 02:00:09 +00:00
Charlie Marsh 6da9c2f534
Tweak response buffering (#224) 
In my testing, we can both increase the number of concurrent requests
and remove the `ready_chunks`.
 2023-10-29 21:07:46 -04:00
Charlie Marsh 1c5cdcd70a
Prioritize packages in visited order (#222) 2023-10-30 00:48:36 +00:00
Charlie Marsh 2ba85bf80e
Add PubGrub's priority queue (#221) 
Pulls in https://github.com/pubgrub-rs/pubgrub/pull/104.
 2023-10-29 21:16:02 +00:00
Charlie Marsh 4209e77c95
Upgrade `pubgrub-rs` version (#220) 
Upgrades our PubGrub to 8951e37fe923a7edd5a78ed5f49f165b0fdc48de.
 2023-10-29 20:25:55 +00:00
Charlie Marsh 1e4259a608
Make the resolver deterministic (#218) 
At a minor performance cost...

Closes https://github.com/astral-sh/puffin/issues/204.
 2023-10-29 18:42:25 +00:00
Charlie Marsh bae3c89ab1
Add a `--prerelease` flag to the CLI (#217) 2023-10-29 18:39:30 +00:00
Charlie Marsh 7e7e9f8a0c
Add support for pre-release versions (#216) 
We now accept a pre-release if (1) all versions are pre-releases, or (2)
there was a pre-release marker in the dependency specifiers for a direct
dependency.

The code is written such that we can support a variety of pre-release
strategies.

Closes https://github.com/astral-sh/puffin/issues/191.
 2023-10-29 14:31:55 -04:00
konsti 6cd4650c1f
Support missing `build_system` key (#213) 
Reduces the number of failing projects out of the top 1000 pypi projects
from 5 to 2.
 2023-10-27 12:12:12 +02:00
Charlie Marsh 8b83385763
Support constraints in `requirements.in` files (#212) 
Closes #172.
 2023-10-27 00:41:02 +00:00
Charlie Marsh 58011f98b6
Revert "Add TODO around preferring local wheels" (#211) 
Reverts astral-sh/puffin#208. Unclear if we actually want to do this.
 2023-10-26 23:03:00 +00:00
Charlie Marsh d5c3ff789a
Sort wheels by size when downloading and zipping (#210) 
I just learned about this from PackagingCon, and locally, it shows a
nice speedup:

```
❯ hyperfine --warmup 3 --prepare "rm -rf .venv && ./target/release/puffin venv .venv" "./target/release/puffin pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache" "./target/release/main pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache"
Benchmark 1: ./target/release/puffin pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache
  Time (mean ± σ):      3.958 s ±  0.250 s    [User: 1.323 s, System: 5.840 s]
  Range (min … max):    3.652 s …  4.402 s    10 runs

Benchmark 2: ./target/release/main pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache
  Time (mean ± σ):      4.214 s ±  0.451 s    [User: 1.322 s, System: 5.976 s]
  Range (min … max):    3.708 s …  5.268 s    10 runs

Summary
  './target/release/puffin pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache' ran
    1.06 ± 0.13 times faster than './target/release/main pip-sync ./scripts/benchmarks/requirements-large.txt --no-cache'
```
 2023-10-26 20:50:56 +00:00
Charlie Marsh 12e6b46ae8
Add TODO around preferring local wheels (#208) 2023-10-26 19:09:03 +00:00
Charlie Marsh 7bce41498e
Improve debug logging in dispatcher (#206) 
Also makes the order of operations more similar to that of the
`pip-compile` command.
 2023-10-26 18:54:47 +00:00
konsti 5ad58474ca
Add script to check the top 8k pypi packages (#198) 
To check to top 1k (current state):

```bash
scripts/resolve/get_pypi_top_8k.sh
cargo run --bin puffin-dev -- resolve-many scripts/resolve/pypi_top_8k_flat.txt --limit 1000
```

Results:
```
Errors: pywin32, geoip2, maxminddb, pypika, dirac
Success: 995, Error: 5
```
pywin32 has no solution for the build environment, 3 have no
`[build-system]` entry in pyproject.toml, `dirac` is missing cmake
 2023-10-26 12:03:59 +00:00
konsti 216b6c41c2
Start puffin-dev (#193) 
Currently, this is only the source distribution building feature moved.
It's intended that we can add development and test commands there
without affecting the main cli surface
 2023-10-26 09:17:22 +00:00
konsti 862c1654a0
Select most recent wheel, most recent sdist (#190) 
Select a compatible wheel for a version, even we already found a source
distribution previously.

If no wheel is found, select the most recent source distribution, not
the oldest compatible one.

This fixes the resolution of `mst.in`, which i added
 2023-10-26 08:15:26 +00:00
Charlie Marsh 13e4171916
Inline manifest creations in resolver tests (#188) 2023-10-26 04:36:03 +00:00
Charlie Marsh 6faaf4bc24
Respect existing versions in "lockfile" (#187) 
Like `pip-compile`, we now respect existing versions from the
`requirements.txt` provided via `--output-file`, unless you pass a
`--upgrade` flag.

Closes #166.
 2023-10-26 04:28:58 +00:00
Charlie Marsh 9f894213e0
Omit colors when writing to output file (#186) 
We were writing color escape codes to the file specified by `-o`.
 2023-10-26 04:12:25 +00:00
Charlie Marsh 61a61db154
Filter and store all distributions upfront (#185) 
Modifies the resolver to remove any incompatible distributions upfront,
and store them in an index by version. This will be necessary to support
`--upgrade` semantics.

This actually does cause a meaningful slowdown right now (since we now
iterate over all files, even if we otherwise never would've needed to
touch them), but we should be able to optimize it out later.
 2023-10-26 01:06:44 +00:00
Charlie Marsh 5ed913af50
Rename `SolverCache` (#184) 
Everywhere else, we use cache to refer to a filesystem cache, so this is
kind of confusing. It's really an in-memory index that we build up over
the course of the solve.
 2023-10-25 23:53:31 +00:00
konsti 889f6173cc
Unify python interpreter abstractions (#178) 
Previously, we had two python interpreter metadata structs, one in
gourgeist and one in puffin. Both would spawn a subprocess to query
overlapping metadata and both would appear in the cli crate, if you
weren't careful you could even have to different base interpreters at
once. This change unifies this to one set of metadata, queried and
cached once.

Another effect of this crate is proper separation of python interpreter
and venv. A base interpreter (such as `/usr/bin/python/`, but also pyenv
and conda installed python) has a set of metadata. A venv has a root and
inherits the base python metadata except for `sys.prefix`, which unlike
`sys.base_prefix`, gets set to the venv root. From the root and the
interpreter info we can compute the paths inside the venv. We can reuse
the interpreter info of the base interpreter when creating a venv
without having to query the newly created `python`.
 2023-10-25 20:11:36 +00:00
konsti 1fbe328257
Build source distributions in the resolver (#138) 
This is isn't ready, but it can resolve
`meine_stadt_transparent==0.2.14`.

The source distributions are currently being built serially one after
the other, i don't know if that is incidentally due to the resolution
order, because sdist building is blocking or because of something in the
resolver that could be improved.

It's a bit annoying that the thing that was supposed to do http requests
now suddenly also has to a whole download/unpack/resolve/install/build
routine, it messes up the type hierarchy. The much bigger problem though
is avoid recursive crate dependencies, it's the reason for the callback
and for splitting the builder into two crates (badly named atm)
 2023-10-25 20:05:13 +00:00
konsti b5c57ee6fe
Fix rustdoc warnings (#182) 
Changes to make `cargo doc --all --all-features` pass without warnings.
 2023-10-25 11:48:24 +00:00
Charlie Marsh d0aeb2ac80
Remove vector allocation in `WheelFilename` (#177) 2023-10-24 01:23:14 +00:00
Charlie Marsh 21bb9c29cc
Add an additional requirements fixup (#174) 
Also checking in a variety of different requirements inputs.
 2023-10-23 19:50:39 -04:00
konstin 815c2117c8 Clippy 2023-10-23 13:54:31 +02:00
Charlie Marsh 0e097874f8
Add support for alternate index URLs (#169) 
As elsewhere, we just use the `pip` and `pip-compile` APIs. So we
support `--index-url` to override PyPI, then `--extra-index-url` to add
_additional_ indexes, and `--no-index` to avoid hitting the index at
all.

Closes #156.
 2023-10-23 03:18:30 +00:00
Charlie Marsh 49a27ff33c
Add support for parameterized link modes (#164) 
Allows the user to select between clone, hardlink, and copy semantics
for installs. (The pnpm documentation has a decent description of what
these mean: https://pnpm.io/npmrc#package-import-method.)

Closes #159.
 2023-10-22 04:35:50 +00:00
Charlie Marsh 9bcc7fe77a
Move venv command to miette (#162) 2023-10-22 04:17:16 +00:00
Charlie Marsh 370771b28c
Make `clean` non-async (#163) 2023-10-22 03:54:13 +00:00
Charlie Marsh b665f1489a
Add tests for `puffin sync` (#161) 
Closes #158.
 2023-10-22 03:25:00 +00:00
Charlie Marsh 3072c3265e
Add support for lowest and lowest-direct resolution modes (#160) 
Borrows terminology from pnpm by introducing three resolution modes:

- "Highest": always choose the highest compliant version (default).
- "Lowest": always choose the lowest compliant version.
- "LowestDirect": choose the lowest compliant version of direct
dependencies, and the highest compliant version of any transitive
dependencies. (This makes a bit more sense than "lowest".)

Closes https://github.com/astral-sh/puffin/issues/142.
 2023-10-21 22:58:06 -04:00
konsti ae9d1f7572
Add source distribution filename abstraction (#154) 
The need for this became clear when working on the source distribution
integration into the resolver.

While at it i also switch the `WheelFilename` version to the parsed
`pep440_rs` version now that we have this crate.
 2023-10-20 17:45:57 +02:00
Charlie Marsh 6f52b5ca4d
Use index instead of current selection (#155) 
We can also use `swap_remove` because we're discarding the vector.
 2023-10-20 14:02:24 +00:00
Charlie Marsh 4645f79237
Use `FxHash` (#151) 2023-10-20 05:26:06 +00:00
Charlie Marsh 8001c792e7
Show requirement sources in `pip-compile` output (#149) 
Builds up a complete resolved graph from PubGrub, and shows the sources
that led to each package being included in the resolution, like
`pip-compile`.

Closes https://github.com/astral-sh/puffin/issues/60.
 2023-10-20 05:14:59 +00:00
Charlie Marsh e662fe341b
Short-circuit when a dependency has no matching versions (#148) 
Kind of an oversight in my initial implementation. If we find that any
package has _no_ matching versions, we should select it! This lets us
short-circuit _immediately_ when top-level dependencies aren't
satisfiable.
 2023-10-20 03:49:20 +00:00
Charlie Marsh 9b3405bf0e
Upgrade PubGrub to dev branch (#147) 
Updates to `29c48fb9f3daa11bd02794edd55060d0b01ee705` from the
`pubgrub-rs` dev branch. This lets us reduce the number of changes we've
made to PubGrub itself (now, only changing visibility to export a few
things from the `solver.rs` module).
 2023-10-20 03:23:26 +00:00
Charlie Marsh bcd281eb1f
Remove `async` from some filesystem-only APIs (#146) 2023-10-20 01:08:51 +00:00
Charlie Marsh 03101c6a5c
Add an autogeneration header to pip-compile (#145) 
Closes https://github.com/astral-sh/puffin/issues/132.
 2023-10-19 20:57:27 -04:00
Charlie Marsh 0b60804db6
Add support for constraints during pip-compile resolution (#144) 
Closes https://github.com/astral-sh/puffin/issues/130.
 2023-10-20 00:24:05 +00:00
Charlie Marsh d5105a76c5
Improve and test diagnostics for requirements-reading CLI commands (#143) 
Also removes `owo_colors` because it was really painful to get it to
avoid printing colors during tests.
 2023-10-19 18:13:40 -04:00
Charlie Marsh ba181eacdd
Accept dependencies from `pyproject.toml` (#141) 
Doesn't support extras yet. It's also supported for `pip uninstall`,
which `pip` itself doesn't support, but whatever.

Closes #127.
 2023-10-19 18:42:05 +00:00
Charlie Marsh 385345807c
Accept multiple input files in pip-sync and pip-compile (#140) 
Closes https://github.com/astral-sh/puffin/issues/126.
 2023-10-19 18:17:27 +00:00
Charlie Marsh 7ef6c0315c
Unify site-packages into distribution enum (#136) 
Gets rid of the custom `DistInfo` struct in the site-packages
abstraction in favor of a new kind of distribution
(`InstalledDistribution`). No change in behavior.
 2023-10-19 04:37:52 +00:00
Charlie Marsh bd01fb490e
Remove packages when syncing (#135) 
`pip-sync` will now uninstall any packages that aren't necessary.

Closes https://github.com/astral-sh/puffin/issues/128.
 2023-10-19 00:14:20 -04:00
Charlie Marsh 41ece4184b
Print to stderr by default (#134) 2023-10-18 23:30:07 -04:00
Charlie Marsh 20bb4c5c61
Avoid showing resolver progress bar when no resolution is required (#133) 2023-10-19 03:23:22 +00:00
Charlie Marsh 573f5832a3
Allow uninstall to take multiple packages and files (#125) 
Moves the command to `puffin pip-uninstall` for now to separate from the
managed interface, and redoes the command output.
 2023-10-18 22:30:11 -04:00
Charlie Marsh 4b91ae4769
Add CLI tests for add and remove commands (#124) 2023-10-19 01:06:48 +00:00
Charlie Marsh e15b99b911
Rename commands to `pip-sync` and `pip-compile` (#123) 
To free up the rest of the interface.
 2023-10-18 21:15:20 +00:00
konsti 8cc4fe0d44
Install source distribution requirements with puffin itself instead of pip (#122) 
This is also a lot faster. Unfortunately it copies a lot of code from
the sync cli since the `Printer` is private.

The first commit are some refactorings i made when i thought about how i
could reuse the existing code.
 2023-10-18 19:11:17 +00:00
Charlie Marsh 7bc42ca2ce
Use `owo_colors` instead of `colored` (#121) 
This is what `miette` uses so seems better to avoid two coloring crates.
 2023-10-18 18:57:07 +00:00
Charlie Marsh 2d14c0647e
Add a `puffin remove` command (#120) 2023-10-18 18:50:08 +00:00
Charlie Marsh 1fc03780f9
Use `miette` for `puffin add` diagnostics (#119) 
Experiment in using `miette` for better user-facing diagnostics in the
CLI crate:

<img width="710" alt="Screen Shot 2023-10-18 at 2 11 54 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/30299da0-da65-4972-944f-cb8cc5f72a77">

For now, only the `add` command has been migrated, and all the library
crates continue to use `anyhow`.
 2023-10-18 14:24:09 -04:00
konsti fec4ee2848
Support prepare_metadata_for_build_wheel (#106) 
Support calling `prepare_metadata_for_build_wheel`, which can give you
the metadata without executing the actual build if the backend supports
it.

This makes the code a lot uglier since we effectively have a state
machine:

* Setup: Either venv plus requires (PEP 517) or just a venv (setup.py)
* Get metadata (optional step): None (setup.py) or
`prepare_metadata_for_build_wheel` and saving that result
* Build: `setup.py`, `build_wheel()` or
`build_wheel(metadata_directory=metadata_directory)`, but i think i got
general flow right.

@charliermarsh This is a "barely works but unblocks building on top"
implementation, say if you want more polishing (i'll look at this again
tomorrow)
 2023-10-18 14:48:30 +02:00
Charlie Marsh 4c87a1d42c
Add a `puffin add` command (#117) 
This needs far better error handling and user-facing feedback, but it
does the basic operation (and includes discovery of the `pyproject.toml`
file, etc.).
 2023-10-18 00:51:20 -04:00
Charlie Marsh 339553e228
Mark `--no-cache` as global (#116) 2023-10-17 23:15:36 -04:00
Charlie Marsh 89db5d79bc
Add support for lenient parsing (#115) 
This PR enables us to make "fixups" to bad metadata. I copied over the
one fixup that @konstin made in `monotrail-resolve`, and added a few
common ones for `Requires-Python`.
 2023-10-17 22:03:16 -04:00
Charlie Marsh 0d90256151
Store all distributions rather than compatible wheels (#114) 
This PR reverts #109 which is actually a performance _regression_ since
we need to iterate over a bunch of wheels that we could otherwise
entirely ignore.
 2023-10-17 17:09:31 -04:00
Charlie Marsh 5b046a8102
Use `select!` instead of `tokio::spawn` for network thread (#110) 2023-10-16 15:41:25 -04:00
Charlie Marsh 1b433fdcee
Only store compatible wheels in the resolver (#109) 
Rather than constantly iterating over all files and testing their
compatibility with the current platform, just store wheels we can
actually consider in the solver cache.
 2023-10-16 19:21:07 +00:00
Charlie Marsh 5f5788e866
Surface PubGrub derivation trees (#108) 
I think the derivation trees could be stronger but this exposes
PubGrub's proof-like error messages.

Closes #102.
 2023-10-16 14:14:36 -04:00
Charlie Marsh bae52d5edd
Surface request stream errors in the resolver (#107) 
Closes https://github.com/astral-sh/puffin/issues/105.
 2023-10-16 17:26:46 +00:00
Charlie Marsh 7e8ffeb2df
Use `fs-err` in more crates (#100) 
Closes https://github.com/astral-sh/puffin/issues/88.
 2023-10-16 13:37:58 +00:00
konsti fa2fd14587
Add basic sdist builder (#104) 
This adds a basic sdist builder that has been tested with two source
distributions, one with a PEP 517 backend and one with setup.py.

It uses pip for requirements installation atm, lacks testing in all
directions, lacks checks for recursive requirements, can't pass in
already resolved versions, doesn't support prepare metadata for build to
allow resolution to continue without doing the actual (native) build,
error messages are mediocre, etc.

```console
$ RUST_LOG=puffin_build=debug puffin-build --wheels wheels downloads/tqdm-4.66.1.tar.gz
2023-10-16T12:28:35.503182Z DEBUG build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}: puffin_build: Building downloads/tqdm-4.66.1.tar.gz
2023-10-16T12:28:35.521780Z  INFO build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}:extract_archive: puffin_build: close time.busy=18.4ms time.idle=16.7µs
2023-10-16T12:28:35.845096Z DEBUG build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}:resolve_and_install: puffin_build: Calling pip to install build dependencies
2023-10-16T12:28:37.668660Z  INFO build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}:resolve_and_install: puffin_build: close time.busy=1.82s time.idle=13.2µs
2023-10-16T12:28:37.668744Z DEBUG build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}: puffin_build: Calling `setuptools.build_meta.get_requires_for_build_wheel()`
2023-10-16T12:28:38.159205Z  INFO build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}:run_python_script{python_interpreter="/tmp/.tmpm4cTra/venv/bin/python"}: puffin_build: close time.busy=490ms time.idle=13.0µs
2023-10-16T12:28:38.159304Z DEBUG build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}: puffin_build: Calling `setuptools.build_meta.build_wheel()`
2023-10-16T12:28:38.501732Z  INFO build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}:run_python_script{python_interpreter="/tmp/.tmpm4cTra/venv/bin/python"}: puffin_build: close time.busy=342ms time.idle=15.2µs
2023-10-16T12:28:38.522700Z  INFO build_sdist{path="downloads/tqdm-4.66.1.tar.gz" base_python="/usr/bin/python3"}: puffin_build: close time.busy=3.02s time.idle=16.2µs
Wheel built to /home/konsti/projects/puffin/crates/puffin-build/wheels/tqdm-4.66.1-py3-none-any.whl
2023-10-16T12:28:38.522772Z DEBUG puffin_build: Took 3020ms
$ puffin-build --wheels wheels downloads/geoextract-0.3.1.tar.gz
2023-10-16T12:28:40.884622Z DEBUG build_sdist{path="downloads/geoextract-0.3.1.tar.gz" base_python="/usr/bin/python3"}: puffin_build: Building downloads/geoextract-0.3.1.tar.gz
2023-10-16T12:28:40.887743Z  INFO build_sdist{path="downloads/geoextract-0.3.1.tar.gz" base_python="/usr/bin/python3"}:extract_archive: puffin_build: close time.busy=2.97ms time.idle=12.6µs
2023-10-16T12:28:41.469738Z  INFO build_sdist{path="downloads/geoextract-0.3.1.tar.gz" base_python="/usr/bin/python3"}: puffin_build: close time.busy=585ms time.idle=15.3µs
Wheel built to /home/konsti/projects/puffin/crates/puffin-build/wheels/geoextract-0.3.1-py3-none-any.whl
2023-10-16T12:28:41.469814Z DEBUG puffin_build: Took 585ms
```
 2023-10-16 12:43:31 +00:00
konsti cb29c89424
Better error reporting (#95) 
The main change is to print the whole error chain. We can combine this
with adding `.context` to distinct phases to be able to locate crashes
without having to use a debugger.
 2023-10-16 02:15:10 +00:00
Charlie Marsh 471a1d657d
Migrate resolver proof-of-concept to PubGrub (#97) 
## Summary

This PR enables the proof-of-concept resolver to backtrack by way of
using the `pubgrub-rs` crate.

Rather than using PubGrub as a _framework_ (implementing the
`DependencyProvider` trait, letting PubGrub call us), I've instead
copied over PubGrub's primary solver hook (which is only ~100 lines or
so) and modified it for our purposes (e.g., made it async).

There's a lot to improve here, but it's a start that will let us
understand PubGrub's appropriateness for this problem space. A few
observations:

- In simple cases, the resolver is slower than our current (naive)
resolver. I think it's just that the pipelining isn't as efficient as in
the naive case, where we can just stream package and version fetches
concurrently without any bottlenecks.
- A lot of the code here relates to bridging PubGrub with our own
abstractions -- so we need a `PubGrubPackage`, a `PubGrubVersion`, etc.
 2023-10-15 22:05:44 -04:00
konsti de9e85978b
Fix tempdir rename (#94) 
This fixes two bugs on linux:

`/tmp` and `$HOME` are technically on two different partitions on my
machine, which means that rename-as-atomic-dir-write doesn't work. The
solution is to create the temp dir in the target directory.

zip files may contain directory entries, we can't create files for them
but need to create directories. We could skip them though because iirc
they are not in the RECORD so they won't be uninstalled.
 2023-10-12 18:47:38 +00:00
konsti 530edb6e39
Add output file option to compile (#93) 
`pip-compile` has the same option. I need this esp. since piping doesn't
work as we write to stdout.
 2023-10-12 20:42:06 +02:00
konsti 6a7954cdd0
Add `-p` base python option to venv command (#92) 
This is the same option that `virtualenv` offers, except that we only
support absolute paths atm and not e.g. `-p 3.10` (which we need to
eventually).
 2023-10-12 20:41:52 +02:00
Charlie Marsh a622345fbc
Replace mocked server with 'real' integration tests (#91) 
We can always restore these from history, but right now, it feels a lot
more productive to just hit PyPI directly for our integration tests,
since we don't have to spend time figuring out mocks.
 2023-10-12 17:34:48 +00:00
Charlie Marsh 496cb7b2ef
Migrate to `requirements_txt.rs` (#90) 
Remove the parser I wrote in favor of Konsti's which is much more
complete. The only change vs. the version in `poc-monotrail` is that I
changed the tests to use insta rather than manually storing and
comparing against JSON snapshots.

Closes https://github.com/astral-sh/puffin/issues/89.
 2023-10-12 17:09:00 +00:00
Charlie Marsh 906a482499
Separate unzip into its own install phase (#87) 2023-10-11 15:18:23 +00:00
Charlie Marsh 85162d1111
Parallelize wheel installations with Rayon (#84) 
It looks like using _either_ async Rust with a `JoinSet` _or_
parallelizing a fixed threadpool with Rayon provide about a ~5% speed-up
over our current serial approach:

```console
❯ hyperfine --runs 30 --warmup 5 --prepare "./target/release/puffin venv .venv" \
  "./target/release/rayon sync ./scripts/benchmarks/requirements-large.txt" \
  "./target/release/async sync ./scripts/benchmarks/requirements-large.txt" \
  "./target/release/main sync ./scripts/benchmarks/requirements-large.txt"
Benchmark 1: ./target/release/rayon sync ./scripts/benchmarks/requirements-large.txt
  Time (mean ± σ):     295.7 ms ±  16.9 ms    [User: 28.6 ms, System: 263.3 ms]
  Range (min … max):   249.2 ms … 315.9 ms    30 runs

Benchmark 2: ./target/release/async sync ./scripts/benchmarks/requirements-large.txt
  Time (mean ± σ):     296.2 ms ±  20.2 ms    [User: 36.1 ms, System: 340.1 ms]
  Range (min … max):   258.0 ms … 359.4 ms    30 runs

Benchmark 3: ./target/release/main sync ./scripts/benchmarks/requirements-large.txt
  Time (mean ± σ):     306.6 ms ±  19.5 ms    [User: 25.3 ms, System: 220.5 ms]
  Range (min … max):   269.6 ms … 332.2 ms    30 runs

Summary
  './target/release/rayon sync ./scripts/benchmarks/requirements-large.txt' ran
    1.00 ± 0.09 times faster than './target/release/async sync ./scripts/benchmarks/requirements-large.txt'
    1.04 ± 0.09 times faster than './target/release/main sync ./scripts/benchmarks/requirements-large.txt'
```

It's much easier to just parallelize with Rayon and avoid async in the
underlying wheel code, so this PR takes that approach for now.
 2023-10-10 23:46:30 -04:00
Charlie Marsh ed68d31e03
Add a basic test for the resolver (#86) 
Mocks out the PyPI client using some checked-in fixtures. The test is
very basic, and I'm not very happy with all the ceremony around the
mocks and such, but it's an interesting experiment at least.
 2023-10-11 03:30:53 +00:00
Charlie Marsh c1fb698eae
Add a separate dist-info name struct (#85) 2023-10-10 23:21:18 +00:00
Charlie Marsh d0764bdc23
Add `puffin venv` command to create virtual environments (#83) 
Closes https://github.com/astral-sh/puffin/issues/58.
 2023-10-10 13:46:25 -04:00
Charlie Marsh a0294a510c
Rework `puffin sync` output to summarize (#81) 
This also moves away from using `tracing` for user-facing logging,
instead introducing a new `Printer` abstraction.

Closes #66.
 2023-10-10 03:29:09 +00:00
Charlie Marsh 2d4a8c361b
Change puffin-cli binary to puffin (#80) 2023-10-09 17:19:33 -04:00
Charlie Marsh ba2b200fce
Enable release builds via `cargo-dist` (#79) 2023-10-09 20:48:55 +00:00
Charlie Marsh b90140e1bc
Add support for wheel uninstalls (#77) 
Closes #36.
 2023-10-09 14:14:33 -04:00
Charlie Marsh 239b5893d8
Fix version satisfier for unpinned dependencies (#74) 2023-10-09 11:48:39 -04:00
Charlie Marsh 485b1dceb6
Use a single requirements iterator in `sync` (#71) 2023-10-09 03:29:38 +00:00
Charlie Marsh ba72950546
Avoid passing cached wheels to the resolver step (#70) 
When we go to install a locked `requirements.txt`, if a wheel is already
available in the local cache, and matches the version specifiers, we can
just use it directly without fetching the package metadata. This speeds
up the no-op case by about 33%.

Closes https://github.com/astral-sh/puffin/issues/48.
 2023-10-08 22:17:19 -04:00
Charlie Marsh 5b71cfdd0b
Remove Monotrail-specific code from `install-wheel-rs` (#68) 
I think this isn't necessary to support in this generic crate. If we
choose to adopt Monotrail-style concepts, we'll likely need to rework
them anyway.
 2023-10-08 18:28:57 -04:00
Charlie Marsh adbee4fb32
Use recursive `clonefile` calls on macOS (#67) 
It turns out that on macOS, you can pass `clonefile` a directory to
recursively copy an entire directory. This speeds up wheel installation
dramatically, by about 3x.
 2023-10-08 21:44:02 +00:00
Charlie Marsh 1c942ab8fe
Tweak tracing output for sync command (#64) 2023-10-08 20:09:15 +00:00
Charlie Marsh a53f697f62
Use `tracing` for user-facing output (#63) 
The setup is now as follows:

- All user-facing logging goes through `tracing` at an `info` leve.
(This excludes messages that go to `stdout`, like the compiled
`requirements.txt` file.)
- We have `--quiet` and `--verbose` command-line flags to set the
tracing filter and format defaults. So if you use `--verbose`, we
include timestamps and targets, and filter at `puffin=debug` level.
- However, we always respect `RUST_LOG`. So you can override the
_filter_ via `RUST_LOG`.

For example: the standard setup filters to `puffin=info`, and doesn't
show timestamps or targets:

<img width="1235" alt="Screen Shot 2023-10-08 at 3 41 22 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/54ca4db6-c66a-439e-bfa3-b86dee136e45">

If you run with `--verbose`, you get debug logging, but confined to our
crates:

<img width="1235" alt="Screen Shot 2023-10-08 at 3 41 57 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/c5c1af11-7f7a-4038-a173-d9eca4c3630b">

If you want verbose logging with _all_ crates, you can add
`RUST_LOG=debug`:

<img width="1235" alt="Screen Shot 2023-10-08 at 3 42 39 PM"
src="https://github.com/astral-sh/puffin/assets/1309177/0b5191f4-4db0-4db9-86ba-6f9fa521bcb6">

I think this is a reasonable setup, though we can see how it feels and
refine over time.

Closes https://github.com/astral-sh/puffin/issues/57.
 2023-10-08 15:46:06 -04:00
Charlie Marsh 0ca17a1cf2
Use local copy of `gourgeist` (#62) 
This PR gets `gourgeist` passing our local CI and integrated into the
broader workspace.

There's some duplicate between concepts in `gourgeist` (like the
`InterpreterInfo`) and structs we have elsewhere, but we can tackle
those later.
 2023-10-08 18:45:08 +00:00
Charlie Marsh 7caf5f42b8
Copy over `gourgeist` crate (#61) 
This PR copies over the `gourgeist` crate at commit
`e64c17a263dac6933702dc8d155425c053fe885a` with no modifications.

It won't pass CI, but modifications will intentionally be confined to
later PRs.
 2023-10-08 14:37:09 -04:00
Charlie Marsh d1ed41170b
Cache environment marker lookups (#55) 
Closes https://github.com/astral-sh/puffin/issues/53.
 2023-10-08 05:31:19 +00:00
Charlie Marsh 5eef6e9636
Store cached wheels by dist-info-like name (#52) 
Closes https://github.com/astral-sh/puffin/issues/50.
 2023-10-08 04:28:04 +00:00
Charlie Marsh fd5aef2c75
Avoid error when repeatedly clearing cache (#51) 
Also avoid failing to clear the cache when it contains non-directories
(e.g., I had a `.DS_Store` after looking at it in Finder).
 2023-10-08 04:16:48 +00:00
Charlie Marsh 2a846e76b7
Store unzipped wheels in a cache (#49) 
This PR massively speeds up the case in which you need to install wheels
that already exist in the global cache.

The new strategy is as follows:

- Download the wheel into the content-addressed cache.
- Unzip the wheel into the cache, but ignore content-addressing. It
turns out that writing to `cacache` for every file in the zip added a
ton of overhead, and I don't see any actual advantages to doing so.
Instead, we just unzip the contents into a directory at, e.g.,
`~/.cache/puffin/django-4.1.5`.
- (The unzip itself is now parallelized with Rayon.)
- When installing the wheel, we now support unzipping from a directory
instead of a zip archive. This required duplicating and tweaking a few
functions.
- When installing the wheel, we now use reflinks (or copy-on-write
links). These have a few fantastic properties: (1) they're extremely
cheap to create (on macOS, they are allegedly faster than hard links);
(2) they minimize disk space, since we avoid copying files entirely in
the vast majority of cases; and (3) if the user then edits a file
locally, the cache doesn't get polluted. Orogene, Bun, and soon pnpm all
use reflinks.

Puffin is now ~15x faster than `pip` for the common case of installing
cached data into a fresh environment.

Closes https://github.com/astral-sh/puffin/issues/21.

Closes https://github.com/astral-sh/puffin/issues/39.
 2023-10-08 04:04:48 +00:00
Charlie Marsh 92160e37df
Surface error when unable to find package (#45) 2023-10-07 19:43:12 +00:00
Charlie Marsh 9be02d1590
Skip already-installed dependencies during `sync` command (#43) 
Closes https://github.com/astral-sh/puffin/issues/35.
 2023-10-07 19:26:45 +00:00
Charlie Marsh bc1736feff
Add a `freeze` command to list installed dependencies (#42) 
A pre-requisite for https://github.com/astral-sh/puffin/issues/35.
 2023-10-07 18:46:09 +00:00
Charlie Marsh f3015ffc1f
Add a `clean` command to clear the cache (#41) 2023-10-07 15:19:03 +00:00
Charlie Marsh 162952bf64
Add a content-addressed cache for wheels (#38) 
Closes https://github.com/astral-sh/puffin/issues/4.
 2023-10-07 14:24:52 +00:00
Charlie Marsh 6c31631913
Fetch from `data-dist-info-metadata` when available (#37) 
As specified in https://peps.python.org/pep-0658/#specification.
 2023-10-07 13:05:29 +00:00
Charlie Marsh ae28552b3a
Use local copy of `install-wheel-rs` (#34) 
This PR modifies the `install-wheel-rs` (and a few other crates) to get
everything playing nicely. Specifically, CI should pass, and all these
crates now use workspace dependencies between one another.

As part of this change, I split out the wheel name parsing into its own
`wheel-filename` crate, and the compatibility tag parsing into its own
`platform-tags` crate.
 2023-10-07 01:43:55 +00:00
Charlie Marsh e824fe6d2b
Copy over `install-wheel-rs` crate (#33) 
This PR copies over the `install-wheel-rs` crate at commit
`10730ea1a84c58af6b35fb74c89ed0578ab042b6` with no modifications.

It won't pass CI, but modifications will intentionally be confined to
later PRs.
 2023-10-06 21:38:38 -04:00
Charlie Marsh c8477991a9
Use local versions of PEP 440 and PEP 508 crates (#32) 
This PR modifies the PEP 440 and PEP 508 crates to pass CI, primarily by
fixing all lint violations.

We're also now using these crates in the workspace via `path`.
(Previously, we were still fetching them from Cargo.)
 2023-10-07 00:16:44 +00:00
Charlie Marsh 4fcdb3c045
Copy over `pep508-rs` crate (#31) 
This PR copies over the `pep440-rs` crate at commit
`82aa5d4dcbe676b121dc931b0afa09a82de8e3d7` with no modifications.

It won't pass CI, but modifications will intentionally be confined to
later PRs.
 2023-10-06 20:12:19 -04:00
Charlie Marsh f03398bee3
Copy over `pep440-rs` crate (#30) 
This PR copies over the `pep440-rs` crate at commit
`a8303b01ffef6fccfdce562a887f6b110d482ef3` with no modifications.

It won't pass CI, but modifications will intentionally be confined to
later PRs.
 2023-10-06 20:11:52 -04:00
Charlie Marsh 36d0124e60
Do wheel downloads concurrently (#28) 2023-10-06 20:51:31 +00:00
Charlie Marsh dd26cfa0cc
Migrate to `tokio` (#27) 
Closes https://github.com/astral-sh/puffin/issues/26.
 2023-10-06 20:31:03 +00:00
Charlie Marsh ca6aa207ff
Move to workspace dependencies (#25) 2023-10-06 19:49:41 +00:00
Charlie Marsh dab70a661a
Change `install` to `sync` (with sync semantics) (#24) 
For better separate at this stage (and following `pip-tools`), it's now
`puffin sync`, and it assumes `--no-deps`.
 2023-10-06 19:42:58 +00:00
Charlie Marsh ff8e24a621
Move `puffin-installer` to its own crate (#23) 2023-10-06 19:31:21 +00:00
Charlie Marsh f395c9c98c Update README 2023-10-06 01:03:07 -04:00
Charlie Marsh 28721cf5fc Avoid caching wheel fetches 2023-10-06 00:50:30 -04:00
Charlie Marsh a43328d914
Support wheel installation (#19) 
Closes https://github.com/astral-sh/puffin/issues/8.
 2023-10-06 00:47:45 -04:00
Charlie Marsh 47bbb7a78e
Separate platform tags (#18) 2023-10-05 23:24:38 -04:00
Charlie Marsh 9ea6eaeb10
Add separate compile and install commands (#17) 
Closes #9.
 2023-10-05 21:44:31 -04:00
Charlie Marsh 4c30cb146a Add crate README 2023-10-05 21:09:58 -04:00
Charlie Marsh 8b151a64d5
Rename `puffin-requirements` to `puffin-package` (#16) 
Closes https://github.com/astral-sh/puffin/issues/7.
 2023-10-05 21:03:20 -04:00
Charlie Marsh 94895de46d
Add support for wheel tag parsing (#15) 
Closes https://github.com/astral-sh/puffin/issues/12.
 2023-10-05 20:59:58 -04:00
Charlie Marsh 2d6266b167
Add an HTTP cache (and `--no-cache` argument) (#14) 
Closes https://github.com/astral-sh/puffin/issues/3.
 2023-10-05 19:14:05 -04:00
Charlie Marsh 1063d8c150
Add Python interpreter detection (#11) 
Closes https://github.com/astral-sh/puffin/issues/2.
 2023-10-05 15:09:22 -04:00
Charlie Marsh b059c590c4
Add basic CI via GitHub Actions (#10) 
Closes https://github.com/astral-sh/puffin/issues/1.
 2023-10-05 13:42:58 -04:00
Charlie Marsh b4828fb3f2 Remove progress bar 2023-10-05 12:45:38 -04:00
Charlie Marsh 7f497fa43f Add progress bar 2023-10-05 12:45:38 -04:00
Charlie Marsh 8032d4606e Misc. changes 2023-10-05 12:45:38 -04:00
Charlie Marsh f51432382a Do basic resolution 2023-10-05 12:45:38 -04:00
Charlie Marsh 0f10595ac3 Add version selection 2023-10-05 12:45:38 -04:00
Charlie Marsh 44b444494e Fetch package metadata in parallel 2023-10-05 12:45:38 -04:00
Charlie Marsh b08e8c78b5 Remove normalized representation of SimpleJson 2023-10-05 12:45:38 -04:00
Charlie Marsh 610fd9994f Add client networking stack 2023-10-05 12:45:38 -04:00
Charlie Marsh 1a2f35801b Add client networking stack 2023-10-05 12:45:38 -04:00
Charlie Marsh 53607df7c6 Add a requirements.txt parser 2023-10-05 12:45:38 -04:00
Charlie Marsh 8b9ac30507 Add license, Cargo.toml, etc. 2023-10-05 12:45:38 -04:00