Tags: ido50/morgan
Tags
Bugfix: mirroring can fail for some packages When filtering files of a package to mirror, Morgan checks whether the file's required Python version matches all environments. If a package defines its required version as a simple number instead of an actual specifier (e.g. '3' instead of the correct '==3'), then Morgan would fail when determining whether the file should be downloaded. This commit fixes the issue by forcing such files to have a valid specifier, and also ignoring files that still fail Morgan's verification.
Bugfix: downloaded files may not match all environments When Morgan mirrors packages, it chooses the most recent version that satisfies the requirement strings, and the environments. However, when matching environments, it would select files (and therefore version) that matches at least one of the Python versions of the environments, which could lead to Morgan choosing versions that do not support all of the Python versions. This commit fixes this bug by requiring the selected versions match ALL of the Python versions defined in the environments. This could potentially lead to Morgan not finding matches at all, but this would be fixed in a subsequent release by treating each environment independently of the others.
Add server flag to disable serving of metadata files
By default, the Morgan server implements PEP 658 ("Serve Distribution
Metadata in the Simple Repository API"). This allows clients such as
`pip` to download and parse metadata files without having to download
complete package archives first. However, if the `pip` user provides
non-normalized names to the command (e.g. `pip install FastAPI`
instead of `pip install fastapi`), the install will fail, because the
name inside the returned metadata file is different than the name
provided to `pip`. This seems like a bug in `pip` (because it is
sending normalized names to the server), but it's better to at least
have a workaround.
The server now accepts the `--no-metadata` flag, which will disable
serving of metadata files completely if provided. This allows `pip`
to install with non-normalized names as well.
Decode request URLs before handling Variants of some packages (e.g. CPU-only builds of PyTorch) may have characters in their filenames that get percent-encoded. In the given example, `+` gets encoded to `%2B`. When pip asks for these filenames, (at least on my machine) it uses percent-encoded URLs in its requests to the morgan server. The server however does not decode these URLs, so it just returns a 404. Pass the URL to `urllib.parse.unquote` before `urllib.parse.unsplit` to fix this. I'm not sure this is the best way to fix it, but it was the easiest. It might make more sense to instead unquote just the path portion of the URL after urlsplit instead of the entire thing.
PreviousNext