NEW 261073
AutoInstaller unable to distinguish 2.0.0 and 2.0.0.dev0 
https://bugs.webkit.org/show_bug.cgi?id=261073
Summary AutoInstaller unable to distinguish 2.0.0 and 2.0.0.dev0
Sam Sneddon [:gsnedders]
Reported 2023-09-02 18:04:27 PDT
If you try to AutoInstall hiredis 2.0.0, autoinstall.Package.archives will find two packages: (Pdb) pp self.archives() [hiredis-2.0.0, hiredis-2.0.0] (Pdb) pp self.archives()[0].link 'https://files.pythonhosted.org/packages/0c/39/eae11344d69ba435ec13d6bcc1a9eea3d2278324506fcd0e52d1ed8958c8/hiredis-2.0.0.tar.gz' (Pdb) pp self.archives()[1].link 'https://files.pythonhosted.org/packages/24/4d/404526ef79b397900aee60f83e0c7f3d8d4740758b29f086db3d2d1f2409/hiredis-2.0.0.dev0.tar.gz' Given we're meant to be doing exact matching, the latter shouldn't match. Surprisingly, we seem to install the self.archives()[-1], which given the ordering of pypi.org will give us the oldest release we found (so 2.0.0.dev0 in this case). Undoubtedly some of our problem here comes from the fact that Version doesn't accurately implement https://peps.python.org/pep-0440/; to repeat my mantra from elsewhere, "it sure would be nice if we could just rely on packaging" and in this case just use packaging.version.Version.
Attachments
Add attachment proposed patch, testcase, etc.
Sam Sneddon [:gsnedders]
Comment 1 2023-09-04 08:58:27 PDT
We also seem to be installing mock==4.0.0b1 today.
Sam Sneddon [:gsnedders]
Comment 2 2023-09-04 08:59:19 PDT
Also in packages we currently install, Twisted==21.2.0rc1
Radar WebKit Bug Importer
Comment 3 2023-09-09 18:05:14 PDT
<rdar://problem/115233592>
Note You need to log in before you can comment on or make changes to this bug.