Downgrade packaging.

[oliverchang]

pypa/packaging#321 removed support for parsing legacy PyPI versions, which we needed to make our version enumeration/sorting work.

This upgrade happened in
f968260, but somehow we didn't notice this breakage.

[oliverchang]

Also CC @di if there are better workarounds for us here other than downgrading?

[oliverchang]

I noticed this from https://github.com/pypa/advisory-database/actions/runs/4878347479/jobs/8703902390

Looking at our GCP logs, I don't see any instances of "packaging.version.InvalidVersion" in the past 30 days. It's possible we've just gotten lucky with not running into this in prod.

There were a small number of instances on prod over the past 30 days, but it somehow slipped through the cracks for us.

[andrewpollock]

but somehow we didn't notice this breakage

So how did we eventually notice the breakage and what needs to be done differently so we don't miss it? (i.e. what's the mini-postmortem learning here?)

[oliverchang]

but somehow we didn't notice this breakage

So how did we eventually notice the breakage and what needs to be done differently so we don't miss it? (i.e. what's the mini-postmortem learning here?)

I noticed separately via https://github.com/pypa/advisory-database/actions/runs/4878347479/jobs/8703902390

The error was on our error dashboard: https://pantheon.corp.google.com/errors/detail/CNGT29fs5Oj_DA;service=gke_instances?project=oss-vdb but we did not notice it :(

[di]

Also CC @di if there are better workarounds for us here other than downgrading?

You can use https://pypi.org/p/packaging-legacy as a drop-in replacement.

[oliverchang]

Also CC @di if there are better workarounds for us here other than downgrading?

You can use https://pypi.org/p/packaging-legacy as a drop-in replacement.

Ah awesome, thanks Dustin!