Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

constrain importlib-metadata versions in twine lockfile #21894

Merged
merged 1 commit into from
Feb 3, 2025
Merged

constrain importlib-metadata versions in twine lockfile #21894

merged 1 commit into from
Feb 3, 2025

Conversation

cburroughs
Copy link
Contributor 

Lockfile diff: twine.lock [twine]

==                    Upgraded dependencies                     ==

  certifi                        2024.8.30    -->   2025.1.31
  charset-normalizer             3.3.2        -->   3.4.1
  cryptography                   43.0.1       -->   43.0.3
  idna                           3.8          -->   3.10
  jaraco-functools               4.0.2        -->   4.1.0
  keyring                        25.3.0       -->   25.5.0
  nh3                            0.2.18       -->   0.2.20
  pkginfo                        1.11.1       -->   1.12.0
  pygments                       2.18.0       -->   2.19.1
  rich                           13.8.0       -->   13.9.4
  urllib3                        2.2.2        -->   2.2.3
  zipp                           3.20.1       -->   3.20.2

==                !! Downgraded dependencies !!                 ==

  importlib-metadata             8.4.0        -->   7.2.1

fixes #21893

NOTE: We should probably move to twine >5.1, but this is intended to be the "smallest" possible fix for 2.24 backporting.

@cburroughs
constrain importlib-metadata versions in twine lockfile
9a55db7 
```
Lockfile diff: twine.lock [twine]

==                    Upgraded dependencies                     ==

  certifi                        2024.8.30    -->   2025.1.31
  charset-normalizer             3.3.2        -->   3.4.1
  cryptography                   43.0.1       -->   43.0.3
  idna                           3.8          -->   3.10
  jaraco-functools               4.0.2        -->   4.1.0
  keyring                        25.3.0       -->   25.5.0
  nh3                            0.2.18       -->   0.2.20
  pkginfo                        1.11.1       -->   1.12.0
  pygments                       2.18.0       -->   2.19.1
  rich                           13.8.0       -->   13.9.4
  urllib3                        2.2.2        -->   2.2.3
  zipp                           3.20.1       -->   3.20.2

==                !! Downgraded dependencies !!                 ==

  importlib-metadata             8.4.0        -->   7.2.1
```

fixes pantsbuild#21893

NOTE: We should probably move to twine >5.1, but this is intended to
be the "smallest" possible fix for 2.24 backporting.
@cburroughs cburroughs added this to the 2.24.x milestone Jan 31, 2025
@cburroughs cburroughs self-assigned this Jan 31, 2025
huonw
huonw approved these changes Feb 2, 2025
View reviewed changes
Copy link
Contributor

@huonw huonw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

THanks

@cburroughs cburroughs merged commit 844250b into pantsbuild:main Feb 3, 2025
24 checks passed
@WorkerPants
Copy link
Member

I tried to automatically cherry-pick this change back to each relevant milestone, so that it is available in those older releases of Pants.

✔️ 2.24.x

Successfully opened #21905.

Thanks again for your contributions!

🤖 Beep Boop here's my run link

cburroughs added a commit that referenced this pull request Feb 3, 2025
@WorkerPants @cburroughs
constrain importlib-metadata versions in twine lockfile (Cherry-pick of
81cf358 
#21894) (#21905)

```
Lockfile diff: twine.lock [twine]

==                    Upgraded dependencies                     ==

  certifi                        2024.8.30    -->   2025.1.31
  charset-normalizer             3.3.2        -->   3.4.1
  cryptography                   43.0.1       -->   43.0.3
  idna                           3.8          -->   3.10
  jaraco-functools               4.0.2        -->   4.1.0
  keyring                        25.3.0       -->   25.5.0
  nh3                            0.2.18       -->   0.2.20
  pkginfo                        1.11.1       -->   1.12.0
  pygments                       2.18.0       -->   2.19.1
  rich                           13.8.0       -->   13.9.4
  urllib3                        2.2.2        -->   2.2.3
  zipp                           3.20.1       -->   3.20.2

==                !! Downgraded dependencies !!                 ==

  importlib-metadata             8.4.0        -->   7.2.1
```

fixes #21893

NOTE: We should probably move to twine >5.1, but this is intended to be
the "smallest" possible fix for 2.24 backporting.

Co-authored-by: cburroughs <chris.burroughs@gmail.com>
@cburroughs cburroughs added the category:bugfix Bug fixes for released features label Feb 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@huonw huonw huonw approved these changes

Assignees

@cburroughs cburroughs

Labels
category:bugfix Bug fixes for released features
Projects
None yet
Milestone
2.24.x
Development

Successfully merging this pull request may close these issues.

pants 2.24.0 KeyErrors on twine publish
3 participants
@cburroughs @WorkerPants @huonw