-
Notifications
You must be signed in to change notification settings - Fork 121
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: bump to 1.0.1.post1 since 1.0.1 seems to be taken #679
Conversation
Signed-off-by: Henry Schreiner <henryschreineriii@gmail.com>
Followup to #677. I'm not sure this is the actual issue, though, since the following query: SELECT filename
FROM `bigquery-public-data.pypi.distribution_metadata`
WHERE name = "build" produces [{
"filename": "build-0.1.0-py2.py3-none-any.whl"
}, {
"filename": "build-0.0.2.tar.gz"
}, {
"filename": "build-0.0.3.1.tar.gz"
}, {
"filename": "build-0.0.4.tar.gz"
}, {
"filename": "build-0.0.4-py2.py3-none-any.whl"
}, {
"filename": "build-0.0.2-py2.py3-none-any.whl"
}, {
"filename": "build-0.0.3.1-py2.py3-none-any.whl"
}, {
"filename": "build-0.8.0-py3-none-any.whl"
}, {
"filename": "build-0.8.0.tar.gz"
}, {
"filename": "build-0.6.0.tar.gz"
}, {
"filename": "build-0.6.0-py3-none-any.whl"
}, {
"filename": "build-0.6.1.tar.gz"
}, {
"filename": "build-0.6.1-py3-none-any.whl"
}, {
"filename": "build-0.6.0.post1-py3-none-any.whl"
}, {
"filename": "build-0.6.0.post1.tar.gz"
}, {
"filename": "build-0.3.1.tar.gz"
}, {
"filename": "build-0.3.1-py2.py3-none-any.whl"
}, {
"filename": "build-0.3.1.post1-py2.py3-none-any.whl"
}, {
"filename": "build-0.3.1.post1.tar.gz"
}, {
"filename": "build-0.0.1-py2.py3-none-any.whl"
}, {
"filename": "build-0.4.0-py2.py3-none-any.whl"
}, {
"filename": "build-0.4.0.tar.gz"
}, {
"filename": "build-0.3.0.tar.gz"
}, {
"filename": "build-0.3.0-py2.py3-none-any.whl"
}, {
"filename": "build-0.7.0-py3-none-any.whl"
}, {
"filename": "build-0.7.0.tar.gz"
}, {
"filename": "build-0.9.0-py3-none-any.whl"
}, {
"filename": "build-0.9.0.tar.gz"
}, {
"filename": "build-0.2.0-py2.py3-none-any.whl"
}, {
"filename": "build-0.2.0.tar.gz"
}, {
"filename": "build-0.2.1.tar.gz"
}, {
"filename": "build-0.2.1-py2.py3-none-any.whl"
}, {
"filename": "build-0.1.0.tar.gz"
}, {
"filename": "build-1.0.0-py3-none-any.whl"
}, {
"filename": "build-1.0.0.tar.gz"
}, {
"filename": "build-0.0.1.tar.gz"
}, {
"filename": "build-0.10.0-py3-none-any.whl"
}, {
"filename": "build-0.10.0.tar.gz"
}, {
"filename": "build-0.5.0.tar.gz"
}, {
"filename": "build-0.5.0-py2.py3-none-any.whl"
}, {
"filename": "build-0.5.1-py2.py3-none-any.whl"
}, {
"filename": "build-0.5.1.tar.gz"
}] Which doesn't seem to the a problem. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not the problem. See https://pypi.org/simple/build there's no 1.0.1.
It's too old, this is from @di:
So we'll need |
Who uploaded 1.0.1 or 1.0.2? Doesn't show up on https://pypi.org/project/build/#history either 🤔 |
How is that dated to 2015 when earliest commit here is 2020. Maybe a nameclash with something artifact |
PyPI is picking up a 1.0.1 release from an older "build" project presumably. |
Still feels a bug in pypi, is 1.0 to 1.0.2 the only builds then we need to worry about? |
There was a project named "build" that was deleted to give us the name. It had two releases, on the same day in 2015, 1.0.1 and 1.0.2. We can either do 1.0.3 or 1.0.1.post1. We've done .post1 twice before. This is a security feature in PyPI that is supposed to help projects that don't want to pin hashes. Though given person-in-the-middle attacks, post releases, and build numbers, I'm not sure it's really helping these projects except to give a false sense of security. |
Let's do 1.0.3 🤔 to solve the problem forever, or 1.1.0 😆 |
I like 1.0.3 best. |
It seems there was a previous build 1.0.1 release. Without knowing what files the old project had, we are kind of stuck in this try, try again game.
Another good reason to move to CalVer, IMO. :)