No warning with invalid version range #4247

erdnaxeli · 2020-05-07T09:21:45Z

Issue description

When using an invalid version range like >=x<y instead of the valid >=x,<y, Pipenv does not complain.

Expected result

I would expect Pipenv to tell me my version range is invalid and stop all operations.

Actual result

Pipenv does not care and acts like the version was >=x.

Steps to replicate

~$ mkdir test
~$ cd test/
~/test$ pipenv install 'requests>=2<2.23'
Creating a virtualenv for this project…
Pipfile: /…/test/Pipfile
Using /…/.pyenv/versions/3.8.1/bin/python3.8 (3.8.1) to create virtualenv…
⠸ Creating virtual environment...created virtual environment in 187ms CPython3Posix(dest=/…/.local/share/virtualenvs/test-mxDSv2I6, clear=False, global=False) with seeder FromAppData pip=latest setuptools=latest wheel=latest app_data_dir=/…/.local/share/virtualenv/seed-v1 via=copy

✔ Successfully created virtual environment! 
Virtualenv location: /…/.local/share/virtualenvs/test-mxDSv2I6
Creating a Pipfile for this project…
Installing requests>=2<2.23…
Adding requests to Pipfile's [packages]…
✔ Installation Succeeded 
Pipfile.lock not found, creating…
Locking [dev-packages] dependencies…
Locking [packages] dependencies…
✔ Success! 
Updated Pipfile.lock (334e1a)!
Installing dependencies from Pipfile.lock (334e1a)…
  🐍   ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 5/5 — 00:00:00
To activate this project's virtualenv, run pipenv shell.
Alternatively, run a command inside the virtualenv with pipenv run.
~/test$ cat Pipfile
[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true

[dev-packages]

[packages]
requests = ">=2<2.23"

[requires]
python_version = "3.8"
~/test$ cat Pipfile.lock 
{
    "_meta": {
        "hash": {
            "sha256": "934e56a008ec8b158793adbaa3f3316b19f7d0539d02b3ab4958a785f3334e1a"
        },
        "pipfile-spec": 6,
        "requires": {
            "python_version": "3.8"
        },
        "sources": [
            {
                "name": "pypi",
                "url": "https://pypi.org/simple",
                "verify_ssl": true
            }
        ]
    },
    "default": {
        "certifi": {
            "hashes": [
                "sha256:1d987a998c75633c40847cc966fcf5904906c920a7f17ef374f5aa4282abd304",
                "sha256:51fcb31174be6e6664c5f69e3e1691a2d72a1a12e90f872cbdb1567eb47b6519"
            ],
            "version": "==2020.4.5.1"
        },
        "chardet": {
            "hashes": [
                "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae",
                "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691"
            ],
            "version": "==3.0.4"
        },
        "idna": {
            "hashes": [
                "sha256:7588d1c14ae4c77d74036e8c22ff447b26d0fde8f007354fd48a7814db15b7cb",
                "sha256:a068a21ceac8a4d63dbfd964670474107f541babbd2250d61922f029858365fa"
            ],
            "version": "==2.9"
        },
        "requests": {
            "hashes": [
                "sha256:43999036bfa82904b6af1d99e4882b560e5e2c68e5c4b0aa03b655f3d7d73fee",
                "sha256:b3f43d496c6daba4493e7c431722aeb7dbc6288f52a6e04e7b6023b0247817e6"
            ],
            "index": "pypi",
            "version": "==2.23.0"
        },
        "urllib3": {
            "hashes": [
                "sha256:3018294ebefce6572a474f0604c2021e33b3fd8006ecd11d62107a5d2a963527",
                "sha256:88206b0eb87e6d677d424843ac5209e3fb9d0190d0ee169599165ec25e9d9115"
            ],
            "version": "==1.25.9"
        }
    },
    "develop": {}
}

$ pipenv --support

Pipenv version: '2018.11.26'

Pipenv location: '/…/.pyenv/versions/3.8.1/lib/python3.8/site-packages/pipenv'

Python location: '/…/.pyenv/versions/3.8.1/bin/python3.8'

Python installations found:

3.8.1: /…/.pyenv/versions/3.8.1/bin/python
3.8.0: /…/.pyenv/versions/3.8-dev/bin/python
3.7.5: /usr/bin/python3
3.7.5: /usr/bin/python3.7m
3.7.3: /…/.pyenv/versions/3.7.3/bin/python
3.7.3: /…/.pyenv/versions/3.7.3/bin/python3.7m
3.7.1: /…/.pyenv/versions/3.7.1/bin/python
3.7.1: /…/.pyenv/versions/3.7.1/bin/python3.7m
3.6.7: /…/.pyenv/versions/3.6.7/bin/python
3.6.7: /…/.pyenv/versions/3.6.7/bin/python3.6m
3.6.5: /…/.pyenv/versions/py36-airflow/bin/python
3.6.5: /…/.pyenv/versions/3.6.5/bin/python
3.6.5: /…/.pyenv/versions/3.6.5/bin/python3.6m
2.7.17: /usr/bin/python

PEP 508 Information:

{'implementation_name': 'cpython',
 'implementation_version': '3.8.1',
 'os_name': 'posix',
 'platform_machine': 'x86_64',
 'platform_python_implementation': 'CPython',
 'platform_release': '5.3.0-45-generic',
 'platform_system': 'Linux',
 'platform_version': '#37-Ubuntu SMP Thu Mar 26 20:41:27 UTC 2020',
 'python_full_version': '3.8.1',
 'python_version': '3.8',
 'sys_platform': 'linux'}

System environment variables:

SHELL
SESSION_MANAGER
WINDOWID
PYENV_HOOK_PATH
COLORTERM
PYENV_SHELL
XDG_CONFIG_DIRS
XDG_SESSION_PATH
GTK_IM_MODULE
PACKAGECLOUD_TOKEN
LANGUAGE
QT4_IM_MODULE
SSH_AUTH_SOCK
XMODIFIERS
DESKTOP_SESSION
SSH_AGENT_PID
EDITOR
PYENV_VERSION
GTK_MODULES
XDG_SEAT
MATE_DESKTOP_SESSION_ID
PWD
XDG_SESSION_DESKTOP
LOGNAME
QT_QPA_PLATFORMTHEME
XDG_SESSION_TYPE
GPG_AGENT_INFO
XAUTHORITY
XDG_GREETER_DATA_DIR
GDM_LANG
HOME
LANG
LS_COLORS
XDG_CURRENT_DESKTOP
VTE_VERSION
XDG_SEAT_PATH
CLUTTER_IM_MODULE
PYENV_DIR
NVM_DIR
LESSCLOSE
XDG_SESSION_CLASS
TERM
GTK_OVERLAY_SCROLLING
LESSOPEN
USER
DISPLAY
SHLVL
NVM_CD_FLAGS
QT_IM_MODULE
XDG_VTNR
UBUNTU_MENUPROXY
XDG_SESSION_ID
XDG_RUNTIME_DIR
COMPIZ_CONFIG_PROFILE
PYENV_ROOT
QT_AUTO_SCREEN_SCALE_FACTOR
XDG_DATA_DIRS
PATH
GDMSESSION
DBUS_SESSION_BUS_ADDRESS
NVM_BIN
QT_SCALE_FACTOR
OLDPWD
PIP_DISABLE_PIP_VERSION_CHECK
PYTHONDONTWRITEBYTECODE
PIP_SHIMS_BASE_MODULE
PIP_PYTHON_PATH
PYTHONFINDER_IGNORE_UNSUPPORTED

Pipenv–specific environment variables:

Debug–specific environment variables:

PATH: /…/.pyenv/versions/3.8.1/bin:/…/.pyenv/libexec:/…/.pyenv/plugins/python-build/bin:/…/.cargo/bin:go/bin:/usr/local/go/bin:/…/.pyenv/shims:/…/.pyenv/bin:/…/.nvm/versions/node/v11.5.0/bin:/…/.cargo/bin:/…/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/…/PycharmProjects/fzf/bin
SHELL: /bin/bash
EDITOR: vim
LANG: fr_FR.UTF-8
PWD: /…/test

Contents of Pipfile ('/…/test/Pipfile'):

[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true

[dev-packages]

[packages]
requests = ">=2<2.23"

[requires]
python_version = "3.8"

Contents of Pipfile.lock ('/…/test/Pipfile.lock'):

{
    "_meta": {
        "hash": {
            "sha256": "934e56a008ec8b158793adbaa3f3316b19f7d0539d02b3ab4958a785f3334e1a"
        },
        "pipfile-spec": 6,
        "requires": {
            "python_version": "3.8"
        },
        "sources": [
            {
                "name": "pypi",
                "url": "https://pypi.org/simple",
                "verify_ssl": true
            }
        ]
    },
    "default": {
        "certifi": {
            "hashes": [
                "sha256:1d987a998c75633c40847cc966fcf5904906c920a7f17ef374f5aa4282abd304",
                "sha256:51fcb31174be6e6664c5f69e3e1691a2d72a1a12e90f872cbdb1567eb47b6519"
            ],
            "version": "==2020.4.5.1"
        },
        "chardet": {
            "hashes": [
                "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae",
                "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691"
            ],
            "version": "==3.0.4"
        },
        "idna": {
            "hashes": [
                "sha256:7588d1c14ae4c77d74036e8c22ff447b26d0fde8f007354fd48a7814db15b7cb",
                "sha256:a068a21ceac8a4d63dbfd964670474107f541babbd2250d61922f029858365fa"
            ],
            "version": "==2.9"
        },
        "requests": {
            "hashes": [
                "sha256:43999036bfa82904b6af1d99e4882b560e5e2c68e5c4b0aa03b655f3d7d73fee",
                "sha256:b3f43d496c6daba4493e7c431722aeb7dbc6288f52a6e04e7b6023b0247817e6"
            ],
            "index": "pypi",
            "version": "==2.23.0"
        },
        "urllib3": {
            "hashes": [
                "sha256:3018294ebefce6572a474f0604c2021e33b3fd8006ecd11d62107a5d2a963527",
                "sha256:88206b0eb87e6d677d424843ac5209e3fb9d0190d0ee169599165ec25e9d9115"
            ],
            "version": "==1.25.9"
        }
    },
    "develop": {}
}

The text was updated successfully, but these errors were encountered:

frostming · 2020-05-09T08:10:24Z

packaging.requirement.Requirement is responsible for parsing the requirement line, and it doesn't throw an error, more specifically in case you are curious about it, >=2<2.23 is a valid LegacySpecifier. Pipenv just uses the functionality. I tend to leave it as it is.

erdnaxeli · 2020-05-09T10:35:51Z

>=2<2.23 is a valid LegacySpecifier

What should it does? Because it does not prevent version to goes upper than 2.23.

edit: ok, it matches everything, so the version it 2<2.23 (source). But why does it works? requests does not have a version 2<2.23…

triage-new-issues bot added the triage label May 7, 2020

frostming closed this as completed May 9, 2020

Semnodime mentioned this issue Apr 3, 2024

Removal of LegacyVersion and LegacySpecifier pypa/packaging#530

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

No warning with invalid version range #4247

No warning with invalid version range #4247

erdnaxeli commented May 7, 2020

frostming commented May 9, 2020

erdnaxeli commented May 9, 2020 •

edited

Loading

No warning with invalid version range #4247

No warning with invalid version range #4247

Comments

erdnaxeli commented May 7, 2020

Issue description

Expected result

Actual result

Steps to replicate

frostming commented May 9, 2020

erdnaxeli commented May 9, 2020 • edited Loading

erdnaxeli commented May 9, 2020 •

edited

Loading