Poetry 1.1.4 - "Unable to find installation candidates" when using a private secondary repository

[orlevii]

• I am on the latest Poetry version.
• I have searched the issues of this repo and believe that this is not a duplicate.
• If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

• OS version and name: MacOS Catalina (10.15.4)
• Poetry version: 1.1.4

Issue

I have a project that uses a private package.
But for some reason, when using poetry 1.1.4, the poetry.lock file generated on MacOS is in broken.

I receive the following error:

Installing click (7.1.2): Failed

  RuntimeError

  Unable to find installation candidates for click (7.1.2)
~/venvs/poetry/lib/python3.8/site-packages/poetry/installation/chooser.py:72 in choose_for
       68│
       69│             links.append(link)
       70│
       71│         if not links:
    →  72│             raise RuntimeError(
       73│                 "Unable to find installation candidates for {}".format(package)
       74│             )
       75│
       76│         # Get the best link

I've reproduced this issue with a simple pyproject.toml that looks like this:

[tool.poetry]
name = "check"
version = "0.1.0"
description = ""
authors = ["Your Name <you@example.com>"]

[[tool.poetry.source]]
name = "private-repo"
url = "....."
secondary = true

[tool.poetry.dependencies]
python = "^3.6.1"
click = "^7.1.2"

[tool.poetry.dev-dependencies]

[build-system]
requires = ["poetry-core>=1.0.0"]
build-backend = "poetry.core.masonry.api"

The poetry.lock file:

[[package]]
name = "click"
version = "7.1.2"
description = "Composable command line interface toolkit"
category = "main"
optional = false
python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"

[package.source]
type = "legacy"
url = "....."
reference = "private-repo"

[metadata]
lock-version = "1.1"
python-versions = "^3.6.1"
content-hash = "1e4a57826cb5553aa07a9ba3b0b9e101193b781d7ddd2d41a08f27a8fa25ac4e"

[metadata.files]
click = [
    {file = "click-7.1.2-py2.py3-none-any.whl", hash = "sha256:dacca89f4bfadd5de3d7489b7c8a566eee0d3676333fbb50030263894c38c0dc"},
    {file = "click-7.1.2.tar.gz", hash = "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a"},
]

I've found out that when using poetry==1.1.3, the lock file generated is a little different.
It doesn't contain the [package.source] section on packages from PyPI
(With this lock file, the poetry install command works with no problem)

[[package]]
name = "click"
version = "7.1.2"
description = "Composable command line interface toolkit"
category = "main"
optional = false
python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"

[metadata]
lock-version = "1.1"
python-versions = "^3.6.1"
content-hash = "1e4a57826cb5553aa07a9ba3b0b9e101193b781d7ddd2d41a08f27a8fa25ac4e"

[metadata.files]
click = [
    {file = "click-7.1.2-py2.py3-none-any.whl", hash = "sha256:dacca89f4bfadd5de3d7489b7c8a566eee0d3676333fbb50030263894c38c0dc"},
    {file = "click-7.1.2.tar.gz", hash = "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a"},
]

Also, I tried to reproduce the issue on Ubuntu, but poetry==1.1.4 works with no problem there (was running my tests from a docker container)

I've seen this issue: #3151 but I don't think it's related

Is this a bug?

[orlevii]

I've just looked at the changes of poetry 1.14 - and an issue that might be related
#3306

EDIT:
#3406 looks like a potential fix.
Will check and update

[cereblanco]

This is how I setup private pypi

1. Edit pyproject.toml

[[tool.poetry.source]]
name = "myprivate_pypi"
url = "https://pypi.myprivate_pypi.com/simple/"

2. At terminal, add poetry config credentials for private_pypi
   poetry config http-basic.myprivate_pypi <username> <password>

3. Update lock with --no-update
   poetry lock --no-update

4. Run install or Add your library that is found at private pypi

poetry install or poetry add <my-package-found-at-myprivate_pypi>

Let me know if it fixes the issue

[orlevii]

Looks like #3406 solves it.
Closing this issue for now.

[kojiromike]

As a workaround for folks until 1.2 comes out, explicitly adding pypi back as a primary source seems to work:

[[tool.poetry.source]]
name = 'pypi_'  # needed until python-poetry/poetry#3456 is resolved.
url = 'https://pypi.org/simple'
secondary = false

[[tool.poetry.source]]
name = 'packagecloud'
url = 'https://tolkeintokentokerton:@packagecloud.io/slug/General/pypi/simple'
secondary = true

[caniko]

This doesn't work for me:

As a workaround for folks until 1.2 comes out, explicitly adding pypi back as a primary source seems to work:

[[tool.poetry.source]]
name = 'pypi_'  # needed until python-poetry/poetry#3456 is resolved.
url = 'https://pypi.org/simple'
secondary = false

[[tool.poetry.source]]
name = 'packagecloud'
url = 'https://tolkeintokentokerton:@packagecloud.io/slug/General/pypi/simple'
secondary = true

Error message:

  RepositoryError

  403 Client Error: Forbidden for url: https://download.pytorch.org/whl/cpu/black/

My pyproject.toml:

...
[[tool.poetry.source]]
name = 'default'
url = 'https://pypi.python.org/simple'
secondary = false

[[tool.poetry.source]]
name = "pytorch"
url = "https://download.pytorch.org/whl/cpu/"
secondary = true
...

[special-character]

I got this working by setting default on the public pypi:

[[tool.poetry.source]]
name = "pypi-public"
url = "https://pypi.org/simple/"
default = true

[[tool.poetry.source]]
name = "cloudrepo"
url = "<private source>"

Tried using with secondary = <flag> like this without luck:

[[tool.poetry.source]]
name = "pypi-public"
url = "https://pypi.org/simple/"
secondary = false

[[tool.poetry.source]]
name = "cloudrepo"
url = "<private source>"
secondary = true

[mbrancato]

I ran into this (poetry 1.1.2) when running poetry update and a new version of an inherited dependency had been released only a few minutes earlier. The update / install worked fine, but a CI build kept failing. If I removed the dependency on my local venv, I too would get this error. Installing with pip worked fine.

I tried running poetry update and it would complete without error, but poetry install failed to install some dependency. I also cleared the poetry cache with no luck.

The only thing that fixed this for me was to delete the poetry.lock file, and re-run poetry update. This should have rebuilt the same poetry.lock file as I understand it, it did not. The result was it fixed something about the known packages for this inherited dependency, and poetry install works locally and in CI.

[szeitlin]

I just ran into this Unable to find installation candidates for jupyter-client (7.1.0)

version info: py3.9, Poetry version 1.1.6

Running poetry update seemed to fix it. But the error is not very informative.

[lambda-science]

Same error for another package, not sure why

• Installing kaleido (0.2.1.post1): Failed

  RuntimeError

  Unable to find installation candidates for kaleido (0.2.1.post1)

EDIT: Downgrading Kaleido to 0.2.1 fixed it.

[Guillaume-Fgt]

@lambda-science
just encountered the error for kaleido. Thank you.

==>
poetry add kaleido@0.2.1 worked.

[adamryczkowski]

Is there any way we can get a dependency
kaleido = "^0.2" working?

[tall-josh]

I get a similar issue with Poetry 1.2

[tool.poetry]
name = "zzz"
version = "0.1.0"
description = "debugging"
authors = ["lrrr <ruler@omicron-persei.eight>"]
readme = "README.md"

# Broken:  Unable to find installation candidates for regex (2022.9.13)
[[tool.poetry.source]]
name = "private-pypi"
url = "https://pypi.private-pypi.com.au/simple"

# Works
#name = "private-pypi"
#url = "https://pypi.private-pypi.com.au/simple"
#default = false
#secondary = false
#
#[[tool.poetry.source]]
#name = "pypi-public"
#url = "https://pypi.org/simple/"
#default = true

[tool.poetry.dependencies]
python = "3.7.9"
regex = "2022.9.13"

[build-system]
requires = ["poetry-core>=1.0.0"]
build-backend = "poetry.core.masonry.api"

[nbro10]

I got a similar error with poetry 1.3.2 in CI/CD for the regex package:

Unable to find installation candidates for regex (2023.6.3)

I solved it by removing the virtual environment (with python 3.9.16) and clearing the caches.

[patrick-dd]

Similar error in Poetry 1.3.2 for httpstan package

Unable to find installation candidates for httpstan (4.10.1)

Removing virtual environment didn't help.

[nbro10]

@patrick-dd You really need to clear the caches too. It's not a problem to clear them - it will just be slower when installing the dependencies again because they need to be downloaded again.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.