You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It seems that Poetry 1.4.1 accidentally started making more strict validation checks on the wheels it downloads (see python-poetry/poetry#7694). The strict checks are actually a welcoming addition, but the surprising fact was that they happened on a bugfix release.
At the same time, it seems that several Python wheels, even from large projects, are not structurally valid. For example, Poetry has left this issue open in their issue tracker for Microsoft's debugpy package: python-poetry/poetry#7686
In our case, we see that Poetry 1.4.1 fails to validate Black's Python wheels for x86_64 MacOS. Doing poetry install on an x86_64 MacOS environment returns the following:
_WheelFileValidationError
["In /Users/runner/Library/Caches/pypoetry/artifacts/59/74/28/0da99c4265a039049b4cccc0a54b5103991e1d78c7d85b899291d627c5/black-22.10.0-1fixedarch-cp310-cp310-macosx_11_0_x86_64.whl, hash / size of black-22.10.0.dist-info/WHEEL didn't match RECORD"]
at~/hostedtoolcache/Python/3.10.10/x64/lib/python3.10/site-packages/installer/sources.py:289invalidate_record285│ f"In {self._zipfile.filename}, hash / size of {item.filename} didn't match RECORD"286│ )
287│
288│ ifissues:
→ 289│ raise_WheelFileValidationError(issues)
290│
291│ defget_contents(self) ->Iterator[WheelContentElement]:
292│ """Sequential access to all contents of the wheel (including dist-info files).
293│
Ultimately, it's the responsibility of the upstream maintainers to update their wheels. I checked and this seems to be the case with Black. If we update our Poetry lock file, we get Black 23.1.0, and Poetry can install it properly.
The text was updated successfully, but these errors were encountered:
Updating the Poetry lock file for Dangerzone means that we fetch the latest versions of all of our dependencies, which is a good thing to do before the release. However, it seems that our lint checks now fail on our project. More specifically, Black now detects some format errors, while Mypy detects some insufficient typing hints.
Run `poetry lock` and allow updating the existing dependencies. This
fixes a CI regression that was introduced by Poetry 1.4.1, which added
stricter Python wheels validation
Fixes#376
It seems that Poetry 1.4.1 accidentally started making more strict validation checks on the wheels it downloads (see python-poetry/poetry#7694). The strict checks are actually a welcoming addition, but the surprising fact was that they happened on a bugfix release.
At the same time, it seems that several Python wheels, even from large projects, are not structurally valid. For example, Poetry has left this issue open in their issue tracker for Microsoft's
debugpy
package: python-poetry/poetry#7686In our case, we see that Poetry 1.4.1 fails to validate Black's Python wheels for x86_64 MacOS. Doing
poetry install
on an x86_64 MacOS environment returns the following:Ultimately, it's the responsibility of the upstream maintainers to update their wheels. I checked and this seems to be the case with Black. If we update our Poetry lock file, we get Black 23.1.0, and Poetry can install it properly.
The text was updated successfully, but these errors were encountered: