Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Relax check_dist_restriction for dry run #11765

Closed
wants to merge 4 commits into from
Closed

Relax check_dist_restriction for dry run #11765

wants to merge 4 commits into from

Conversation

tgeng
Copy link

@tgeng tgeng commented Jan 29, 2023

There does not seem to be any reason to require --only-binary or --no-deps in dry run mode. There is also no need to specify --target in such a situation.

With the new --report flag, this makes it possible to use pip just as a cross-platform dependency resolver.

Context: #11764

@tgeng tgeng changed the title Relax check_dist_restriction for dry run Relax check_dist_restriction for dry run Jan 29, 2023
@tgeng
Relax check_dist_restriction for dry run
b22adac 
There does not seem to be any reason to require `--only-binary` or
`--no-deps` in dry run mode. There is also no need to specify
`--target` in such a situation.

With the new `--report` flag, this makes it possible to use `pip` just
as a cross-platform dependency resolver.
@sbidoul
Copy link
Member

sbidoul commented Jan 30, 2023

There does not seem to be any reason to require --only-binary

Is it not necessary to ensure pip will not attempt a metadata preparation step for some sdist, which it can only do on the target platform?

@tgeng
Copy link
Author

tgeng commented Jan 31, 2023
edited
Loading

There does not seem to be any reason to require --only-binary

Is it not necessary to ensure pip will not attempt a metadata preparation step for some sdist, which it can only do on the target platform?

Thanks! Actually I am not familiar with how dependency resolution works. Does this mean in theory dependency resolution can invoke arbitrary native code? Is there an example that has such requirement do that I can dig into with? Maybe we can let it fail in that case if such situations are relatively rare? That way at least dry run can somewhat work cross platform.

@pfmoore
Copy link
Member

pfmoore commented Jan 31, 2023

Yes, easily. Any dependency that has no wheel, which is built using setuptools, will invoke setup.py when being built. The resolution process needs dependency data, which requires a build, because it is not available statically.

@pfmoore
Copy link
Member

pfmoore commented Jan 31, 2023

And the implication of that is that it’s extremely common, so failing is not an option.

@sbidoul
Copy link
Member

sbidoul commented Jan 31, 2023
edited
Loading

When PEP 643 compliant sdists will be more common, there will be the possibility to inspect dependencies in the sdist metadata, when they are declared static (which should probably be the most common case).

And if there is a source tree in the dependencies, pip would need to grow a way to inspect pyproject.toml to see if the dependencies and version are static, and get them from there.

Also you are going to hit #11664 and friends.

So yeah, there is a path to cross-platform dependency resolution, but we are not quite there yet.

BTW, @pfmoore I'm wondering if there is a way to measure PEP 643 adoption on PyPI?

@pfmoore
Copy link
Member

pfmoore commented Jan 31, 2023
edited
Loading

BTW, @pfmoore I'm wondering if there is a way to measure PEP 643 adoption on PyPI?

Easy, at the moment it's zero, because the issue for supporting Metadata 2.2 hasn't been implemented yet 🙁

Once that's been dealt with, build backends need to start generating Metadata 2.2. For all but setuptools, that will be easy, and setuptools is getting there (with static config support) but it'll be a while I suspect. Then you'll be able to download and check all sdists on PyPI to get a feel for the answer 🤣 When PEP 658 gets implemented for sdists (there's this issue to cover doing it for wheels, but nothing yet for sdists) the information will be available from the simple API. But even then, it will be a long time before we can assume that a resolve will never need to look at a pre-metadata 2.2 sdist to complete (existing sdists on PyPI will not be retroactively updated, obviously).

All of the parts are there, but they need implementing. And there's still legacy.

So basically we won't be able to avoid the possibility of running build code as part of a resolve for the foreseeable future. What we will be able to do is avoid running code or downloading full distributions in the common cases, which will be a significant performance win for pip.

Edit: To give a less facetious answer, PEP 643 isn't supported yet on PyPI, so all existing sdists need a build step, and will forever (as changing uploaded artifacts isn't allowed). Once PEP 643 support is added, we'll hopefully see the majority of new sdists with static metadata for everything the resolver needs, so the adoption rate will be essentially new vs old. I don't know when we'll reach a tipping point where we can declare all non-static cases "sufficiently old" that we're happy for the resolver to error if it hits one.

@tgeng
Copy link
Author

tgeng commented Jan 31, 2023

I see. Thanks all for the explanation! Please feel free to close the issue and PR as there seems to be no feasible way to do cross platform resolution correctly for the foreseeable future.

@tgeng tgeng closed this Mar 21, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 7, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@uranusjr uranusjr uranusjr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tgeng @sbidoul @pfmoore @uranusjr