Bug#1055824: python3-rich: violates Python package metadata with dependency package 'python3-markdown-it' 3.0.0-2
Control: tags -1 + upstream patch On 12-Nov-2023, Ben Finney wrote: > Either: > > * The upstream version constraint needs to be relaxed by the upstream > project, to allow ‘python3-rich’ version “3.0.0-2” to satisfy the > dependency. This is the resolution indicated by the upstream code base. In versions starting at “13.4.2”, the upstream project declares dependencies that allow ‘markdown-it-py’ version “3.0.0” also. https://github.com/Textualize/rich/commit/f232e9d95bbe4747f12459d5935cfa2a42c08069> This can be applied with a simple patch: = diff --git old/pyproject.toml new/pyproject.toml --- old/pyproject.toml +++ new/pyproject.toml @@ -30,7 +30,7 @@ typing-extensions = { version = ">=4.0.0, <5.0", python = "<3.9" } pygments = "^2.14.0" ipywidgets = { version = ">=7.5.1,<9", optional = true } -markdown-it-py = "^2.1.0" +markdown-it-py = ">=2.1.0" [tool.poetry.extras] jupyter = ["ipywidgets"] = or by upgrading Debian's ‘rich’ package source, to upstream's version “13.4.2” or later. -- \ “You can never entirely stop being what you once were. That's | `\ why it's important to be the right person today, and not put it | _o__) off until tomorrow.” —Larry Wall | Ben Finney signature.asc Description: PGP signature
Bug#1055824: python3-rich: violates Python package metadata with dependency package 'python3-markdown-it' 3.0.0-2
On 12-Nov-2023, Sandro Tosi wrote: > > The inconsistent constraints need to be resolved; > > no they dont. debian uses apt not pip to install packages. The ‘pip’ command-line tool can also query which packages Python knows are installed, and that uses the database derived from Python package metadata. So, the Python metadata installed by the Debian package needs to be consistent with the dependencies. > from a packaging perspective, what matter is "does rich work?" and since > the answer is "yes" In the aspect of Python giving the correct answer from a query using ‘pip’, it isn't working. This is because the query is not of the Debian package database, but the Python metadata. This can be resolved by making the Debian dependencies and the Python metadata declared dependencies, consistent. Please address this so that the Python standard ‘pip’ tool can get the correct information from the Python metadata installed by these Debian packages. -- \ “Science is a way of trying not to fool yourself. The first | `\ principle is that you must not fool yourself, and you are the | _o__) easiest person to fool.” —Richard P. Feynman, 1964 | Ben Finney signature.asc Description: PGP signature
Bug#1055824: python3-rich: violates Python package metadata with dependency package 'python3-markdown-it' 3.0.0-2
Package: python3-rich Version: 13.3.1-2 Severity: normal Howdy, The Debian binary package ‘python3-rich’ declares: Depends: python3-markdown-it with no version constraint. On this machine, the dependency is satisfied by the only available version ‘python3-markdown-it’ version “3.0.0-2”. The Python metadata installed by the Debian ‘python3-rich’ package declares a constrained version range for that corresponding dependency: Requires-Dist: markdown-it-py (>=2.1.0,<3.0.0) This results in the Python ‘pip’ package dependency graph reporting (correctly) that its version constraints are not satisfied by the installed packages: INFO: pip is looking at multiple versions of rich to determine which version is compatible with other requirements. This could take a while. ERROR: Could not find a version that satisfies the requirement markdown-it-py<3.0.0,>=2.1.0 (from rich) (from versions: none) The inconsistent constraints need to be resolved; the Python package metadata dependency declarations need to be satisfied when the Debian package is installed. Either: * The upstream version constraint needs to be relaxed by the upstream project, to allow ‘python3-rich’ version “3.0.0-2” to satisfy the dependency. or * The Debian package needs to constrain its dependency on ‘python3-rich’ to match upstream's declared constraints. -- System Information: Debian Release: trixie/sid APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.5.0-3-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_AU.UTF-8), LANGUAGE=en_AU.UTF-8 Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3-rich depends on: ii python3 [python3-supported-min] 3.11.4-5+b1 ii python3-markdown-it 3.0.0-2 ii python3-pygments 2.15.1+dfsg-1 ii python3-typing-extensions4.7.1-2 python3-rich recommends no packages. python3-rich suggests no packages. -- no debconf information