Verified distro-info, dput, gpgme1.0, and python-debian with the test
plan from vorlon on lunar, kinetic, jammy, and focal. Detailed logs:
Verification for dput on lunar:
```
$ schroot-wrapper -c lunar -p dput,python3-pip -e
[...]
(lunar)bdrung@host:~$ pip3 install -U setuptools --break-system-packages
Defaulting to user installation because normal site-packages is not writeable
Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages
(66.1.1)
Collecting setuptools
Downloading setuptools-68.0.0-py3-none-any.whl (804 kB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 804.0/804.0 kB 8.3 MB/s eta
0:00:00
Installing collected packages: setuptools
Successfully installed setuptools-68.0.0
(lunar)bdrung@host:~$ dput
No package or host has been provided, see dput -h
(lunar)bdrung@host:~$ dpkg -s dput | grep ^Version
Version: 1.1.3ubuntu2.1
```
Verification for dput and python-debian on kinetic:
```
$ schroot-wrapper -c kinetic -p dput,python3-pip,python3-debian -e
[...]
(kinetic)bdrung@host:~$ pip3 install -U setuptools
Defaulting to user installation because normal site-packages is not writeable
Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages
(59.6.0)
Collecting setuptools
Downloading setuptools-68.0.0-py3-none-any.whl (804 kB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 804.0/804.0 kB 3.9 MB/s eta
0:00:00
Installing collected packages: setuptools
Successfully installed setuptools-68.0.0
(kinetic)bdrung@host:~$ dput
No package or host has been provided, see dput -h
(kinetic)bdrung@host:~$ dpkg -s dput | grep ^Version
Version: 1.1.2ubuntu2.1
(kinetic)bdrung@host:~$ dpkg -s python3-debian | grep ^Version
Version: 0.1.46ubuntu1
```
Verification for distro-info, dput, gpgme1.0, and python-debian on
jammy:
```
$ schroot-wrapper -c jammy -p
dput,python3-pip,python3-debian,python3-distro-info -e
[...]
(jammy)bdrung@host:~$ pip3 install -U setuptools
Defaulting to user installation because normal site-packages is not writeable
Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages
(59.6.0)
Collecting setuptools
Downloading setuptools-68.0.0-py3-none-any.whl (804 kB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 804.0/804.0 KB 8.0 MB/s eta
0:00:00
Installing collected packages: setuptools
Successfully installed setuptools-68.0.0
(jammy)bdrung@host:~$ dput
No package or host has been provided, see dput -h
(jammy)bdrung@host:~$ dpkg -s python3-distro-info | grep ^Version
Version: 1.1ubuntu0.1
(jammy)bdrung@host:~$ dpkg -s dput | grep ^Version
Version: 1.1.0ubuntu2.1
(jammy)bdrung@host:~$ dpkg -s python3-gpg | grep ^Version
Version: 1.16.0-1.2ubuntu4.1
(jammy)bdrung@host:~$ dpkg -s python3-debian | grep ^Version
Version: 0.1.43ubuntu1.1
```
Verification for distro-info, dput, gpgme1.0, and python-debian on
focal:
```
$ schroot-wrapper -c focal -p
dput,python3-pip,python3-debian,python3-distro-info -e
[...]
(focal)bdrung@host:~$ pip3 install -U setuptools
Collecting setuptools
Downloading setuptools-68.0.0-py3-none-any.whl (804 kB)
|████████████████████████████████| 804 kB 2.1 MB/s
Installing collected packages: setuptools
Successfully installed setuptools-68.0.0
(focal)bdrung@host:~$ dput
/usr/bin/dput:6: DeprecationWarning: pkg_resources is deprecated as an API. See
https://setuptools.pypa.io/en/latest/pkg_resources.html
from pkg_resources import load_entry_point
No package or host has been provided, see dput -h
(focal)bdrung@host:~$ dpkg -s python3-distro-info | grep ^Version
Version: 0.23ubuntu1.1
(focal)bdrung@host:~$ dpkg -s dput | grep ^Version
Version: 1.0.3ubuntu1.1
(focal)bdrung@host:~$ dpkg -s python3-gpg | grep ^Version
Version: 1.13.1-7ubuntu2.1
(focal)bdrung@host:~$ dpkg -s python3-debian | grep ^Version
Version: 0.1.36ubuntu1.1
```
** Tags removed: verification-needed verification-needed-focal
verification-needed-jammy verification-needed-kinetic verification-needed-lunar
** Tags added: verification-done verification-done-focal
verification-done-jammy verification-done-kinetic verification-done-lunar
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gpgme1.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1991606
Title:
Invalid PEP440 package version breaking setuptools >= 66
Status in devscripts package in Ubuntu:
Fix Released
Status in distro-info package in Ubuntu:
Fix Released
Status in dput package in Ubuntu:
Fix Released
Status in drslib package in Ubuntu:
New
Status in duecredit package in Ubuntu:
Fix Released
Status in gpgme1.0 package in Ubuntu:
Fix Released
Status in python-debian package in Ubuntu:
Fix Released
Status in reportbug package in Ubuntu:
Fix Released
Status in ubuntu-dev-tools package in Ubuntu:
Fix Released
Status in update-manager package in Ubuntu:
Fix Released
Status in devscripts source package in Bionic:
New
Status in distro-info source package in Bionic:
New
Status in dput source package in Bionic:
New
Status in drslib source package in Bionic:
Invalid
Status in duecredit source package in Bionic:
New
Status in gpgme1.0 source package in Bionic:
New
Status in python-debian source package in Bionic:
Invalid
Status in reportbug source package in Bionic:
New
Status in ubuntu-dev-tools source package in Bionic:
New
Status in update-manager source package in Bionic:
New
Status in devscripts source package in Focal:
New
Status in distro-info source package in Focal:
Fix Committed
Status in dput source package in Focal:
Fix Committed
Status in drslib source package in Focal:
New
Status in duecredit source package in Focal:
New
Status in gpgme1.0 source package in Focal:
Fix Committed
Status in python-debian source package in Focal:
Fix Committed
Status in reportbug source package in Focal:
New
Status in ubuntu-dev-tools source package in Focal:
Fix Released
Status in update-manager source package in Focal:
New
Status in devscripts source package in Jammy:
New
Status in distro-info source package in Jammy:
Fix Committed
Status in dput source package in Jammy:
Fix Committed
Status in drslib source package in Jammy:
New
Status in duecredit source package in Jammy:
New
Status in gpgme1.0 source package in Jammy:
Fix Committed
Status in python-debian source package in Jammy:
Fix Committed
Status in reportbug source package in Jammy:
New
Status in ubuntu-dev-tools source package in Jammy:
Invalid
Status in update-manager source package in Jammy:
New
Status in devscripts source package in Kinetic:
New
Status in distro-info source package in Kinetic:
Fix Released
Status in dput source package in Kinetic:
Fix Committed
Status in drslib source package in Kinetic:
New
Status in duecredit source package in Kinetic:
New
Status in gpgme1.0 source package in Kinetic:
Fix Released
Status in python-debian source package in Kinetic:
Fix Committed
Status in reportbug source package in Kinetic:
New
Status in ubuntu-dev-tools source package in Kinetic:
Invalid
Status in update-manager source package in Kinetic:
New
Status in dput source package in Lunar:
Fix Committed
Bug description:
[ Impact ]
With setuptools 66, the versions of all packages visible in the Python
environment *must* obey PEP440 <https://peps.python.org/pep-0440/>.
Otherwise, attempts to use pip to install a package with a setup.py-
based build system, or other attempts to use the `pkg-resources`
module, can produce errors like this:
File
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
line 844, in _resolve_dist
env = Environment(self.entries)
File
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
line 1044, in __init__
self.scan(search_path)
File
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
line 1077, in scan
self.add(dist)
File
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
line 1096, in add
dists.sort(key=operator.attrgetter('hashcmp'), reverse=True)
File
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
line 2631, in hashcmp
self.parsed_version,
File
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
line 2678, in parsed_version
self._parsed_version = parse_version(self.version)
File
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/version.py",
line 266, in __init__
raise InvalidVersion(f"Invalid version: '{version}'")
pkg_resources.extern.packaging.version.InvalidVersion: Invalid version:
'0.23ubuntu1'
The official opinion of the setuptools maintainers seems to be that
version strings of this form haven't *really* been allowed since about
2014, and distributions need to change their package version naming
scheme for Python packages they install, so that the resulting version
strings obey PEP440. See for example
<https://github.com/pypa/setuptools/issues/3772#issuecomment-1384342813>.
suffix 1build1 is invalid.
Some python building tools, that verifies if version strings are
compatible with PEP440, are failing.
Example: python poetry: Invalid PEP 440 version: '1.1build1'
[ Test Plan ]
1.
$ mkdir /tmp/lp.1991606
$ export HOME=/tmp/lp.1991606
$ sudo apt install dput python3-pip
$ pip3 install -U setuptools
$ sudo apt install <broken package>
$ dput
This will produce a backtrace.
2. Enable -proposed
3. Upgrade <broken package> from proposed
4. dput
This will succeed.
[ Where problems could occur ]
The fix touches only setup.py which is only used for installing the
package. So there should be no effect on the installed package (except
for exposing a different version). But there could be indirect effects
(hidden bugs that trigger on package upgrade, etc).
[ Other Info ]
The related upstream bug report is
https://github.com/pypa/setuptools/issues/3772. As of 2023-04-25 it
has 85 comments and 108 thumbs ups.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/devscripts/+bug/1991606/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
