[Slackbuilds-users] important info regarding python3-hatchling update

Tim Dickson dickson.tim at googlemail.com
Thu Sep 12 08:35:12 UTC 2024 

On 12/09/2024 09:14, Jeremy Hansen wrote:
>
>
> On Thu, Sep 12, 2024, 12:57 AM Tim Dickson via SlackBuilds-users 
> <slackbuilds-users at slackbuilds.org> wrote:
>
>     On 12/09/2024 06:29, Jeremy Hansen wrote:
>>
>>
>>     On Wed, Sep 11, 2024 at 4:23 AM fourtysixandtwo
>>     <fourtysixandtwo at sliderr.net> wrote:
>>
>>         On Tue, Sep 10, 2024 at 12:55 PM Jeremy Hansen
>>         <jebrhansen+SBo at gmail.com
>>         <mailto:jebrhansen%2BSBo at gmail.com>> wrote:
>>         > export SETUPTOOLS_SCM_PRETEND_VERSION=$VERSION
>>         >
>>         > and a few
>>         >
>>         > export PDM_BUILD_SCM_VERSION=$VERSION
>>         >
>>         > to fix some issue with versions not being detected properly
>>         during build time (although, I believe several are due to me
>>         choosing GitHub tarballs instead of PyPi, which are packaged
>>         differently). If those hacks were to be fixed by these
>>         updates, I'd remove them.
>>
>>         I use the pypi tarballs solely because I can also grab the
>>         MD5SUM they provide with my update script.
>>
>>
>>     This isn't an issue for me as my update script will generate
>>     MD5SUM automatically no matter how many source files there are.
>>     It will just download everything in the DOWNLOAD or
>>     DOWNLOAD_X86_64 variables in the .info (if they don't already
>>     exist) and then generate MD5s for all of them and update the
>>     .info file.
>>
>>         It is a bonus that I haven't had to use those methods above
>>         with any builds I maintain.
>>
>>
>>     This is a minor inconvenience for a handful of packages that
>>     prefer downloads from PyPi or a git clone (rather than an archive
>>     download from a tag/release). Luckily, out of the 150+ packages I
>>     maintain, there's probably less than a dozen that I had to add
>>     this tweak/hack. I think my preference to GitHub was many python
>>     packages I took over that used PyPi as their source location used
>>     hashed download links, which prevented my update script from
>>     using the right download link (although, I suppose I could add
>>     the functionality to switch to links that simply require updating
>>     the version -- future me will worry about that :D). This led me
>>     to prefer GitHub links and then outta sheer stubbornness, when
>>     problems arose from it, I found hacks to continue using GitHub
>>     over PyPi.
>>
>>         I just checked with python3-tox and python3-pyproject-api
>>         tarballs from pypi and they both include a
>>         "src/*/*version.py".  One does have to watch for the change
>>         in source from say pyproject-api to pyproject_api in both
>>         download and SRCNAM though.
>>
>>         Have you come across this for troubleshooting?
>>         export SETUPTOOLS_SCM_DEBUG=true
>>
>>
>>     I was not aware of that flag, however, it led to either a similar
>>     or the same issue (too lazy to investigate further right now).
>>
>>     "mAke sURe yoU're EitHer bUildINg frOM A FulLy iNTAcT git
>>     RepOsiToRY oR PyPi taRbaLLs."
>>
>>     Error, meet stubbornness (my hack) :D
>>
>>         While we are on the topic of setuptools_scm, I have a method
>>         using
>>         venv to upgrade it to 8.1.0, but unfortunately the newer
>>         versions do
>>         not honour PYTHONPATH precedence and import the older
>>         slackware 15.0
>>         version.  One would have to remove the older system package
>>         or use the
>>         venv hack on every slackbuild that requires the newer
>>         setuptools_scm
>>         in /opt.
>>
>>
>>     I mean, we currently have to add hacks in SlackBuilds to use
>>     newer python packages residing in /opt/ (which are mostly, if not
>>     entirely, packages you maintain). This has opened up the ability
>>     to upgrade a lot of python packages further than would be allowed
>>     if we solely used the packages from 15.0. They've been very
>>     helpful in allowing upgrades without additional hacks.
>>
>>     If the newer version offers something severely lacking on
>>     Slackware or SBo today, I (and I can only speak for myself), have
>>     no issues adding a line or few to my SlackBuilds that require
>>     that newer version.
>>
>>         Upstream is aware of this issue but don't have any interest
>>         in fixing it currently.
>>
>>
>>     That sucks.
>>
>>         > Go for it! It's easier than me trying to merge your changes
>>         and submit a PR this week.
>>
>>         Done!
>>
>>
>>     Thanks!
>>
>>     _______________________________________________
>>     SlackBuilds-users mailing list
>>     SlackBuilds-users at slackbuilds.org
>>     https://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users
>>     Archives -https://lists.slackbuilds.org/pipermail/slackbuilds-users/
>>     FAQ -https://slackbuilds.org/faq/
>>
>     i found that for some python builds github archives/tags were
>     missing some of the source, which was included in pypi source
>     download, so have to use pypi for those. it's a bit more
>     inconvenient, as the url's have the hashes as you mentioned, but
>     it's not too awkward.
>     regards, Tim
>
>
> You can change the PyPi URLs to not have hashes, but you can also 
> usually bypass the missing source files when getting it from GitHub 
> with variables passed during the build process.
>
> I usually choose the latter out of spite for PyPi not defaulting to 
> non-hashed source links.
>
> However, if you're interested in bypassing the hash-based sources with 
> PyPi, it is based on the following URL layout:
>
> https://files.pythonhosted.org/packages/source/${PROJECT::1}/${PROJECT}/${PROJECT}-${VERSION}.tar.gz 
> <https://files.pythonhosted.org/packages/source/$%7BPROJECT::1%7D/$%7BPROJECT%7D/$%7BPROJECT%7D-$%7BVERSION%7D.tar.gz>
>
> The ${PROJECT::1} being the first letter of the project/package name.
>
> So if it was tox (which is python3-tox on SBo) the url would be 
> (replacing ${VERSION} with the actual version):
>
> https://files.pythonhosted.org/packages/source/t/tox/tox-${VERSION}.tar.gz 
> <https://files.pythonhosted.org/packages/source/t/tox/tox-$%7BVERSION%7D.tar.gz>
>
> I have a bash function that can find the non-hashed URL for PyPi 
> sources and will correct any download links for GitHub (since they do 
> funky stuff with content disposition). You can work it into a script, 
> add it to your shell using a bashrc or similar, or make it its own 
> script.
>
> https://github.com/bassmadrigal/scripts/blob/master/check-source-download.sh
>
> Jeremy
>
> (I don't know what the crap is going on with the below section of 
> quoted email. I couldn't delete it using Gmail's android app. It 
> really frustrated me, but not enough to go to my computer and see if I 
> can fix it there.)
>
thanks, that's really useful info. It looks similar to sourceforge 
upload urls in that respect. It would be useful to have all these sort 
of tips for slackbuild maintainers in a central place. maybe 
https://www.slackwiki.com/Writing_A_SlackBuild_Script  ,or is there a 
better place?
regards, Tim

-- 
This email has been checked for viruses by AVG antivirus software.
www.avg.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20240912/a6d6629a/attachment-0001.htm>

More information about the SlackBuilds-users mailing list