Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

intermittent pip HashMismatch due to missing wheel entry in pdm.lock #596

Closed
anthonyroach opened this issue Aug 10, 2021 · 8 comments
Closed

intermittent pip HashMismatch due to missing wheel entry in pdm.lock #596

anthonyroach opened this issue Aug 10, 2021 · 8 comments
Labels
🐛 bug Something isn't working

Comments

@anthonyroach
Copy link

anthonyroach commented Aug 10, 2021
edited
Loading

Steps to reproduce

  • pdm init in fresh directory
  • pdm add boto3
  • now move the project to another computer or a build server like Jenkins and run pdm install.

Actual behavior

Sometimes pdm install will fail with the following error:

09:53:30  ERRORS:
09:53:30  add botocore failed:
09:53:30  Traceback (most recent call last):
09:53:30    File "/usr/local/lib/python3.9/concurrent/futures/thread.py", line 52, in run
09:53:30      result = self.fn(*self.args, **self.kwargs)
09:53:30    File "/usr/local/lib/python3.9/site-packages/pdm/installers/synchronizers.py", line 157, in install_candidate
09:53:30      installer.install(can)
09:53:30    File "/usr/local/lib/python3.9/site-packages/pdm/installers/installers.py", line 46, in install
09:53:30      built = candidate.build()
09:53:30    File "/usr/local/lib/python3.9/site-packages/pdm/models/candidates.py", line 232, in build
09:53:30      self.prepare()
09:53:30    File "/usr/local/lib/python3.9/site-packages/pdm/models/candidates.py", line 184, in prepare
09:53:30      downloaded = pip_shims.unpack_url(
09:53:30    File "/usr/local/lib/python3.9/site-packages/pip/_internal/operations/prepare.py", line 239, in unpack_url
09:53:30      file = get_http_url(
09:53:30    File "/usr/local/lib/python3.9/site-packages/pip/_internal/operations/prepare.py", line 104, in get_http_url
09:53:30      hashes.check_against_path(from_path)
09:53:30    File "/usr/local/lib/python3.9/site-packages/pip/_internal/utils/hashes.py", line 118, in check_against_path
09:53:30      return self.check_against_file(file)
09:53:30    File "/usr/local/lib/python3.9/site-packages/pip/_internal/utils/hashes.py", line 113, in check_against_file
09:53:30      return self.check_against_chunks(read_chunks(file))
09:53:30    File "/usr/local/lib/python3.9/site-packages/pip/_internal/utils/hashes.py", line 100, in check_against_chunks
09:53:30      self._raise(gots)
09:53:30    File "/usr/local/lib/python3.9/site-packages/pip/_internal/utils/hashes.py", line 104, in _raise
09:53:30      raise HashMismatch(self._allowed, gots)
09:53:30  pip._internal.exceptions.HashMismatch: THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS FILE. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them.
09:53:30      unknown package:
09:53:30          Expected sha256 a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa
09:53:30               Got        5b665142bdb2c30fc86b15bc48dd8b74c9cac69dc3e20b6d8f79cb60ff368797

I've gotten it to happen a few times on my workstation, and it almost always fails on our Jenkins build server. It seems to be random whether pdm install works or not.

I noticed that in pdm.lock under [metadata.files] botocore has only an sdist entry and no wheel entry:

"botocore 1.21.17" = [
    {file = "botocore-1.21.17.tar.gz", hash = "sha256:a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa"},
]

If I manually change this and add the wheel (file name and hash from pypi.org) then pdm install seems to work 100% of the time. Example:

"botocore 1.21.17" = [
    {file = "botocore-1.21.17.tar.gz", hash = "sha256:a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa"},
    {file = "botocore-1.21.17-py3-none-any.whl", hash = "sha256:5b665142bdb2c30fc86b15bc48dd8b74c9cac69dc3e20b6d8f79cb60ff368797"},
]

Also note that in the error message the expected hash is the sdist one, but the actual hash is the wheel one. It seems like pdm is telling pip only about the sdist hash, and then pip is downloading the wheel instead of the sdist and so the hash doesn't match.

Expected behavior

pdm install should work 100% of the time.

Environment Information

On my workstation:

 ./pdm-docker.sh info && ./pdm-docker.sh info --env
++ pwd
+ docker run --rm -v /home/anthony/repo/file-service-container:/app --env PIP_NO_CACHE_DIR=off frostming/pdm pdm info
PDM version:        1.7.0                      
Python Interpreter: /usr/local/bin/python (3.9)
Project Root:       /app                       
Project Packages:   /app/__pypackages__/3.9    
++ pwd
+ docker run --rm -v /home/anthony/repo/file-service-container:/app --env PIP_NO_CACHE_DIR=off frostming/pdm pdm info --env
{
  "implementation_name": "cpython",
  "implementation_version": "3.9.6",
  "os_name": "posix",
  "platform_machine": "x86_64",
  "platform_release": "5.4.0-80-generic",
  "platform_system": "Linux",
  "platform_version": "#90-Ubuntu SMP Fri Jul 9 22:49:44 UTC 2021",
  "python_full_version": "3.9.6",
  "platform_python_implementation": "CPython",
  "python_version": "3.9",
  "sys_platform": "linux"
}

In Jenkins:

14:14:53  + ./pdm-docker.sh info
14:14:53  ++ pwd
14:14:53  + docker run --rm -v /tmp/jenkins-ecs-jobs/ecs-ecs-builder-wh584/workspace/omic_file-service-container_PR-9:/app --env PIP_NO_CACHE_DIR=off frostming/pdm pdm info
14:14:55  PDM version:        1.7.0                      
14:14:55  Python Interpreter: /usr/local/bin/python (3.9)
14:14:55  Project Root:       /app                       
14:14:55  Project Packages:   /app/__pypackages__/3.9    
14:14:55  + ./pdm-docker.sh info --env
14:14:55  ++ pwd
14:14:55  + docker run --rm -v /tmp/jenkins-ecs-jobs/ecs-ecs-builder-wh584/workspace/omic_file-service-container_PR-9:/app --env PIP_NO_CACHE_DIR=off frostming/pdm pdm info --env
14:14:56  {
14:14:56    "implementation_name": "cpython",
14:14:56    "implementation_version": "3.9.6",
14:14:56    "os_name": "posix",
14:14:56    "platform_machine": "x86_64",
14:14:56    "platform_release": "4.14.238-182.422.amzn2.x86_64",
14:14:56    "platform_system": "Linux",
14:14:56    "platform_version": "#1 SMP Tue Jul 20 20:35:54 UTC 2021",
14:14:56    "python_full_version": "3.9.6",
14:14:56    "platform_python_implementation": "CPython",
14:14:56    "python_version": "3.9",
14:14:56    "sys_platform": "linux"
14:14:56  }

Note that I'm running pdm via docker in the above.
@anthonyroach anthonyroach added the 🐛 bug Something isn't working label Aug 10, 2021
@anthonyroach
Copy link
Author

anthonyroach commented Aug 10, 2021
edited
Loading

Another thing I noticed after typing out the above is that pip doesn't seem to see the wheel for botocore==1.21.17 even though it is available at https://pypi.org/project/botocore/1.21.17/#files

image

❯ pip install botocore==1.21.17 --only-binary=:all:
ERROR: Could not find a version that satisfies the requirement botocore==1.21.17 (from versions: 1.0.0rc1, 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.1.9, 1.1.10, 1.1.11, 1.1.12, 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8, 1.2.9, 1.2.10, 1.2.11, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.3.7, 1.3.8, 1.3.9, 1.3.10, 1.3.11, 1.3.12, 1.3.13, 1.3.14, 1.3.15, 1.3.16, 1.3.17, 1.3.18, 1.3.19, 1.3.20, 1.3.21, 1.3.22, 1.3.23, 1.3.24, 1.3.25, 1.3.26, 1.3.27, 1.3.28, 1.3.29, 1.3.30, 1.4.0, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 1.4.5, 1.4.6, 1.4.7, 1.4.8, 1.4.9, 1.4.10, 1.4.11, 1.4.12, 1.4.13, 1.4.14, 1.4.15, 1.4.16, 1.4.17, 1.4.18, 1.4.19, 1.4.20, 1.4.21, 1.4.22, 1.4.23, 1.4.24, 1.4.25, 1.4.26, 1.4.27, 1.4.28, 1.4.29, 1.4.30, 1.4.31, 1.4.32, 1.4.33, 1.4.34, 1.4.35, 1.4.36, 1.4.37, 1.4.38, 1.4.39, 1.4.40, 1.4.41, 1.4.42, 1.4.43, 1.4.44, 1.4.46, 1.4.47, 1.4.48, 1.4.49, 1.4.50, 1.4.51, 1.4.52, 1.4.53, 1.4.54, 1.4.55, 1.4.56, 1.4.57, 1.4.58, 1.4.59, 1.4.60, 1.4.61, 1.4.62, 1.4.63, 1.4.64, 1.4.65, 1.4.66, 1.4.67, 1.4.68, 1.4.69, 1.4.70, 1.4.71, 1.4.72, 1.4.73, 1.4.74, 1.4.75, 1.4.76, 1.4.77, 1.4.78, 1.4.79, 1.4.80, 1.4.81, 1.4.82, 1.4.83, 1.4.84, 1.4.85, 1.4.86, 1.4.87, 1.4.88, 1.4.89, 1.4.90, 1.4.91, 1.4.92, 1.4.93, 1.5.0, 1.5.1, 1.5.2, 1.5.3, 1.5.4, 1.5.5, 1.5.6, 1.5.7, 1.5.8, 1.5.9, 1.5.10, 1.5.11, 1.5.12, 1.5.13, 1.5.14, 1.5.15, 1.5.16, 1.5.17, 1.5.18, 1.5.19, 1.5.20, 1.5.21, 1.5.22, 1.5.23, 1.5.24, 1.5.25, 1.5.26, 1.5.27, 1.5.28, 1.5.29, 1.5.30, 1.5.31, 1.5.32, 1.5.33, 1.5.34, 1.5.35, 1.5.36, 1.5.37, 1.5.38, 1.5.39, 1.5.40, 1.5.41, 1.5.42, 1.5.43, 1.5.44, 1.5.45, 1.5.46, 1.5.47, 1.5.48, 1.5.49, 1.5.50, 1.5.51, 1.5.52, 1.5.53, 1.5.54, 1.5.55, 1.5.56, 1.5.57, 1.5.58, 1.5.59, 1.5.60, 1.5.61, 1.5.62, 1.5.63, 1.5.64, 1.5.65, 1.5.66, 1.5.67, 1.5.68, 1.5.69, 1.5.70, 1.5.71, 1.5.72, 1.5.73, 1.5.74, 1.5.75, 1.5.76, 1.5.77, 1.5.78, 1.5.79, 1.5.80, 1.5.81, 1.5.82, 1.5.83, 1.5.84, 1.5.85, 1.5.86, 1.5.87, 1.5.88, 1.5.89, 1.5.90, 1.5.91, 1.5.92, 1.5.93, 1.5.94, 1.5.95, 1.6.0, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.6.7, 1.6.8, 1.7.0, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, 1.7.6, 1.7.7, 1.7.8, 1.7.9, 1.7.10, 1.7.11, 1.7.12, 1.7.13, 1.7.14, 1.7.15, 1.7.16, 1.7.17, 1.7.18, 1.7.19, 1.7.20, 1.7.21, 1.7.22, 1.7.23, 1.7.24, 1.7.25, 1.7.26, 1.7.27, 1.7.28, 1.7.29, 1.7.30, 1.7.31, 1.7.32, 1.7.33, 1.7.34, 1.7.35, 1.7.36, 1.7.37, 1.7.38, 1.7.39, 1.7.40, 1.7.41, 1.7.42, 1.7.43, 1.7.44, 1.7.45, 1.7.46, 1.7.47, 1.7.48, 1.8.0, 1.8.1, 1.8.2, 1.8.3, 1.8.4, 1.8.5, 1.8.6, 1.8.7, 1.8.8, 1.8.9, 1.8.10, 1.8.11, 1.8.12, 1.8.13, 1.8.14, 1.8.15, 1.8.16, 1.8.17, 1.8.18, 1.8.19, 1.8.20, 1.8.21, 1.8.22, 1.8.23, 1.8.24, 1.8.25, 1.8.26, 1.8.27, 1.8.28, 1.8.29, 1.8.30, 1.8.31, 1.8.32, 1.8.33, 1.8.34, 1.8.35, 1.8.36, 1.8.37, 1.8.38, 1.8.39, 1.8.40, 1.8.41, 1.8.42, 1.8.43, 1.8.44, 1.8.45, 1.8.46, 1.8.47, 1.8.48, 1.8.49, 1.8.50, 1.9.0, 1.9.1, 1.9.2, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.9.8, 1.9.9, 1.9.10, 1.9.11, 1.9.12, 1.9.13, 1.9.14, 1.9.15, 1.9.16, 1.9.17, 1.9.18, 1.9.19, 1.9.20, 1.9.21, 1.9.22, 1.9.23, 1.10.0, 1.10.1, 1.10.2, 1.10.3, 1.10.4, 1.10.5, 1.10.6, 1.10.7, 1.10.8, 1.10.9, 1.10.10, 1.10.11, 1.10.12, 1.10.13, 1.10.14, 1.10.15, 1.10.16, 1.10.17, 1.10.18, 1.10.19, 1.10.20, 1.10.21, 1.10.22, 1.10.23, 1.10.24, 1.10.25, 1.10.26, 1.10.27, 1.10.28, 1.10.29, 1.10.30, 1.10.31, 1.10.32, 1.10.33, 1.10.34, 1.10.35, 1.10.36, 1.10.37, 1.10.38, 1.10.39, 1.10.40, 1.10.41, 1.10.42, 1.10.43, 1.10.44, 1.10.45, 1.10.46, 1.10.47, 1.10.48, 1.10.49, 1.10.50, 1.10.51, 1.10.52, 1.10.53, 1.10.54, 1.10.55, 1.10.56, 1.10.57, 1.10.58, 1.10.59, 1.10.60, 1.10.61, 1.10.62, 1.10.63, 1.10.64, 1.10.65, 1.10.66, 1.10.67, 1.10.68, 1.10.69, 1.10.70, 1.10.71, 1.10.72, 1.10.73, 1.10.74, 1.10.75, 1.10.76, 1.10.77, 1.10.78, 1.10.79, 1.10.80, 1.10.81, 1.10.82, 1.10.83, 1.10.84, 1.11.0, 1.11.1, 1.11.2, 1.11.3, 1.11.4, 1.11.5, 1.11.6, 1.11.7, 1.11.8, 1.11.9, 1.12.0, 1.12.1, 1.12.2, 1.12.3, 1.12.4, 1.12.5, 1.12.6, 1.12.7, 1.12.8, 1.12.9, 1.12.10, 1.12.11, 1.12.12, 1.12.13, 1.12.14, 1.12.15, 1.12.16, 1.12.17, 1.12.18, 1.12.19, 1.12.20, 1.12.21, 1.12.22, 1.12.23, 1.12.24, 1.12.25, 1.12.26, 1.12.27, 1.12.28, 1.12.29, 1.12.30, 1.12.31, 1.12.32, 1.12.33, 1.12.34, 1.12.35, 1.12.36, 1.12.37, 1.12.38, 1.12.39, 1.12.40, 1.12.41, 1.12.42, 1.12.43, 1.12.44, 1.12.45, 1.12.46, 1.12.47, 1.12.48, 1.12.49, 1.12.50, 1.12.51, 1.12.52, 1.12.53, 1.12.54, 1.12.55, 1.12.56, 1.12.57, 1.12.58, 1.12.59, 1.12.60, 1.12.61, 1.12.62, 1.12.63, 1.12.64, 1.12.65, 1.12.66, 1.12.67, 1.12.68, 1.12.69, 1.12.70, 1.12.71, 1.12.72, 1.12.73, 1.12.74, 1.12.75, 1.12.76, 1.12.77, 1.12.78, 1.12.79, 1.12.80, 1.12.81, 1.12.82, 1.12.83, 1.12.84, 1.12.85, 1.12.86, 1.12.87, 1.12.88, 1.12.89, 1.12.90, 1.12.91, 1.12.92, 1.12.93, 1.12.94, 1.12.95, 1.12.96, 1.12.97, 1.12.98, 1.12.99, 1.12.100, 1.12.101, 1.12.102, 1.12.103, 1.12.104, 1.12.105, 1.12.106, 1.12.107, 1.12.108, 1.12.109, 1.12.110, 1.12.111, 1.12.112, 1.12.113, 1.12.114, 1.12.115, 1.12.116, 1.12.117, 1.12.118, 1.12.119, 1.12.120, 1.12.121, 1.12.122, 1.12.123, 1.12.124, 1.12.125, 1.12.126, 1.12.127, 1.12.128, 1.12.129, 1.12.130, 1.12.131, 1.12.132, 1.12.133, 1.12.134, 1.12.135, 1.12.136, 1.12.137, 1.12.138, 1.12.139, 1.12.140, 1.12.141, 1.12.142, 1.12.143, 1.12.144, 1.12.145, 1.12.146, 1.12.147, 1.12.148, 1.12.149, 1.12.150, 1.12.151, 1.12.152, 1.12.153, 1.12.154, 1.12.155, 1.12.156, 1.12.157, 1.12.158, 1.12.159, 1.12.160, 1.12.161, 1.12.162, 1.12.163, 1.12.164, 1.12.165, 1.12.166, 1.12.167, 1.12.168, 1.12.169, 1.12.170, 1.12.171, 1.12.172, 1.12.173, 1.12.174, 1.12.175, 1.12.176, 1.12.177, 1.12.178, 1.12.179, 1.12.180, 1.12.181, 1.12.182, 1.12.183, 1.12.184, 1.12.185, 1.12.186, 1.12.187, 1.12.188, 1.12.189, 1.12.190, 1.12.191, 1.12.192, 1.12.193, 1.12.194, 1.12.195, 1.12.196, 1.12.197, 1.12.198, 1.12.199, 1.12.200, 1.12.201, 1.12.202, 1.12.203, 1.12.204, 1.12.205, 1.12.206, 1.12.207, 1.12.208, 1.12.209, 1.12.210, 1.12.211, 1.12.212, 1.12.213, 1.12.214, 1.12.215, 1.12.216, 1.12.217, 1.12.218, 1.12.219, 1.12.220, 1.12.221, 1.12.222, 1.12.223, 1.12.224, 1.12.225, 1.12.226, 1.12.227, 1.12.228, 1.12.229, 1.12.230, 1.12.231, 1.12.232, 1.12.233, 1.12.234, 1.12.235, 1.12.236, 1.12.237, 1.12.238, 1.12.239, 1.12.240, 1.12.241, 1.12.242, 1.12.243, 1.12.244, 1.12.245, 1.12.246, 1.12.247, 1.12.248, 1.12.249, 1.12.250, 1.12.251, 1.12.252, 1.12.253, 1.13.0, 1.13.1, 1.13.2, 1.13.3, 1.13.4, 1.13.5, 1.13.6, 1.13.7, 1.13.8, 1.13.9, 1.13.10, 1.13.11, 1.13.12, 1.13.13, 1.13.14, 1.13.15, 1.13.16, 1.13.17, 1.13.18, 1.13.19, 1.13.20, 1.13.21, 1.13.22, 1.13.23, 1.13.24, 1.13.25, 1.13.26, 1.13.27, 1.13.28, 1.13.29, 1.13.30, 1.13.31, 1.13.32, 1.13.33, 1.13.34, 1.13.35, 1.13.36, 1.13.37, 1.13.38, 1.13.39, 1.13.40, 1.13.41, 1.13.42, 1.13.43, 1.13.44, 1.13.45, 1.13.46, 1.13.47, 1.13.48, 1.13.49, 1.13.50, 1.14.0, 1.14.1, 1.14.2, 1.14.3, 1.14.4, 1.14.5, 1.14.6, 1.14.7, 1.14.8, 1.14.9, 1.14.10, 1.14.11, 1.14.12, 1.14.13, 1.14.14, 1.14.15, 1.14.16, 1.14.17, 1.15.0, 1.15.1, 1.15.2, 1.15.3, 1.15.4, 1.15.5, 1.15.6, 1.15.7, 1.15.8, 1.15.9, 1.15.10, 1.15.11, 1.15.12, 1.15.13, 1.15.14, 1.15.15, 1.15.16, 1.15.17, 1.15.18, 1.15.19, 1.15.20, 1.15.21, 1.15.22, 1.15.23, 1.15.24, 1.15.25, 1.15.26, 1.15.27, 1.15.28, 1.15.29, 1.15.30, 1.15.31, 1.15.32, 1.15.33, 1.15.34, 1.15.35, 1.15.36, 1.15.37, 1.15.38, 1.15.39, 1.15.40, 1.15.41, 1.15.42, 1.15.43, 1.15.44, 1.15.45, 1.15.46, 1.15.47, 1.15.48, 1.15.49, 1.16.0, 1.16.1, 1.16.2, 1.16.3, 1.16.4, 1.16.5, 1.16.6, 1.16.7, 1.16.8, 1.16.9, 1.16.10, 1.16.11, 1.16.12, 1.16.13, 1.16.14, 1.16.15, 1.16.16, 1.16.17, 1.16.18, 1.16.19, 1.16.20, 1.16.21, 1.16.22, 1.16.23, 1.16.24, 1.16.25, 1.16.26, 1.17.0, 1.17.1, 1.17.2, 1.17.3, 1.17.4, 1.17.5, 1.17.6, 1.17.7, 1.17.8, 1.17.9, 1.17.10, 1.17.11, 1.17.12, 1.17.13, 1.17.14, 1.17.15, 1.17.16, 1.17.17, 1.17.18, 1.17.19, 1.17.20, 1.17.21, 1.17.22, 1.17.23, 1.17.24, 1.17.25, 1.17.26, 1.17.27, 1.17.28, 1.17.29, 1.17.30, 1.17.31, 1.17.32, 1.17.33, 1.17.34, 1.17.35, 1.17.36, 1.17.37, 1.17.38, 1.17.39, 1.17.40, 1.17.41, 1.17.42, 1.17.43, 1.17.44, 1.17.45, 1.17.46, 1.17.47, 1.17.48, 1.17.49, 1.17.50, 1.17.51, 1.17.52, 1.17.53, 1.17.54, 1.17.55, 1.17.56, 1.17.57, 1.17.58, 1.17.59, 1.17.60, 1.17.61, 1.17.62, 1.17.63, 1.18.0, 1.18.1, 1.18.2, 1.18.3, 1.18.4, 1.18.5, 1.18.6, 1.18.7, 1.18.8, 1.18.9, 1.18.10, 1.18.11, 1.18.12, 1.18.13, 1.18.14, 1.18.15, 1.18.16, 1.18.17, 1.18.18, 1.19.0, 1.19.1, 1.19.2, 1.19.3, 1.19.4, 1.19.5, 1.19.6, 1.19.7, 1.19.8, 1.19.9, 1.19.10, 1.19.11, 1.19.12, 1.19.13, 1.19.14, 1.19.15, 1.19.16, 1.19.17, 1.19.18, 1.19.19, 1.19.20, 1.19.21, 1.19.22, 1.19.23, 1.19.24, 1.19.25, 1.19.26, 1.19.27, 1.19.28, 1.19.29, 1.19.30, 1.19.31, 1.19.32, 1.19.33, 1.19.34, 1.19.35, 1.19.36, 1.19.37, 1.19.38, 1.19.39, 1.19.40, 1.19.41, 1.19.42, 1.19.43, 1.19.44, 1.19.45, 1.19.46, 1.19.47, 1.19.48, 1.19.49, 1.19.50, 1.19.51, 1.19.52, 1.19.53, 1.19.54, 1.19.55, 1.19.56, 1.19.57, 1.19.58, 1.19.59, 1.19.60, 1.19.61, 1.19.62, 1.19.63, 1.20.0, 1.20.1, 1.20.2, 1.20.3, 1.20.4, 1.20.5, 1.20.6, 1.20.7, 1.20.8, 1.20.9, 1.20.10, 1.20.11, 1.20.12, 1.20.13, 1.20.14, 1.20.15, 1.20.16, 1.20.17, 1.20.18, 1.20.19, 1.20.20, 1.20.21, 1.20.22, 1.20.23, 1.20.24, 1.20.25, 1.20.26, 1.20.27, 1.20.28, 1.20.29, 1.20.30, 1.20.31, 1.20.32, 1.20.33, 1.20.34, 1.20.35, 1.20.36, 1.20.37, 1.20.38, 1.20.39, 1.20.40, 1.20.41, 1.20.42, 1.20.43, 1.20.44, 1.20.45, 1.20.46, 1.20.47, 1.20.48, 1.20.49, 1.20.50, 1.20.51, 1.20.52, 1.20.53, 1.20.54, 1.20.55, 1.20.56, 1.20.57, 1.20.58, 1.20.59, 1.20.60, 1.20.61, 1.20.62, 1.20.63, 1.20.64, 1.20.65, 1.20.66, 1.20.67, 1.20.68, 1.20.69, 1.20.70, 1.20.71, 1.20.72, 1.20.73, 1.20.74, 1.20.75, 1.20.76, 1.20.77, 1.20.78, 1.20.79, 1.20.80, 1.20.81, 1.20.82, 1.20.83, 1.20.84, 1.20.85, 1.20.86, 1.20.87, 1.20.88, 1.20.89, 1.20.90, 1.20.91, 1.20.92, 1.20.93, 1.20.94, 1.20.95, 1.20.96, 1.20.97, 1.20.98, 1.20.99, 1.20.100, 1.20.101, 1.20.102, 1.20.103, 1.20.104, 1.20.105, 1.20.106, 1.20.107, 1.20.108, 1.20.109, 1.20.110, 1.20.111, 1.20.112, 1.21.0, 1.21.1, 1.21.2, 1.21.3, 1.21.4, 1.21.5, 1.21.6, 1.21.7, 1.21.8, 1.21.9, 1.21.10, 1.21.11, 1.21.12, 1.21.13, 1.21.14, 1.21.15, 1.21.16)
ERROR: No matching distribution found for botocore==1.21.17

@anthonyroach
Copy link
Author

anthonyroach commented Aug 10, 2021
edited
Loading

Hmm, the wheel for botocore==1.21.17 isn't listed here: https://pypi.org/simple/botocore/ . Last few lines:

    <a href="https://files.pythonhosted.org/packages/3d/e2/00260951ceaf88f604568453823fc793f9c2ff1e3484ea09b869946c11e1/botocore-1.21.14.tar.gz#sha256=45656938d7fb043f06cc1a013f276caa0193ab7cc4d71874a32c18910c1f8f8d" data-requires-python="&gt;= 3.6">botocore-1.21.14.tar.gz</a><br/>
    <a href="https://files.pythonhosted.org/packages/76/76/8d5de98ec322c3aee8891ce7ba4705586bb0fbf1a1b057e0835e6a65468b/botocore-1.21.15-py3-none-any.whl#sha256=5f9686f42fcc6df0eb3ca5804113135f06ae92a6010347665ca7670f1397bff1" data-requires-python="&gt;= 3.6">botocore-1.21.15-py3-none-any.whl</a><br/>
    <a href="https://files.pythonhosted.org/packages/4c/2e/b7c54575c7a9fbe9c9d48195b6c5534c7abef353ea009f9323372bc12294/botocore-1.21.15.tar.gz#sha256=90b50e321278223c794032ae1ded7dfebdc73c54cc3cbbf72648e4cfdf060529" data-requires-python="&gt;= 3.6">botocore-1.21.15.tar.gz</a><br/>
    <a href="https://files.pythonhosted.org/packages/b8/9c/17a8241782a159847f05ab3625d001b8534a1b6b297a4a686241cbe103ff/botocore-1.21.16-py3-none-any.whl#sha256=697b577d62a8893bce56c74ee53e54f04e69b14e42a6591e109c49b5675c19ed" data-requires-python="&gt;= 3.6">botocore-1.21.16-py3-none-any.whl</a><br/>
    <a href="https://files.pythonhosted.org/packages/b7/58/1ad79b6d63ded3b85849a269bd1a78054358337baa752899f7930610afd6/botocore-1.21.16.tar.gz#sha256=b0e342b8c554f34f9f1cb028fbc20aff535fefe0c86a4e2cae7201846cd6aa4a" data-requires-python="&gt;= 3.6">botocore-1.21.16.tar.gz</a><br/>
    <a href="https://files.pythonhosted.org/packages/8d/f4/c98c4b194ac9552de7741372bcbdcd290d93fda377e527546e9868865948/botocore-1.21.17.tar.gz#sha256=a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa" data-requires-python="&gt;= 3.6">botocore-1.21.17.tar.gz</a><br/>
    </body>
</html>
<!--SERIAL 11132494-->

I wonder if there are multiple servers behind https://pypi.org/simple/botocore/ and sometimes the wheel is returned and sometimes it isn't, depending on which server services the request. So, when I did pdm add boto3 locally the wheel wasn't found, but then when I do pdm install on our build server the wheel is found and so pip fail because the pdm.lock doesn't have the hash for the wheel.

@anthonyroach
Copy link
Author

anthonyroach commented Aug 10, 2021
edited
Loading

Yep, now the the wheel for botocore==1.21.17 is showing up at https://pypi.org/simple/botocore/ and I can 100% reproduce the problem using the pdm.lock produced by pdm add botocore previously that is missing the wheel:

❯ pdm install -v
Synchronizing working set with lock file: 1 to add, 0 to update, 0 to remove

Install botocore 1.21.18 failed
  Retry failed jobs
Install botocore 1.21.18 failed

ERRORS:
add botocore failed:
Traceback (most recent call last):
  File "/usr/lib/python3.8/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/synchronizers.py", line 157, in install_candidate
    installer.install(can)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/installers.py", line 43, in install
    candidate.get_metadata(allow_all_wheels=False, raising=True)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/models/candidates.py", line 188, in get_metadata
    built = self.environment.build(ireq, self.hashes, allow_all_wheels)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/models/environment.py", line 267, in build
    downloaded = pip_shims.unpack_url(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/operations/prepare.py", line 239, in unpack_url
    file = get_http_url(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/operations/prepare.py", line 104, in get_http_url
    hashes.check_against_path(from_path)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 118, in check_against_path
    return self.check_against_file(file)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 113, in check_against_file
    return self.check_against_chunks(read_chunks(file))
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 100, in check_against_chunks
    self._raise(gots)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 104, in _raise
    raise HashMismatch(self._allowed, gots)
pip._internal.exceptions.HashMismatch: THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS FILE. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them.
    unknown package:
        Expected sha256 a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa
             Got        a916f4e9ad1166cd58ee8b5373885ceceeb6cef89a03f52ec71e0008303b8db2


Traceback (most recent call last):
  File "/home/anthony/.local/bin/pdm", line 8, in <module>
    sys.exit(main())
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/core.py", line 185, in main
    return Core().main(args)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/core.py", line 146, in main
    raise cast(Exception, err).with_traceback(traceback)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/core.py", line 141, in main
    f(options.project, options)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/cli/commands/install.py", line 44, in handle
    actions.do_sync(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/cli/actions.py", line 166, in do_sync
    handler.synchronize()
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/synchronizers.py", line 324, in synchronize
    raise InstallationError("Some package operations are not complete yet")
pdm.exceptions.InstallationError: Some package operations are not complete yet

pdm.lock:

[[package]]
name = "boto3"
version = "1.18.18"
requires_python = ">=3.6"
summary = "The AWS SDK for Python"
dependencies = [
    "botocore<1.22.0,>=1.21.18",
    "jmespath<1.0.0,>=0.7.1",
    "s3transfer<0.6.0,>=0.5.0",
]

[[package]]
name = "botocore"
version = "1.21.18"
requires_python = ">=3.6"
summary = "Low-level, data-driven core of boto 3."
dependencies = [
    "jmespath<1.0.0,>=0.7.1",
    "python-dateutil<3.0.0,>=2.1",
    "urllib3<1.27,>=1.25.4",
]

[[package]]
name = "jmespath"
version = "0.10.0"
requires_python = ">=2.6,!=3.0.*,!=3.1.*,!=3.2.*"
summary = "JSON Matching Expressions"

[[package]]
name = "python-dateutil"
version = "2.8.2"
requires_python = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*"
summary = "Extensions to the standard Python datetime module"
dependencies = [
    "six>=1.5",
]

[[package]]
name = "s3transfer"
version = "0.5.0"
requires_python = ">=3.6"
summary = "An Amazon S3 Transfer Manager"
dependencies = [
    "botocore<2.0a.0,>=1.12.36",
]

[[package]]
name = "six"
version = "1.16.0"
requires_python = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*"
summary = "Python 2 and 3 compatibility utilities"

[[package]]
name = "urllib3"
version = "1.26.6"
requires_python = ">=2.7,<4.0,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*"
summary = "HTTP library with thread-safe connection pooling, file post, and more."

[metadata]
lock_version = "3"
content_hash = "sha256:45ec19f040ec353b0bfbcaf4e6db3361d6d4913403d96b3a9986a2abb66d3b1a"

[metadata.files]
"boto3 1.18.18" = [
    {file = "boto3-1.18.18-py3-none-any.whl", hash = "sha256:3faa0e4b5b6ae5bee43103477c6e141fbed61c84570cc787f2b563cfb3792342"},
    {file = "boto3-1.18.18.tar.gz", hash = "sha256:325456ceae7144693bf86786b4d9c6202f46886d9d30b29780dd6a5b377f5a24"},
]
"botocore 1.21.18" = [
    {file = "botocore-1.21.17.tar.gz", hash = "sha256:a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa"},
]
"jmespath 0.10.0" = [
    {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"},
    {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"},
]
"python-dateutil 2.8.2" = [
    {file = "python_dateutil-2.8.2-py2.py3-none-any.whl", hash = "sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9"},
    {file = "python-dateutil-2.8.2.tar.gz", hash = "sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86"},
]
"s3transfer 0.5.0" = [
    {file = "s3transfer-0.5.0-py3-none-any.whl", hash = "sha256:9c1dc369814391a6bda20ebbf4b70a0f34630592c9aa520856bf384916af2803"},
    {file = "s3transfer-0.5.0.tar.gz", hash = "sha256:50ed823e1dc5868ad40c8dc92072f757aa0e653a192845c94a3b676f4a62da4c"},
]
"six 1.16.0" = [
    {file = "six-1.16.0-py2.py3-none-any.whl", hash = "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254"},
    {file = "six-1.16.0.tar.gz", hash = "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926"},
]
"urllib3 1.26.6" = [
    {file = "urllib3-1.26.6-py2.py3-none-any.whl", hash = "sha256:39fb8672126159acb139a7718dd10806104dec1e2f0f6c88aab05d17df10c8d4"},
    {file = "urllib3-1.26.6.tar.gz", hash = "sha256:f57b4c16c62fa2760b7e3d97c35b255512fb6b59a259730f36ba32ce9f8e342f"},
]

pyproject.toml:

[project]
name = ""
version = ""
description = ""
authors = [
    {name = "Anthony Roach", email = "[email protected]"},
]
dependencies = [
    "boto3~=1.18",
]
requires-python = ">=3.8"
dynamic = ["classifiers"]
license = {text = "MIT"}

[project.urls]
homepage = ""

[build-system]
requires = ["pdm-pep517"]
build-backend = "pdm.pep517.api"

[tool]
[tool.pdm]

@anthonyroach
Copy link
Author

The root cause seems to be pypi.org CDN inconsistencies, but I think pdm could deal with this situation better.

@frostming
Copy link
Collaborator

Fixed, now the wheel won't be picked even it exists

@anthonyroach
Copy link
Author

anthonyroach commented Aug 16, 2021
edited
Loading

I upgraded to the latest release (v.1.8.0) which has the fix, but I'm still getting a hash mismatch:

❯ pdm install -v
Synchronizing working set with lock file: 1 to add, 0 to update, 0 to remove

Install botocore 1.21.18 failed
Error occurs: 
Traceback (most recent call last):
  File "/usr/lib/python3.8/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/synchronizers.py", line 167, in install_candidate
    self.manager.install(can)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/manager.py", line 46, in install
    installer(candidate)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/installers.py", line 59, in install_wheel
    wheel = candidate.build()
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/models/candidates.py", line 234, in build
    self.prepare()
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/models/candidates.py", line 186, in prepare
    downloaded = pip_shims.unpack_url(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/operations/prepare.py", line 239, in unpack_url
    file = get_http_url(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/operations/prepare.py", line 104, in get_http_url
    hashes.check_against_path(from_path)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 118, in check_against_path
    return self.check_against_file(file)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 113, in check_against_file
    return self.check_against_chunks(read_chunks(file))
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 100, in check_against_chunks
    self._raise(gots)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 104, in _raise
    raise HashMismatch(self._allowed, gots)
pip._internal.exceptions.HashMismatch: THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS FILE. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them.
    unknown package:
        Expected sha256 a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa
             Got        a916f4e9ad1166cd58ee8b5373885ceceeb6cef89a03f52ec71e0008303b8db2

  Retry failed jobs
Install botocore 1.21.18 failed
Error occurs: 
Traceback (most recent call last):
  File "/usr/lib/python3.8/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/synchronizers.py", line 167, in install_candidate
    self.manager.install(can)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/manager.py", line 46, in install
    installer(candidate)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/installers.py", line 59, in install_wheel
    wheel = candidate.build()
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/models/candidates.py", line 234, in build
    self.prepare()
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/models/candidates.py", line 186, in prepare
    downloaded = pip_shims.unpack_url(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/operations/prepare.py", line 239, in unpack_url
    file = get_http_url(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/operations/prepare.py", line 104, in get_http_url
    hashes.check_against_path(from_path)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 118, in check_against_path
    return self.check_against_file(file)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 113, in check_against_file
    return self.check_against_chunks(read_chunks(file))
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 100, in check_against_chunks
    self._raise(gots)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 104, in _raise
    raise HashMismatch(self._allowed, gots)
pip._internal.exceptions.HashMismatch: THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS FILE. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them.
    unknown package:
        Expected sha256 a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa
             Got        a916f4e9ad1166cd58ee8b5373885ceceeb6cef89a03f52ec71e0008303b8db2


ERRORS:
add botocore failed:
Traceback (most recent call last):
  File "/usr/lib/python3.8/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/synchronizers.py", line 167, in install_candidate
    self.manager.install(can)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/manager.py", line 46, in install
    installer(candidate)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/installers.py", line 59, in install_wheel
    wheel = candidate.build()
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/models/candidates.py", line 234, in build
    self.prepare()
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/models/candidates.py", line 186, in prepare
    downloaded = pip_shims.unpack_url(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/operations/prepare.py", line 239, in unpack_url
    file = get_http_url(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/operations/prepare.py", line 104, in get_http_url
    hashes.check_against_path(from_path)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 118, in check_against_path
    return self.check_against_file(file)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 113, in check_against_file
    return self.check_against_chunks(read_chunks(file))
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 100, in check_against_chunks
    self._raise(gots)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pip/_internal/utils/hashes.py", line 104, in _raise
    raise HashMismatch(self._allowed, gots)
pip._internal.exceptions.HashMismatch: THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS FILE. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them.
    unknown package:
        Expected sha256 a0d64369857d86b3a6d01b0c5933671c2394584311ce3af702271ba221b09afa
             Got        a916f4e9ad1166cd58ee8b5373885ceceeb6cef89a03f52ec71e0008303b8db2


Traceback (most recent call last):
  File "/home/anthony/.local/bin/pdm", line 8, in <module>
    sys.exit(main())
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/core.py", line 195, in main
    return Core().main(args)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/core.py", line 153, in main
    raise cast(Exception, err).with_traceback(traceback)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/core.py", line 148, in main
    f(options.project, options)
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/cli/commands/install.py", line 44, in handle
    actions.do_sync(
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/cli/actions.py", line 168, in do_sync
    handler.synchronize()
  File "/home/anthony/.local/share/pdm/venv/lib/python3.8/site-packages/pdm/installers/synchronizers.py", line 334, in synchronize
    raise InstallationError("Some package operations are not complete yet")
pdm.exceptions.InstallationError: Some package operations are not complete yet

The pdm.lock is still the same and has no hash for the cotocore wheel.

@frostming
Copy link
Collaborator

frostming commented Aug 17, 2021
edited
Loading

The sha256 hash is incorrect in your lock file, it is expected to fail. This is what I got from PyPI, for the botocore-1.21.18.tar.gz:

604ce93417f990782f4a4d528678cdd9eed80a6bd059fc1deedc6662825cc615

@anthonyroach
Copy link
Author

You are right. After correcting the hash in pdm.lock, everything is working fine. Sorry for the false alarm, and thank you for the quick fix.

Very strange that the hash changed, but pdm seems to be doing the right thing here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐛 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@anthonyroach @frostming