Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lock fails to resolve dependencies from private registry (GitLab) #5932

Open
jonbiemond opened this issue Sep 12, 2023 · 17 comments
Open

Lock fails to resolve dependencies from private registry (GitLab) #5932

jonbiemond opened this issue Sep 12, 2023 · 17 comments
Labels
Category: Private PyPIs 😎 Problem relates to private PyPI usage. Status: Awaiting Update ⏳ This issue requires more information before assistance can be provided. triage

Comments

@jonbiemond
Copy link

Issue description

Packages successfully install, but pipenv --lock fails to resolve dependencies from my private GitLab registry.
CRITICAL:pipenv.patched.pip._internal.resolution.resolvelib.factory:Could not find a version that satisfies the requirement mypackage (from versions: none)

I know there have been a lot of related issues, but I don't see any open with this exact bug.
Unlike #5767 I'm trying to install a private package without any dependencies on other private packages.

Actual result

Running $ pipenv lock then $ pipenv sync.
Locking [packages] dependencies...
Building requirements...
Resolving dependencies...
Locking Failed!
[=   ] Locking...
CRITICAL:pipenv.patched.pip._internal.resolution.resolvelib.factory:Could not find a version that satisfies the requirement mypackage (from versions: none)
[ResolutionFailure]:   File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\resolver.py", line 811, in _main
[ResolutionFailure]:       resolve_packages(
[ResolutionFailure]:   File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\resolver.py", line 759, in resolve_packages
[ResolutionFailure]:       results, resolver = resolve(
[ResolutionFailure]:   File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\resolver.py", line 738, in resolve
[ResolutionFailure]:       return resolve_deps(
[ResolutionFailure]:   File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\utils\resolver.py", line 1165, in resolve_deps
[ResolutionFailure]:       results, hashes, markers_lookup, resolver, skipped = actually_resolve_deps(
[ResolutionFailure]:   File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\utils\resolver.py", line 964, in actually_resolve_deps
[ResolutionFailure]:       resolver.resolve()
[ResolutionFailure]:   File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\utils\resolver.py", line 701, in resolve
[ResolutionFailure]:       raise ResolutionFailure(message=str(e))
[pipenv.exceptions.ResolutionFailure]: Warning: Your dependencies could not be resolved. You likely have a mismatch in your sub-dependencies.
  You can use $ pipenv run pip install <requirement_name> to bypass this mechanism, then run $ pipenv graph to inspect the versions actually installed in the virtualenv.
  Hint: try $ pipenv lock --pre if it is a pre-release dependency.
ERROR: No matching distribution found for mypackage

Traceback (most recent call last):
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\runpy.py", line 196, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\runpy.py", line 86, in _run_code
    exec(code, run_globals)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\Scripts\pipenv.exe\__main__.py", line 7, in <module>
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\vendor\click\core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\cli\options.py", line 58, in main
    return super().main(*args, **kwargs, windows_expand_args=False)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\vendor\click\core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\vendor\click\core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\vendor\click\core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\vendor\click\core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\vendor\click\decorators.py", line 84, in new_func
    return ctx.invoke(f, obj, *args, **kwargs)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\vendor\click\core.py", line 760, in invoke
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\vendor\click\decorators.py", line 26, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\cli\command.py", line 579, in update
    do_update(
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\routines\update.py", line 69, in do_update
    do_lock(
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\routines\lock.py", line 79, in do_lock
    venv_resolve_deps(
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\utils\resolver.py", line 1107, in venv_resolve_deps
    c = resolve(cmd, st, project=project)
  File "C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\lib\site-packages\pipenv\utils\resolver.py", line 1001, in resolve
    raise RuntimeError("Failed to lock Pipfile.lock!")
RuntimeError: Failed to lock Pipfile.lock!

When possible, provide the verbose output (--verbose), especially for locking and dependencies resolving issues.

Steps to replicate

Pipenv version: 2023.6.18

$ pipenv --support

Pipenv version: '2023.9.8'

Pipenv location: 'C:\\Users\\jonathan.biemond\\.virtualenvs\\my-project-sFQf-b2c\\lib\\site-packages\\pipenv'

Python location: 'C:\\Users\\jonathan.biemond\\.virtualenvs\\my-project-sFQf-b2c\\Scripts\\python.exe'

OS Name: 'nt'

User pip version: '23.2.1'

user Python installations found:

PEP 508 Information:

{'implementation_name': 'cpython',
 'implementation_version': '3.10.10',
 'os_name': 'nt',
 'platform_machine': 'AMD64',
 'platform_python_implementation': 'CPython',
 'platform_release': '10',
 'platform_system': 'Windows',
 'platform_version': '10.0.19045',
 'python_full_version': '3.10.10',
 'python_version': '3.10',
 'sys_platform': 'win32'}

System environment variables:

  • PATHEXT
  • PSEXECUTIONPOLICYPREFERENCE
  • PSMODULEPATH
  • PROGRAMFILES(X86)
  • TERM_SESSION_ID
  • COMMONPROGRAMW6432
  • PROGRAMW6432
  • VIRTUAL_ENV
  • ZES_ENABLE_SYSMAN
  • FIG_JETBRAINS_SHELL_INTEGRATION
  • USERNAME
  • ALLUSERSPROFILE
  • USERPROFILE
  • OS
  • USERDNSDOMAIN
  • PROCESSOR_ARCHITECTURE
  • IDEA_INITIAL_DIRECTORY
  • NUMBER_OF_PROCESSORS
  • COMSPEC
  • FPS_BROWSER_APP_PROFILE_STRING
  • PROCESSOR_LEVEL
  • PATH
  • WINDIR
  • USERDOMAIN_ROAMINGPROFILE
  • PUBLIC
  • DRIVERDATA
  • HOMEDRIVE
  • PROGRAMFILES
  • SESSIONNAME
  • LOGONSERVER
  • TERMINAL_EMULATOR
  • PROCESSOR_REVISION
  • TEMP
  • HOMEPATH
  • SYSTEMROOT
  • COMMONPROGRAMFILES(X86)
  • ONEDRIVE
  • ONEDRIVECONSUMER
  • USERDOMAIN
  • ONEDRIVECOMMERCIAL
  • SYSTEMDRIVE
  • COMPUTERNAME
  • PROGRAMDATA
  • TMP
  • LOCALAPPDATA
  • FPS_BROWSER_USER_PROFILE_STRING
  • APPDATA
  • COMMONPROGRAMFILES
  • PROCESSOR_IDENTIFIER
  • PIP_DISABLE_PIP_VERSION_CHECK
  • PYTHONDONTWRITEBYTECODE
  • PYTHONFINDER_IGNORE_UNSUPPORTED

Pipenv–specific environment variables:

Debug–specific environment variables:

  • PATH: C:\Users\jonathan.biemond\.virtualenvs\my-project-sFQf-b2c/Scripts;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\GitHub CLI\;C:\Pro gram Files\Docker\Docker\resources\bin;C:\Program Files\dotnet\;C:\Program Files\OpenSSL-Win64\bin;C:\Program Files\Git\cmd;C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Python310\Scripts\;C:\Users\jonathan.biemond\AppData\Local\Programs\ Python\Python310\;C:\Users\jonathan.biemond\AppData\Local\Programs\Python\Launcher\;C:\Users\jonathan.biemond\AppData\Local\Microsoft\WindowsApps;C:\Users\jonathan.biemond\AppData\Local\JetBrains\mypackage\scripts;C:\Users\jonathan.biemond\AppData\Lo cal\Programs\Microsoft VS Code\bin;C:\Users\jonathan.biemond\AppData\Local\Programs\Git\cmd;C:\Users\jonathan.biemond\AppData\Local\Programs\Gpg4win\..\GnuPG\bin;C:\Users\jonathan.biemond\Portable\CMD\Nodejs;C:\Users\jonathan.biemond\AppData\Local\ GitHubDesktop\bin;C:\Users\jonathan.biemond\AppData\Roaming\postgresql\bin;C:\Users\jonathan.biemond\Portable\GUI\Sublime Text;C:\Users\jonathan.biemond\Portable\GUI\Vim\App\vim;
  • VIRTUAL_ENV: C:\Users\jonathan.biemond\.virtualenvs\my-project-sFQf-b2c

Contents of Pipfile ('C:\Users\jonathan.biemond\PycharmProjects\my-project\Pipfile'):

[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[[source]]
url = "https://$GITLAB_TOKEN_NAME:${GITLAB_TOKEN}@git.company.com/api/v4/groups/3/-/packages/pypi/simple"
verify_ssl = true
name = "gitlab"

[packages]
pandas = "*"
openpyxl = "*"
pywin32 = "*"
sqlalchemy = ">=2.0"
psycopg2 = "*"
mypackage = {version = "*", index = "gitlab"}

[dev-packages]

[requires]
python_version = "3.10"
python_full_version = "3.10.10"

Contents of Pipfile.lock ('C:\Users\jonathan.biemond\PycharmProjects\my-project\Pipfile.lock'):

{
    "_meta": {
        "hash": {
            "sha256": "0f734161da7f7eda960a6ff823a2801a64e4457b7f71439b1479a32d314e66e8"
        },
        "pipfile-spec": 6,
        "requires": {
            "python_full_version": "3.10.10",
            "python_version": "3.10"
        },
        "sources": [
            {
                "name": "pypi",
                "url": "https://pypi.org/simple",
                "verify_ssl": true
            },
            {
                "name": "gitlab",
                "url": "https://$GITLAB_TOKEN_NAME:${GITLAB_TOKEN}@git.company.com/api/v4/groups/3/-/packages/pypi/simple",
                "verify_ssl": true
            }
        ]
    },
    "default": {
        "et-xmlfile": {
            "hashes": [
                "sha256:8eb9e2bc2f8c97e37a2dc85a09ecdcdec9d8a396530a6d5a33b30b9a92da0c5c",
                "sha256:a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada"
            ],
            "markers": "python_version >= '3.6'",
            "version": "==1.1.0"
        },
        "greenlet": {
            "hashes": [
                "sha256:03a8f4f3430c3b3ff8d10a2a86028c660355ab637cee9333d63d66b56f09d52a",
                "sha256:0bf60faf0bc2468089bdc5edd10555bab6e85152191df713e2ab1fcc86382b5a",
                "sha256:1087300cf9700bbf455b1b97e24db18f2f77b55302a68272c56209d5587c12d1",
                "sha256:18a7f18b82b52ee85322d7a7874e676f34ab319b9f8cce5de06067384aa8ff43",
                "sha256:18e98fb3de7dba1c0a852731c3070cf022d14f0d68b4c87a19cc1016f3bb8b33",
                "sha256:1a819eef4b0e0b96bb0d98d797bef17dc1b4a10e8d7446be32d1da33e095dbb8",
                "sha256:26fbfce90728d82bc9e6c38ea4d038cba20b7faf8a0ca53a9c07b67318d46088",
                "sha256:2780572ec463d44c1d3ae850239508dbeb9fed38e294c68d19a24d925d9223ca",
                "sha256:283737e0da3f08bd637b5ad058507e578dd462db259f7f6e4c5c365ba4ee9343",
                "sha256:2d4686f195e32d36b4d7cf2d166857dbd0ee9f3d20ae349b6bf8afc8485b3645",
                "sha256:2dd11f291565a81d71dab10b7033395b7a3a5456e637cf997a6f33ebdf06f8db",
                "sha256:30bcf80dda7f15ac77ba5af2b961bdd9dbc77fd4ac6105cee85b0d0a5fcf74df",
                "sha256:32e5b64b148966d9cccc2c8d35a671409e45f195864560829f395a54226408d3",
                "sha256:36abbf031e1c0f79dd5d596bfaf8e921c41df2bdf54ee1eed921ce1f52999a86",
                "sha256:3a06ad5312349fec0ab944664b01d26f8d1f05009566339ac6f63f56589bc1a2",
                "sha256:3a51c9751078733d88e013587b108f1b7a1fb106d402fb390740f002b6f6551a",
                "sha256:3c9b12575734155d0c09d6c3e10dbd81665d5c18e1a7c6597df72fd05990c8cf",
                "sha256:3f6ea9bd35eb450837a3d80e77b517ea5bc56b4647f5502cd28de13675ee12f7",
                "sha256:4b58adb399c4d61d912c4c331984d60eb66565175cdf4a34792cd9600f21b394",
                "sha256:4d2e11331fc0c02b6e84b0d28ece3a36e0548ee1a1ce9ddde03752d9b79bba40",
                "sha256:5454276c07d27a740c5892f4907c86327b632127dd9abec42ee62e12427ff7e3",
                "sha256:561091a7be172ab497a3527602d467e2b3fbe75f9e783d8b8ce403fa414f71a6",
                "sha256:6c3acb79b0bfd4fe733dff8bc62695283b57949ebcca05ae5c129eb606ff2d74",
                "sha256:703f18f3fda276b9a916f0934d2fb6d989bf0b4fb5a64825260eb9bfd52d78f0",
                "sha256:7492e2b7bd7c9b9916388d9df23fa49d9b88ac0640db0a5b4ecc2b653bf451e3",
                "sha256:76ae285c8104046b3a7f06b42f29c7b73f77683df18c49ab5af7983994c2dd91",
                "sha256:7cafd1208fdbe93b67c7086876f061f660cfddc44f404279c1585bbf3cdc64c5",
                "sha256:7efde645ca1cc441d6dc4b48c0f7101e8d86b54c8530141b09fd31cef5149ec9",
                "sha256:8512a0c38cfd4e66a858ddd1b17705587900dd760c6003998e9472b77b56d417",
                "sha256:88d9ab96491d38a5ab7c56dd7a3cc37d83336ecc564e4e8816dbed12e5aaefc8",
                "sha256:8eab883b3b2a38cc1e050819ef06a7e6344d4a990d24d45bc6f2cf959045a45b",
                "sha256:910841381caba4f744a44bf81bfd573c94e10b3045ee00de0cbf436fe50673a6",
                "sha256:9190f09060ea4debddd24665d6804b995a9c122ef5917ab26e1566dcc712ceeb",
                "sha256:937e9020b514ceedb9c830c55d5c9872abc90f4b5862f89c0887033ae33c6f73",
                "sha256:94c817e84245513926588caf1152e3b559ff794d505555211ca041f032abbb6b",
                "sha256:971ce5e14dc5e73715755d0ca2975ac88cfdaefcaab078a284fea6cfabf866df",
                "sha256:9d14b83fab60d5e8abe587d51c75b252bcc21683f24699ada8fb275d7712f5a9",
                "sha256:9f35ec95538f50292f6d8f2c9c9f8a3c6540bbfec21c9e5b4b751e0a7c20864f",
                "sha256:a1846f1b999e78e13837c93c778dcfc3365902cfb8d1bdb7dd73ead37059f0d0",
                "sha256:acd2162a36d3de67ee896c43effcd5ee3de247eb00354db411feb025aa319857",
                "sha256:b0ef99cdbe2b682b9ccbb964743a6aca37905fda5e0452e5ee239b1654d37f2a",
                "sha256:b80f600eddddce72320dbbc8e3784d16bd3fb7b517e82476d8da921f27d4b249",
                "sha256:b864ba53912b6c3ab6bcb2beb19f19edd01a6bfcbdfe1f37ddd1778abfe75a30",
                "sha256:b9ec052b06a0524f0e35bd8790686a1da006bd911dd1ef7d50b77bfbad74e292",
                "sha256:ba2956617f1c42598a308a84c6cf021a90ff3862eddafd20c3333d50f0edb45b",
                "sha256:bdfea8c661e80d3c1c99ad7c3ff74e6e87184895bbaca6ee8cc61209f8b9b85d",
                "sha256:be4ed120b52ae4d974aa40215fcdfde9194d63541c7ded40ee12eb4dda57b76b",
                "sha256:c4302695ad8027363e96311df24ee28978162cdcdd2006476c43970b384a244c",
                "sha256:c48f54ef8e05f04d6eff74b8233f6063cb1ed960243eacc474ee73a2ea8573ca",
                "sha256:c9c59a2120b55788e800d82dfa99b9e156ff8f2227f07c5e3012a45a399620b7",
                "sha256:cd021c754b162c0fb55ad5d6b9d960db667faad0fa2ff25bb6e1301b0b6e6a75",
                "sha256:d27ec7509b9c18b6d73f2f5ede2622441de812e7b1a80bbd446cb0633bd3d5ae",
                "sha256:d4606a527e30548153be1a9f155f4e283d109ffba663a15856089fb55f933e47",
                "sha256:d5508f0b173e6aa47273bdc0a0b5ba055b59662ba7c7ee5119528f466585526b",
                "sha256:d75209eed723105f9596807495d58d10b3470fa6732dd6756595e89925ce2470",
                "sha256:d967650d3f56af314b72df7089d96cda1083a7fc2da05b375d2bc48c82ab3f3c",
                "sha256:db1a39669102a1d8d12b57de2bb7e2ec9066a6f2b3da35ae511ff93b01b5d564",
                "sha256:dbfcfc0218093a19c252ca8eb9aee3d29cfdcb586df21049b9d777fd32c14fd9",
                "sha256:e0f72c9ddb8cd28532185f54cc1453f2c16fb417a08b53a855c4e6a418edd099",
                "sha256:e7c8dc13af7db097bed64a051d2dd49e9f0af495c26995c00a9ee842690d34c0",
                "sha256:ea9872c80c132f4663822dd2a08d404073a5a9b5ba6155bea72fb2a79d1093b5",
                "sha256:eff4eb9b7eb3e4d0cae3d28c283dc16d9bed6b193c2e1ace3ed86ce48ea8df19",
                "sha256:f82d4d717d8ef19188687aa32b8363e96062911e63ba22a0cff7802a8e58e5f1",
                "sha256:fc3a569657468b6f3fb60587e48356fe512c1754ca05a564f11366ac9e306526"
            ],
            "markers": "platform_machine == 'aarch64' or (platform_machine == 'ppc64le' or (platform_machine == 'x86_64' or (platform_machine == 'amd64' or (platform_machine == 'AMD64' or (platform_machine == 'win32' or platform_machine == 'WIN32')
))))",
            "version": "==2.0.2"
        },
        "numpy": {
            "hashes": [
                "sha256:0d60fbae8e0019865fc4784745814cff1c421df5afee233db6d88ab4f14655a2",
                "sha256:1a1329e26f46230bf77b02cc19e900db9b52f398d6722ca853349a782d4cff55",
                "sha256:1b9735c27cea5d995496f46a8b1cd7b408b3f34b6d50459d9ac8fe3a20cc17bf",
                "sha256:2792d23d62ec51e50ce4d4b7d73de8f67a2fd3ea710dcbc8563a51a03fb07b01",
                "sha256:3e0746410e73384e70d286f93abf2520035250aad8c5714240b0492a7302fdca",
                "sha256:4c3abc71e8b6edba80a01a52e66d83c5d14433cbcd26a40c329ec7ed09f37901",
                "sha256:5883c06bb92f2e6c8181df7b39971a5fb436288db58b5a1c3967702d4278691d",
                "sha256:5c97325a0ba6f9d041feb9390924614b60b99209a71a69c876f71052521d42a4",
                "sha256:60e7f0f7f6d0eee8364b9a6304c2845b9c491ac706048c7e8cf47b83123b8dbf",
                "sha256:76b4115d42a7dfc5d485d358728cdd8719be33cc5ec6ec08632a5d6fca2ed380",
                "sha256:7dc869c0c75988e1c693d0e2d5b26034644399dd929bc049db55395b1379e044",
                "sha256:834b386f2b8210dca38c71a6e0f4fd6922f7d3fcff935dbe3a570945acb1b545",
                "sha256:8b77775f4b7df768967a7c8b3567e309f617dd5e99aeb886fa14dc1a0791141f",
                "sha256:90319e4f002795ccfc9050110bbbaa16c944b1c37c0baeea43c5fb881693ae1f",
                "sha256:b79e513d7aac42ae918db3ad1341a015488530d0bb2a6abcbdd10a3a829ccfd3",
                "sha256:bb33d5a1cf360304754913a350edda36d5b8c5331a8237268c48f91253c3a364",
                "sha256:bec1e7213c7cb00d67093247f8c4db156fd03075f49876957dca4711306d39c9",
                "sha256:c5462d19336db4560041517dbb7759c21d181a67cb01b36ca109b2ae37d32418",
                "sha256:c5652ea24d33585ea39eb6a6a15dac87a1206a692719ff45d53c5282e66d4a8f",
                "sha256:d7806500e4f5bdd04095e849265e55de20d8cc4b661b038957354327f6d9b295",
                "sha256:db3ccc4e37a6873045580d413fe79b68e47a681af8db2e046f1dacfa11f86eb3",
                "sha256:dfe4a913e29b418d096e696ddd422d8a5d13ffba4ea91f9f60440a3b759b0187",
                "sha256:eb942bfb6f84df5ce05dbf4b46673ffed0d3da59f13635ea9b926af3deb76926",
                "sha256:f08f2e037bba04e707eebf4bc934f1972a315c883a9e0ebfa8a7756eabf9e357",
                "sha256:fd608e19c8d7c55021dffd43bfe5492fab8cc105cc8986f813f8c3c048b38760"
            ],
            "markers": "python_version < '3.11'",
            "version": "==1.25.2"
        },
        "openpyxl": {
            "hashes": [
                "sha256:a6f5977418eff3b2d5500d54d9db50c8277a368436f4e4f8ddb1be3422870184",
                "sha256:f91456ead12ab3c6c2e9491cf33ba6d08357d802192379bb482f1033ade496f5"
            ],
            "index": "pypi",
            "version": "==3.1.2"
        },
        "pandas": {
            "hashes": [
                "sha256:0164b85937707ec7f70b34a6c3a578dbf0f50787f910f21ca3b26a7fd3363437",
                "sha256:28f330845ad21c11db51e02d8d69acc9035edfd1116926ff7245c7215db57957",
                "sha256:38f74ef7ebc0ffb43b3d633e23d74882bce7e27bfa09607f3c5d3e03ffd9a4a5",
                "sha256:40dd20439ff94f1b2ed55b393ecee9cb6f3b08104c2c40b0cb7186a2f0046242",
                "sha256:629124923bcf798965b054a540f9ccdfd60f71361255c81fa1ecd94a904b9dd3",
                "sha256:62c24c7fc59e42b775ce0679cfa7b14a5f9bfb7643cfbe708c960699e05fb918",
                "sha256:6e6a0fe052cf27ceb29be9429428b4918f3740e37ff185658f40d8702f0b3e09",
                "sha256:70cf866af3ab346a10debba8ea78077cf3a8cd14bd5e4bed3d41555a3280041c",
                "sha256:86f100b3876b8c6d1a2c66207288ead435dc71041ee4aea789e55ef0e06408cb",
                "sha256:9d81e1813191070440d4c7a413cb673052b3b4a984ffd86b8dd468c45742d3cc",
                "sha256:b31da36d376d50a1a492efb18097b9101bdbd8b3fbb3f49006e02d4495d4c644",
                "sha256:b9a6ccf0963db88f9b12df6720e55f337447aea217f426a22d71f4213a3099a6",
                "sha256:cda72cc8c4761c8f1d97b169661f23a86b16fdb240bdc341173aee17e4d6cedd",
                "sha256:d4f38e4fedeba580285eaac7ede4f686c6701a9e618d8a857b138a126d067f2f",
                "sha256:d53c8c1001f6a192ff1de1efe03b31a423d0eee2e9e855e69d004308e046e694",
                "sha256:d8c58b1113892e0c8078f006a167cc210a92bdae23322bb4614f2f0b7a4b510f",
                "sha256:d97daeac0db8c993420b10da4f5f5b39b01fc9ca689a17844e07c0a35ac96b4b",
                "sha256:d99e678180bc59b0c9443314297bddce4ad35727a1a2656dbe585fd78710b3b9",
                "sha256:eb20252720b1cc1b7d0b2879ffc7e0542dd568f24d7c4b2347cb035206936421"
            ],
            "index": "pypi",
            "version": "==2.1.0"
        },
        "psycopg2": {
            "hashes": [
                "sha256:1a6a2d609bce44f78af4556bea0c62a5e7f05c23e5ea9c599e07678995609084",
                "sha256:44d93a0109dfdf22fe399b419bcd7fa589d86895d3931b01fb321d74dadc68f1",
                "sha256:8275abf628c6dc7ec834ea63f6f3846bf33518907a2b9b693d41fd063767a866",
                "sha256:91e81a8333a0037babfc9fe6d11e997a9d4dac0f38c43074886b0d9dead94fe9",
                "sha256:b22ed9c66da2589a664e0f1ca2465c29b75aaab36fa209d4fb916025fb9119e5",
                "sha256:b6bd7d9d3a7a63faae6edf365f0ed0e9b0a1aaf1da3ca146e6b043fb3eb5d723",
                "sha256:c7949770cafbd2f12cecc97dea410c514368908a103acf519f2a346134caa4d5",
                "sha256:d1210fcf99aae6f728812d1d2240afc1dc44b9e6cba526a06fb8134f969957c2",
                "sha256:d5c5297e2fbc8068d4255f1e606bfc9291f06f91ec31b2a0d4c536210ac5c0a2",
                "sha256:e9b04cbef584310a1ac0f0d55bb623ca3244c87c51187645432e342de9ae81a8",
                "sha256:f00cc35bd7119f1fed17b85bd1007855194dde2cbd8de01ab8ebb17487440ad8"
            ],
            "index": "pypi",
            "version": "==2.9.7"
        },
        "python-dateutil": {
            "hashes": [
                "sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86",
                "sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9"
            ],
            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2'",
            "version": "==2.8.2"
        },
        "pytz": {
            "hashes": [
                "sha256:7b4fddbeb94a1eba4b557da24f19fdf9db575192544270a9101d8509f9f43d7b",
                "sha256:ce42d816b81b68506614c11e8937d3aa9e41007ceb50bfdcb0749b921bf646c7"
            ],
            "version": "==2023.3.post1"
        },
        "pywin32": {
            "hashes": [
                "sha256:06d3420a5155ba65f0b72f2699b5bacf3109f36acbe8923765c22938a69dfc8d",
                "sha256:1c73ea9a0d2283d889001998059f5eaaba3b6238f767c9cf2833b13e6a685f65",
                "sha256:37257794c1ad39ee9be652da0462dc2e394c8159dfd913a8a4e8eb6fd346da0e",
                "sha256:383229d515657f4e3ed1343da8be101000562bf514591ff383ae940cad65458b",
                "sha256:39b61c15272833b5c329a2989999dcae836b1eed650252ab1b7bfbe1d59f30f4",
                "sha256:5821ec52f6d321aa59e2db7e0a35b997de60c201943557d108af9d4ae1ec7040",
                "sha256:70dba0c913d19f942a2db25217d9a1b726c278f483a919f1abfed79c9cf64d3a",
                "sha256:72c5f621542d7bdd4fdb716227be0dd3f8565c11b280be6315b06ace35487d36",
                "sha256:84f4471dbca1887ea3803d8848a1616429ac94a4a8d05f4bc9c5dcfd42ca99c8",
                "sha256:a7639f51c184c0272e93f244eb24dafca9b1855707d94c192d4a0b4c01e1100e",
                "sha256:e25fd5b485b55ac9c057f67d94bc203f3f6595078d1fb3b458c9c28b7153a802",
                "sha256:e4c092e2589b5cf0d365849e73e02c391c1349958c5ac3e9d5ccb9a28e017b3a",
                "sha256:e65028133d15b64d2ed8f06dd9fbc268352478d4f9289e69c190ecd6818b6407",
                "sha256:e8ac1ae3601bee6ca9f7cb4b5363bf1c0badb935ef243c4733ff9a393b1690c0"
            ],
            "index": "pypi",
            "version": "==306"
        },
        "six": {
            "hashes": [
                "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926",
                "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254"
            ],
            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2'",
            "version": "==1.16.0"
        },
        "sqlalchemy": {
            "hashes": [
                "sha256:1506e988ebeaaf316f183da601f24eedd7452e163010ea63dbe52dc91c7fc70e",
                "sha256:1a58052b5a93425f656675673ef1f7e005a3b72e3f2c91b8acca1b27ccadf5f4",
                "sha256:1b74eeafaa11372627ce94e4dc88a6751b2b4d263015b3523e2b1e57291102f0",
                "sha256:1be86ccea0c965a1e8cd6ccf6884b924c319fcc85765f16c69f1ae7148eba64b",
                "sha256:1d35d49a972649b5080557c603110620a86aa11db350d7a7cb0f0a3f611948a0",
                "sha256:243d0fb261f80a26774829bc2cee71df3222587ac789b7eaf6555c5b15651eed",
                "sha256:26a3399eaf65e9ab2690c07bd5cf898b639e76903e0abad096cd609233ce5208",
                "sha256:27d554ef5d12501898d88d255c54eef8414576f34672e02fe96d75908993cf53",
                "sha256:3364b7066b3c7f4437dd345d47271f1251e0cfb0aba67e785343cdbdb0fff08c",
                "sha256:3423dc2a3b94125094897118b52bdf4d37daf142cbcf26d48af284b763ab90e9",
                "sha256:3c6aceebbc47db04f2d779db03afeaa2c73ea3f8dcd3987eb9efdb987ffa09a3",
                "sha256:3ce5e81b800a8afc870bb8e0a275d81957e16f8c4b62415a7b386f29a0cb9763",
                "sha256:411e7f140200c02c4b953b3dbd08351c9f9818d2bd591b56d0fa0716bd014f1e",
                "sha256:4cde2e1096cbb3e62002efdb7050113aa5f01718035ba9f29f9d89c3758e7e4e",
                "sha256:5768c268df78bacbde166b48be788b83dddaa2a5974b8810af422ddfe68a9bc8",
                "sha256:599ccd23a7146e126be1c7632d1d47847fa9f333104d03325c4e15440fc7d927",
                "sha256:5ed61e3463021763b853628aef8bc5d469fe12d95f82c74ef605049d810f3267",
                "sha256:63a368231c53c93e2b67d0c5556a9836fdcd383f7e3026a39602aad775b14acf",
                "sha256:63e73da7fb030ae0a46a9ffbeef7e892f5def4baf8064786d040d45c1d6d1dc5",
                "sha256:6eb6d77c31e1bf4268b4d61b549c341cbff9842f8e115ba6904249c20cb78a61",
                "sha256:6f8a934f9dfdf762c844e5164046a9cea25fabbc9ec865c023fe7f300f11ca4a",
                "sha256:6fe7d61dc71119e21ddb0094ee994418c12f68c61b3d263ebaae50ea8399c4d4",
                "sha256:759b51346aa388c2e606ee206c0bc6f15a5299f6174d1e10cadbe4530d3c7a98",
                "sha256:76fdfc0f6f5341987474ff48e7a66c3cd2b8a71ddda01fa82fedb180b961630a",
                "sha256:77d37c1b4e64c926fa3de23e8244b964aab92963d0f74d98cbc0783a9e04f501",
                "sha256:79543f945be7a5ada9943d555cf9b1531cfea49241809dd1183701f94a748624",
                "sha256:79fde625a0a55220d3624e64101ed68a059c1c1f126c74f08a42097a72ff66a9",
                "sha256:7d3f175410a6db0ad96b10bfbb0a5530ecd4fcf1e2b5d83d968dd64791f810ed",
                "sha256:8dd77fd6648b677d7742d2c3cc105a66e2681cc5e5fb247b88c7a7b78351cf74",
                "sha256:a3f0dd6d15b6dc8b28a838a5c48ced7455c3e1fb47b89da9c79cc2090b072a50",
                "sha256:bcb04441f370cbe6e37c2b8d79e4af9e4789f626c595899d94abebe8b38f9a4d",
                "sha256:c3d99ba99007dab8233f635c32b5cd24fb1df8d64e17bc7df136cedbea427897",
                "sha256:ca8a5ff2aa7f3ade6c498aaafce25b1eaeabe4e42b73e25519183e4566a16fc6",
                "sha256:cb0d3e94c2a84215532d9bcf10229476ffd3b08f481c53754113b794afb62d14",
                "sha256:d1b09ba72e4e6d341bb5bdd3564f1cea6095d4c3632e45dc69375a1dbe4e26ec",
                "sha256:d32b5ffef6c5bcb452723a496bad2d4c52b346240c59b3e6dba279f6dcc06c14",
                "sha256:d3793dcf5bc4d74ae1e9db15121250c2da476e1af8e45a1d9a52b1513a393459",
                "sha256:dd81466bdbc82b060c3c110b2937ab65ace41dfa7b18681fdfad2f37f27acdd7",
                "sha256:e4e571af672e1bb710b3cc1a9794b55bce1eae5aed41a608c0401885e3491179",
                "sha256:ea8186be85da6587456c9ddc7bf480ebad1a0e6dcbad3967c4821233a4d4df57",
                "sha256:eefebcc5c555803065128401a1e224a64607259b5eb907021bf9b175f315d2a6"
            ],
            "index": "pypi",
            "version": "==2.0.20"
        },
        "mypackage": {
            "hashes": [
                "sha256:66ab4a8a5e08580c26f1019bb30b04e2af847e86346e9bddd6b6b50b2de7b7ff",
                "sha256:9a7c2a2e1ddbbcdf212c0a8cc895473b674814aec978d6538f1ffd595ae6469b"
            ],
            "index": "gitlab",
            "version": "==1.11.0"
        },
        "typing-extensions": {
            "hashes": [
                "sha256:440d5dd3af93b060174bf433bccd69b0babc3b15b1a8dca43789fd7f61514b36",
                "sha256:b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2"
            ],
            "markers": "python_version >= '3.7'",
            "version": "==4.7.1"
        },
        "tzdata": {
            "hashes": [
                "sha256:11ef1e08e54acb0d4f95bdb1be05da659673de4acbd21bf9c69e94cc5e907a3a",
                "sha256:7e65763eef3120314099b6939b5546db7adce1e7d6f2e179e3df563c70511eda"
            ],
            "markers": "python_version >= '2'",
            "version": "==2023.3"
        }
    },
    "develop": {}
}

Solutions attempted

  1. Deleting Pipfile.lock.
  2. Removing the pypi.org as a source.
  3. pipenv lock --clear
  4. Upgrade pipenv to the latest version.
  5. Upgrade to pipenv=2022.1.8

That last solution did work.
@jonbiemond
Copy link
Author

Temporary solution that worked for me is pinning pipenv to 2022.1.8.

> pip install pipenv==2022.1.8
> pipenv lock

@matteius
Copy link
Member

The first source in the Pipfile is the default source, and all packages will be resolved against that unless otherwise specified with a secondary source. I am not sure I understand the step 2. Removing pypi.org as a source idea ...

@matteius
Copy link
Member

Does making $GITLAB_TOKEN_NAME -> ${GITLAB_TOKEN_NAME} help?

@jonbiemond
Copy link
Author

I am not sure I understand the step 2. Removing pypi.org as a source idea ...

Because GitLab automatically redirects to pypi, with pip I only set my private registry as the index. And that works fine, but I'm guessing locking is more complex.

@jonbiemond
Copy link
Author

Does making $GITLAB_TOKEN_NAME -> ${GITLAB_TOKEN_NAME} help?

No, it didn't.

@matteius
Copy link
Member

That makes sense then, yes I agree it should work -- are you able to view an html index of packages at that location of your custom source?

@jonbiemond
Copy link
Author

are you able to view an html index of packages at that location of your custom source?

If I navigate to https://git.<company>.com/api/v4/groups/3/-/packages/pypi/simple from my browser I see my packages listed. Sorry if I misunderstood the question.

@kalebmckale
Copy link
Contributor

I believe this is related to the other issue. As @matteius mentioned above, the resolving / locking mechanism uses only the first source for resolving dependencies. What this means in practice is that pipenv uses all the sources in the Pipfile for the explicitly listed packages to collect the list of dependencies. It then tries to resolve all the new dependencies using only the first source. This has meant in my situation that when I list pypi first, (implicit) sub-dependencies belonging to private package registry don't get resolved. If I list private package registry first, (implicit) sub-dependencies belonging to pypi don't get resolved. My work-around has been to list pypi first and then explicitly add all the sub-dependencies contained in private package registry to the list of packages. This is less than ideal, but it's not clear how one would do it differently to preserve the security until Python changes the spec for dependencies inside their packages so pip is told where the dependencies are located. Python has made this currently available for private VCS repos in their spec but for any package that is retrieved from a PyPI-type package registry, only the name and version of the package dependencies (and their hash) is stored.

@jonbiemond
Copy link
Author

@kalebmckale

sub-dependencies belonging to private package registry don't get resolved

In the case of my_package I don't have any private sub-dependencies. That's why I created this new issue.

@kalebmckale
Copy link
Contributor

Because GitLab automatically redirects to pypi, with pip I only set my private registry as the index. And that works fine, but I'm guessing locking is more complex.

This should seemingly work, but for some reason I find this hasn't been working in practice when using pipenv. I think it has to do with how (pip) Resolver works and how GitLab is passing through the dependencies to pypi.org. Specifically, I'm not sure the Resolver can handle or will handle a redirect (my terminology here may be incorrect). Alternatively, GitLab may just be providing the answers that Resolver asks for: "do you, GitLab, have this package, and what are the versions and hashes you have?" I don't believe GitLab is going out to pypi.org and collecting this information for any packages not contained in its registry. I believe instead it just forwards the request and passes through the results when doing an installation.

@matteius
Copy link
Member

Well I created a Gitlab trial, so have 30 days to figure this out 😆 but from first take, it appears that the index that redirect packages from pypi doesn't list those available packages on the index page.

image

This gets complicated because some private indexes, such as one nexus I recently fixed hash collection for organize the hashes differently so unless we are careful fixing this, we will break other ones. Right now, the strategy is defined: https://github.com/pypa/pipenv/blob/main/pipenv/project.py#L294-L361

related: #5894

Basically I think we need to amend that method to check for the index_url and the package name, if its a 404, fall back to what it does today (maybe some refactor involved) but yeah -- pytorch, nexus, gitlab all do it slightly differently.

@matteius
Copy link
Member

@jonbiemond Hey, I am actually not able to reproduce this -- I setup a trial Gitlab, and the only thing I can note is when you grant the access token, you have to grant the right permissions for it to work, but in my case it does work:

$ pipenv lock -v
Loading .env environment variables...
Locking [packages] dependencies...
Building requirements...
Resolving dependencies...
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.starting()
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.adding_requirement(SpecifierRequirement('requests'), None)
INFO:pipenv.patched.pip._internal.operations.prepare:Collecting requests (from -r C:\Users\matte\AppData\Local\Temp\pipenv-nzfz_61x-requirements\pipenv-n5pvonh5-constraints.txt (line
2))
INFO:pipenv.patched.pip._internal.operations.prepare:Obtaining dependency information for requests from
https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl.metadata
INFO:pipenv.patched.pip._internal.network.download:Using cached requests-2.31.0-py3-none-any.whl.metadata (4.6 kB)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.starting_round(0)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.adding_requirement(SpecifierRequirement('charset-normalizer<4,>=2'),
LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from
https://pypi.org/simple/requests/) (requires-python:>=3.7)'))
INFO:pipenv.patched.pip._internal.operations.prepare:Collecting charset-normalizer<4,>=2 (from requests->-r C:\Users\matte\AppData\Local\Temp\pipenv-nzfz_61x-requirements\pipenv-n5pvonh5-constraints.txt (line
2))
INFO:pipenv.patched.pip._internal.operations.prepare:Obtaining dependency information for charset-normalizer<4,>=2 from
https://files.pythonhosted.org/packages/91/6e/db0e545302bf93b6dbbdc496dd192c7f8e8c3bb1584acba069256d8b51d4/charset_normalizer-3.2.0-cp311-cp311-win_amd64.whl.metadata
INFO:pipenv.patched.pip._internal.network.download:Using cached charset_normalizer-3.2.0-cp311-cp311-win_amd64.whl.metadata (31 kB)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.adding_requirement(SpecifierRequirement('idna<4,>=2.5'),
LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/)
(requires-python:>=3.7)'))
INFO:pipenv.patched.pip._internal.operations.prepare:Collecting idna<4,>=2.5 (from requests->-r C:\Users\matte\AppData\Local\Temp\pipenv-nzfz_61x-requirements\pipenv-n5pvonh5-constraints.txt (line 2))
INFO:pipenv.patched.pip._internal.network.download:Using cached idna-3.4-py3-none-any.whl (61 kB)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.adding_requirement(SpecifierRequirement('urllib3<3,>=1.21.1'),
LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/)
(requires-python:>=3.7)'))
INFO:pipenv.patched.pip._internal.operations.prepare:Collecting urllib3<3,>=1.21.1 (from requests->-r C:\Users\matte\AppData\Local\Temp\pipenv-nzfz_61x-requirements\pipenv-n5pvonh5-constraints.txt (line 2))
INFO:pipenv.patched.pip._internal.operations.prepare:Obtaining dependency information for urllib3<3,>=1.21.1 from
https://files.pythonhosted.org/packages/9b/81/62fd61001fa4b9d0df6e31d47ff49cfa9de4af03adecf339c7bc30656b37/urllib3-2.0.4-py3-none-any.whl.metadata
INFO:pipenv.patched.pip._internal.network.download:Using cached urllib3-2.0.4-py3-none-any.whl.metadata (6.6 kB)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.adding_requirement(SpecifierRequirement('certifi>=2017.4.17'),
LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/)
(requires-python:>=3.7)'))
INFO:pipenv.patched.pip._internal.operations.prepare:Collecting certifi>=2017.4.17 (from requests->-r C:\Users\matte\AppData\Local\Temp\pipenv-nzfz_61x-requirements\pipenv-n5pvonh5-constraints.txt (line 2))
INFO:pipenv.patched.pip._internal.operations.prepare:Obtaining dependency information for certifi>=2017.4.17 from
https://files.pythonhosted.org/packages/4c/dd/2234eab22353ffc7d94e8d13177aaa050113286e93e7b40eae01fbf7c3d9/certifi-2023.7.22-py3-none-any.whl.metadata
INFO:pipenv.patched.pip._internal.network.download:Using cached certifi-2023.7.22-py3-none-any.whl.metadata (2.2 kB)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.pinning(LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/reque
sts-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/) (requires-python:>=3.7)'))
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.ending_round(0, state)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.starting_round(1)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.pinning(LinkCandidate('https://files.pythonhosted.org/packages/4c/dd/2234eab22353ffc7d94e8d13177aaa050113286e93e7b40eae01fbf7c3d9/certi
fi-2023.7.22-py3-none-any.whl (from https://pypi.org/simple/certifi/) (requires-python:>=3.6)'))
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.ending_round(1, state)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.starting_round(2)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.pinning(LinkCandidate('https://files.pythonhosted.org/packages/91/6e/db0e545302bf93b6dbbdc496dd192c7f8e8c3bb1584acba069256d8b51d4/chars
et_normalizer-3.2.0-cp311-cp311-win_amd64.whl (from https://pypi.org/simple/charset-normalizer/) (requires-python:>=3.7.0)'))
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.ending_round(2, state)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.starting_round(3)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.pinning(LinkCandidate('https://files.pythonhosted.org/packages/fc/34/3030de6f1370931b9dbb4dad48f6ab1015ab1d32447850b9fc94e60097be/idna-
3.4-py3-none-any.whl (from https://pypi.org/simple/idna/) (requires-python:>=3.5)'))
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.ending_round(3, state)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.starting_round(4)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.pinning(LinkCandidate('https://files.pythonhosted.org/packages/9b/81/62fd61001fa4b9d0df6e31d47ff49cfa9de4af03adecf339c7bc30656b37/urlli
b3-2.0.4-py3-none-any.whl (from https://pypi.org/simple/urllib3/) (requires-python:>=3.7)'))
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.ending_round(4, state)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.starting_round(5)
INFO:pipenv.patched.pip._internal.resolution.resolvelib.reporter:Reporter.ending(State(mapping=OrderedDict([('requests',
LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/)
(requires-python:>=3.7)')), ('certifi', LinkCandidate('https://files.pythonhosted.org/packages/4c/dd/2234eab22353ffc7d94e8d13177aaa050113286e93e7b40eae01fbf7c3d9/certifi-2023.7.22-py3-none-any.whl (from
https://pypi.org/simple/certifi/) (requires-python:>=3.6)')), ('charset-normalizer',
LinkCandidate('https://files.pythonhosted.org/packages/91/6e/db0e545302bf93b6dbbdc496dd192c7f8e8c3bb1584acba069256d8b51d4/charset_normalizer-3.2.0-cp311-cp311-win_amd64.whl (from
https://pypi.org/simple/charset-normalizer/) (requires-python:>=3.7.0)')), ('idna',
LinkCandidate('https://files.pythonhosted.org/packages/fc/34/3030de6f1370931b9dbb4dad48f6ab1015ab1d32447850b9fc94e60097be/idna-3.4-py3-none-any.whl (from https://pypi.org/simple/idna/)
(requires-python:>=3.5)')), ('urllib3', LinkCandidate('https://files.pythonhosted.org/packages/9b/81/62fd61001fa4b9d0df6e31d47ff49cfa9de4af03adecf339c7bc30656b37/urllib3-2.0.4-py3-none-any.whl (from
https://pypi.org/simple/urllib3/) (requires-python:>=3.7)'))]), criteria={'requests': Criterion((SpecifierRequirement('requests'), via=None)), 'charset-normalizer':
Criterion((SpecifierRequirement('charset-normalizer<4,>=2'),
via=LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/)
(requires-python:>=3.7)'))), 'idna': Criterion((SpecifierRequirement('idna<4,>=2.5'),
via=LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/)
(requires-python:>=3.7)'))), 'urllib3': Criterion((SpecifierRequirement('urllib3<3,>=1.21.1'),
via=LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/)
(requires-python:>=3.7)'))), 'certifi': Criterion((SpecifierRequirement('certifi>=2017.4.17'),
via=LinkCandidate('https://files.pythonhosted.org/packages/70/8e/0e2d847013cb52cd35b38c009bb167a1a26b2ce6cd6965bf26b47bc0bf44/requests-2.31.0-py3-none-any.whl (from https://pypi.org/simple/requests/)
(requires-python:>=3.7)')))}, backtrack_causes=[]))
INFO:pipenv.patched.pip._internal.network.download:Using cached requests-2.31.0-py3-none-any.whl (62 kB)
INFO:pipenv.patched.pip._internal.network.download:Using cached certifi-2023.7.22-py3-none-any.whl (158 kB)
INFO:pipenv.patched.pip._internal.network.download:Using cached charset_normalizer-3.2.0-cp311-cp311-win_amd64.whl (96 kB)
INFO:pipenv.patched.pip._internal.network.download:Using cached urllib3-2.0.4-py3-none-any.whl (123 kB)
[ ===] Locking...
Success!
Locking [dev-packages] dependencies...
Updated Pipfile.lock (a76470e1867f38f8fe267eeaa83a7e703d1bb1d72fe70357bcda6dfaa9a14cd9)!

matte@LAPTOP-N5VSGIBD MINGW64 ~/Projects/pipenv-triage/gitlab
$ cat Pipfile
[[source]]
url = "https://${USERNAME}:${PASSWORD}@gitlab.com/api/v4/projects/50430418/packages/pypi/simple"
verify_ssl = true
name = "gitlab"

[packages]
requests = "*"

[dev-packages]

[requires]
python_version = "3.9"

matte@LAPTOP-N5VSGIBD MINGW64 ~/Projects/pipenv-triage/gitlab
$ cat Pipfile.lock
{
    "_meta": {
        "hash": {
            "sha256": "a76470e1867f38f8fe267eeaa83a7e703d1bb1d72fe70357bcda6dfaa9a14cd9"
        },
        "pipfile-spec": 6,
        "requires": {
            "python_version": "3.9"
        },
        "sources": [
            {
                "name": "gitlab",
                "url": "https://${USERNAME}:${PASSWORD}@gitlab.com/api/v4/projects/50430418/packages/pypi/simple",
                "verify_ssl": true
            }
        ]
    },
    "default": {
        "certifi": {
            "hashes": [
                "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082",
                "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9"
            ],
            "markers": "python_version >= '3.6'",
            "version": "==2023.7.22"
        },
        "charset-normalizer": {
            "hashes": [
                "sha256:04e57ab9fbf9607b77f7d057974694b4f6b142da9ed4a199859d9d4d5c63fe96",
                "sha256:09393e1b2a9461950b1c9a45d5fd251dc7c6f228acab64da1c9c0165d9c7765c",
                "sha256:0b87549028f680ca955556e3bd57013ab47474c3124dc069faa0b6545b6c9710",
                "sha256:1000fba1057b92a65daec275aec30586c3de2401ccdcd41f8a5c1e2c87078706",
                "sha256:1249cbbf3d3b04902ff081ffbb33ce3377fa6e4c7356f759f3cd076cc138d020",
                "sha256:1920d4ff15ce893210c1f0c0e9d19bfbecb7983c76b33f046c13a8ffbd570252",
                "sha256:193cbc708ea3aca45e7221ae58f0fd63f933753a9bfb498a3b474878f12caaad",
                "sha256:1a100c6d595a7f316f1b6f01d20815d916e75ff98c27a01ae817439ea7726329",
                "sha256:1f30b48dd7fa1474554b0b0f3fdfdd4c13b5c737a3c6284d3cdc424ec0ffff3a",
                "sha256:203f0c8871d5a7987be20c72442488a0b8cfd0f43b7973771640fc593f56321f",
                "sha256:246de67b99b6851627d945db38147d1b209a899311b1305dd84916f2b88526c6",
                "sha256:2dee8e57f052ef5353cf608e0b4c871aee320dd1b87d351c28764fc0ca55f9f4",
                "sha256:2efb1bd13885392adfda4614c33d3b68dee4921fd0ac1d3988f8cbb7d589e72a",
                "sha256:2f4ac36d8e2b4cc1aa71df3dd84ff8efbe3bfb97ac41242fbcfc053c67434f46",
                "sha256:3170c9399da12c9dc66366e9d14da8bf7147e1e9d9ea566067bbce7bb74bd9c2",
                "sha256:3b1613dd5aee995ec6d4c69f00378bbd07614702a315a2cf6c1d21461fe17c23",
                "sha256:3bb3d25a8e6c0aedd251753a79ae98a093c7e7b471faa3aa9a93a81431987ace",
                "sha256:3bb7fda7260735efe66d5107fb7e6af6a7c04c7fce9b2514e04b7a74b06bf5dd",
                "sha256:41b25eaa7d15909cf3ac4c96088c1f266a9a93ec44f87f1d13d4a0e86c81b982",
                "sha256:45de3f87179c1823e6d9e32156fb14c1927fcc9aba21433f088fdfb555b77c10",
                "sha256:46fb8c61d794b78ec7134a715a3e564aafc8f6b5e338417cb19fe9f57a5a9bf2",
                "sha256:48021783bdf96e3d6de03a6e39a1171ed5bd7e8bb93fc84cc649d11490f87cea",
                "sha256:4957669ef390f0e6719db3613ab3a7631e68424604a7b448f079bee145da6e09",
                "sha256:5e86d77b090dbddbe78867a0275cb4df08ea195e660f1f7f13435a4649e954e5",
                "sha256:6339d047dab2780cc6220f46306628e04d9750f02f983ddb37439ca47ced7149",
                "sha256:681eb3d7e02e3c3655d1b16059fbfb605ac464c834a0c629048a30fad2b27489",
                "sha256:6c409c0deba34f147f77efaa67b8e4bb83d2f11c8806405f76397ae5b8c0d1c9",
                "sha256:7095f6fbfaa55defb6b733cfeb14efaae7a29f0b59d8cf213be4e7ca0b857b80",
                "sha256:70c610f6cbe4b9fce272c407dd9d07e33e6bf7b4aa1b7ffb6f6ded8e634e3592",
                "sha256:72814c01533f51d68702802d74f77ea026b5ec52793c791e2da806a3844a46c3",
                "sha256:7a4826ad2bd6b07ca615c74ab91f32f6c96d08f6fcc3902ceeedaec8cdc3bcd6",
                "sha256:7c70087bfee18a42b4040bb9ec1ca15a08242cf5867c58726530bdf3945672ed",
                "sha256:855eafa5d5a2034b4621c74925d89c5efef61418570e5ef9b37717d9c796419c",
                "sha256:8700f06d0ce6f128de3ccdbc1acaea1ee264d2caa9ca05daaf492fde7c2a7200",
                "sha256:89f1b185a01fe560bc8ae5f619e924407efca2191b56ce749ec84982fc59a32a",
                "sha256:8b2c760cfc7042b27ebdb4a43a4453bd829a5742503599144d54a032c5dc7e9e",
                "sha256:8c2f5e83493748286002f9369f3e6607c565a6a90425a3a1fef5ae32a36d749d",
                "sha256:8e098148dd37b4ce3baca71fb394c81dc5d9c7728c95df695d2dca218edf40e6",
                "sha256:94aea8eff76ee6d1cdacb07dd2123a68283cb5569e0250feab1240058f53b623",
                "sha256:95eb302ff792e12aba9a8b8f8474ab229a83c103d74a750ec0bd1c1eea32e669",
                "sha256:9bd9b3b31adcb054116447ea22caa61a285d92e94d710aa5ec97992ff5eb7cf3",
                "sha256:9e608aafdb55eb9f255034709e20d5a83b6d60c054df0802fa9c9883d0a937aa",
                "sha256:a103b3a7069b62f5d4890ae1b8f0597618f628b286b03d4bc9195230b154bfa9",
                "sha256:a386ebe437176aab38c041de1260cd3ea459c6ce5263594399880bbc398225b2",
                "sha256:a38856a971c602f98472050165cea2cdc97709240373041b69030be15047691f",
                "sha256:a401b4598e5d3f4a9a811f3daf42ee2291790c7f9d74b18d75d6e21dda98a1a1",
                "sha256:a7647ebdfb9682b7bb97e2a5e7cb6ae735b1c25008a70b906aecca294ee96cf4",
                "sha256:aaf63899c94de41fe3cf934601b0f7ccb6b428c6e4eeb80da72c58eab077b19a",
                "sha256:b0dac0ff919ba34d4df1b6131f59ce95b08b9065233446be7e459f95554c0dc8",
                "sha256:baacc6aee0b2ef6f3d308e197b5d7a81c0e70b06beae1f1fcacffdbd124fe0e3",
                "sha256:bf420121d4c8dce6b889f0e8e4ec0ca34b7f40186203f06a946fa0276ba54029",
                "sha256:c04a46716adde8d927adb9457bbe39cf473e1e2c2f5d0a16ceb837e5d841ad4f",
                "sha256:c0b21078a4b56965e2b12f247467b234734491897e99c1d51cee628da9786959",
                "sha256:c1c76a1743432b4b60ab3358c937a3fe1341c828ae6194108a94c69028247f22",
                "sha256:c4983bf937209c57240cff65906b18bb35e64ae872da6a0db937d7b4af845dd7",
                "sha256:c4fb39a81950ec280984b3a44f5bd12819953dc5fa3a7e6fa7a80db5ee853952",
                "sha256:c57921cda3a80d0f2b8aec7e25c8aa14479ea92b5b51b6876d975d925a2ea346",
                "sha256:c8063cf17b19661471ecbdb3df1c84f24ad2e389e326ccaf89e3fb2484d8dd7e",
                "sha256:ccd16eb18a849fd8dcb23e23380e2f0a354e8daa0c984b8a732d9cfaba3a776d",
                "sha256:cd6dbe0238f7743d0efe563ab46294f54f9bc8f4b9bcf57c3c666cc5bc9d1299",
                "sha256:d62e51710986674142526ab9f78663ca2b0726066ae26b78b22e0f5e571238dd",
                "sha256:db901e2ac34c931d73054d9797383d0f8009991e723dab15109740a63e7f902a",
                "sha256:e03b8895a6990c9ab2cdcd0f2fe44088ca1c65ae592b8f795c3294af00a461c3",
                "sha256:e1c8a2f4c69e08e89632defbfabec2feb8a8d99edc9f89ce33c4b9e36ab63037",
                "sha256:e4b749b9cc6ee664a3300bb3a273c1ca8068c46be705b6c31cf5d276f8628a94",
                "sha256:e6a5bf2cba5ae1bb80b154ed68a3cfa2fa00fde979a7f50d6598d3e17d9ac20c",
                "sha256:e857a2232ba53ae940d3456f7533ce6ca98b81917d47adc3c7fd55dad8fab858",
                "sha256:ee4006268ed33370957f55bf2e6f4d263eaf4dc3cfc473d1d90baff6ed36ce4a",
                "sha256:eef9df1eefada2c09a5e7a40991b9fc6ac6ef20b1372abd48d2794a316dc0449",
                "sha256:f058f6963fd82eb143c692cecdc89e075fa0828db2e5b291070485390b2f1c9c",
                "sha256:f25c229a6ba38a35ae6e25ca1264621cc25d4d38dca2942a7fce0b67a4efe918",
                "sha256:f2a1d0fd4242bd8643ce6f98927cf9c04540af6efa92323e9d3124f57727bfc1",
                "sha256:f7560358a6811e52e9c4d142d497f1a6e10103d3a6881f18d04dbce3729c0e2c",
                "sha256:f779d3ad205f108d14e99bb3859aa7dd8e9c68874617c72354d7ecaec2a054ac",
                "sha256:f87f746ee241d30d6ed93969de31e5ffd09a2961a051e60ae6bddde9ec3583aa"
            ],
            "markers": "python_full_version >= '3.7.0'",
            "version": "==3.2.0"
        },
        "idna": {
            "hashes": [
                "sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4",
                "sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2"
            ],
            "markers": "python_version >= '3.5'",
            "version": "==3.4"
        },
        "requests": {
            "hashes": [
                "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f",
                "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"
            ],
            "index": "gitlab",
            "markers": "python_version >= '3.7'",
            "version": "==2.31.0"
        },
        "urllib3": {
            "hashes": [
                "sha256:8d22f86aae8ef5e410d4f539fde9ce6b2113a001bb4d189e0aed70642d602b11",
                "sha256:de7df1803967d2c2a98e4b11bb7d6bd9210474c46e8a0401514e3a42a75ebde4"
            ],
            "markers": "python_version >= '3.7'",
            "version": "==2.0.4"
        }
    },
    "develop": {}
}

@kalebmckale
Copy link
Contributor

kalebmckale commented Sep 16, 2023
edited
Loading

@Mattieus I don’t think this is equivalent to the problem. You need a package inside the GitLab PyPI package registry that has all of its dependencies outside of it at pypi.org or equivalent.

@kalebmckale
Copy link
Contributor

kalebmckale commented Sep 17, 2023
edited
Loading

To be clear, "inside the GitLab PyPI package registry" means to have a package you've built and deployed to your GitLab project's PyPI package registry. To test, then you want a local Pipfile install* that uses both this package and some other package in the pypi.org registry.

* could merely be a Pipfile lock, too.

@kalebmckale
Copy link
Contributor

kalebmckale commented Sep 17, 2023
edited
Loading

@kalebmckale

sub-dependencies belonging to private package registry don't get resolved

In the case of my_package I don't have any private sub-dependencies. That's why I created this new issue.

@jonbiemond Hmmm... I have reconsidered the issue and realized you're right about this. I do have one project that is similar to yours, and I do have it working. However, I am now recollecting it didn't always work, but I am not 100% confident if the solution was to turn on the GitLab setting to forward non-GitLab requests to PyPI (not the default because of the exact reason the Pipfile.lock file works the way it does: security) or to turn off that setting. So, question (so I'm not assuming anything): Is this setting turned on in your GitLab project (it could also be a group-level setting)?

I know the setting is currently turned off for my one project that is working, which I believe I did before my last build with it. Can you attempt to do the locking and install with this setting in both states: on and off?

This is merely a diagnostic test for my hypothesis that you need to let pipenv do the resolving and collection for all packages. Thanks!

@gbottari gbottari mentioned this issue Sep 22, 2023
Closed
@sudharsan2020
Copy link

Temporary solution that worked for me is pinning pipenv to 2022.1.8.

> pip install pipenv==2022.1.8
> pipenv lock

This worked for me when trying to install Pytorch and using Azure Artifacts. Thanks :)

@oz123 oz123 added the Category: Private PyPIs 😎 Problem relates to private PyPI usage. label Oct 4, 2024
@matteius
Copy link
Member

Please recheck with 2024.3.0 new release, is believed to have fixed this type of issue.

@matteius matteius added the Status: Awaiting Update ⏳ This issue requires more information before assistance can be provided. label Oct 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Category: Private PyPIs 😎 Problem relates to private PyPI usage. Status: Awaiting Update ⏳ This issue requires more information before assistance can be provided. triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@matteius @oz123 @kalebmckale @sudharsan2020 @jonbiemond