Dustin Ingram
Dustin Ingram
And signing! Ideally this would sign itself during the release process.
Unblocked! I've invited @woodruffw as co-owner of https://pypi.org/project/sigstore/ (@tetsuo-cpp, I don't know your PyPI username but can add you as well) (Ideally we'd be releasing this via the new OIDC...
With regards to TensorFlow: for the `scipy` dependency, this is definitely over-constrained and will be removed in the next release, see: * PRs: https://github.com/tensorflow/tensorflow/pull/41865, https://github.com/tensorflow/tensorflow/pull/41866, https://github.com/tensorflow/tensorflow/pull/41867 * Issues: https://github.com/tensorflow/tensorflow/issues/40884, https://github.com/tensorflow/tensorflow/issues/35709,...
If I understand correctly, #9775 did not fix this, but made it possible to fix this?
Thanks @uranusjr. This is currently blocking CI and deployment for pypa/warehouse, is there any workaround? If not, could you explain at a high level what I'd need to do to...
I tried to create a failing test for this: ```python def test_new_resolver_hash_with_extras(script): parent_path = create_basic_wheel_for_package( script, "parent", "0.1.0", depends=["child"] ) parent_hash = hashlib.sha256(parent_path.read_bytes()).hexdigest() child_path = create_basic_wheel_for_package( script, "child", "0.1.0", extras={"extra":...
That still passes, but after looking more closely I was able to figure out what will cause it to fail: * two parent dependencies * one with a dependency on...
@cas-- It may be preferable to update all the dependencies that the extra includes to the latest versions instead. By removing the extra you are possibly removing sub-dependencies your application...
@cas-- Ah, sorry, I missed that you were including both. That works too!
I will not have time to work on this myself in July.