build-and-inspect-python-package icon indicating copy to clipboard operation
build-and-inspect-python-package copied to clipboard
verified publisher icon hynek

Compatibility with `check-sdist`

Open jamesbraza opened this issue 1 year ago • 7 comments

If I use build-and-inspect-python-package in normal CI, do I still need https://github.com/henryiii/check-sdist?

  • If BAIPP is a superset of check-sdist: can we document that it's no longer necessary in the README.md
  • Otherwise if BAIPP is not a superset of check-sdist: can we add check-sdist to the internals of BAIPP?

jamesbraza avatar Oct 14 '24 00:10 jamesbraza

let's ask @henryiii :)

hynek avatar Oct 14 '24 03:10 hynek

I've wondered about adding it. Check-sdist checks to see if every file in git is included in the SDist. (It's like check-manifest, but for any backend.) It's not very useful for hatch or scikit-build-core projects, as they are based on the git contents too (slightly different, so not useless), but it's really useful for flit-core projects and other backends that don't use git for the file list (like setuptools). The problem with adding it is you might need a bit of configuration if you are intentionally avoiding files from your SDist like CI files. Adding it could cause a previously passing job to start failing, with the fix only being adding some configuration. Check-wheel-contents has similar issues, though, to be fair, the only difference being that has been there longer.

henryiii avatar Oct 14 '24 03:10 henryiii

If you think it's useful, we could add it and bump major version. And by "we", I mean PRs welcome. 🤓 But I don't suffer from Hauptversionserhöhungsangst – people want SemVer, they get SemVer.

hynek avatar Oct 14 '24 03:10 hynek

I vote check-sdist get installed/used internally here, I think the value of a one-stop shop GitHub action with less configuration/typing for the normal case outweighs edge case configuration

jamesbraza avatar Oct 14 '24 04:10 jamesbraza

I've wondered about adding it. Check-sdist checks to see if every file in git is included in the SDist. (It's like check-manifest, but for any backend.) It's not very useful for hatch or scikit-build-core projects, as they are based on the git contents too (slightly different, so not useless), but it's really useful for flit-core projects and other backends that don't use git for the file list (like setuptools).

JFTR: it's also useful for hatchling that only kinda does git-based packaging. In fact, I started this project because I almost shipped a .mypy_cache once: https://github.com/pypa/hatch/issues/304

This is an even bigger foot-gun than not caring about git at all, since it gives a false sense of security.

hynek avatar Oct 14 '24 05:10 hynek

Does it not do recursive gitignores? Scikit-build-core does. Yes, you are correct, both of those do .gitignore based packages, that's why I said "slightly different, so not useless". I'm experimenting with an idea to reduce the amount of configuration needed for a few common backends.

henryiii avatar Oct 14 '24 05:10 henryiii

This is what I was thinking: https://github.com/henryiii/check-sdist/pull/66. That would reduce false positives I think.

henryiii avatar Oct 14 '24 05:10 henryiii