warehouse
warehouse copied to clipboard
pypi
Predictable wheel URL redirect broken for tbvaccine package
The only documentation about the predictable URLs I found is here, combined with the PEP 0491 section about the wheel file name convention. Predictable wheel URLs can therefore be constructed like this:
info = dict(
distribution='tbvaccine',
version='0.3.1',
python='py2.py3',
abi='none',
platform='any',
)
info_wheel_file_name = {
tag: re.sub("[^\w\d.]+", "_", part, re.UNICODE)
for tag, part in info.items()
}
wheel_file_name = '{distribution}-{version}-{python}-{abi}-{platform}.whl'.format_map(info_wheel_file_name)
url = f'https://files.pythonhosted.org/packages/{info["python"]}/{info["distribution"][0]}/{info["distribution"]}/{wheel_file_name}'
This results in the URL: https://files.pythonhosted.org/packages/py36/t/tbvaccine/tbvaccine-0.3.1-py2.py3-none-any.whl
Expected behavior I expect this URL to redirect to the correct file, but it only gives me 404:
To Reproduce
$ curl -I 'https://files.pythonhosted.org/packages/py2.py3/t/tbvaccine/tbvaccine-0.3.1-py2.py3-none-any.whl'
HTTP/2 404
content-type: application/octet-stream
server: nginx/1.13.9
accept-ranges: bytes
date: Thu, 07 Mar 2019 11:52:05 GMT
age: 0
content-length: 0
...
** Additional Info ** Weirdly, “Python version” is “3.6” on the file list:
| Filename, size & hash | File type | Python version | Upload date |
|---|---|---|---|
| tbvaccine-0.3.1-py2.py3-none-any.whl (8.2 kB) | Wheel | 3.6 | Dec 14, 2018 |
The reference you referred to also ends with:
In general this is only a good idea for
sourceas apython_versionto fetch tar and zip files.
And that's the only example it shows. Given that, I wouldn't expect this to work for .whl files.
The official guidance is to use the provided API to find a download location. As the redirect service exists only for historical artifacts, I doubt it will be expanded to handle new artifacts and may even be dropped some day.
Hi! The docs aren’t completely truthful, the existence of these URLs is as deliberate as my usage of them instead of the API. If you’re interested in why the predictable wheel URLs exist, please read up in #1944. The short version: It’s for downstream packagers (like linux distribution packages; .deb, .rpm, .pkg.tar.xz, …), where the ability to access a JSON API instead of plain URLs is not always given.
Please don’t take this the wrong way, but I recommend that you improve the style of your online communication. This looking like a bug is independent of the JSON API existing or not. Therefore it’s not very nice to exclusively point out that I’m “holding it wrong” (regardless of that assumption being true or not).
If I was in your position with your knowlege, I’d have said something like “You’re right, your URL seems to be correctly formed. I don’t know why it fails, but did you know that the preferred way to fetch packages is to retrieve the URL using the JSON API?”
I’ll send a PR improving the docs so that nobody in the future draws the same conclusions that you did.
Hmm, I since figured out that “Python version” in the file list is what has to go in place of the first python_tag:
$ curl -I 'https://files.pythonhosted.org/packages/3.6/t/tbvaccine/tbvaccine-0.3.1-py2.py3-none-any.whl'
HTTP 302
...
That seems like a bug to me. Shouldn’t python_version always correspond to the python_tag in the wheel filename?