freezegun
freezegun copied to clipboard
spulec
Version on PyPI broken for Python 3.3
I believe the latest version of freezegun (0.3.11) uploaded on PyPI was uploaded using python setup.py upload, which is deprecated. This is a major problem, because you have added python_requires, but there is a bug in distutils/setuptools that hard-codes the metadata version as 1.0.
This causes the unfortunate situation that now your package will enforce at install time that it cannot be installed on Python 3.3, but because PyPI doesn't know anything about that, pip install freezegun on Python 3.3 will install the latest version.
See more on this issue in this warehouse bug.
Here is a sphinx bug where they, unfortunately, decided to do nothing about this.
I would consider un-publishing the latest version and replacing it with a .post release uploaded with twine instead.
We actually dropped support for Python 3.3 here: https://github.com/spulec/freezegun/pull/248
Let me know if there is a good reason for us to reconsider though.
@spulec I know you did, that's the problem.
Specifically, dropping support for Python 3.3 is not a problem, but you have uploaded a package on PyPI that advertises to pip that it can be used with Python 3.3, but which cannot be installed on Python 3.3.
Unfortunately there's no easy solution because uploading a new package will likely make pip fall back to the most recent version that "supports" Python 3.3... which is the broken version. I think the best course of action is to try and un-publish as quickly as possible and make a .post release or something of that nature.
Ah, I see.
The release has already been out for a day. I fear it will cause more damage to try to take it down at this point.
I think if you cut a 0.3.12 release immediately and then unpublish 0.3.11, you'll do almost no damage.
The only people who would be damaged by that are people who have already pinned to exactly 0.3.11, as opposed to breaking all Python 3.3 users. Presumably the majority of people pinning to an exact version within a day can also pin to the next version within a day.
I would like to draw attention to one case, if you already speak about versions.
Is auto_tick_seconds a new develop feature, which should not go to the latest (0.3.11) version? If it's not then project README's misled me. If it should be, then it's absent in PYPI sources.
Great project, I really enjoy using it :)
@cpt-jenning It's not very strange that the github page is ahead of the released code. Development has one pace, and releases have another. There are a lot of features and bugs that are in the backlog that could potentially go into the next release, we'll see what happens.
FreezeGun 0.3.12 was released in May 2019, some months after 0.3.11, so there's probably not much more can be done anymore.
Python 3.3 is now second in the EOL heap after 3.4, if anyone still needs to support 3.3 they'll need to pin, similar to https://github.com/pganssle/dateutil/commit/c557583be73613cd5a19b91066cb15dbe016d590.
Since this issue was opened, PyPI has implemented "yanking":
A yanked release is a release that is always ignored by an installer, unless it is the only release that matches a version specifier (using either
==or===).
- https://pypi.org/help/#yanked
I suggest yanking 0.3.11.