Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
boto3 release process on PyPI is broken
See original GitHub issuehttps://pypi.org/pypi/boto3/1.9.220/json doesn’t correctly list botocore as a dependency. As a result https://libraries.io/pypi/boto3 and other tools are unable to detect those dependencies correctly.
Issue Analytics
- State:
- Created 4 years ago
- Comments:6 (3 by maintainers)
Top Results From Across the Web
boto3 version 1.2.0 on PyPI has broken metadata · Issue #2366
Since the metadata for boto3 version 1.2.0 on PyPI has broken metadata these tools will error when that happens. Steps to reproduce. Running....
Read more >boto3 - PyPI
Boto3 is the Amazon Web Services (AWS) Software Development Kit (SDK) for Python, which allows Python developers to write software that makes use...
Read more >Connection to pypi.org timed out - python - Stack Overflow
Seems you are using a proxy in your network. Either you need to specify the proxy details to pass it, or to stop...
Read more >Quickstart — Boto3 Docs 1.26.33 documentation - AWS
After the deprecation date listed for each Python version, new releases of Boto3 will not include support for that version of Python.
Read more >Managing Python dependencies in requirements.txt
This helps to prevent a future breaking update from PyPi.org from being automatically applied. library == version. Example Boto3 and ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@techtonik - Thanks for sharing your output. Our release process first uploads the source package to pypi then the binary package. After uploading the source package pypi does not look for any dependency so evenif the binary package has all the dependency it never gets updated.
We could first publish the binary package as you suggested to update all those dependency. I would mark this as enhancement.
Hi @swetashre. Does AWS have any kind of invisible infrastructure support program like https://gitcoin.co or Tidelift? Over the last two days I tracked the problem down to the following issues:
boto3doesn’t contain dependency metadata (2). Luckily, binary package forboto3contains the correct metadata. https://pypy.org doesn’t have any logic to ensure that dependencies are filled correctly - the first uploaded package wins.quick hack solution for boto3 to publish its dependencies is to upload binary package first. The release process is not documented, so I couldn’t send a PR to fix that.
proper solution part 1 is to patch https://pypi.org to fill missing metadata from subsequently uploaded packages with the same version.
boto3. If you’re usingpython setup.py distto create the package, thensetuptoolsis the tool that needs to be patched.proper solution part 2 is to implement missing part in setuptools.