Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Pip download prefers newer package version even when local package exists

See original GitHub issue

Environment

pip version: 10.0.1/master
Python version: Tested on python 3.6
OS: Linux

Description pip download does not prefer package found locally even if it satisfies the requirements when there is a newer available at the remote package index

Expected behavior Prefer the already existing package as long as long as it satisfies the dependency requirements

How to Reproduce

Create directory pkg_cache
Run pip3 download --dest pkg_cache/ --find-links pkg_cache/ setuptools==39.0.1 && pip3 download --dest pkg_cache/ --find-links pkg_cache/ setuptools

Output

pip3 download --dest pkg_cache/  --find-links pkg_cache/ setuptools==39.0.1 && pip3 download --dest pkg_cache/  --find-links pkg_cache/ setuptools
Looking in links: pkg_cache/
Collecting setuptools==39.0.1
  Using cached https://files.pythonhosted.org/packages/20/d7/04a0b689d3035143e2ff288f4b9ee4bf6ed80585cc121c90bfd85a1a8c2e/setuptools-39.0.1-py2.py3-none-any.whl
  Saved ./pkg_cache/setuptools-39.0.1-py2.py3-none-any.whl
Successfully downloaded setuptools
Looking in links: pkg_cache/
Collecting setuptools
  Using cached https://files.pythonhosted.org/packages/7f/e1/820d941153923aac1d49d7fc37e17b6e73bfbd2904959fffbad77900cf92/setuptools-39.2.0-py2.py3-none-any.whl
  Saved ./pkg_cache/setuptools-39.2.0-py2.py3-none-any.whl
Successfully downloaded setuptools

Issue Analytics

State:
Created 5 years ago
Reactions:1
Comments:48 (17 by maintainers)

Top GitHub Comments

3reactions

pfmoorecommented, Aug 21, 2018

OK, so what you’re suggesting is an option to pip download that says "for each requirement, if it can already be satisfied from the destination directory, skip it, otherwise download the requirement as normal and store the downloaded file in the destination directory.

I can see the logic in that. If you wanted to create a PR implementing it, I’m not going to object. I can’t say that I find your justification for the behaviour compelling, but that’s something that can be debated later, when there’s a PR to review.

1reaction

pfmoorecommented, Nov 20, 2018

Sigh. I guess we’re simply going to have to disagree. Pip has mechanisms (version pinning, hash checking) to satisfy your requirement (1). Just because you choose not to use them, or because they don’t work easily in your particular situation, doesn’t mean pip can’t do that. Nor does it mean that pip needs another method of doing the same thing.

I remain -1 on this whole proposal, and you’ve pretty much convinced me that accepting the option for pip download will set a precedent that will make it impossible to resist demands that we add it to pip install. So I’m no longer willing to make an exception for pip download.

Top Results From Across the Web

Why is pip installing an old version of my package?

Apparently, if pip can find a local version of the package, pip will prefer the local versions to remote ones. I even disconnected...

Pip download prefers newer package version even when local ...

pip download does not prefer package found locally even if it satisfies the ... Pip will always prefer the latest available version, it...

Dependency Resolution - pip documentation v22.3.1

This can look like pip downloading multiple versions of the same package, since pip explicitly presents each download to the user. The backtracking...

Installing Python Modules (Legacy version) — Python 3.11.1 ...

The entire distutils package has been deprecated and will be removed in ... base of scripts still works with the new version before...

Dependency Management With Python Poetry

A dependency manager like Python Poetry helps you specify, install, and resolve external packages in your projects. This way, you can be sure...