Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. ItΒ collects links to all the places you might be looking at while hunting down a tough bug.
And, if youβre still stuck at the end, weβre happy to hop on a call to see how we can help out.
--selective-upgrade does not update hashes in Pipfile.lock
See original GitHub issueIssue description
If I update a package with --selective-upgrade, I can not install the update with sync.
Steps to replicate
pipenv install βdjango==2.2.18β pipenv install --selective-upgrade βdjango==2.2.19β pipenv --rm pipenv sync
Expected result
pipenv sync should install all packages from Pipfile.lock.
Actual result
$ pipenv sync
Creating a virtualenv for this project...
Pipfile: /home/mogoh/temp/Pipfile
Using /usr/bin/python3.8 (3.8.6) to create virtualenv...
β Ή Creating virtual environment...created virtual environment CPython3.8.6.final.0-64 in 114ms
creator CPython3Posix(dest=/home/mogoh/.local/share/virtualenvs/temp-O2KvBR8F, clear=False, global=False)
seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=/home/mogoh/.local/share/virtualenv)
added seed packages: pip==20.2.4, pkg_resources==0.0.0, setuptools==50.3.2, wheel==0.35.1
activators BashActivator,CShellActivator,FishActivator,PowerShellActivator,PythonActivator,XonshActivator
β Successfully created virtual environment!
Virtualenv location: /home/mogoh/.virtualenvs/temp-O2KvBR8F
Installing dependencies from Pipfile.lock (d1ee3e)...
An error occurred while installing django==2.2.19 --hash=sha256:c9c994f5e0a032cbd45089798b52e4080f4dea7241c58e3e0636c54146480bb4 --hash=sha256:0eaca08f236bf502a9773e53623f766cc3ceee6453cc41e6de1c8b80f07d2364! Will try again.
π ββββββββββββββββββββββββββββββββ 3/3 β 00:00:00
Installing initially failed dependencies...
[InstallError]: File "/home/mogoh/.local/lib/python3.8/site-packages/pipenv/cli/command.py", line 684, in sync
[InstallError]: retcode = do_sync(
[InstallError]: File "/home/mogoh/.local/lib/python3.8/site-packages/pipenv/core.py", line 2884, in do_sync
[InstallError]: do_init(
[InstallError]: File "/home/mogoh/.local/lib/python3.8/site-packages/pipenv/core.py", line 1304, in do_init
[InstallError]: do_install_dependencies(
[InstallError]: File "/home/mogoh/.local/lib/python3.8/site-packages/pipenv/core.py", line 899, in do_install_dependencies
[InstallError]: batch_install(
[InstallError]: File "/home/mogoh/.local/lib/python3.8/site-packages/pipenv/core.py", line 796, in batch_install
[InstallError]: _cleanup_procs(procs, failed_deps_queue, retry=retry)
[InstallError]: File "/home/mogoh/.local/lib/python3.8/site-packages/pipenv/core.py", line 703, in _cleanup_procs
[InstallError]: raise exceptions.InstallError(c.dep.name, extra=err_lines)
[pipenv.exceptions.InstallError]: Collecting django==2.2.19
[pipenv.exceptions.InstallError]: Using cached Django-2.2.19-py3-none-any.whl (7.5 MB)
[pipenv.exceptions.InstallError]: ERROR: THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS FILE. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them.
[pipenv.exceptions.InstallError]: django==2.2.19 from https://files.pythonhosted.org/packages/1a/ce/846a9dbf536991be0004f5ae414520c3a64eaa167d09e51d75ab410c45e8/Django-2.2.19-py3-none-any.whl#sha256=e319a7164d6d30cb177b3fd74d02c52f1185c37304057bb76d74047889c605d9 (from -r /tmp/pipenv-bdmyjhfi-requirements/pipenv-rkmf8g46-requirement.txt (line 1)):
[pipenv.exceptions.InstallError]: Expected sha256 0eaca08f236bf502a9773e53623f766cc3ceee6453cc41e6de1c8b80f07d2364
[pipenv.exceptions.InstallError]: Expected or c9c994f5e0a032cbd45089798b52e4080f4dea7241c58e3e0636c54146480bb4
[pipenv.exceptions.InstallError]: Got e319a7164d6d30cb177b3fd74d02c52f1185c37304057bb76d74047889c605d9
ERROR: Couldn't install package: django
Package installation failed...
β€ ββββββββββββββββββββββββββββββββ 0/1 β 00:00:00
$ pipenv --support
Pipenv version: '2020.11.15'
Pipenv location: '/home/mogoh/.local/lib/python3.8/site-packages/pipenv'
Python location: '/usr/bin/python3'
Python installations found:
3.8.6:/usr/bin/python3.83.8.6:/usr/bin/python3
PEP 508 Information:
{'implementation_name': 'cpython',
'implementation_version': '3.8.6',
'os_name': 'posix',
'platform_machine': 'x86_64',
'platform_python_implementation': 'CPython',
'platform_release': '5.8.0-43-generic',
'platform_system': 'Linux',
'platform_version': '#49-Ubuntu SMP Fri Feb 5 03:01:28 UTC 2021',
'python_full_version': '3.8.6',
'python_version': '3.8',
'sys_platform': 'linux'}
System environment variables:
SHELLSESSION_MANAGERWINDOWIDQT_ACCESSIBILITYKDED_STARTED_BY_KDEINITCOLORTERMXDG_CONFIG_DIRSXDG_SESSION_PATHNVM_INCGTK_IM_MODULELANGUAGEQT4_IM_MODULEMANDATORY_PATHJAVA_HOMESSH_AUTH_SOCKSHELL_SESSION_IDXMODIFIERSDESKTOP_SESSIONSSH_AGENT_PIDGTK_RC_FILESXCURSOR_SIZEXDG_SEATPWDXDG_SESSION_DESKTOPLOGNAMEXDG_SESSION_TYPEGPG_AGENT_INFOXAUTHORITYVIRTUALENVWRAPPER_SCRIPTGTK2_RC_FILESHOMELANGLS_COLORSXDG_CURRENT_DESKTOPKONSOLE_DBUS_SERVICEVIRTUALENVWRAPPER_WORKON_CDKONSOLE_DBUS_SESSIONDENO_INSTALLPROFILEHOMEXDG_SEAT_PATHKONSOLE_VERSIONCLUTTER_IM_MODULEKDE_SESSION_UIDNVM_DIRWORKON_HOMELESSCLOSEXDG_SESSION_CLASSPYTHONPATHTERMDEFAULTS_PATHLESSOPENUSERCOLORFGBGKDE_SESSION_VERSIONPAM_KWALLET5_LOGINVIRTUALENVWRAPPER_PROJECT_FILENAMEDISPLAYSHLVLNVM_CD_FLAGSQT_IM_MODULEXDG_VTNRXDG_SESSION_IDXDG_RUNTIME_DIRELECTRON_TRASHQT_AUTO_SCREEN_SCALE_FACTORXCURSOR_THEMEXDG_DATA_DIRSKDE_FULL_SESSIONPATHVIRTUALENVWRAPPER_HOOK_DIRDBUS_SESSION_BUS_ADDRESSKDE_APPLICATIONS_AS_SCOPENVM_BINOLDPWDKONSOLE_DBUS_WINDOW_PIP_DISABLE_PIP_VERSION_CHECKPYTHONDONTWRITEBYTECODEPIP_SHIMS_BASE_MODULEPIP_PYTHON_PATHPYTHONFINDER_IGNORE_UNSUPPORTED
Pipenvβspecific environment variables:
Debugβspecific environment variables:
PATH:/home/mogoh/.yarn/bin:/home/mogoh/.deno/bin:/home/mogoh/.nvm/versions/node/v15.8.0/bin:/home/mogoh/.gem/ruby/2.5.0/bin:/home/mogoh/.cargo/bin:/home/mogoh/.local/bin:/home/mogoh/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/binSHELL:/bin/bashLANG:de_DE.UTF-8PWD:/home/mogoh/temp
Contents of Pipfile (β/home/mogoh/temp/Pipfileβ):
[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"
[packages]
django = "==2.2.19"
[dev-packages]
[requires]
python_version = "3.8"
Contents of Pipfile.lock (β/home/mogoh/temp/Pipfile.lockβ):
{
"_meta": {
"hash": {
"sha256": "931594d6e3f80b678b899b9419026dedb97c8880fe21c17c4297f8ed2ad1ee3e"
},
"pipfile-spec": 6,
"requires": {
"python_version": "3.8"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.org/simple",
"verify_ssl": true
}
]
},
"default": {
"django": {
"hashes": [
"sha256:0eaca08f236bf502a9773e53623f766cc3ceee6453cc41e6de1c8b80f07d2364",
"sha256:c9c994f5e0a032cbd45089798b52e4080f4dea7241c58e3e0636c54146480bb4"
],
"index": "pypi",
"version": "==2.2.19"
},
"pytz": {
"hashes": [
"sha256:83a4a90894bf38e243cf052c8b58f381bfe9a7a483f6a9cab140bc7f702ac4da",
"sha256:eb10ce3e7736052ed3623d49975ce333bcd712c7bb19a58b9e2089d4057d0798"
],
"version": "==2021.1"
},
"sqlparse": {
"hashes": [
"sha256:017cde379adbd6a1f15a61873f43e8274179378e95ef3fede90b5aa64d304ed0",
"sha256:0f91fd2e829c44362cbcfab3e9ae12e22badaa8a29ad5ff599f9ec109f0454e8"
],
"markers": "python_version >= '3.5'",
"version": "==0.4.1"
}
},
"develop": {}
}
Issue Analytics
- State:
- Created 3 years ago
- Reactions:1
- Comments:11
Top Results From Across the Web
Advanced Usage of Pipenv - Python Packaging Authority
Dependencies of wheels provided in a Pipfile will not be captured by $ pipenv lock . There are some known issues with using...
Read more >pipenv Documentation
Generates and checks file hashes for locked dependencies. ... Do not keep Pipfile.lock in version control if multiple versions of Python areΒ ...
Read more >pipenv Documentation - Read the Docs
Dependencies of wheels provided in a Pipfile will not be captured by $ pipenv lock. β’ There are some known issues with using...
Read more >Pipenv: Python Dev Workflow for Humans β pipenv 2018.7.1 ...
txt file can be problematic, so Pipenv uses Pipfile and Pipfile.lock to separate abstract dependency declarations from the last tested combination. Hashes are...
Read more >pipenv Changelog - PyUp.io
Fix regression where ``path`` is not propagated to the ``Pipfile.lock``. ... and also fix regression where lock phase did not update the hash...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I got still the same problem with pipenv version 2022.1.8.
I see this behavior too, with simply a
--keep-outdatedβ it breaks the Pipfile.lock because it does not update the hashes for the package you update.$ pipenv --support
Pipenv version:
'2021.11.23'Pipenv location:
'/home/jsnow/.local/lib/python3.9/site-packages/pipenv'Python location:
'/usr/bin/python3'Python installations found:
3.9.7:/usr/bin/python3-bpython3.9.7:/usr/bin/python33.9.7:/usr/bin/python3.93.9.7:/usr/bin/python3.8.12:/usr/bin/python3.83.7.12:/usr/bin/python3.73.7.12:/usr/bin/python3.7m3.6.15:/usr/bin/python3.63.6.15:/usr/bin/python3.6m3.6.9:/usr/bin/pypy3.63.6.9:/usr/bin/pypy33.5.10:/usr/bin/python3.53.5.10:/usr/bin/python3.5m2.7.18:/usr/bin/python22.7.18:/usr/bin/python2.72.7.13:/usr/bin/pypy2.7.13:/usr/bin/pypy2.72.7.13:/usr/bin/pypy2PEP 508 Information: