Package in private repo with same name as one from Pypi
See original GitHub issueI have a package in a private repository with the same name as one from PyPi. The PyPi one, having a higher version number, always get installed.
[[source]]
url = "https://pypi.myrepo.com.br/pypi"
verify_ssl = true
name = "myrepo"
[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"
[packages]
mypkg = ">=0.0.1"
[requires]
python_version = "3.6"
Is there a way to define that a package comes from a certain private repo?
Issue Analytics
- State:
- Created 5 years ago
- Reactions:3
- Comments:17 (9 by maintainers)
Top Results From Across the Web
Private PyPI containing package with same name
I am setting up my own PyPI containing some private packages. The problem is that some of the private packages have the same...
Read more >Installing Private Python Packages - Read the Docs
Read the Docs uses pip to install your Python packages. If you have private dependencies, you can install them from a private Git...
Read more >Create Your Custom, private Python Package That You Can ...
Create Your Custom, private Python Package That You Can PIP Install From Your Git Repository. Share your self-built Python package using your ...
Read more >PyPI as a Project repository vs. Name registry (a.k.a. PyPI ...
I feel that currently, PyPI has a bit of a split identity. Per PEP 541, it tries to be purely a repository of...
Read more >PyPI packages in the Package Registry - GitLab Docs
GitLab looks for packages that use Python normalized names (PEP-503). The characters - , _ , and . are all treated the same,...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
This seems to be the same/similar issue I raised in #2102. Personally I think the current syntax is confusing because when I specify
mypkg = {version: ">=0.0.1", index="myrepo"}
I logically expect it to usemyrepo
only and disregard pypi.I totally understand the behavior was changed to match
--extra-index-url
, but there is a big enough disconnect between pip and pipenv (in my mind) that I expected different behavior. I was excited at the idea of better and more simplified controls over where and how packages are downloaded for our projects.I would find more intuitive to always search in the source order defined in the Pipfile, unless a specific index is specified on the dependency.
In my case
mypkg = {version: ">=0.0.1", index="myrepo"}
would only search inmyrepo
whilemypkg = ">=0.0.1"
would search first inmyrepo
and then inpypi
, getting the newest version, since this is the source order defined on the Pipfile.However, maybe one would like to change the source order in a per-dependency basis. Then, one could add an
extra_index
key, somypkg = {version: ">=0.0.1", index="pypi", extra_index="myrepo"}
would search first onpypi
and then onmyrepo
.