Unpublished releases not reverted
See original GitHub issueBasically, I have a project that depends on pyyaml.
PyYAML released version 4.1, which generated a PR in my project. However, the developers subsequently determined that there were issues with their release, and unpublished the release.
This means that the most recent version available is now 3.12, so installs that use my requirements.txt
file now fail.
It seems like since pyup is already tracking releases, it should be able to handle the case where a more recent release is unpublished due to security/integrity/bugs/whatnot, and PR the appropriate reversions.
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:6 (2 by maintainers)
Top Results From Across the Web
Handling un-published version · Issue #219 - GitHub
I pushed to npm with version 1.0.0 and then un-published it. Now npm does not allow to re-publish again with the same version...
Read more >Revert version of unpublished Node.js package - npm
I have a package which I released on NPM and it's currently at version 1.0.1 . I have made some changes locally, and...
Read more >Revert to last published state - "unpublished changes in editor"
We do intend to enable you to view recent changes & revert to an earlier version, however I do not yet have an...
Read more >Restoring to a Previous Site Version - Salesforce Help
Note The restore version feature is not available in Communities. When working in Site.com Studio, you're always working on an unpublished version of...
Read more >View all unpublished content permission not working - Drupal
At this time, Unpublished nodes were showing in My Workbench. I added back Content Access and it still worked. I am not going...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@fake-name @edmorley I am working on a system handle unpublished releases and should have it in production in the next few days. Thanks for your patience here!
@fake-name sorry for taking so long to get back to you.
My assumption is that you are probably not suffering from this anymore for such specific packages. Anyway, this is still a valid concern. We must be on top of unpubilshed or removed packages as you said. Unfortunately, that is not a very common and good practice. Project maintainers are supposed to republish a fixed, even if reverted, version when that happens.
Anyway, that does not invalidate your request here.