Hi, Recently pypi has changed its URL schema for distfiles. Specifically, it was:
/packages/{python version}/{name[0]}/{name}/{filename}
and now it is:
/packages/{hash[:2]}/{hash[2:4]}/{hash[4:]}/{filename} Where hash is
blake2b(file_content, digest_size=32).hexdigest().lower()
(copy/pasted from [1]).
That means that if you have MASTER_SITES= CHEESESHOP it won't be able to
fetch newer packages (however, it looks like it's still fine for the
previously uploaded packages).
As per [1], there's a fix applied on pypi.io that supports the old
schema by redirection to a proper URL. However, it looks like fetch(1)
is not quite happy about such a direct:
=> Attempting to fetch
https://pypi.io/packages/source/p/positional/positional-1.1.0.tar.gz
fetch:
https://pypi.io/packages/source/p/positional/positional-1.1.0.tar.gz:
Temporary Redirect
=> Attempting to fetch
http://distcache.FreeBSD.org/ports-distfiles/positional-1.1.0.tar.gz
fetch:
http://distcache.FreeBSD.org/ports-distfiles/positional-1.1.0.tar.gz:
Not Found
For now I have to redefine SUBDIR manually with the hash, e.g.:
MASTER_SITES= CHEESESHOP
MASTER_SITE_SUBDIR=
bf/a8/bc656a556a60b76c32830b57279f51714ab7c6366fd243d6ea86b6fcad46
However, it feels a little awkward to keep a long hash like that in the
Makefile.
Any thoughts if there's a way to avoid that?
1:
https://bitbucket.org/pypa/pypi/issues/438/backwards-compatible-un-hashed-package
Roman Bogorodskiy
signature.asc
Description: PGP signature
