Comments (8)
I guess this is all contained in the metadata of releases? If so this should be relatively straight forward, as we have all that in the database per version of a package. If it is per released file and we would have to inspect the wheels, then it would be much more effort.
from devpi.
You can try devpi getjson https://.../user/index/project/version
to see what we have in the database.
from devpi.
To sum up the specs, the core thing is:
- extracting the wheel's
<package>-<version>.dist-info/METADATA
file (sdist
s are technically also included in the spec, but not even supported by PyPI) - computing its sha256 checksum in the hex form
- putting the file at the same path as the
<package-dist-name>.whl
as<package-dist-name>.whl.metadata
- exposing its existence in the package listing with various names (lol, but yes) per the appropriate PEP, always containing the hash in some form or the other 😆:
- PEP 503 (simple HTTP API) - as an HTML attribute of the
<a>
tag holding the.whl
download link: - PEP 691 (JSON-based Simple API)
- PEP 714:
"core-metadata": { "sha256": "aea654168069f40d75ac2e4291a8267c720ebc1dcc6038259469290a67e8be14" }
PEP 658(err, no, this key crashes oldpip
s):"dist-info-metadata": { "sha256": "aea654168069f40d75ac2e4291a8267c720ebc1dcc6038259469290a67e8be14" }
- PyPI currently exposes also the HTML's
data-dist-info-metadata
in JSON, but that's likely for further compatibility with confused clients 🥲 You can have a look with:curl -L -H 'Accept: application/vnd.pypi.simple.v1+json' https://pypi.org/simple/devpi-server/
- PEP 714:
.metadata
to the.whl
's URL and find the file there. If the attribute is missing, the client is supposed not to be looking for it. - PEP 503 (simple HTTP API) - as an HTML attribute of the
from devpi.
It looks like some of that data is contained within the database, but I don't think it would make sense trying to recreate the .metadata
file with the data from there (also I don't think it has it all). I'd expect the right way of doing this is at the moment the package gets published to devpi (and is obviously already being parsed for (some of) its metadata).
from devpi.
Related Issues (20)
- [discussion] Asyncio speedups HOT 7
- docs zip contains unwanted package source files HOT 3
- [client] upload `OSError: [Errno 18] Invalid cross-device link '/tmp/devpi-…/dist/….whl' -> 'dist/….whl'` HOT 2
- Cannot load packages when use base auth in gitlab registry mirror HOT 4
- Need help upgrading from 4.4.0 to current HOT 3
- Incorrect version given to doczip with devpi-client version 7.0.0 HOT 7
- All >400 HTTP responses from login provoke a SystemExit, not using fatal, and are not always fatal errors for login HOT 1
- Errors when sharing package files HOT 8
- Option to have the latest available documentation displayed, when a package has no docs HOT 2
- HTTP error 502 while retrieving a wheel file HOT 6
- Return HTTP 406 instead of HTTP 404 when `Accept` cannot be fulfilled HOT 4
- Support range requests when downloading files HOT 3
- Connection failures when downloading wheels HOT 6
- pytest-flake8 is abandoned
- Support for newer packaging HOT 2
- AttributeError: type object 'PersistentCurrent' has no attribute 'auth' HOT 3
- Mirroring fails for packages with hashes other than sha256 HOT 7
- Failed to upload tensorflow wheel with 400 error HOT 7
- Provide an aiohttp-less version for server HOT 15
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from devpi.