-
Notifications
You must be signed in to change notification settings - Fork 681
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filename truncated during https tar stream #5450
Comments
I think this is a bug of concern because it causes silent filename changes and ultimately missing files for installed packages. Considering that longer I'll keep following up on this, so feel free to contact me if there's anything I can do to help! |
Is your filesystem silently truncating filenames that exceed a certain length? |
Pretty sure it's not. |
I'll take a look. |
This appears to be a problem during the unpacking of the tar file. We see that truncated filename as soon as we ask the tar crate for the entries ( I think there must be something going wrong in the index itself, honestly. If I download the file to disk, then install it, it works correctly. Similarly, if I install from PyPI, I get the right result (and I confirmed that the zip files are identical between the two indexes). But if I stream and uncompress from the aliyun index, I get the wrong result. It's really hard for me to find any root cause for that. My guess is that there's an incorrect header somewhere that's causing the streamed decompression to fail? |
Thanks for following up, I will modify the problem description accordingly. |
I also found that switching to the http version that uses this mirror source does not cause this problem. This also meant having to decrypt tls traffic, I tried the traditional environment variable I'm still new to rust, can you point me in the right direction as to how to get the tls key here in order to decrypt the session traffic for locating the problem? |
@WH-2099 Have you figured out a way to fix this issue? I am facing this issue when using the Aliyun OSS. |
When a specific https
index-url
is used, a specific filename is truncated.Here's a summary of a very stable reproduction I've made.
uv 0.2.29 (39be71f40 2024-07-24)
This filename here should have been
_appengine_environ.py
, but is now truncated to_appengine_en
.Specific file content can be reviewed by manually downloading the corresponding source file.
https://pypi.tuna.tsinghua.edu.cn/packages/3a/e6/f579e8a5e26ef1066f6fb11074cedc9f668cb5f722c85cf7adc0f7e2e23e/aliyun-python-sdk-core-2.15.1.tar.gz
If you switch to using the http version of this mirror source
http://pypi.tuna.tsinghua.edu.cn/simple/
, this problem does not occur.If you switch to any other
index-url
, such ashttps://pypi.org/simple/
you won't have this problem.The text was updated successfully, but these errors were encountered: