Private packages not updated unless environment is removed

[joaomcarlos]

Issue description

Private packages defined with an object like mylib = {ref = "dev" git = "ssh://git.mycompany.com/my-lib.git"} are not being updated on my virtual env, even after the pipenv update creates a new Pipfile.lock with the correct commit id.

Expected result

After calling pipenv update, I expect the Pipfile.lock ref to change and also the code in my environment to change, such that I have access to the new code within my project.

Actual result

I see the Pipfile.lock ref change, but the actual code for my dependency does not change.

If I do pipenv --rm to remove the environment and then re-create the environment, I can get the actual code change to replicate on disk.

Steps to replicate

Update my-lib with some code change, commit and push. On my project, do pipenv update and wait for the process to finish.

Check that the Pipfile.lock has changed and has the correct ref for the new commit in my-lib.

Check that the code for my-lib hasnt actually changed within my original projects virtual env.

[matteius]

Could you help me verify if this is still an issue on this overhaul branch: #5793

[joaomcarlos]

Hi,

I installed this branch of pipenv and my pipenv updates started failing.

If I revert back to normal pipenv it works perfectly.

Error output:

Loading .env environment variables...
Running $ pipenv lock then $ pipenv sync.
Locking [packages] dependencies...
Building requirements...
Resolving dependencies...
✔ Success!
Locking [dev-packages] dependencies...
Building requirements...
Resolving dependencies...
✘ Locking Failed!
⠼ Locking...
[ResolutionFailure]:   File "/usr/local/lib/python3.10/site-packages/pipenv/resolver.py", line 665, in _main
[ResolutionFailure]:       resolve_packages(
[ResolutionFailure]:   File "/usr/local/lib/python3.10/site-packages/pipenv/resolver.py", line 632, in resolve_packages
[ResolutionFailure]:       results, resolver = resolve(
[ResolutionFailure]:       ^^^^^^^^
[ResolutionFailure]:   File "/usr/local/lib/python3.10/site-packages/pipenv/resolver.py", line 612, in resolve
[ResolutionFailure]:       return resolve_deps(
[ResolutionFailure]:       ^^^^^^^^^^^^^
[ResolutionFailure]:   File "/usr/local/lib/python3.10/site-packages/pipenv/utils/resolver.py", line 842, in resolve_deps
[ResolutionFailure]:       results, hashes, internal_resolver = actually_resolve_deps(
[ResolutionFailure]:       ^^^^^^^^^^^^^^^^^^^^^^
[ResolutionFailure]:   File "/usr/local/lib/python3.10/site-packages/pipenv/utils/resolver.py", line 617, in actually_resolve_deps
[ResolutionFailure]:       resolver.resolve()
[ResolutionFailure]:   File "/usr/local/lib/python3.10/site-packages/pipenv/utils/resolver.py", line 441, in resolve
[ResolutionFailure]:       raise ResolutionFailure(message=str(e))
[pipenv.exceptions.ResolutionFailure]: Warning: Your dependencies could not be resolved. You likely have a mismatch in your sub-dependencies.
  You can use $ pipenv run pip install <requirement_name> to bypass this mechanism, then run $ pipenv graph to inspect the versions actually installed in the virtualenv.
  Hint: try $ pipenv lock --pre if it is a pre-release dependency.
ERROR: Constraints cannot have extras

Traceback (most recent call last):
  File "/usr/local/bin/pipenv", line 8, in <module>
    sys.exit(cli())
  File "/usr/local/lib/python3.10/site-packages/pipenv/vendor/click/core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/pipenv/cli/options.py", line 57, in main
    return super().main(*args, **kwargs, windows_expand_args=False)
  File "/usr/local/lib/python3.10/site-packages/pipenv/vendor/click/core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "/usr/local/lib/python3.10/site-packages/pipenv/vendor/click/core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/local/lib/python3.10/site-packages/pipenv/vendor/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/usr/local/lib/python3.10/site-packages/pipenv/vendor/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/pipenv/vendor/click/decorators.py", line 84, in new_func
    return ctx.invoke(f, obj, *args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/pipenv/vendor/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/pipenv/vendor/click/decorators.py", line 26, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/pipenv/cli/command.py", line 570, in update
    do_update(
  File "/usr/local/lib/python3.10/site-packages/pipenv/routines/update.py", line 57, in do_update
    do_lock(
  File "/usr/local/lib/python3.10/site-packages/pipenv/routines/lock.py", line 65, in do_lock
    venv_resolve_deps(
  File "/usr/local/lib/python3.10/site-packages/pipenv/utils/resolver.py", line 783, in venv_resolve_deps
    c = resolve(cmd, st, project=project)
  File "/usr/local/lib/python3.10/site-packages/pipenv/utils/resolver.py", line 654, in resolve
    raise RuntimeError("Failed to lock Pipfile.lock!")
RuntimeError: Failed to lock Pipfile.lock!

My pipfile looks like:

[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true

[packages]
pydantic = "~=2.0"
mylib = {ref = "dev" git = "ssh://git.mycompany.com/project-name/my-lib.git"}
mylib2 = {ref = "dev" git = "ssh://git.mycompany.com/project-name/my-lib2.git"}
black = "*"
"black[jupyter]" = "*"
bpython = "*"
coverage = "*"
environs = "*"
flake8 = "*"
gelf-formatter = "*"
isort = "*"
minio = "*"
mock = "*"
cryptography = "*"
nameko = "*"
nameko-amqp-retry = "*"
nameko-sqlalchemy = "*"
pendulum = "*"
pytest = "*"
python-dateutil = "*"
pytz = "*"
requests = "*"
rich = "*"
sentry_sdk = "*"
SQLAlchemy = "==1.4.46"
sqlalchemy_utc="*"
pytest-eventlet = "*"
pre-commit = "*"
freezegun = "*"

[requires]
python_version = "3.11"

[dev-packages]
ipykernel = "*"

[matteius]

@joaomcarlos I just pushed a fix that solves the specific issue you reported of:

ERROR: Constraints cannot have extras

Thanks for catching that -- I think the branch is looking really good now, except there is still an issue with vcs+file:// paths that I am trying to sort out, and also some updates to the documentation around vcs specifiers since the current docs are referencing old pip line formats. Still curious of the branch solves the original issue reported though.

[joaomcarlos]

We use this style though:

mylib = {ref = "dev" git = "ssh://git.mycompany.com/project-name/my-lib.git"}

Because our libs are in our private gitlab instance. We arent using vcs or file

[matteius]

@joaomcarlos 2023.8.19 has been released 🤞

[joaomcarlos]

Thank you! Will give it a try.

Edit: going on holiday, asked a colleague to check it out

[AndreGraca98]

Changed ref from our package to older one and updated the environment the way we used to before (pipenv lock && pipenv --rm) and installed it back. Then changed the ref to the current we have and did pipenv update and it updated the environment and the piplock, so we can say it's working fine!

[joaomcarlos]

Hi,

This is actually still happening. The refs get updated on the lock file but the code does not change until you --rm it