Accelerate locking by fetching hash from url fragment #4500
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
frostming
added
Category: Dependency Resolution
|
Do we want to submit this to upstream pip-tools as well? |
|
let me check, since the whole logic is added by pipenv |
|
@uranusjr Confirmed, the latest version of piptools is already reading hashes from PyPI JSON API. So I would like to keep this change in Pipenv only |
|
Cool. I’m curious why they chose to use the JSON API, but 🤷 |
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Thank you for contributing to Pipenv!
The issue
Close #2681
Close #1914
Close #3827
Close #2873
Close #4430
The fix
Previously, package hash values are calculated based on the file content, so all matched wheels and sdists need to be actually downloaded. For packages like
tensorflowandnumpy, this is a great overhead to lock dependencies, whose average file size is ~200MB.With this patch, Pipenv will retrieve hash value directly from the URL fragment when possible.
The checklist
news/directory to describe this fix with the extension.bugfix,.feature,.behavior,.doc..vendor. or.trivial(this will appear in the release changelog). Use semantic line breaks and name the file after the issue number or the PR #.