Maintain requires order in METADATA.#2839
Conversation
It seems that workflows that build -> install -> build would have the order of requires changed by these sorted() calls. From a brief attempt to trace through all the related interfaces, it seems this is the only code that changes the order of the requirements and so would be the only source of the observed inconsistency of Requires-Dist entries. If this sorting is desirable, the other setuptools and wheel interfaces that interact with the requirements should also sort them. Otherwise, it's valuable to retain the order across all parts of the system.
|
@di this seems to impact wheel reproducibility. |
|
I like this approach. I prefer not retain order rather than enforce order. I'm not sure who added those sorted lines, but if the tests pass, then the sorting behavior is not tested, so it's fine to change it. Would you consider adding a test to capture the expectation this change introduces (so that someone else doesn't come along and suggest to sort the values again)? |
di
left a comment
There was a problem hiding this comment.
This makes sense to me, I see no reason why these would need to be sorted.
|
The tests seem to be indicating that the sorting is needed. Would you be willing to investigate and determine what expectation is missed? |
|
Yep I haven't had the time to check out the failures but I'm planning on circling back to this in a bit. |
|
The sorting looks like it was only required because of a separate order-stability issue with pkg_resources. |
|
Is this good to merge now? Anything more I should test? |
|
|
Ah didn't see that comment before. Added a test to more reliably fail if the order changes. |
|
Friendly ping |
|
Sorry @msuozzo, we might need to get the CI back into shape before running your tests (just to make sure everything is OK). |
|
No worries! |
PR pypa#2839 accidentally misplaced the news fragment file under root. This commit fix that.
Summary of changes
Remove a source of instability in the ordering of requires entries. The order is generally specified by the package author and maintained through the build process. From a brief attempt to trace through all the related interfaces, it seems this is the only code that changes the order of the requirements and so would be the only source of the observed inconsistency of Requires-Dist entries.
For example, workflows that build -> install -> build would have the order of requires changed by these sorted() calls.
If this sorting is desirable, the other setuptools and wheel interfaces that interact with the requirements should also sort them. Otherwise, it's valuable to retain the order across all parts of the system.
Pull Request Checklist
changelog.d/.(See documentation for details)