Do not respect dependency links by default

2013-10-27 18:10:37 -04:00 · 2013-10-27 18:10:37 -04:00 · 12ee7cc6d9
parent 02fff2b7a0
commit 12ee7cc6d9
7 changed files with 32 additions and 4 deletions
--- a/CHANGES.txt
+++ b/CHANGES.txt
@ -14,6 +14,9 @@ Changelog
  into installing externally hosted or insecure files or urls using
  ``--allow-external PROJECT`` and ``--allow-insecure PROJECT``. (Pull #1055)

+* **BACKWARD INCOMPATIBLE** pip no longer respects dependency links by default.
+  Users may opt into respecting them again using ``--process-dependency-links``.
+
 * Fixed #1163, --user wasn't being respected when installing scripts from wheels (Pull #1176).

 * Fixed #1150, we now assume '_' means '-' in versions from wheel filenames (Pull #1158).
--- a/pip/cmdoptions.py
+++ b/pip/cmdoptions.py
@ -245,6 +245,15 @@ no_allow_unsafe = OptionMaker(
    help=SUPPRESS_HELP
 )

+# Remove after 1.5
+process_dependency_links = OptionMaker(
+    "--process-dependency-links",
+    dest="process_dependency_links",
+    action="store_true",
+    default=False,
+    help="Enable the processing of dependency links.",
+)
+
 requirements = OptionMaker(
    '-r', '--requirement',
    dest='requirements',
@ -347,5 +356,6 @@ index_group = {
        no_allow_external,
        allow_unsafe,
        no_allow_unsafe,
+        process_dependency_links,
        ]
    }
--- a/pip/commands/install.py
+++ b/pip/commands/install.py
@ -164,6 +164,8 @@ class InstallCommand(Command):
                             allow_unverified=options.allow_unverified,
                             allow_all_external=options.allow_all_external,
                             allow_all_prereleases=options.pre,
+                             process_dependency_links=
+                                options.process_dependency_links,
                             session=session,
                            )

--- a/pip/commands/list.py
+++ b/pip/commands/list.py
@ -64,6 +64,8 @@ class ListCommand(Command):
                             allow_unverified=options.allow_unverified,
                             allow_all_external=options.allow_all_external,
                             allow_all_prereleases=options.pre,
+                             process_dependency_links=
+                                options.process_dependency_links,
                             session=session,
                        )

--- a/pip/index.py
+++ b/pip/index.py
@ -39,7 +39,7 @@ class PackageFinder(object):
    def __init__(self, find_links, index_urls,
            use_wheel=False, allow_external=[], allow_unverified=[],
            allow_all_external=False, allow_all_prereleases=False,
-            session=None):
+            process_dependency_links=False, session=None):
        self.find_links = find_links
        self.index_urls = index_urls
        self.dependency_links = []
@ -71,6 +71,9 @@ class PackageFinder(object):
        # Do we want to allow _all_ pre-releases?
        self.allow_all_prereleases = allow_all_prereleases

+        # Do we process dependency links?
+        self.process_dependency_links = process_dependency_links
+
        # The Session we'll use to make requests
        self.session = session or PipSession()

@ -89,7 +92,8 @@ class PackageFinder(object):
        ## apply to requirements of the package that specifies the
        ## dependency_links value
        ## FIXME: also, we should track comes_from (i.e., use Link)
-        self.dependency_links.extend(links)
+        if self.process_dependency_links:
+            self.dependency_links.extend(links)

    def _sort_locations(self, locations):
        """
--- a/tests/functional/test_install_reqs.py
+++ b/tests/functional/test_install_reqs.py
@ -101,7 +101,10 @@ def test_respect_order_in_requirements_file(script, data):

 def test_install_local_editable_with_extras(script, data):
    to_install = data.packages.join("LocalExtras")
-    res = script.pip('install', '-e', to_install + '[bar]', expect_error=False)
+    res = script.pip(
+        'install', '-e', to_install + '[bar]', '--process-dependency-links',
+        expect_error=False,
+    )
    assert script.site_packages/'easy-install.pth' in res.files_updated, str(result)
    assert script.site_packages/'LocalExtras.egg-link' in res.files_created, str(result)
    assert script.site_packages/'simple' in res.files_created, str(result)
--- a/tests/unit/test_finder.py
+++ b/tests/unit/test_finder.py
@ -185,7 +185,11 @@ def test_finder_priority_file_over_page(data):
 def test_finder_priority_page_over_deplink():
    """Test PackageFinder prefers page links over equivalent dependency links"""
    req = InstallRequirement.from_line('gmpy==1.15', None)
-    finder = PackageFinder([], ["https://pypi.python.org/simple"])
+    finder = PackageFinder(
+        [],
+        ["https://pypi.python.org/simple"],
+        process_dependency_links=True,
+    )
    finder.add_dependency_links(['http://c.pypi.python.org/simple/gmpy/'])
    link = finder.find_requirement(req, False)
    assert link.url.startswith("https://pypi"), link