Merge pull request #9467 from uranusjr/avoid-exchanging-parsed-version

Use str to pass versions to avoid debundling issue
2023-12-13 21:30:23 +01:00 · 2021-03-03 16:39:21 +08:00 · 2021-03-03 16:39:21 +08:00 · d9d7790636
commit d9d7790636
parent e7d6e54dff ab181811ae
2 changed files with 12 additions and 2 deletions
--- a/news/9348.bugfix.rst
+++ b/news/9348.bugfix.rst
@ -0,0 +1,2 @@
+Avoid parsing version to make the version check more robust against lousily
+debundled downstream distributions.
--- a/src/pip/_internal/req/req_install.py
+++ b/src/pip/_internal/req/req_install.py
@ -419,8 +419,16 @@ class InstallRequirement:
        if not existing_dist:
            return

-        existing_version = existing_dist.parsed_version
-        if not self.req.specifier.contains(existing_version, prereleases=True):
+        # pkg_resouces may contain a different copy of packaging.version from
+        # pip in if the downstream distributor does a poor job debundling pip.
+        # We avoid existing_dist.parsed_version and let SpecifierSet.contains
+        # parses the version instead.
+        existing_version = existing_dist.version
+        version_compatible = (
+            existing_version is not None and
+            self.req.specifier.contains(existing_version, prereleases=True)
+        )
+        if not version_compatible:
            self.satisfied_by = None
            if use_user_site:
                if dist_in_usersite(existing_dist):