Bug 261073

Summary: AutoInstaller unable to distinguish 2.0.0 and 2.0.0.dev0
Product: WebKit Reporter: Sam Sneddon [:gsnedders] <gsnedders>
Component: Tools / TestsAssignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: jbedard, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=223603

Description Sam Sneddon [:gsnedders] 2023-09-02 18:04:27 PDT 
If you try to AutoInstall hiredis 2.0.0, autoinstall.Package.archives will find two packages:

(Pdb) pp self.archives()
[hiredis-2.0.0, hiredis-2.0.0]
(Pdb) pp self.archives()[0].link
'https://files.pythonhosted.org/packages/0c/39/eae11344d69ba435ec13d6bcc1a9eea3d2278324506fcd0e52d1ed8958c8/hiredis-2.0.0.tar.gz'
(Pdb) pp self.archives()[1].link
'https://files.pythonhosted.org/packages/24/4d/404526ef79b397900aee60f83e0c7f3d8d4740758b29f086db3d2d1f2409/hiredis-2.0.0.dev0.tar.gz'

Given we're meant to be doing exact matching, the latter shouldn't match.

Surprisingly, we seem to install the self.archives()[-1], which given the ordering of pypi.org will give us the oldest release we found (so 2.0.0.dev0 in this case).

Undoubtedly some of our problem here comes from the fact that Version doesn't accurately implement https://peps.python.org/pep-0440/; to repeat my mantra from elsewhere, "it sure would be nice if we could just rely on packaging" and in this case just use packaging.version.Version.
Comment 1 Sam Sneddon [:gsnedders] 2023-09-04 08:58:27 PDT 
We also seem to be installing mock==4.0.0b1 today.
Comment 2 Sam Sneddon [:gsnedders] 2023-09-04 08:59:19 PDT 
Also in packages we currently install, Twisted==21.2.0rc1
Comment 3 Radar WebKit Bug Importer 2023-09-09 18:05:14 PDT 
<rdar://problem/115233592>