commit:     f6240b308abc84c6f83711cdcb4d5bad707d1eba
Author:     Eli Schwartz <eschwartz <AT> gentoo <DOT> org>
AuthorDate: Fri Jul  5 19:22:04 2024 +0000
Commit:     Eli Schwartz <eschwartz <AT> gentoo <DOT> org>
CommitDate: Fri Nov 29 21:12:07 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f6240b30

dev-python/setuptools: allow disabling validation of pypi.org allowed strings

Trove classifiers, and their officialness, have no effect on a wheel
other than determining whether they are allowed to be uploaded to a
non-Gentoo website, and enabling the search index of that other site.

We don't need this, and we don't need to validate it. Setuptools will
disable validation if both of:

- network downloads failed

- cannot successfully import the `trove_classifiers` module

occurs. If trove-classifiers is installed by coincidence, this breaks
builds when it doesn't get updated on an extremely rapid basis and some
random package in dev-python/* uses a classifier that was made official
just the other day.

We could solve this another way, by making dev-python/setuptools
PDEPEND on trove-classifiers, and constantly bump the >= dependency. But
this is a pointless hassle. In fact, we're actually doing it, and it's
been a pointless hassle. We need to maintain up-to-the-minute minimum
bounds on the very latest version, and bump setuptools to a new -rX just
to update the minimum version of a package it doesn't even depend on. We
need to package new versions of trove-classifiers before *other* Gentoo
Devs outside of the python project, can successfully revbump their own
packages. We need to coordinate stabilization of trove-classifiers in
combination with those other packages. We force people to install a
pointless package. We overuse PDEPEND.

Instead, apply a *rejected* upstream patch to add an environment
variable that skips this specific validation code block entirely.
Upstream doesn't want to maintain code that contains branches, so we
will maintain it locally.

Since it is Gentoo-specific, the variable is also prefixed with GENTOO_
and is expected to be used solely inside of distribution packaging while
not affecting manual usage of setuptools outside of portage.

Bug: https://github.com/pypa/setuptools/issues/4459
Signed-off-by: Eli Schwartz <eschwartz <AT> gentoo.org>

 ...edgeable-users-to-disable-validating-trov.patch | 65 ++++++++++++++++++++++
 ...tuptools-75.6.0-disable-trove-classifiers.patch | 32 -----------
 ...4.1.3-r1.ebuild => setuptools-74.1.3-r2.ebuild} |  7 +--
 ...s-75.5.0.ebuild => setuptools-75.5.0-r1.ebuild} |  7 +--
 ...5.6.0-r1.ebuild => setuptools-75.6.0-r2.ebuild} |  9 +--
 5 files changed, 68 insertions(+), 52 deletions(-)

diff --git 
a/dev-python/setuptools/files/0001-Allow-knowledgeable-users-to-disable-validating-trov.patch
 
b/dev-python/setuptools/files/0001-Allow-knowledgeable-users-to-disable-validating-trov.patch
new file mode 100644
index 000000000000..4ab6bbae7af4
--- /dev/null
+++ 
b/dev-python/setuptools/files/0001-Allow-knowledgeable-users-to-disable-validating-trov.patch
@@ -0,0 +1,65 @@
+From f694e474ab3c45af6241a3f2bf575f8188e9cbea Mon Sep 17 00:00:00 2001
+From: Eli Schwartz <eschwa...@gentoo.org>
+Date: Mon, 11 Nov 2024 19:51:54 -0500
+Subject: [PATCH] Allow knowledgeable users to disable validating
+ trove-classifiers
+
+Classifiers are based on a "blessed list" of search terms that are
+allowed on https://pypi.org and need to be regularly kept up to date in
+order to validate them.
+
+Many people don't care about this. Arguably, *no one* cares about this,
+since wheels that have search terms that PyPI doesn't consider popular
+enough will simply fail uploading to PyPI. But also, not everyone wants
+to download new lists of "allowed words" from the internet every time
+they check to see if e.g. pyproject.toml contains a valid format that
+won't traceback when someone tries to read the "name" field and gets an
+integer instead of a string. Or their entrypoints are malformed because
+they aren't a valid python object reference.
+
+This is also an issue because one might have an old version of the
+classifiers cached, and then a new classifier is added to
+https://pypi.org and you want to use it immediately, and the local
+validator in the form of validate_pyproject fails but actually uploading
+a wheel to https://pypi.org would work fine.
+
+Signed-off-by: Eli Schwartz <eschwa...@gentoo.org>
+Signed-off-by: Eli Schwartz <eschwart...@gmail.com>
+---
+ .../config/_validate_pyproject/formats.py      | 18 +++++++++++-------
+ 1 file changed, 11 insertions(+), 7 deletions(-)
+
+diff --git a/setuptools/config/_validate_pyproject/formats.py 
b/setuptools/config/_validate_pyproject/formats.py
+index 153b1f0b2..50b8520e9 100644
+--- a/setuptools/config/_validate_pyproject/formats.py
++++ b/setuptools/config/_validate_pyproject/formats.py
+@@ -205,15 +205,19 @@ class _TroveClassifier:
+         return value in self.downloaded or value.lower().startswith("private 
::")
+ 
+ 
+-try:
+-    from trove_classifiers import classifiers as _trove_classifiers
+-
++if os.getenv("GENTOO_VALIDATE_PYPROJECT_NO_TROVE_CLASSIFIERS"):
+     def trove_classifier(value: str) -> bool:
+-        """See https://pypi.org/classifiers/""";
+-        return value in _trove_classifiers or 
value.lower().startswith("private ::")
++        return True
++else:
++    try:
++        from trove_classifiers import classifiers as _trove_classifiers
+ 
+-except ImportError:  # pragma: no cover
+-    trove_classifier = _TroveClassifier()
++        def trove_classifier(value: str) -> bool:
++            """See https://pypi.org/classifiers/""";
++            return value in _trove_classifiers or 
value.lower().startswith("private ::")
++
++    except ImportError:  # pragma: no cover
++        trove_classifier = _TroveClassifier()
+ 
+ 
+ # 
-------------------------------------------------------------------------------------
+-- 
+2.45.2
+

diff --git 
a/dev-python/setuptools/files/setuptools-75.6.0-disable-trove-classifiers.patch 
b/dev-python/setuptools/files/setuptools-75.6.0-disable-trove-classifiers.patch
deleted file mode 100644
index c5111e985f61..000000000000
--- 
a/dev-python/setuptools/files/setuptools-75.6.0-disable-trove-classifiers.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 0d9e8bc7d6df86381ac56770dc95fc75276f49ef Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= <mgo...@gentoo.org>
-Date: Thu, 21 Nov 2024 20:40:14 +0100
-Subject: [PATCH] Add an option to disable using trove-classifiers package
-
-As requested in https://github.com/pypa/setuptools/issues/4459, add
-a VALIDATE_PYPROJECT_NO_TROVE_CLASSIFIERS environment variable that can
-be used to disable using trove_classifiers package even if it is
-available.  This can be used when the system features an outdated
-trove_classifiers, and therefore incorrectly triggers validation error.
-The change is designed to be absolutely minimal and non-intrusive.
----
- setuptools/config/_validate_pyproject/formats.py | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/setuptools/config/_validate_pyproject/formats.py 
b/setuptools/config/_validate_pyproject/formats.py
-index aacf4092b..0b05ab17b 100644
---- a/setuptools/config/_validate_pyproject/formats.py
-+++ b/setuptools/config/_validate_pyproject/formats.py
-@@ -210,6 +210,9 @@ try:
-         """See https://pypi.org/classifiers/""";
-         return value in _trove_classifiers or 
value.lower().startswith("private ::")
- 
-+    if os.getenv("VALIDATE_PYPROJECT_NO_TROVE_CLASSIFIERS"):  # pragma: no 
cover
-+        raise ImportError()
-+
- except ImportError:  # pragma: no cover
-     trove_classifier = _TroveClassifier()
- 
--- 
-2.47.0
-

diff --git a/dev-python/setuptools/setuptools-74.1.3-r1.ebuild 
b/dev-python/setuptools/setuptools-74.1.3-r2.ebuild
similarity index 93%
rename from dev-python/setuptools/setuptools-74.1.3-r1.ebuild
rename to dev-python/setuptools/setuptools-74.1.3-r2.ebuild
index 9cc97e5921d2..62bcc9708b4a 100644
--- a/dev-python/setuptools/setuptools-74.1.3-r1.ebuild
+++ b/dev-python/setuptools/setuptools-74.1.3-r2.ebuild
@@ -64,20 +64,15 @@ BDEPEND="
 "
 # setuptools-scm is here because installing plugins apparently breaks stuff at
 # runtime, so let's pull it early. See bug #663324.
-#
-# trove-classifiers are optionally used in validation, if they are
-# installed.  Since we really oughtn't block them, let's always enforce
-# the newest version for the time being to avoid errors.
-# https://github.com/pypa/setuptools/issues/4459
 PDEPEND="
        dev-python/setuptools-scm[${PYTHON_USEDEP}]
-       >=dev-python/trove-classifiers-2024.10.16[${PYTHON_USEDEP}]
 "
 
 src_prepare() {
        local PATCHES=(
                # TODO: remove this when we're 100% PEP517 mode
                "${FILESDIR}/setuptools-62.4.0-py-compile.patch"
+               
"${FILESDIR}"/0001-Allow-knowledgeable-users-to-disable-validating-trov.patch
        )
 
        distutils-r1_src_prepare

diff --git a/dev-python/setuptools/setuptools-75.5.0.ebuild 
b/dev-python/setuptools/setuptools-75.5.0-r1.ebuild
similarity index 93%
rename from dev-python/setuptools/setuptools-75.5.0.ebuild
rename to dev-python/setuptools/setuptools-75.5.0-r1.ebuild
index 8bd616a1e315..9e5a6fe7eb3f 100644
--- a/dev-python/setuptools/setuptools-75.5.0.ebuild
+++ b/dev-python/setuptools/setuptools-75.5.0-r1.ebuild
@@ -66,20 +66,15 @@ BDEPEND="
 "
 # setuptools-scm is here because installing plugins apparently breaks stuff at
 # runtime, so let's pull it early. See bug #663324.
-#
-# trove-classifiers are optionally used in validation, if they are
-# installed.  Since we really oughtn't block them, let's always enforce
-# the newest version for the time being to avoid errors.
-# https://github.com/pypa/setuptools/issues/4459
 PDEPEND="
        dev-python/setuptools-scm[${PYTHON_USEDEP}]
-       >=dev-python/trove-classifiers-2024.10.16[${PYTHON_USEDEP}]
 "
 
 src_prepare() {
        local PATCHES=(
                # TODO: remove this when we're 100% PEP517 mode
                "${FILESDIR}/setuptools-62.4.0-py-compile.patch"
+               
"${FILESDIR}"/0001-Allow-knowledgeable-users-to-disable-validating-trov.patch
        )
 
        distutils-r1_src_prepare

diff --git a/dev-python/setuptools/setuptools-75.6.0-r1.ebuild 
b/dev-python/setuptools/setuptools-75.6.0-r2.ebuild
similarity index 90%
rename from dev-python/setuptools/setuptools-75.6.0-r1.ebuild
rename to dev-python/setuptools/setuptools-75.6.0-r2.ebuild
index a9961b9303cc..9e5a6fe7eb3f 100644
--- a/dev-python/setuptools/setuptools-75.6.0-r1.ebuild
+++ b/dev-python/setuptools/setuptools-75.6.0-r2.ebuild
@@ -66,22 +66,15 @@ BDEPEND="
 "
 # setuptools-scm is here because installing plugins apparently breaks stuff at
 # runtime, so let's pull it early. See bug #663324.
-#
-# trove-classifiers are optionally used in validation, if they are
-# installed.  Since we really oughtn't block them, let's always enforce
-# the newest version for the time being to avoid errors.
-# https://github.com/pypa/setuptools/issues/4459
 PDEPEND="
        dev-python/setuptools-scm[${PYTHON_USEDEP}]
-       >=dev-python/trove-classifiers-2024.10.16[${PYTHON_USEDEP}]
 "
 
 src_prepare() {
        local PATCHES=(
                # TODO: remove this when we're 100% PEP517 mode
                "${FILESDIR}/setuptools-62.4.0-py-compile.patch"
-               # https://github.com/abravalheri/validate-pyproject/pull/221
-               "${FILESDIR}/setuptools-75.6.0-disable-trove-classifiers.patch"
+               
"${FILESDIR}"/0001-Allow-knowledgeable-users-to-disable-validating-trov.patch
        )
 
        distutils-r1_src_prepare

Reply via email to