Bumps sphinx from 4.5.0 to 5.1.0.

Release notes
Sourced from sphinx's releases.

v5.1.0
Changelog: https://www.sphinx-doc.org/en/master/changes.html
v5.0.2
Changelog: https://www.sphinx-doc.org/en/master/changes.html
v5.0.1
Changelog: https://www.sphinx-doc.org/en/master/changes.html
v5.0.0
No release notes provided.
v5.0.0b1
Changelog: https://www.sphinx-doc.org/en/master/changes.html

Changelog
Sourced from sphinx's changelog.

Release 5.1.0 (relea...

Bumps filelock from 3.6.0 to 3.7.1.

Changelog
Sourced from filelock's changelog.

Changelog

Commits

4730a40 Make the readme documentation point to the index page
4555608 Add ability to return immediately when a lock cannot be obtained inst… (#142)
08a292e [pre-commit.ci] pre-commit autoupdate (#143)
30a3b9c [pre-commit.ci] pre-commit autoupdate (#141)
665c9f3 [pre-commit.ci] pre-commit autoupdate (#140)
edb1888 [pre-commit.ci] pre-commit autoupda...

Bumps botocore from 1.25.4 to 1.27.36.

Changelog
Sourced from botocore's changelog.

1.27.36

api-change:account: This release enables customers to manage the primary contact information for their AWS accounts. For more information, see https://docs.aws.amazon.com/accounts/latest/reference/API_Operations.html
api-change:ec2: Added support for EC2 M1 Mac instances. For more information, please visit aws.amazon.com/mac.
api-change:iotdeviceadvisor: Added new...

Bumps black from 22.3.0 to 22.6.0.

Release notes
Sourced from black's releases.

22.6.0
Style

Fix unstable formatting involving #fmt: skip and # fmt:skip comments (notice the lack of spaces) (#2970)

Preview style

Docstring quotes are no longer moved if it would violate the line length limit (#3044)
Parentheses around return annotations are now managed (#2990)
Remove unnecessary parentheses around awaited objects (#2991)
Remove unnecessary parentheses in wit...

Bumps myst-parser from 0.17.2 to 0.18.0.

Release notes
Sourced from myst-parser's releases.

v0.18.0
What's Changed

👌 IMPROVE: Do not let sphinx check the config type by @​chrisjsewell in executablebooks/MyST-Parser#559
♻️📚 Restructure code base and documentation by @​chrisjsewell in executablebooks/MyST-Parser#566
🐛 FIX: floor table column widths to integers by @​Jean-Abou-Samra in executablebooks/MyST-Parser#568
⬆️ Drop Sphinx 3, add Sphin...

Yes please.

Sure - Always latest black!

Sure. Latest boto fun please.

Looks good. Thanks for adding this - Lets just fix the few things:

• CHANGELOG

And I just want to understand why we need the fake JSON + some other questions and suggestions.

• Move to 6.0.0.dev0 version
• Add config for setting formats to save to storage
  • simple-format
  • Valid options: ALL, HTML or JSON
• Move mirror simple generation functions to new simple module
• Add new tests to test_simple.py
  • Made tests be included with install by adding an init.py

Tests

• Add unittest coverage to SimpleAPI object
  • Test valid and invalid format requests
  • Test the JSON output for PEP691 compliance
    • Per pacakge
    • Global index
• A...

Bumps pyparsing from 2.4.7 to 3.0.9.

Release notes
Sourced from pyparsing's releases.

pyparsing 3.0.9

Added Unicode set BasicMultilingualPlane (may also be referenced as BMP) representing the Basic Multilingual Plane (Unicode characters up to code point 65535). Can be used to parse most language characters, but omits emojis, wingdings, etc. Raised in discussion with Dave Tapley (issue #392).

To address mypy confusion of pyparsing.Optional and ty...

Bumps flake8-bugbear from 22.4.25 to 22.7.1.

Release notes
Sourced from flake8-bugbear's releases.

22.7.1

Implement late-binding loop check (#265)

late-binding closures are a classic gotcha.

22.6.22

Don't crash when select / extend_select are None (#261)

Unlocks new flake8 release - Thanks @​asottile

Ignore lambda arguments for B020 (#259)
Fix missing space typos in B021, B022 error messages (#257)

Commits

f68a235 Update version + Cha...

Bumps setuptools from 62.1.0 to 63.2.0.

Release notes
Sourced from setuptools's releases.

v63.2.0
No release notes provided.
v63.1.0
No release notes provided.
v63.0.0
No release notes provided.
v63.0.0b1
This is a beta release including PEP 660 functionality.
Summary

Implement PEP 660 allowing both "strict" and "lax/loose" approaches, pypa/setuptools#3265
Handle config_settings as they would be passed by pip, pypa/setuptools#3380
U...

Bumps pytest-asyncio from 0.18.3 to 0.19.0.

Release notes
Sourced from pytest-asyncio's releases.

pytest-asyncio 0.19.0

title: 'pytest-asyncio: pytest support for asyncio'

pytest-asyncio is an Apache2 licensed library, written in Python, for
testing asyncio code with pytest.
asyncio code is usually written in the form of coroutines, which makes
it slightly more difficult to test using normal testing tools.
pytest-asyncio provides useful ...

updates:

• github.com/asottile/pyupgrade: v2.37.1 → v2.37.2
• github.com/pre-commit/mirrors-mypy: v0.961 → v0.971

Bumps botocore from 1.27.36 to 1.27.37.

Changelog
Sourced from botocore's changelog.

1.27.37

api-change:autoscaling: Documentation update for Amazon EC2 Auto Scaling.

Commits

e8bc934 Merge branch 'release-1.27.37'
08ab0e6 Bumping version to 1.27.37
2fa6444 Update to latest models
b5dcf32 Merge branch 'release-1.27.36' into develop
See full diff in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/com...

Seems to be good. I’m going to go and get rid of all the pyup ignores

If CI passes we ship.

Please rebase the PR with main (master) + fix that config parser bug you've introduced. Making the .get() default to "filesystem" is prob best.

Do you have time in the next day or so to do this or should I? I'd like to merge this before my big https://github.com/pypa/bandersnatch/pull/1154 as one of us is going to have to ensure large merge conflicts possibly.

Lets land this ...

Looks like we've got there ... Building docs again.

banderx is an example way to serve a filesystem bandersnatch.
This PR adds an example to respect PEP691 clients.

• Updated README.md
• Added a README.md to banderx dir to explain how to build + start

Test: Ran the container and ensured nginx did not error and returned via curl

Bumps docutils from 0.18.1 to 0.19.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can als...

Bumps botocore from 1.27.37 to 1.27.42.

Changelog
Sourced from botocore's changelog.

1.27.42

bugfix:TraceId: Rollback bugfix for obeying _X_AMZN_TRACE_ID env var

1.27.41

bugfix:Config: Obey _X_AMZN_TRACE_ID environment variable instead of _X_AMZ_TRACE_ID
api-change:ec2: Documentation updates for Amazon EC2.
api-change:fsx: Documentation updates for Amazon FSx
api-change:shield: AWS Shield Advanced now supports filtering for ListProtections and ListProt...

Bumps flake8 from 4.0.1 to 5.0.1.

Commits

405cfe0 Release 5.0.1
d20bb97 Merge pull request #1631 from PyCQA/dupe-sys-path
fce93b9 prevent duplicate plugin discovery on misconfigured pythons
3f4872a Merge pull request #1628 from mxr/patch-1
b0cad55 Remove needless sort in _style_guide_for
c7c6218 Release 5.0.0
a826649 Merge pull request #1626 from PyCQA/pycodestyle-2-9
7838f11 upgrade pycodestyle to 2.9.x
66b3211 Merge pull request #1625 from PyCQA/upgrade-...

Bumps keystoneauth1 from 4.5.0 to 5.0.0.

Dependabot will resolve any conflicts with this PR as long as you don't alter...

Bumps urllib3 from 1.26.10 to 1.26.11.

Release notes
Sourced from urllib3's releases.

1.26.11
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.
:warning: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap

Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.

Changelog
Sourced from urllib3's changelog.

1.26.11 ...

Sure why not ...

Update attrs from 21.4.0 to 22.1.0.

Changelog

22.1.0

-------------------

Backwards-incompatible Changes
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- Python 2.7 is not supported anymore.

Dealing with Python 2.7 tooling has become too difficult for a volunteer-run project.

We have supported Python 2 more than 2 years after it was officially discontinued and feel that we have paid our dues.
All version up to 21.4.0 from...

updates:

• github.com/asottile/pyupgrade: v2.37.2 → v2.37.3
• github.com/PyCQA/flake8: 4.0.1 → 5.0.2

I want to begin with, I'm pretty sure this is a user error thing but can't figure out what I'm doing wrong on this. It is not obvious whatever is causing it and bandersnatch is not very helpful in identifying the issue. Thanks in advance for any support to fix this. I have been screwing with this for over 2 weeks now and almost done with all of this.

I am trying to create a complete offline pip repo and it seems like it is working but of course, out of thousands of packages that are on...

Bumps mypy from 0.950 to 0.971.

Commits

1f08cf4 Update version to 0.971
61c0064 Add back workaround to avoid confusing mypy.types and types in pyinfo (#13176)
d8d900c Update version to 0.971+dev
72fa325 Update version to 0.970
2132036 Handle cwd correctly in pyinfo (#13161) (#13162)
ee10d29 flush keepalives on operator assignment statements (#13144) (#13151)
88c1b85 [mypyc] Add LoadAddress op for PyFloat_Type & PyTuple_Type (#13078) (#13150)
d06dcf0 [0....

Bumps coverage from 6.3.2 to 6.4.3.

Changelog
Sourced from coverage's changelog.

Version 6.4.3 — 2022-08-06

Fix a failure when combining data files if the file names contained
glob-like patterns (pull 1405_). Thanks, Michael Krebs and Benjamin
Schubert.

Fix a messaging failure when combining Windows data files on a different
drive than the current directory. (pull 1430, fixing issue 1428).
Thanks, Lorenzo Micò.

Fix path calculations when runnin...

Bumps boto3 from 1.24.36 to 1.24.46.

Changelog
Sourced from boto3's changelog.

1.24.46

enhancement:Lambda: [botocore] Add support for Trace ID in Lambda environments
api-change:chime-sdk-meetings: [botocore] Adds support for Tags on Amazon Chime SDK WebRTC sessions
api-change:config: [botocore] Add resourceType enums for Athena, GlobalAccelerator, Detective and EC2 types
api-change:dms: [botocore] Documentation updates for Database Migration Service (DMS).
...

Bumps types-freezegun from 1.1.9 to 1.1.10.

Commits

See full diff in compare view

Dependabot will resolve any conflicts wit...

I'm used python3.8 . help me

Need to see if this even needs to be in requiremts_test.txt

It does if people want to use outside of pre-commit ...

Bumps requests from 2.27.1 to 2.28.1.

Release notes
Sourced from requests's releases.

v2.28.1
2.28.1 (2022-06-29)
Improvements

Speed optimization in iter_content with transition to yield from. (#6170)

Dependencies

Added support for chardet 5.0.0 (#6179)
Added support for charset-normalizer 2.1.0 (#6169)

New Contributors

@​hswong3i made their first contribution in psf/requests#6179
@​frenzymadness made their first contribution in psf/requests#6169

Ful...

New coverage finds more coverage! Wins.

boto fun.

updates:

• github.com/PyCQA/flake8: 5.0.2 → 5.0.4

Bumps sphinx-argparse-cli from 1.8.3 to 1.10.0.

Release notes
Sourced from sphinx-argparse-cli's releases.

1.10.0
What's Changed

[pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/sphinx-argparse-cli#51
[pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/sphinx-argparse-cli#52
[pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/sphinx-argparse-cli#53
Bump dependencies and build tools by @​gab...

Bumps flake8 from 5.0.2 to 5.0.4.

Commits

6027577 Release 5.0.4
213e006 Merge pull request #1653 from asottile/lower-bound-importlib-metadata
e94ee2b require sufficiently new importlib-metadata
318a86a Merge pull request #1646 from televi/main
7b8b374 Clarify entry point naming
7160561 Merge pull request #1649 from PyCQA/pre-commit-ci-update-config
84d56a8 [pre-commit.ci] pre-commit autoupdate
ff6569b Release 5.0.3
e76b59a Merge pull request #1648 from PyC...

Bumps setuptools from 63.2.0 to 65.0.0.

Changelog
Sourced from setuptools's changelog.

v65.0.0
Breaking Changes
^^^^^^^^^^^^^^^^

#3505: Removed 'msvccompiler' and 'msvc9compiler' modules from distutils.
#3521: Remove bdist_msi and bdist_wininst commands, which have been deprecated since Python 3.9. Use older Setuptools for these behaviors if needed.

Documentation changes
^^^^^^^^^^^^^^^^^^^^^

#3519: Changed the note in keywords documentation regardin...

Bumps python-swiftclient from 3.13.1 to 4.0.1.

Commits

See full diff in compare view

Dependabot will resolve any conflic...

Bumps freezegun from 1.2.1 to 1.2.2.

Changelog
Sourced from freezegun's changelog.

1.2.2

Removes Python 3.6 support, which reached its EOL on 2021-12-23 (https://devguide.python.org/versions/?highlight=End-of-life#unsupported-versions).

Improved static typing definitions

Don't freeze pytest timings. This avoids class-level decorator usage messing with pytest timings.

Pass through all setUp and tearDown arguments

Commits

See full diff in c...

Big jump - But we have 0 CI here other than some unittests ... They seemed to pass.

Document download-mirror option in mirror_configuration, also mention it under master option to help people avoid misunderstand the usages.

LGTM - I might just apply my NITs locally myself :)

Lets add prettier markdown formatting to either the:

• doc build tox run
• pre-commit ci

Both work for me. Probably pre-commit since we use it already and most of our linting + formatting is there.

Bumps smart-open from 6.0.0 to 6.1.0.

Release notes
Sourced from smart-open's releases.

v6.1.0
6.1.0, 21 August 2022

Add cert parameter to http transport params (PR #703, @​stev-0)
Allow passing additional kwargs for Azure writes (PR #702, @​ddelange)

Changelog
Sourced from smart-open's changelog.

6.1.0, 21 August 2022

Add cert parameter to http transport params (PR #703, @​stev-0)
Allow passing additional kwargs for Azure writes (PR #702, @...

Bumps boto3 from 1.24.46 to 1.24.56.

Changelog
Sourced from boto3's changelog.

1.24.56

api-change:connect: [botocore] This release adds SearchSecurityProfiles API which can be used to search for Security Profile resources within a Connect Instance.
api-change:ivschat: [botocore] Documentation Change for IVS Chat API Reference - Doc-only update to change text/description for tags field.
api-change:kendra: [botocore] This release adds support for a new authen...

Bumps chardet from 4.0.0 to 5.0.0.

Release notes
Sourced from chardet's releases.

chardet 5.0.0
⚠️ This release is the first release of chardet that no longer supports Python < 3.6 ⚠️
In addition to that change, it features the following user-facing changes:

Added a prober for Johab Korean (#207, @​grizlupo)
Added a prober for UTF-16/32 BE/LE (#109, #206, @​jpz)
Added test data for Croatian, Czech, Hungarian, Polish, Slovak, Slovene, Greek, and Turk...

Bumps filelock from 3.7.1 to 3.8.0.

Release notes
Sourced from filelock's releases.

3.8.0
What's Changed

[pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/py-filelock#149
Bump actions/upload-artifact from 2 to 3 by @​dependabot in tox-dev/py-filelock#154
Bump actions/download-artifact from 2 to 3 by @​dependabot in tox-dev/py-filelock#152
Bump pre-commit/action from 2.0.3 to 3.0.0 by @​dependabot in tox-dev/py-filelock#151
Bump ac...

CI passes ...

Bumps attrs from 21.4.0 to 22.1.0.

Release notes
Sourced from attrs's releases.

22.1.0
Highlights
The main features of this release are:

The departure of Python 2.7 (enjoy your retirement!),
and the arrival of Python 3.11.

We had loftier goals feature-wise, but didn't want to block others embracing Python 3.11.
❤️ Huge thanks to my GitHub sponsors, Tidelift subscribers, and Ko-fi buyers! ❤️
None of my projects would exist in their current form with...

s3 ftw

Can we add a config to set the log-output directory and debug on/off ？
when I using docker ,it is not easy to change the command we use , instead , make a configuration change is far more convient .

More of a "how-to" than an issue. Under /web/simple, I'm getting index.html files, but no packages. Also nothing downloaded to /web/packages. I'm new to mirroring, so I may be lost, but shouldn't I be getting packages?

Bumps pre-commit from 2.18.1 to 2.20.0.

Release notes
Sourced from pre-commit's releases.

pre-commit v2.20.0
Features

Expose source and object-name (positional args) of prepare-commit-msg hook as PRE_COMMIT_COMIT_MSG_SOURCE and PRE_COMMIT_COMMIT_OBJECT_NAME.

#2407 PR by @​M-Whitaker.
#2406 issue by @​M-Whitaker.

Fixes

Fix language: ruby installs when --user-install is set in gemrc.

#2394 PR by @​narpfel.
#2393 issue by @​narpfel.

Adjust p...

Bumps botocore from 1.27.56 to 1.27.61.

Changelog
Sourced from botocore's changelog.

1.27.61

api-change:mediapackage: This release adds Ads AdTriggers and AdsOnDeliveryRestrictions to describe calls for CMAF endpoints on MediaPackage.
api-change:rds: Removes support for RDS Custom from DBInstanceClass in ModifyDBInstance

1.27.60

enhancement:Identity: TokenProvider added for bearer auth support
api-change:elbv2: Update elbv2 client to latest version
api...

Bumps tox from 3.25.0 to 3.25.1.

Release notes
Sourced from tox's releases.

3.25.1
What's Changed

release 3.25.0 by @​gaborbernat in tox-dev/tox#2398
[pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2399
Adding APPDATA as default passenv on Windows by @​niander in tox-dev/tox#2404
[pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2415
Avoid importing pipes on Python 3.3+ by @​adamchainz in tox-dev/tox#2418
Fix l...

Bumps types-filelock from 3.2.5 to 3.2.7.

Commits

See full diff in compare view

Dependabot will resolve any conflicts with th...

Bumps boto3 from 1.24.56 to 1.24.62.

Changelog
Sourced from boto3's changelog.

1.24.62

api-change:fsx: [botocore] Documentation updates for Amazon FSx for NetApp ONTAP.
api-change:voice-id: [botocore] Amazon Connect Voice ID now detects voice spoofing. When a prospective fraudster tries to spoof caller audio using audio playback or synthesized speech, Voice ID will return a risk score and outcome to indicate the how likely it is that the voice is spoofed.
...

Bumps botocore from 1.27.56 to 1.27.62.

Changelog
Sourced from botocore's changelog.

1.27.62

api-change:fsx: Documentation updates for Amazon FSx for NetApp ONTAP.
api-change:voice-id: Amazon Connect Voice ID now detects voice spoofing. When a prospective fraudster tries to spoof caller audio using audio playback or synthesized speech, Voice ID will return a risk score and outcome to indicate the how likely it is that the voice is spoofed.

1.27.61

api...

Bumps boto3 from 1.24.56 to 1.24.63.

Changelog
Sourced from boto3's changelog.

1.24.63

enhancement:Endpoints: [botocore] Deprecate SSL common name
api-change:greengrassv2: [botocore] Adds topologyFilter to ListInstalledComponentsRequest which allows filtration of components by ROOT or ALL (including root and dependency components). Adds lastStatusChangeTimestamp to ListInstalledComponents response to show the last time a component changed state on a device....

Bumps botocore from 1.27.56 to 1.27.63.

Changelog
Sourced from botocore's changelog.

1.27.63

enhancement:Endpoints: Deprecate SSL common name
api-change:greengrassv2: Adds topologyFilter to ListInstalledComponentsRequest which allows filtration of components by ROOT or ALL (including root and dependency components). Adds lastStatusChangeTimestamp to ListInstalledComponents response to show the last time a component changed state on a device.
api-change:i...

• Add config options to docs explaining valid setting + docs fixes

when I was running "bandersnatch sync uselesscapitalquiz" I got this error "OSError: [Errno 36] File name too long".
After some research ,It seems that the full path+filename have pass over the max-filename of the linux system which is 255bits.

This situation happens in bandersnatch 4.4/5.3 and 6.0,please help me solve this problems,thanks a lot .

[root@VM_21_104_centos /data/home/bandersnatch]# **bandersnatch sync uselesscapitalquiz**
2022-09-04 11:05:36,838 INFO: Selected stora...

Hi,
Iam little bit confused with packages filtering. Plugin exclude_platfrom work well for py versions and 4 main platforms. Can I also blocklist/filter aarch64 and win32 packages or which filter I should use?
Thank you.

Bumps coverage from 6.4.3 to 6.4.4.

Changelog
Sourced from coverage's changelog.

Version 6.4.4 — 2022-08-16

Wheels are now provided for Python 3.11.

.. _changes_6-4-3:

Commits

24985c0 docs: sample html report
12d5d17 build: prep for 6.4.4
007c616 build: update 3.11 references to rc1
66ddb0b build: make upgrade (with hashes)
f7907ee docs: add some make upgrade instructions to the Makefile
18b57e1 build: use hashed pins
1dba030 build: pin windows-...

Bumps boto3 from 1.24.63 to 1.24.66.

Changelog
Sourced from boto3's changelog.

1.24.66

api-change:cognito-idp: [botocore] This release adds a new "AuthSessionValidity" field to the UserPoolClient in Cognito. Application admins can configure this value for their users' authentication duration, which is currently fixed at 3 minutes, up to 15 minutes. Setting this field will also apply to the SMS MFA authentication flow.
api-change:connect: [botocore...

Bumps flake8-bugbear from 22.7.1 to 22.8.23.

Release notes
Sourced from flake8-bugbear's releases.

22.8.23

Add B024 error code to message for B024 (#276)

22.8.22

Add B024: abstract base class with no abstract methods (#273)

Commits

bc46cb5 Update version + Change Log for 22.8.23 release
7d1adf9 Add missing error code to message for B024 (#276)
1007f5c Update version + Change Log for 22.8.22 release
881f054 Merge pull request #274 from jakkd...

Bumps python-swiftclient from 4.0.1 to 4.1.0.

Commits

See full diff in compare view

Dependabot will resolve any conflicts...

S3 fun

I do not get these coverage fluctuations ...

for example ,I already have some version of tensorflow/torch on my localdisk.

but when I want to update it and run "bandersnatch sync torch",I got this log:

bandersnatch sync torch
2022-09-06 13:31:25,529 INFO: Selected storage backend: filesystem
2022-09-06 13:31:25,739 ERROR: Unable to load entry point swift_plugin = bandersnatch_storage_plugins.swift:SwiftStorage: No module named 'keystoneauth1'
2022-09-06 13:31:25,822 INFO: Initialized project plugin blocklist_project, filtering [...

When I look in to bandersnatch log I see some "Unauthorized error" and "error when attempting to clear the cache" and "xxx package not updating. Giving up" .
Could your please tell me why and help me solve them?

I'm using bandersnatch 6.0.0 and logs are below:

2022-09-22 20:49:21,090 bandersnatch.package: INFO Fetching metadata for package: tencentcloud-sdk-python-cynosdb (serial 15172235)
2022-09-22 20:49:21,146 bandersnatch.master: WARNING Got an error when attempting to ...

There is currently a package "uselesscaptialquiz" that has a very long version name. So long that sync'ing the package fails on Ubuntu 20.04 because the result package file name is too long for the OS, and the mirror fails.

Request: add filtering option to ignore packages which have version names so long that the OS gives an error when sync'ing.

Hello,
When using the `simple-format = JSON' option, bandersnatch 6.0.0 crashes when downloading package.

The error come from the write_simple_page function:
If content.html does not evaluate as True, then simple_page is never assigned.

When I look into my banderlogfile, I saw a lot of "ERROR Stale serial for xxxxx (nnnnnn) not updating. Giving up."
It seems that many package have gave up updating ,how can I deal with this packages? Are they give up "fow now" or "forever"?
For now I have already "bandersnatch sync xxx xxx xxxx" manuelly but which is the better way to make them update automatically?

I am using bandersntach 6.0.0 on "docker pull image: pypa/bandersnatch"

LOG1:

/yum/pip/banderlogfile.log.2022-10-0...

Hello, I’m new to bandersnatch and pypi mirrors. I tried to run a mirror last night and ended up stopping it at about 1TB of downloading. I didn’t realize it was that large.

Are there any predefined lists of most commonly used plugins?

I also only need Linux plugins. No windows. So I could remove those too?

Description

I want to mirror only a handful of packages with bandersnatch. To achieve this I use a docker-compose file which loads the preset configuration as shown below. After issuing the command below I get a couple of traces of different nature:

• ERROR: Continuing to next file after error downloading -> (sounds like files cannot be found on the server side)
• ERROR: Error syncing package: fastapi@15646760 (mirror.py:377) -> (sounds like files are already present)

Is this expe...

Could you tell me how to remove official removed packages automatically?

for example : https://pypi.org/project/apicolors/

the apicolors are deleted by pypi.org 4 days ago(Nov 9), but after my bandersnatch server synced it locally,It exist till now (Nov 11).（but my sync interval is 30min）

here is the bander.log:

2022-11-06 10:21:15,841 bandersnatch.package: INFO Fetching metadata for package: apicolors (serial 15671340)2022-11-06 10:21:15,966 bandersnatch.mirror: INFO Down...

Hi all! I'm trying to create a PyPI mirror for offline usage. For what I need, I don't want any of the really large packages (i.e. the AI/ML stuff). However, I'm having a hard time figuring out the correct way to filter that out. So a few questions:

1. Is the following configuration section (I found in another issue), explicitly allowing or forbidding the regex patterns?

[regex_project_metadata]
none:match-null:info.name =
  ^tf
  ^mxnet
  ^tensorflow
  ^cupy
  \-nightly$...

I had a PyPI mirror that hadn't ever had a run of verify --delete, so had grown to around 25 TB. Initially trying to run verify --delete was exhausting all of my machine's memory. It only had 8 GB of RAM, but still, the algorithm should be able to delete during the run (and therefore using a relatively constant amount of memory regardless of the number of deletions needed) rather than building a list in memory and deleting everything at the end.

I was able to get verify --delete to f...

I'm doing some tests to upload new requirements files to the bandersnatch container and I noticed the strange behaviour of not downloading the packages of a requirements file added ater the first synchronization of packages.

I tried to do an easily repeatable test.

Append this to the default config of bandernatch:

[plugins]
enabled =
    project_requirements

[allowlist]
requirements_path = /home/francesco/bandersnatch_requirements/
requirements =
    *requirements*.txt
``...

Build pypi/todo after running the “bandersnatch mirror ” for the first time. The tool only synchronizes pypi/todo each time, and the tool does not update the pypi/todo file, so no new data can be synchronized.
Log:
`2022-12-06 17:41:37,688 bandersnatch.main: INFO No status file to move (/srv/pypi/status) - Full sync will occur
2022-12-06 17:41:37,689 bandersnatch: INFO Selected storage backend: filesystem
2022-12-06 17:41:37,689 bandersnatch: INFO Selected compare method: stat
2022-12-06...

At present, I can obtain the official directory size of pypi（https://pypi.org/stats/）, while I am synchronizing the pypi directory. However, the du or duc command takes too long to count. Is there a more convenient way to do this?

CI has shown (with tox needing new versions) that we will need some refactors to move to the new 22.0 versions of packaging.

PR: https://github.com/pypa/bandersnatch/pull/1309/files

Example error:

==================================== ERRORS ====================================
____ ERROR collecting src/bandersnatch/tests/plugins/test_latest_release.py ____
ImportError while importing test module '/home/runner/work/bandersnatch/bandersnatch/src/bandersnatch/tests/plugins/test_lat...

We do not pass in 3.11 ... Lets make it after latest packaging ...

In https://github.com/pypa/bandersnatch/pull/57, we added code to automatically issue PURGE requests to stale endpoints. This was to work around a persistent issue w/ PyPI where caches become routinely stale and unusable. This hack worked for a good while, but now PyPI requires authentication for PURGE requests, flooding the logs with useless 401 errors.

❯ curl -X PURGE -i https://pypi.org/pypi/alchemize/json
HTTP/2 401 
server: Varnish
retry-after: 0
content-type: application/jso...

https://github.com/pypa/bandersnatch/blob/16137fd3861dd41cd34c060989140edeb00f8e43/src/bandersnatch/simple.py#L78-L89

The function shown above generate a package list for the global indexes i.e. /web/simple/index{.html,_v1.html,_v1.json}.

According to the pathlib.Path.glob document:

Note: Using the “**” pattern in large directory trees may consume an inordinate amount of time.

This function is extremely slow (...

I can't mirror the pypi packages from https://pypi.org
This is my bandersnatch.cfg
`[mirror]
directory = /data1/gwb/pypi
json = true
release-files = true
cleanup = false
master = https://pypi.org
timeout = 10
global-timeout = 1800
workers = 5
hash-index = false
simple-format = ALL
stop-on-error = false
storage-backend = filesystem
log-config = /etc/bandersnatch-log.conf
verifiers = 3
compare-method = hash
download-mirror = https://pypi.tuna.tsinghua.edu.cn/
download-...

All packages of pypi have been synchronized locally before. After a period of time, some package developers may have deleted them from pypi, but they are still kept locally. Will these packages be deleted when syncing again, and if so, how.

I have this exception

2023-02-25 22:29:51,784 INFO: considering /requirements/*********-requirements.txt (allowlist_name.py:114)
Traceback (most recent call last):
  File "", line 198, in _run_module_as_main
  File "", line 88, in _run_code
  File "/usr/local/lib/python3.11/site-packages/bandersnatch/main.py", line 231, in 
    exit(main())
         ^^^^^^
  File "/usr/local/lib/python3.11/site-packages/bandersnatch/main.py", line 227, in main
    return asyncio.run(async_main(...

According to pypi/warehouse#12214 , it has been a long-existing problem for the PyPI CDN to serve stale JSON API response, causing persisting error in syncing. This time, the mirror has been broken for over a week.

Could we implement a workaround in bandersnatch, allowing setting aside the problematic package, and continue to sync other packages? That's to say, to force fetch the change log even though the todo file exists?

As described in the docs, bandersnatch can filter mirror to only include the latest releases:

https://bandersnatch.readthedocs.io/en/latest/filtering_configuration.html#keep-only-latest-releases

But this can introduces some problems, and I think it boils down to a definition of what exactly the latest releases are. Currently, bandersnatch appears to sort all releases by version number:

https://github.com/pypa/bandersnatch/blob/main/src/bandersnatch_filter_plugins/latest_name.py#L52
...

As shown in the following log, I initially found that the packages "oreo" and "spanishconjugator" were not updated, but after checking the log, I found that "oreo" was missing and "spanishconjugator" failed to pass the verification.
The problem is that the failure of the subtasks' updates should not hinder the overall task's operation. Otherwise, the task will be stuck in a loop at these two packages forever.

# cat /yum/pip/todo
17825673
oreo4 17825509
spanishconjugator 17825562...

blake2b_256 has been added to the digest dict in package json, pip does not know how to handle this hash name. Causing and exception when trying to install packages with pip23 or later.

If you check https://pypi.org/simple/pip against https://pypi.org/simple/pip/23.0.1/json
the digest dict does not contain the same data as the hashes dict.

$ pip install --force pip
Looking in indexes: https:///simple/
Collecting pip
  Using cached https:///packages/07/51/2c0959c5adf988c44d9e1...

Today in simple.py we hard code a NamedTuple of possible digests and a StrEnum equivalent. I'd like to see if we could refactor this to support any digest that PyPI itself offers in the metadata we use. Bandersnatch (unfortunately) uses the non PEP standard "JSON API".

An example metadata can be seen looking at our bandersnatch project metadata. We can see here that it of...

Hi ,
We have implemented the Private Pypi mirror setup using bandersnatch .
We have used the allowlist to allow few package and those are getting mirrored successfully.

But when I try to install it using pip from mirror , it fails as don't find the dependencies there.

is there a way allow list can mirror the all dependent packages as well so it can work just like public pypi ?

This issue is going to beat entire purpose of setting up private pypi.

https://peps.python.org/pep-0700/

• The api-version must specify version 1.1 or later.
• A new versions key is added at the top level.
• Two new “file information” keys, size and upload-time, are added to the files data.

Keys (at any level) with a leading underscore are reserved as private for index server use. No future standard will assign a meaning to any such key.

sh-4.2# bandersnatch --version
bandersnatch 6.3.0

sh-4.2# bandersnatch verify --delete --json-update
2023-07-06 16:13:58,112 bandersnatch.verify: INFO Starting verify for /repo with 10 workers
2023-07-06 16:13:59,897 bandersnatch.verify: INFO Parsing 101903762
2023-07-06 16:13:59,897 bandersnatch.master: INFO Fetching https://pypi.org/pypi/101903762/json
2023-07-06 16:14:00,220 bandersnatch: INFO Initialized release plugin blocklist_release, filtering [, , , , , , ]
Traceback (most ...

I'm trying to sync only packages compatible with Python 2 but it's not working

[mirror]
directory = /data/MINI_PYPI/bandersnatch/packages/
master = https://pypi.org
timeout = 20
workers = 3
hash-index = false
stop-on-error = false
json = true

[plugins]
enabled =
allowlist_project
regex_project_metadata
blocklist_project
exclude_platform
latest_release

[allowlist]
packages =
setuptools

[blocklist]
platforms =
...

Hello,

Since the new merge s3path cannot import the S3DirEntry :

`2023-08-22 08:11:41,377 INFO: Selected storage backend: s3 (configuration.py:131)
2023-08-22 08:11:41,377 INFO: Selected compare method: hash (configuration.py:179)
Traceback (most recent call last):
File "./bandersnatch/bin/bandersnatch", line 8, in
sys.exit(main())
File "/builds/cloud/pypi-mirror/bandersnatch/lib/python3.8/site-packages/bandersnatch/main.py", line 226, in main
return asyncio.run(async...

as log below:

[root@softsource-agent-pypi-0 /data]# bandersnatch sync simple
2023-08-28 14:24:55,082 bandersnatch: INFO Selected storage backend: filesystem
2023-08-28 14:24:55,082 bandersnatch: INFO Selected compare method: stat
2023-08-28 14:24:55,082 bandersnatch: INFO Selected alternative download mirror https://mirrors.tuna.tsinghua.edu.cn
2023-08-28 14:24:55,236 bandersnatch: INFO Initialized project plugin blocklist_project, filtering ['pyagrum-nightly', 'tf-nightly', 'tf-nig...

We've been using bandersnatch for years, recently, I found it's hard to actually run bandersnatch verify as we're using s3 as storage and it already contains millions of packages.

Loading the JSON file alone would cost a day or longer, what makes it worse is that if this process is interrupted(system reboot, container killed, both are fairly common)

So I'm thinking about another way to verify packages.

iterating packages and verify if it should exist

1. iterate packages using `...

Add CI for python3.12 and cut docker over once all CI passes.

I expect dependencies to block this, but you never know :)

aiohttp does not work in 3.12 and is blocking CI at the moment for docs (where we don't specify python3 version).

Will move back to 3.11, but would like to roll with latest in the hope in the future our deps support 3.13 before it's stable and out :D

For some packages the version sorting of the x last relases does not work which leads to not fetching any versions.

This is caused by a problem of the version parsing in packaging.version. It usually works but the regex does not match arbitrary letters.
The problem was observed in the pytz package: versions 2004a, 2004b, 2004b.2 are pased correctly but 2004d raises an error.
Additionally the filtering is done in a large try ... except block that silently ignores the error in the ...

My usecase

• I'd like to have a slim mirror for offline usage based on a selection of a few packages
• packages are initially given in a requirmentss.txt and externally expanded to a requirements.txt with all dependencies (including version range)
• To keep the required storage low, I'd like to fetch max X versions while honoring the pinned versions given in the requirements.txt

Problem

Because all filters are applied in a loop in package.py, the last X versions plugin wins and...

I've run into an issue when trying to then pull packages from a bucket backed static site, but can't tell if the issue is my config a change in static sites behaviour (and how pip deals with it)

WARNING: Skipping page http://.amazonaws.com/mirror/web/simple/pillow/ because the GET request got Content-Type: binary/octet-stream. The only supported Content-Types are application/vnd.pypi.simple.v1+json, application/vnd.pypi.simple.v1+html, and text/html
ERROR: Could not find a version ...

Currently bandersnatch supports SOCKS Proxies, but not commonly used HTTP(S) proxies.

Sadly, there are still environments that rely on HTTP(S) Proxies.

Thanks so much for providing a means to mirror the PyPI repository!

After our latest run of bandersnatch mirror followed by bandersnatch verify --delete --json-update, our mirror is 13.3 TB is size. It was 17.7 TB before we ran the verify --delete operation. We found that some packages were not being updated after many runs of bandersnatch mirror. One such package was poetry. We got it to update with bandersnatch sync poetry before we ran the verify --delete operation.

We a...

2023-12-21 20:58:01,011 bandersnatch: INFO Selected storage backend: filesystem
2023-12-21 20:58:01,011 bandersnatch: INFO Selected compare method: hash
2023-12-21 20:58:01,012 bandersnatch: INFO Selected alternative download mirror https://mirrors.tuna.tsinghua.edu.cn/
2023-12-21 20:58:01,055 bandersnatch: INFO Initialized project plugin blocklist_project, filtering ['tensorflow-io-nightly', 'tf-nightly-cpu', 'pyagrum-nightly', 'tf-nightly-gpu', 'uselesscapitalquiz', 'tf-nightly', 'a...

I am currently using bandersnatch for mirroring PyPI and have encountered an issue regarding incremental synchronization. I want to set up my bandersnatch mirror to only sync new packages added to pypi.org. For packages that have been removed from pypi.org, do not delete these packages from the local mirror during synchronization. In short, only perform incremental backups without deleting any packages.

how to configure bandersnatch.conf to achieve this?

I have synchronized 13 terabytes of data, and I restarted the bandersnatch service due to configuration changes.
A large number of "no longer exists on PyPI" messages are displayed in the startup log. The synchronization of new packages starts about 50 minutes later.

I would like to remove these "no longer exists on PyPI" packages from todo, or is there a better way that doesn't require waiting 50 minutes.

Thanks.

Logs:

2024-02-23 00:45:52,492 INFO: 0wneg no longer exists on PyPI...

Doing a docs diff we found that the proxy bandersnatch.conf does not work correctly with SOCKS proxies. Let's tweak the code that checks for SOCKS URLs to check the proxy option in the config as well as the environment variables.

Hello, I'm using a fresh install of bandersnatch[s3] in attempt to establish a private S3-backed mirror. I discovered this issue in Python 3.9, but was able to reproduce it on Python 3.11. Here is an example configuration, and the following stack trace.

[mirror]
master = https://pypi.org
storage-backend = s3
directory = /my-s3-bucket/
diff-file = bandersnatch-diff
diff-append-epoch = true

json = false
stop-on-error = true
timeout = 30
keep_index_versions = 3
workers =...

2024-03-06 20:24:02,571 bandersnatch.package: INFO Fetching metadata for package: tohoku-tus-iot-automation (serial 22195024)
2024-03-06 20:24:02,932 bandersnatch.mirror: INFO Storing index page(s): tohoku-tus-iot-automation - in /repo/web/simple/tohoku-tus-iot-automation
2024-03-06 21:28:19,422 bandersnatch.package: INFO Fetching metadata for package: tohoku-tus-iot-automation (serial 22196068)
2024-03-06 21:28:20,140 bandersnatch.mirror: INFO Storing index page(s): tohoku-tus-iot-...

I have started to see test failures related to symlinks not being created correctly on my Windows workstation.

Platform and Version

Bandersnatch version: 10f652c1

Windows version information:

Edition		Windows 10 Pro
Version		22H2
Installed on	‎2021-‎04-‎03
OS build	19045.4170
Experience	Windows Feature Experience Pack 1000.19054.1000.0

Test Logs

The following unit tests all have similar failures:

• tests/test_mirror.py - symlink error is in captured ...

As logs below , when I am trying to sync bob.bio.csu, instead it's syncing to bob-bio-cso directory.
which makes our client cannot install bob.bio.cso(404 not found),But we should use bon-bio-cso instead.
Excuse me ,How can I turn this feature off (not replacing "." to "-")?

# bandersnatch -c /mirrors_scripts/bandersnatch/bandersnatch.conf.repo sync bob.bio.csu
2024-04-05 09:31:06,659 bandersnatch: INFO Selected storage backend: filesystem
2024-04-05 09:31:06,660 bandersnatch: INF...

Hello,

I'm using v6.5.0 and when I attempt to use bandersnatch verify --delete I get a key error.
I read the docs, and from what I understand, storage-backend defaults to filesystem, so I didn't think it would be required to add it into the configuration file.
https://bandersnatch.readthedocs.io/en/latest/mirror_configuration.html#storage-backend

The mirror section looks like this:
...

S3Path (and swift - But going to drop support unless someone else wants to help port it) is our biggest blocker to moving to Python 3.12. There is so much context here I sadly don't have as I've used S3 very little and never with bandersnatch.

Would love help from someone to help port this. I've spent a hour or so today and I don't have the time to spend on this, but would love to try and keep bandersnatch able to run on latest versions of python.

I feel we need to remove our own S3Path...

When no --force-check option is specified when using the runner.py the bandersnatch command execution fails with: bandersnatch: error: unrecognized arguments: