poetry: poetry 1.2.0a1: AttributeError when installing package from secondary repo

I am on the latest Poetry version.
I have searched the issues of this repo and believe that this is not a duplicate.
If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).
OS version and name: macOS 10.15
Poetry version: 1.2.0a1
Link of a Gist with the contents of your pyproject.toml file:

Issue

Hi! I’m testing new 1.2.0a1 version as an early-adopter to find potential issues.

My pyproject.toml defines a secondary repo:

[[tool.poetry.source]]
name = "XXX"
url = "https://pypi.XXX.YYY"
secondary = true

And I have one dependency which comes from this private pypi repo. Poetry 1.1.3 installed it without errors, but on 1.2.0a1 I get this stacktrace:

  • Installing FOOBAR (1.7.2): Pending...
  • Installing FOOBAR (1.7.2): Failed

  Stack trace:

  5  ~/Library/Application Support/pypoetry/venv/lib/python3.8/site-packages/poetry/installation/executor.py:244 in _execute_operation
      242│ 
      243│             try:
    → 244│                 result = self._do_execute_operation(operation)
      245│             except EnvCommandError as e:
      246│                 if e.e.returncode == -2:

  4  ~/Library/Application Support/pypoetry/venv/lib/python3.8/site-packages/poetry/installation/executor.py:321 in _do_execute_operation
      319│             return 0
      320│ 
    → 321│         result = getattr(self, f"_execute_{method}")(operation)
      322│ 
      323│         if result != 0:

  3  ~/Library/Application Support/pypoetry/venv/lib/python3.8/site-packages/poetry/installation/executor.py:462 in _execute_install
      460│ 
      461│     def _execute_install(self, operation: Union[Install, Update]) -> int:
    → 462│         status_code = self._install(operation)
      463│ 
      464│         self._save_url_reference(operation)

  2  ~/Library/Application Support/pypoetry/venv/lib/python3.8/site-packages/poetry/installation/executor.py:498 in _install
      496│             archive = self._download_link(operation, Link(package.source_url))
      497│         else:
    → 498│             archive = self._download(operation)
      499│ 
      500│         operation_message = self.get_operation_message(operation)

  1  ~/Library/Application Support/pypoetry/venv/lib/python3.8/site-packages/poetry/installation/executor.py:648 in _download
      646│         link = self._chooser.choose_for(operation.package)
      647│ 
    → 648│         return self._download_link(operation, link)
      649│ 
      650│     def _download_link(self, operation: Union[Install, Update], link: Link) -> Link:

  AttributeError

  'Link' object has no attribute 'name'

  at ~/Library/Application Support/pypoetry/venv/lib/python3.8/site-packages/poetry/installation/executor.py:683 in _download_link
      679│                 ).hash()
      680│             )
      681│             if archive_hash not in {f["hash"] for f in package.files}:
      682│                 raise RuntimeError(
    → 683│                     f"Invalid hash for {package} using archive {archive.name}"
      684│                 )
      685│ 
      686│             self._hashes[package.name] = archive_hash
      687│

If you need any additional info to better understand the issue, I’ll be happy to provide it.

About this issue

Original URL
State: closed
Created 3 years ago
Reactions: 12
Comments: 41 (9 by maintainers)

Commits related to this issue

Fix AttributeError on hash mismatch This replaces the AttributeError reported in #4085 with the proper exception. — committed to paulmelnikow/poetry by paulmelnikow 3 years ago
Fix AttributeError on hash mismatch This replaces the AttributeError reported in #4085 with the proper exception. — committed to paulmelnikow/poetry by paulmelnikow 3 years ago
Fix AttributeError on hash mismatch This replaces the AttributeError reported in #4085 with the proper exception. — committed to paulmelnikow/poetry by paulmelnikow 3 years ago
Upgrades poetry to version 1.1.10. It fixes some weird bugs during install related to https://github.com/python-poetry/poetry/issues/4085 — committed to adap/flower by pedropgusmao 3 years ago
feat: Support algorithms other than sha256 when validating hashes This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #48... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Support algorithms other than sha256 when validating hashes This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #44... — committed to python-poetry/poetry by neersighted 3 years ago
This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes #4578 and #4085. This PR is also a forward-port of #... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Check all hash types when validating archives This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Check all hash types when validating archives This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Check all hash types when validating archives This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Check all hash types when validating archives This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Check all hash types when validating archives This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Check all hash types when validating archives This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Check all hash types when validating archives This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes... — committed to python-poetry/poetry by neersighted 3 years ago
feat: Check all hash types when validating archives This allows for much-improved compatibility when interfacing with legacy PyPI-compatible repositories. This is a successor PR to #4486, and closes... — committed to python-poetry/poetry by neersighted 3 years ago
fix: change poetry verison to 1.1.8 les versions supérieures poetry ne réussisent pas à récupérer des modules sur nexus https://stackoverflow.com/questions/69836936/poetry-attributeerror-link-object-... — committed to tahiti-web-design/odoo8-prod by kyleahlo 2 years ago
try to fix poetry bug https://github.com/python-poetry/poetry/issues/4085 using another lock file — committed to WOGRA-AG/Os4ML by pd-t 2 years ago

Most upvoted comments

This regression appeared in Poetry 1.1.7/1.1.9 two days ago when poetry-core 1.0.5 was released. Downgrading to poetry-core 1.0.4 is a workaround.

+13

paulmelnikow on Sep 20, 2021

I had the same issue, with poetry 1.1.11, I downgraded poetry to 1.0.6 and it worked, but that was not the permanent solution as 1.1.11 brought new features, which were really handy in building/publishing wheels. After some research I found that poetry’s local cache was getting corrupted, since I built the packages multiple times. So I needed to delete the cache and it started working again like a charm.

To find the cache location poetry config --list

delete the cache directory containing the private repository. Or run poetry cache clear repo-name --all

delete the virtual-env from your project run poetry install/update again it will work.

Please Have a look https://github.com/python-poetry/poetry/issues/1631 I think that’s the reason why we are having this problem at first place.

+11

sudo-ankitmishra on Oct 18, 2021

I get the same issue too with 1.2.0a2 if I install via the new install_poetry.py script. If I install poetry into a venv with pip install poetry==1.2.0a2 I do not get this issue somehow. But I then get warnings when using poetry:

SetuptoolsDeprecationWarning: setup.py install is deprecated. Use build and pip and other standards-based tools.

And I do not use a secondary repo at all.

Cielquan on Jan 23, 2022

poetry-core 1.0.6 has been released, this issue is still present.

pcarn on Sep 21, 2021

I use a secondary repo and I’m having this issue with 1.2.0:

• Installing mypackage (0.10.0): Failed

  RuntimeError

  Retrieved digest for link mypackage-0.10.0-py3-none-any.whl(md5:f1c63397a2b6718593315a06a0a73579) not in poetry.lock metadata ['sha256:d1d3de1bcf913df45c3b8a1d5b1d8eaba3207140785b733b24568552b192e4ce', 'sha256:e887c6b1b3d15157a167a7c3d50fce03d31a7ae9df73c647cc24d1f7e7bf2fbf']

  at ~/.local/share/pypoetry/venv/lib/python3.9/site-packages/poetry/installation/chooser.py:144 in _get_links
      140│
      141│             selected_links.append(link)
      142│
      143│         if links and not selected_links:
    → 144│             raise RuntimeError(
      145│                 f"Retrieved digest for link {link.filename}({h}) not in poetry.lock"
      146│                 f" metadata {hashes}"
      147│             )
      148│

reverting back to 1.1.15 solved the issue.

sherrywang31 on Sep 1, 2022

somehow, if you switch to the poetry-1.1.9 it will also fix the issue, even with the poetry-core-1.0.5. so, apparently, the issue is not with the poetry-core but with poetry itself, as it passes the wrong argument.

spirit-q2 on Sep 21, 2021

Still present in 1.0.7

s-rog on Oct 14, 2021

somehow, if you switch to the poetry-1.1.9 it will also fix the issue, even with the poetry-core-1.0.5. so, apparently, the issue is not with the poetry-core but with poetry itself, as it passes the wrong argument.

Using poetry==1.1.9 without locking poetry-core to 1.0.4 does not fix it for me.

pcarn on Sep 21, 2021

pip install poetry-core==1.0.4 is a temporary solution, had the same issue and it worked for me. Releasing private pypi package to gemfury. ` AttributeError

‘Link’ object has no attribute ‘name’

at /usr/local/lib/python3.9/site-packages/poetry/installation/executor.py:620 in _download_link

  615│                 ).hash()
  617│             )
  618│             if archive_hash not in {f["hash"] for f in package.files}:
  619│                 raise RuntimeError(
→ 620│                     "Invalid hash for {} using archive {}".format(package, archive.name)
  621│                 )
  622│
  623│         return archive
  624│`

kurbanowski on Sep 20, 2021

I’ve opened a PR to generate this error message properly: #4212.

I’m experiencing the underlying issue in Poetry 1.2.0a1. I’m installing a package from a private Gemfury repository.

Gemfury’s legacy PyPI API returns only md5 hashes, not sha256 hashes. (By comparison, JFrog had a similar limitation until recently.) My lockfile contains only sha256 hashes, hence the mismatch error at install time.

In contrast, Poetry 1.1.7 works fine. A lockfile generated by 1.1.7 also contains the sha256 hashes, yet installation works fine.

Is it possible this is a regression caused by the changes in #2958?

paulmelnikow on Jul 8, 2021

This issue describes an attribute error in code that no longer exists, closed is definitely the right state for it.

You want #6301 maybe

dimbleby on Sep 6, 2022

Is this related to #4523?

gitpushdashf on Sep 21, 2021