On Dec 15, 2014, at 6:03 AM, Robin Becker email@example.com wrote:
A bitbucket user informs me angrily that he cannot use the version of reportlab that's latest on pypi because it has a dependency
which is now treated as an 'and' condition by setuptools 8.0 so can not be satisfied.
In our latest code we have removed the '==2.0.0,', but presumably there's nothing I can do to make the situation less broken for older versions other than remove those from pypi.
Unfortunately we had this as part of the install_requires as
install_requires=['pillow ==2.0.0, >=2.4.0','pip>=1.4.1', 'setuptools>=2.2']
so it's our fault for being too lax in describing the requirement. Presumably the , in the list was always an 'and' and now the ',' in the elements is also :(
Historically the meaning of a comma inside of a version specifier is… well complicated. Honestly I have a hard time even putting into words what a comma means at all in a historical context. Sometimes it acts as an OR, sometimes it acts as and AND, and sometimes it acts as something else that I can’t quite explain.
This was part of how setuptools was designed, it valued giving an answer, any answer, over saying “Sorry this doesn’t make sense”. You can see this most clearly in the version parsing code which would allow versions such as “dog” or “this isn’t a version but setuptools will parse it as one”. In PEP 440 we attempted to standardize what a version and what a specifier means, and as part of that we made the decision that we are going to be stricter in what we accept. This means that some things that used to be valid versions are no longer valid versions and in your case, relying on the old, complicated behavior, of a comma that sometimes means different things.
So yea, in a PEP 440 world the comma is AND.
--- Donald Stufft PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA