aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason R. Coombs <jaraco@jaraco.com>2017-11-25 09:45:05 -0500
committerJason R. Coombs <jaraco@jaraco.com>2017-11-25 09:45:05 -0500
commitf012485e4767f3be81493c93ad534a02c6f14f14 (patch)
tree1a782d7ef146f803e509230b2e822d5735575652
parent45f6ce2afb10aed556fec33c16b765728133f59a (diff)
downloadexternal_python_setuptools-f012485e4767f3be81493c93ad534a02c6f14f14.tar.gz
external_python_setuptools-f012485e4767f3be81493c93ad534a02c6f14f14.tar.bz2
external_python_setuptools-f012485e4767f3be81493c93ad534a02c6f14f14.zip
Disallow unordered sequences for specifying install_requires. Fixes #458.
Diffstat
-rw-r--r--CHANGES.rst7
-rw-r--r--setuptools/dist.py2
2 files changed, 9 insertions, 0 deletions
diff --git a/CHANGES.rst b/CHANGES.rst
index f75bb62a..c8a3ecc3 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -1,3 +1,10 @@
+v38.0.0
+-------
+
+* #458: In order to support deterministic builds, Setuptools no
+ longer allows packages to declare ``install_requires`` as
+ unordered sequences (sets or dicts).
+
v37.0.0
-------
diff --git a/setuptools/dist.py b/setuptools/dist.py
index aa304500..477f93dd 100644
--- a/setuptools/dist.py
+++ b/setuptools/dist.py
@@ -166,6 +166,8 @@ def check_requirements(dist, attr, value):
"""Verify that install_requires is a valid requirements list"""
try:
list(pkg_resources.parse_requirements(value))
+ if isinstance(value, (dict, set)):
+ raise TypeError("Unordered types are not allowed")
except (TypeError, ValueError) as error:
tmpl = (
"{attr!r} must be a string or list of strings "
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-18 08:22:30 +0000