Skip to content

PyPi Package Registry is case sensitive

Summary

Packages housed within the Gitlab PyPi Registry are case-sensitive when retrieved. Using the latest stable pip (20.2.2), this makes packages with capital letters impossible to retrieve as pip will make the name lowercase.

PEP 426 states:

All comparisons of distribution names MUST be case insensitive, and MUST consider hyphens and underscores to be equivalent.

Steps to reproduce

  • Follow documentation to create a sample python package
  • Change the name in setup.py to something with a capital letter - ex, CapitalPacakge
  • Upload to gitlab PyPi package registry within a project
  • Attempt to install the package using the latest pip. Observe that the package gitlab returns a 404 for the package name.
    • Navigate to https://gitlab.com/api/v4/projects/<Project_ID>/packages/pypi/simple/CapitalPackage and confirm the package exists
    • Navigate to https://gitlab.com/api/v4/projects/<Project_ID>/packages/pypi/simple/capitalpackage and confirm the api returns a 404

Example Project

What is the current bug behavior?

Retrieval of PyPI Packages are case sensitive

What is the expected correct behavior?

Retrieval of PyPI Packages are not case sensitive

Relevant logs and/or screenshots

Expand for output of `pip install -v ...` 
-->  curl https://gitlab.com/api/v4/projects/4817322/packages
[{"id":467762,"name":"CapitalPackage","version":"0.0.1","package_type":"pypi","_links":{"web_path":"/rudedog9d/review-app-test/-/packages/467762"},"created_at":"2020-09-02T17:01:52.170Z","tags":[],"versions":[]},{"id":467767,"name":"lowercase-package","version":"0.0.1","package_type":"pypi","_links":{"web_path":"/rudedog9d/review-app-test/-/packages/467767"},"created_at":"2020-09-02T17:02:27.470Z","tags":[],"versions":[]}]

-->  pip install --no-cache --index-url https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple CapitalPackage -v
Using pip 20.2.2 from /home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip (python 3.6)
Non-user install because user site-packages disabled
Created temporary directory: /tmp/pip-ephem-wheel-cache-gjnare60
Created temporary directory: /tmp/pip-req-tracker-r821xa0t
Initialized build tracking at /tmp/pip-req-tracker-r821xa0t
Created build tracker: /tmp/pip-req-tracker-r821xa0t
Entered build tracker: /tmp/pip-req-tracker-r821xa0t
Created temporary directory: /tmp/pip-install-fjy01nbr
Looking in indexes: https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple
1 location(s) to search for versions of CapitalPackage:
* https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/capitalpackage/
Fetching project page and analyzing links: https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/capitalpackage/
# EDIT: Notice the name is lowercased in the URL
Getting page https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/capitalpackage/
Found index url https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple
Found credentials in netrc for gitlab.com
Starting new HTTPS connection (1): gitlab.com:443
https://gitlab.com:443 "GET /api/v4/projects/4817322/packages/pypi/simple/capitalpackage/ HTTP/1.1" 404 35
Could not fetch URL https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/capitalpackage/: 404 Client Error: Not Found for url: https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/capitalpackage/ - skipping
Given no hashes to check 0 links for project 'CapitalPackage': discarding no candidates
ERROR: Could not find a version that satisfies the requirement CapitalPackage (from versions: none)
ERROR: No matching distribution found for CapitalPackage
Exception information:
Traceback (most recent call last):
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/cli/base_command.py", line 216, in _main
    status = self.run(options, args)
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/cli/req_command.py", line 182, in wrapper
    return func(self, options, args)
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/commands/install.py", line 325, in run
    reqs, check_supported_wheels=not options.target_dir
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/resolution/legacy/resolver.py", line 183, in resolve
    discovered_reqs.extend(self._resolve_one(requirement_set, req))
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/resolution/legacy/resolver.py", line 388, in _resolve_one
    abstract_dist = self._get_abstract_dist_for(req_to_install)
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/resolution/legacy/resolver.py", line 339, in _get_abstract_dist_for
    self._populate_link(req)
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/resolution/legacy/resolver.py", line 305, in _populate_link
    req.link = self._find_requirement_link(req)
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/resolution/legacy/resolver.py", line 270, in _find_requirement_link
    best_candidate = self.finder.find_requirement(req, upgrade)
  File "/home/bdavis/Dev/MyPyPiPackage/venv/lib/python3.6/site-packages/pip/_internal/index/package_finder.py", line 928, in find_requirement
    req)
pip._internal.exceptions.DistributionNotFound: No matching distribution found for CapitalPackage
1 location(s) to search for versions of pip:
* https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/pip/
Fetching project page and analyzing links: https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/pip/
Getting page https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/pip/
Found index url https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple
Found credentials in netrc for gitlab.com
Starting new HTTPS connection (1): gitlab.com:443
https://gitlab.com:443 "GET /api/v4/projects/4817322/packages/pypi/simple/pip/ HTTP/1.1" 404 35
Could not fetch URL https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/pip/: 404 Client Error: Not Found for url: https://gitlab.com/api/v4/projects/4817322/packages/pypi/simple/pip/ - skipping
Given no hashes to check 0 links for project 'pip': discarding no candidates
Removed build tracker: '/tmp/pip-req-tracker-r821xa0t'

-->  pip freeze --all
lowercase-package==0.0.1
pip==20.2.2
pkg-resources==0.0.0
setuptools==39.0.1

Output of checks

This bug happens on GitLab.com

Edited by Brodie Davis