PEP 386 – Changing the version comparison module in Distutils
- PEP
- 386
- Title
- Changing the version comparison module in Distutils
- Author
- Tarek Ziadé <tarek at ziade.org>
- Status
- Superseded
- Type
- Standards Track
- Created
- 04-Jun-2009
- Superseded-By
- 440
Abstract
Note: This PEP has been superseded by the version identification and dependency specification scheme defined in PEP 440.
This PEP proposed a new version comparison schema system in Distutils.
Motivation
In Python there are no real restrictions yet on how a project should manage its versions, and how they should be incremented.
Distutils provides a version distribution meta-data field but it is freeform and current users, such as PyPI usually consider the latest version pushed as the latest one, regardless of the expected semantics.
Distutils will soon extend its capabilities to allow distributions to express a
dependency on other distributions through the Requires-Dist
metadata field
(see PEP 345) and it will optionally allow use of that field to
restrict the dependency to a set of compatible versions. Notice that this field
is replacing Requires
that was expressing dependencies on modules and packages.
The Requires-Dist
field will allow a distribution to define a dependency on
another package and optionally restrict this dependency to a set of
compatible versions, so one may write:
Requires-Dist: zope.interface (>3.5.0)
This means that the distribution requires zope.interface
with a version
greater than 3.5.0
.
This also means that Python projects will need to follow the same convention as the tool that will be used to install them, so they are able to compare versions.
That is why this PEP proposes, for the sake of interoperability, a standard schema to express version information and its comparison semantics.
Furthermore, this will make OS packagers’ work easier when repackaging standards compliant distributions, because as of now it can be difficult to decide how two distribution versions compare.
Requisites and current status
It is not in the scope of this PEP to provide a universal versioning schema intended to support all or even most of existing versioning schemas. There will always be competing grammars, either mandated by distro or project policies or by historical reasons that we cannot expect to change.
The proposed schema should be able to express the usual versioning semantics, so it’s possible to parse any alternative versioning schema and transform it into a compliant one. This is how OS packagers usually deal with the existing version schemas and is a preferable alternative than supporting an arbitrary set of versioning schemas.
Conformance to usual practice and conventions, as well as a simplicity are a plus, to ease frictionless adoption and painless transition. Practicality beats purity, sometimes.
Projects have very different versioning needs, but the following are widely considered important semantics:
- it should be possible to express more than one versioning level (usually this is expressed as major and minor revision and, sometimes, also a micro revision).
- a significant number of projects need special meaning versions for “pre-releases” (such as “alpha”, “beta”, “rc”), and these have widely used aliases (“a” stands for “alpha”, “b” for “beta” and “c” for “rc”). And these pre-release versions make it impossible to use a simple alphanumerical ordering of the version string components. (Example: 3.1a1 < 3.1)
- some projects also need “post-releases” of regular versions, mainly for installer work which can’t be clearly expressed otherwise.
- development versions allow packagers of unreleased work to avoid version clash with later regular releases.
For people that want to go further and use a tool to manage their version numbers, the two major ones are:
Distutils
Distutils currently provides a StrictVersion
and a LooseVersion
class
that can be used to manage versions.
The LooseVersion
class is quite lax. From Distutils doc:
Version numbering for anarchists and software realists.
Implements the standard interface for version number classes as
described above. A version number consists of a series of numbers,
separated by either periods or strings of letters. When comparing
version numbers, the numeric components will be compared
numerically, and the alphabetic components lexically. The following
are all valid version numbers, in no particular order:
1.5.1
1.5.2b2
161
3.10a
8.02
3.4j
1996.07.12
3.2.pl0
3.1.1.6
2g6
11g
0.960923
2.2beta29
1.13++
5.5.kw
2.0b1pl0
In fact, there is no such thing as an invalid version number under
this scheme; the rules for comparison are simple and predictable,
but may not always give the results you want (for some definition
of "want").
This class makes any version string valid, and provides an algorithm to sort them numerically then lexically. It means that anything can be used to version your project:
>>> from distutils.version import LooseVersion as V
>>> v1 = V('FunkyVersion')
>>> v2 = V('GroovieVersion')
>>> v1 > v2
False
The problem with this is that while it allows expressing any nesting level it doesn’t allow giving special meaning to versions (pre and post-releases as well as development versions), as expressed in requisites 2, 3 and 4.
The StrictVersion
class is more strict. From the doc:
Version numbering for meticulous retentive and software idealists.
Implements the standard interface for version number classes as
described above. A version number consists of two or three
dot-separated numeric components, with an optional "pre-release" tag
on the end. The pre-release tag consists of the letter 'a' or 'b'
followed by a number. If the numeric components of two version
numbers are equal, then one with a pre-release tag will always
be deemed earlier (lesser) than one without.
The following are valid version numbers (shown in the order that
would be obtained by sorting according to the supplied cmp function):
0.4 0.4.0 (these two are equivalent)
0.4.1
0.5a1
0.5b3
0.5
0.9.6
1.0
1.0.4a3
1.0.4b1
1.0.4
The following are examples of invalid version numbers:
1
2.7.2.2
1.3.a4
1.3pl1
1.3c4
This class enforces a few rules, and makes a decent tool to work with version numbers:
>>> from distutils.version import StrictVersion as V
>>> v2 = V('GroovieVersion')
Traceback (most recent call last):
...
ValueError: invalid version number 'GroovieVersion'
>>> v2 = V('1.1')
>>> v3 = V('1.3')
>>> v2 < v3
True
It adds pre-release versions, and some structure, but lacks a few semantic elements to make it usable, such as development releases or post-release tags, as expressed in requisites 3 and 4.
Also, note that Distutils version classes have been present for years but are not really used in the community.
Setuptools
Setuptools provides another version comparison tool [3]
which does not enforce any rules for the version, but tries to provide a better
algorithm to convert the strings to sortable keys, with a parse_version
function.
From the doc:
Convert a version string to a chronologically-sortable key
This is a rough cross between Distutils' StrictVersion and LooseVersion;
if you give it versions that would work with StrictVersion, then it behaves
the same; otherwise it acts like a slightly-smarter LooseVersion. It is
*possible* to create pathological version coding schemes that will fool
this parser, but they should be very rare in practice.
The returned value will be a tuple of strings. Numeric portions of the
version are padded to 8 digits so they will compare numerically, but
without relying on how numbers compare relative to strings. Dots are
dropped, but dashes are retained. Trailing zeros between alpha segments
or dashes are suppressed, so that e.g. "2.4.0" is considered the same as
"2.4". Alphanumeric parts are lower-cased.
The algorithm assumes that strings like "-" and any alpha string that
alphabetically follows "final" represents a "patch level". So, "2.4-1"
is assumed to be a branch or patch of "2.4", and therefore "2.4.1" is
considered newer than "2.4-1", which in turn is newer than "2.4".
Strings like "a", "b", "c", "alpha", "beta", "candidate" and so on (that
come before "final" alphabetically) are assumed to be pre-release versions,
so that the version "2.4" is considered newer than "2.4a1".
Finally, to handle miscellaneous cases, the strings "pre", "preview", and
"rc" are treated as if they were "c", i.e. as though they were release
candidates, and therefore are not as new as a version string that does not
contain them, and "dev" is replaced with an '@' so that it sorts lower
than any other pre-release tag.
In other words, parse_version
will return a tuple for each version string,
that is compatible with StrictVersion
but also accept arbitrary version and
deal with them so they can be compared:
>>> from pkg_resources import parse_version as V
>>> V('1.2')
('00000001', '00000002', '*final')
>>> V('1.2b2')
('00000001', '00000002', '*b', '00000002', '*final')
>>> V('FunkyVersion')
('*funkyversion', '*final')
In this schema practicality takes priority over purity, but as a result it doesn’t enforce any policy and leads to very complex semantics due to the lack of a clear standard. It just tries to adapt to widely used conventions.
Caveats of existing systems
The major problem with the described version comparison tools is that they are too permissive and, at the same time, aren’t capable of expressing some of the required semantics. Many of the versions on PyPI [4] are obviously not useful versions, which makes it difficult for users to grok the versioning that a particular package was using and to provide tools on top of PyPI.
Distutils classes are not really used in Python projects, but the Setuptools function is quite widespread because it’s used by tools like easy_install [6], pip [5] or zc.buildout [7] to install dependencies of a given project.
While Setuptools does provide a mechanism for comparing/sorting versions, it is much preferable if the versioning spec is such that a human can make a reasonable attempt at that sorting without having to run it against some code.
Also there’s a problem with the use of dates at the “major” version number (e.g. a version string “20090421”) with RPMs: it means that any attempt to switch to a more typical “major.minor…” version scheme is problematic because it will always sort less than “20090421”.
Last, the meaning of -
is specific to Setuptools, while it is avoided in
some packaging systems like the one used by Debian or Ubuntu.
The new versioning algorithm
During Pycon, members of the Python, Ubuntu and Fedora community worked on a version standard that would be acceptable for everyone.
It’s currently called verlib and a prototype lives at [10].
The pseudo-format supported is:
N.N[.N]+[{a|b|c|rc}N[.N]+][.postN][.devN]
The real regular expression is:
expr = r"""^
(?P<version>\d+\.\d+) # minimum 'N.N'
(?P<extraversion>(?:\.\d+)*) # any number of extra '.N' segments
(?:
(?P<prerel>[abc]|rc) # 'a' = alpha, 'b' = beta
# 'c' or 'rc' = release candidate
(?P<prerelversion>\d+(?:\.\d+)*)
)?
(?P<postdev>(\.post(?P<post>\d+))?(\.dev(?P<dev>\d+))?)?
$"""
Some examples probably make it clearer:
>>> from verlib import NormalizedVersion as V
>>> (V('1.0a1')
... < V('1.0a2.dev456')
... < V('1.0a2')
... < V('1.0a2.1.dev456')
... < V('1.0a2.1')
... < V('1.0b1.dev456')
... < V('1.0b2')
... < V('1.0b2.post345')
... < V('1.0c1.dev456')
... < V('1.0c1')
... < V('1.0.dev456')
... < V('1.0')
... < V('1.0.post456.dev34')
... < V('1.0.post456'))
True
The trailing .dev123
is for pre-releases. The .post123
is for
post-releases – which apparently are used by a number of projects out there
(e.g. Twisted [8]). For example, after a 1.2.0
release there might
be a 1.2.0-r678
release. We used post
instead of r
because the
r
is ambiguous as to whether it indicates a pre- or post-release.
.post456.dev34
indicates a dev marker for a post release, that sorts
before a .post456
marker. This can be used to do development versions
of post releases.
Pre-releases can use a
for “alpha”, b
for “beta” and c
for
“release candidate”. rc
is an alternative notation for “release candidate”
that is added to make the version scheme compatible with Python’s own version
scheme. rc
sorts after c
:
>>> from verlib import NormalizedVersion as V
>>> (V('1.0a1')
... < V('1.0a2')
... < V('1.0b3')
... < V('1.0c1')
... < V('1.0rc2')
... < V('1.0'))
True
Note that c
is the preferred marker for third party projects.
verlib
provides a NormalizedVersion
class and a
suggest_normalized_version
function.
NormalizedVersion
The NormalizedVersion class is used to hold a version and to compare it with others. It takes a string as an argument, that contains the representation of the version:
>>> from verlib import NormalizedVersion
>>> version = NormalizedVersion('1.0')
The version can be represented as a string:
>>> str(version)
'1.0'
Or compared with others:
>>> NormalizedVersion('1.0') > NormalizedVersion('0.9')
True
>>> NormalizedVersion('1.0') < NormalizedVersion('1.1')
True
A class method called from_parts
is available if you want to create an
instance by providing the parts that composes the version.
Examples
>>> version = NormalizedVersion.from_parts((1, 0))
>>> str(version)
'1.0'
>>> version = NormalizedVersion.from_parts((1, 0), ('c', 4))
>>> str(version)
'1.0c4'
>>> version = NormalizedVersion.from_parts((1, 0), ('c', 4), ('dev', 34))
>>> str(version)
'1.0c4.dev34'
suggest_normalized_version
suggest_normalized_version
is a function that suggests a normalized version
close to the given version string. If you have a version string that isn’t
normalized (i.e. NormalizedVersion
doesn’t like it) then you might be able
to get an equivalent (or close) normalized version from this function.
This does a number of simple normalizations to the given string, based on an observation of versions currently in use on PyPI.
Given a dump of those versions on January 6th 2010, the function has given those results out of the 8821 distributions PyPI had:
- 7822 (88.67%) already match
NormalizedVersion
without any change - 717 (8.13%) match when using this suggestion method
- 282 (3.20%) don’t match at all.
The 3.20% of projects that are incompatible with NormalizedVersion
and cannot be transformed into a compatible form, are for most of them date-based
version schemes, versions with custom markers, or dummy versions. Examples:
- working proof of concept
- 1 (first draft)
- unreleased.unofficialdev
- 0.1.alphadev
- 2008-03-29_r219
- etc.
When a tool needs to work with versions, a strategy is to use
suggest_normalized_version
on the versions string. If this function returns
None
, it means that the provided version is not close enough to the
standard scheme. If it returns a version that slightly differs from
the original version, it’s a suggested normalized version. Last, if it
returns the same string, it means that the version matches the scheme.
Here’s an example of usage:
>>> from verlib import suggest_normalized_version, NormalizedVersion
>>> import warnings
>>> def validate_version(version):
... rversion = suggest_normalized_version(version)
... if rversion is None:
... raise ValueError('Cannot work with "%s"' % version)
... if rversion != version:
... warnings.warn('"%s" is not a normalized version.\n'
... 'It has been transformed into "%s" '
... 'for interoperability.' % (version, rversion))
... return NormalizedVersion(rversion)
...
>>> validate_version('2.4-rc1')
__main__:8: UserWarning: "2.4-rc1" is not a normalized version.
It has been transformed into "2.4c1" for interoperability.
NormalizedVersion('2.4c1')
>>> validate_version('2.4c1')
NormalizedVersion('2.4c1')
>>> validate_version('foo')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "<stdin>", line 4, in validate_version
ValueError: Cannot work with "foo"
Roadmap
Distutils will deprecate its existing versions class in favor of
NormalizedVersion
. The verlib
module presented in this PEP will be
renamed to version
and placed into the distutils
package.
References
- [1]
- http://docs.python.org/distutils
- [2]
- http://peak.telecommunity.com/DevCenter/setuptools
- [3]
- http://peak.telecommunity.com/DevCenter/setuptools#specifying-your-project-s-version
- [4]
- http://pypi.python.org/pypi
- [5]
- http://pypi.python.org/pypi/pip
- [6]
- http://peak.telecommunity.com/DevCenter/EasyInstall
- [7]
- http://pypi.python.org/pypi/zc.buildout
- [8]
- http://twistedmatrix.com/trac/
- [9]
- http://peak.telecommunity.com/DevCenter/setuptools
- [10]
- http://bitbucket.org/tarek/distutilsversion/
Acknowledgments
Trent Mick, Matthias Klose, Phillip Eby, David Lyon, and many people at Pycon and Distutils-SIG.
Copyright
This document has been placed in the public domain.
Source: https://github.com/python-discord/peps/blob/main/pep-0386.txt
Last modified: 2022-01-21 11:03:51 GMT