wheel crashes when version is a single numeric component

[mgorny]

I'm completely new to wheels but I think that something really wrong is happening here. I'm attempting to convert gemato to setuptools and start distributing wheels.

To get a 'pristine' environment, I've made a virtualenv with python-3.5.4 and installed newest versions of setuptools and wheel there:

$ python -m venv _v35
$ . _v35/bin/activate
(_v35) $ pip install -U setuptools wheel
Collecting setuptools
  Using cached setuptools-38.1.0-py2.py3-none-any.whl
Collecting wheel
  Using cached wheel-0.30.0-py2.py3-none-any.whl
Installing collected packages: setuptools, wheel
  Found existing installation: setuptools 28.8.0
    Uninstalling setuptools-28.8.0:
      Successfully uninstalled setuptools-28.8.0
Successfully installed setuptools-38.1.0 wheel-0.30.0

Now, I try to create the wheel archive via setup.py bdist_wheel:

(_v35) $ python setup.py bdist_wheel
running bdist_wheel
running build
running build_py
creating build
creating build/lib
creating build/lib/gemato
copying gemato/openpgp.py -> build/lib/gemato
copying gemato/compression.py -> build/lib/gemato
copying gemato/__init__.py -> build/lib/gemato
copying gemato/manifest.py -> build/lib/gemato
copying gemato/exceptions.py -> build/lib/gemato
copying gemato/recursiveloader.py -> build/lib/gemato
copying gemato/profile.py -> build/lib/gemato
copying gemato/util.py -> build/lib/gemato
copying gemato/verify.py -> build/lib/gemato
copying gemato/find_top_level.py -> build/lib/gemato
copying gemato/cli.py -> build/lib/gemato
copying gemato/hash.py -> build/lib/gemato
running build_scripts
creating build/scripts-3.5
copying and adjusting bin/gemato -> build/scripts-3.5
changing mode of build/scripts-3.5/gemato from 644 to 755
installing to build/bdist.linux-x86_64/wheel
running install
running install_lib
creating build/bdist.linux-x86_64
creating build/bdist.linux-x86_64/wheel
creating build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/openpgp.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/compression.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/__init__.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/manifest.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/exceptions.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/recursiveloader.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/profile.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/util.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/verify.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/find_top_level.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/cli.py -> build/bdist.linux-x86_64/wheel/gemato
copying build/lib/gemato/hash.py -> build/bdist.linux-x86_64/wheel/gemato
running install_egg_info
running egg_info
creating gemato.egg-info
writing top-level names to gemato.egg-info/top_level.txt
writing requirements to gemato.egg-info/requires.txt
writing gemato.egg-info/PKG-INFO
writing dependency_links to gemato.egg-info/dependency_links.txt
writing manifest file 'gemato.egg-info/SOURCES.txt'
reading manifest file 'gemato.egg-info/SOURCES.txt'
writing manifest file 'gemato.egg-info/SOURCES.txt'
Copying gemato.egg-info to build/bdist.linux-x86_64/wheel/gemato-7-py3.5.egg-info
running install_scripts
creating build/bdist.linux-x86_64/wheel/gemato-7.data
creating build/bdist.linux-x86_64/wheel/gemato-7.data/scripts
copying build/scripts-3.5/gemato -> build/bdist.linux-x86_64/wheel/gemato-7.data/scripts
changing mode of build/bdist.linux-x86_64/wheel/gemato-7.data/scripts/gemato to 755
creating build/bdist.linux-x86_64/wheel/gemato-7.dist-info/WHEEL
creating '/home/mgorny/git/gemato/dist/gemato-7-py2.py3-none-any.whl' and adding '.' to it
adding 'gemato/__init__.py'
adding 'gemato/cli.py'
adding 'gemato/compression.py'
adding 'gemato/exceptions.py'
adding 'gemato/find_top_level.py'
adding 'gemato/hash.py'
adding 'gemato/manifest.py'
adding 'gemato/openpgp.py'
adding 'gemato/profile.py'
adding 'gemato/recursiveloader.py'
adding 'gemato/util.py'
adding 'gemato/verify.py'
adding 'gemato-7.data/scripts/gemato'
adding 'gemato-7.dist-info/DESCRIPTION.rst'
adding 'gemato-7.dist-info/metadata.json'
adding 'gemato-7.dist-info/top_level.txt'
adding 'gemato-7.dist-info/WHEEL'
adding 'gemato-7.dist-info/METADATA'
adding 'gemato-7.dist-info/RECORD'

However, the resulting archive seems to cause wheel to explode with a lot of shrapnel:

$ wheel verify dist/gemato-7-py2.py3-none-any.whl 
Traceback (most recent call last):
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/tool/__init__.py", line 124, in verify
    sig = json.loads(native(wf.zipfile.open(sig_name).read()))
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/decorator.py", line 17, in __get__
    val = self.wrapped(inst)
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/install.py", line 232, in zipfile
    self.verify(vzf)
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/install.py", line 399, in verify
    record = zipfile.read(record_name)
  File "/usr/lib64/python3.5/zipfile.py", line 1232, in read
    with self.open(name, "r", pwd) as fp:
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/install.py", line 451, in open
    ef = zipfile.ZipFile.open(self, name_or_info, mode, pwd)
  File "/usr/lib64/python3.5/zipfile.py", line 1255, in open
    zinfo = self.getinfo(name)
  File "/usr/lib64/python3.5/zipfile.py", line 1199, in getinfo
    'There is no item named %r in the archive' % name)
KeyError: "There is no item named 'gemato.dist-info/RECORD' in the archive"

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/tool/__init__.py", line 372, in main
    args.func(args)
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/tool/__init__.py", line 299, in verify_f
    verify(args.wheelfile)
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/tool/__init__.py", line 126, in verify
    raise WheelError('The wheel is not signed (RECORD.jws not found at end of the archive).')
wheel.tool.WheelError: The wheel is not signed (RECORD.jws not found at end of the archive).

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/mgorny/git/gemato/_v35/bin/wheel", line 11, in <module>
    sys.exit(main())
  File "/home/mgorny/git/gemato/_v35/lib64/python3.5/site-packages/wheel/tool/__init__.py", line 375, in main
    sys.stderr.write(e.message + "\n")
AttributeError: 'WheelError' object has no attribute 'message'

Reading the above output, it seems that wheel is ignoring the version number for some reason. Indeed, if I change it e.g. to 7.0, wheel starts looking in the correct directory.

I've looked through PEP-0427 and it doesn't seem to specify any restrictions on package version syntax. At the same time, if I'm reading PEP-0440 correctly the version is actually valid.

[ghost]

Looks like you should be using entry points but are not.

[agronholm]

Why are you trying to verify the signature of a wheel that you haven't signed?

[mgorny]

Why are you trying to verify the signature of a wheel that you haven't signed?

That's just a random example command which shows how it fails hard. The same happens with other commands:

$ wheel unpack gemato-8-py3-none-any.whl 
Unpacking to: ./gemato
Traceback (most recent call last):
  File "/home/mgorny/git/gemato/.tox/upload/bin/wheel", line 11, in <module>
    sys.exit(main())
  File "/home/mgorny/git/gemato/.tox/upload/lib/python3.5/site-packages/wheel/tool/__init__.py", line 372, in main
    args.func(args)
  File "/home/mgorny/git/gemato/.tox/upload/lib/python3.5/site-packages/wheel/tool/__init__.py", line 305, in unpack_f
    unpack(args.wheelfile, args.dest)
  File "/home/mgorny/git/gemato/.tox/upload/lib/python3.5/site-packages/wheel/tool/__init__.py", line 147, in unpack
    wf.zipfile.extractall(destination)
  File "/home/mgorny/git/gemato/.tox/upload/lib/python3.5/site-packages/wheel/decorator.py", line 17, in __get__
    val = self.wrapped(inst)
  File "/home/mgorny/git/gemato/.tox/upload/lib/python3.5/site-packages/wheel/install.py", line 232, in zipfile
    self.verify(vzf)
  File "/home/mgorny/git/gemato/.tox/upload/lib/python3.5/site-packages/wheel/install.py", line 399, in verify
    record = zipfile.read(record_name)
  File "/usr/lib64/python3.5/zipfile.py", line 1232, in read
    with self.open(name, "r", pwd) as fp:
  File "/home/mgorny/git/gemato/.tox/upload/lib/python3.5/site-packages/wheel/install.py", line 451, in open
    ef = zipfile.ZipFile.open(self, name_or_info, mode, pwd)
  File "/usr/lib64/python3.5/zipfile.py", line 1255, in open
    zinfo = self.getinfo(name)
  File "/usr/lib64/python3.5/zipfile.py", line 1199, in getinfo
    'There is no item named %r in the archive' % name)
KeyError: "There is no item named 'gemato.dist-info/RECORD' in the archive"

And even then, backtrace is not a good way of handling 'unsigned' wheels.

[agronholm]

I have fixed a py3 related problem in wheel. If you install the master version, you should get clean error messages. If not, something else is wrong. I could not reproduce any actual errors.

[agronholm]

Actually I did reproduce wheel unpack with v8. I'll investigate. Meanwhile, you can use unzip to unpack them.

[agronholm]

The (original) problem stems from a bad regex in wheel.