feat(ranges): clip pre-release opt-in to bounds to prevent pre-release leaks#1311
Open
notatallshaw wants to merge 3 commits into
Open
feat(ranges): clip pre-release opt-in to bounds to prevent pre-release leaks#1311notatallshaw wants to merge 3 commits into
notatallshaw wants to merge 3 commits into
Conversation
144dc35 to
8be7bde
Compare
8be7bde to
cd2fe5f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Depends on #1306; its difference-policy guard is the first commit here until #1306 merges, then rebase it away.
On main the pre-release opt-in is a single whole-range flag: once any operand names a pre-release, a union force-admits pre-releases across the whole range, including versions no operand asked for. This reworks the opt-in into a per-specifier region clipped to the bounds, so it only ever covers the versions a specifier actually requested.
The leak that closed #1304 is the same overflow past a cap:
>=2.0b1,<3opts pre-releases in only below 3, but that opt-in rode the union onto a higher range.Combining ranges still opts in the versions each operand named, because
&and|treat the opt-in the way PEP 440 treats a comma-joined specifier set. Exclusion is different: removing or complementing a pre-release-naming range never carries its opt-in into the result. On main thea & ~bspelling leaks it; here it agrees witha - b:The cost is that
~~no longer round-trips. Because an exclusion drops the opt-in, complementing twice keeps the versions but not the opt-in, and there is no way to both stop the leak and keep~~r == r:Ranges built with conflicting explicit
prereleases=policies still cannot be combined, and difference now raises on a mismatch too (per #1306), soa - banda & ~balways agree.A few textbook identities like
~~r == rno longer hold once an opt-in is involved; the new docs "Limits of the model" section lists them with examples, and tests pin them so the leak cannot quietly come back.SpecifierSetoutput is unchanged.