Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-24499

PyPI Package with single letter names cause 404 to be returned.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 3.24.0, 3.29.2, 3.31.1
    • Fix Version/s: None
    • Component/s: PyPI
    • Environment:
      CentOS 7 server, Nexus 3.24.0, PyPi proxy for https://pypi.org

      Description

      We proxy pypi.org in Nexus. Among the packages we use is one called "q".

      Before our upgrade, we were using version 3.20.1 - no issues.

      We recently upgraded from 3.20.1 to 3.24.0, and now - when using pip to install "q" - Nexus returns a 404 error.

      Steps to Reproduce:

      • create pypi proxy to pypi.org
      • using pip, point to pypi proxy repository, and attempt to install "q"
        • Nexus returns 404
      • install a package with a longer name "python-cinderclient" - it works
        • successful

      Just to double check it wasn't upstream:

      • attempt to install "q" or "a" from upstream url
        • successful

      To check that it's specifically one-letter packages:

      • install another single letter name ("a", for example) - it returns 404
        • Nexus returns 404
      • repackaged "q" (changed package info to call it "qq")
        • successful

       PS: I even downloaded the package and uploaded it to our local pypi publish repository - same issue

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            skhushalani Sagar Khushalani
            Last Updated By:
            Michael Oliverio Michael Oliverio
            Team:
            NXRM - Mad Max
            Votes:
            2 Vote for this issue
            Watchers:
            7 Start watching this issue

              Dates

              Created:
              Updated:
              Date of First Response:

                tigCommentSecurity.panel-title