PEP 517 backends and setuptools (as used in
setup.py) generate source distributions containing a
PKG-INFO file, which should contain the metadata associated with the package. Currently this information is not used in pip, which opts to get the metadata from the build system. This involves either:
- For PEP 517: setup the backend execution environment (possibly installing multiple packages in the process) and executing
prepare_metadata_for_build_wheelin a subprocess - which may involve building a wheel if the hook is not executed
- For legacy
setup.py egg_infoin a subprocess
The reason we do this is because currently there is no guarantee that
PKG-INFO is complete. This is trivially confirmed by inspecting e.g.
requests-2.22.0-py2.py3-none-any.whl. The former is missing several important fields, like
Requires-Dist, which are in the latter.
I would like to add a field to the allowed package metadata of source distributions that would signal to metadata processors that the backend does not need to be consulted. Example spelling:
Metadata-Covers: all or
Metadata-Covers: Name, Version, Requires-Dist, Requires-Python.
This would enable tools like pip to avoid the overhead of creating and tearing down build environments and doing subprocess invocations. The possible benefits increase when considering the upcoming dependency resolver, which may need to download and query metadata for multiple versions of each project.
I checked PEP 566 and the Core metadata specification but didn’t see any such field listed. I’m sure this would have been discussed as part of the development of PEP 517/518, but searching here and distutils-sig didn’t turn up anything specifically mentioning this case (of threads 1, 2, 3, 4).