fpm 1.16.0 → 1.17.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f6f1fc4a26f95d77ce3626231e5b7674b8908fe7afc7e2c524f573852291ed2b
-  data.tar.gz: e31fa7d3a39de85c3a75b847fc9c336e5096ca32ecd08720554f3057e73e28ef
+  metadata.gz: ef536c2af546fea798392b6cca4c07b81b5f9a3d52654e72c5cb9543d1d4a21d
+  data.tar.gz: 95a4ea389bb037d2555ea95fd99313897b0f30c5b3bb8c5519a19d330b1e2842
 SHA512:
-  metadata.gz: f6988868dc8fae9930af5163495bb76d4afa631b58d8608f903349aefd253321ab35d88ad7b5445793b6d6d378ca941bb65d3b3353244511d32d5c13bd22c8fa
-  data.tar.gz: fd0660808bb60d2796bc80fe25c5fd3e63f942ce24f79c4591e2d7c1917ef42af6529db07d116677ba439283843a99a80d8d5615c787815cd3a44a3540a5e474
+  metadata.gz: ccd36e905583145a6a80ca5efc62388ea2abdc1e35a8d3a077b5f946f2d2ea864a282fac0e77f9b5c0c82af09a96e6ae84067a6424b6d0d88f56282eea888111
+  data.tar.gz: 6c4a93a51fe6af403ecda1910466b41843a8508837cea3f68042e56dba1083543f61a45b14d560167063b265279da57166368471dfc32bd8837c5e9d65847ed7

data/CHANGELOG.rst

@@ -1,6 +1,18 @@
 Release Notes and Change Log
 ============================
 
+1.17.0 (October 2, 2025)
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+* python: Support modern Python project features: pyproject.toml, wheels, etc. Now, any project that can be built or installed with ``pip`` can be packaged by fpm. Previously, fpm relied on a long-deprecated features in setup.py to see a python project's metadata such as name, version, and dependencies. Fpm now uses python's package tools to identify the project's name, version, dependencies, and other information. (`#2104`_, `#2105`_, `#2040`_, `#1982`_, `#2029`_; Jordan Sissel, cwegener, amdei, gmabey)
+* dir: When copying files, only use hardlinks if the original files were also hardlinks. (`#2103`_, `#2102`_; Michael Telatynski, Matthew Rathbone, Jordan Sissel). :w
+  Related: https://github.com/electron-userland/electron-builder/issues/5721
+* deb: bug fix: when a file given with ``--config-files <path>`` copied into the package, fpm was forgetting to mark the file as being a config file in the package, aka Debian "conffiles" (`#2027`_, `#1823`_; Alexandr Zarubkin, Kientz Arnaud)
+* pacman: Now can build packages with aarch64 and arm7hf architecture (`#2017`_; Markson Hon)
+* rpm: Paths with '{' and '}' characters can now be included in rpms (`#2088`_ `#2087`_; Jordan Sissel, Manish2481983)
+* docs: Updated urls which pointed at rpm documentation (`#2092`_, `#2011`_, `#2054`_; André Kelpe, Natanael Arndt)
+* Ruby 3.4.0 no longer gives warnings related to `ostruct` (`#2106`_, also `#2104`_ and `#2103`_; Jordan Sissel)
+
 1.16.0 (December 8, 2024)
 ^^^^^^^^^^^^^^^^^^^^^^^^^
 

data/lib/fpm/command.rb

@@ -3,7 +3,6 @@ require "fpm/namespace"
 require "fpm/version"
 require "fpm/util"
 require "clamp"
-require "ostruct"
 require "fpm"
 require "tmpdir" # for Dir.tmpdir
 
@@ -260,7 +259,11 @@ class FPM::Command < Clamp::Command
     "'gem', it specifies the packages to download and use as the gem input",
     :attribute_name => :args
 
+  # Keep a copy of the original flags (ones declared above, not by package types)
+  # This helps when generating the documentation
+  GENERAL_OPTIONS = @declared_options.clone
   FPM::Package.types.each do |name, klass|
+    # This adds each package's flags to the main command
     klass.apply_options(self)
   end
 

data/lib/fpm/package/deb.rb

@@ -1151,6 +1151,7 @@ class FPM::Package::Deb < FPM::Package
             logger.debug("Adding config file #{path} to Staging area #{staging_path}")
             FileUtils.mkdir_p(File.dirname(dcl))
             FileUtils.cp_r path, dcl
+            add_path(path, allconfigs)
           else
             logger.debug("Config file aready exists in staging area.")
           end

data/lib/fpm/package/dir.rb

@@ -197,10 +197,6 @@ class FPM::Package::Dir < FPM::Package
     else
       # Otherwise try copying the file.
       begin
-        logger.debug("Linking", :source => source, :destination => destination)
-        File.link(source, destination)
-      rescue Errno::ENOENT, Errno::EXDEV, Errno::EPERM
-        # Hardlink attempt failed, copy it instead
         logger.debug("Copying", :source => source, :destination => destination)
         copy_entry(source, destination)
       rescue Errno::EEXIST

data/lib/fpm/package/pacman.rb

@@ -37,11 +37,15 @@ class FPM::Package::Pacman < FPM::Package
   def architecture
     case @architecture
       when nil
-        return %x{uname -m}.chomp   # default to current arch
-      when "amd64" # debian and pacman disagree on architecture names
-        return "x86_64"
+        return %x{uname -m}.chomp     # default to current arch
+      when "amd64"                    # Debian uses amd64
+        return "x86_64"               # Arch Linux uses x86_64
+      when "arm64"                    # Debian uses arm64
+        return "aarch64"              # Arch Linux ARM uses aarch64
+      when "armhf"                    # Debian uses armhf
+        return "arm7hf"               # Arch Linux ARM uses arm7hf
       when "native"
-        return %x{uname -m}.chomp   # 'native' is current arch
+        return %x{uname -m}.chomp     # 'native' is the current arch
       when "all", "any", "noarch"
         return "any"
       else

data/lib/fpm/package/pyfpm/parse_requires.py

@@ -0,0 +1,24 @@
+#!/usr/bin/env python3
+
+#import pkg_resources
+import packaging.requirements
+import json
+import sys
+
+# Expect requirements lines via stdin.
+#requirements = pkg_resources.parse_requirements(sys.stdin)
+
+# Process environment markers, if any, and produce a list of requirements for the current environment.
+def evaluate_requirements(fd):
+    all_requirements = [packaging.requirements.Requirement(line) for line in sys.stdin]
+    
+    for req in all_requirements:
+        # XXX: Note: marker.evaluate() can be given a dict() containing environment values to overwrite
+        if req.marker is None or req.marker.evaluate():
+            if len(req.specifier) > 0:
+                for spec in req.specifier:
+                    yield "%s%s" % (req.name, spec)
+            else:
+                yield str(req.name)
+
+print(json.dumps(list(evaluate_requirements(sys.stdin))))

data/lib/fpm/package/python.rb

@@ -51,76 +51,371 @@ class FPM::Package::Python < FPM::Package
   option "--downcase-dependencies", :flag, "Should the package dependencies " \
     "be in lowercase?", :default => true
 
-  option "--install-bin", "BIN_PATH", "The path to where python scripts " \
-    "should be installed to."
-  option "--install-lib", "LIB_PATH", "The path to where python libs " \
+  option "--install-bin", "BIN_PATH", "(DEPRECATED, does nothing) The path to where python scripts " \
+    "should be installed to." do
+    logger.warn("Using deprecated flag --install-bin")
+  end
+  option "--install-lib", "LIB_PATH", "(DEPRECATED, does nothing) The path to where python libs " \
     "should be installed to (default depends on your python installation). " \
     "Want to find out what your target platform is using? Run this: " \
     "python -c 'from distutils.sysconfig import get_python_lib; " \
-    "print get_python_lib()'"
-  option "--install-data", "DATA_PATH", "The path to where data should be " \
+    "print get_python_lib()'" do
+    logger.warn("Using deprecated flag --install-bin")
+  end
+
+  option "--install-data", "DATA_PATH", "(DEPRECATED, does nothing) The path to where data should be " \
     "installed to. This is equivalent to 'python setup.py --install-data " \
-    "DATA_PATH"
-  option "--dependencies", :flag, "Include requirements defined in setup.py" \
+    "DATA_PATH" do
+    logger.warn("Using deprecated flag --install-bin")
+  end
+
+  option "--dependencies", :flag, "Include requirements defined by the python package" \
     " as dependencies.", :default => true
   option "--obey-requirements-txt", :flag, "Use a requirements.txt file " \
     "in the top-level directory of the python package for dependency " \
     "detection.", :default => false
-  option "--scripts-executable", "PYTHON_EXECUTABLE", "Set custom python " \
+  option "--scripts-executable", "PYTHON_EXECUTABLE", "(DEPRECATED) Set custom python " \
     "interpreter in installing scripts. By default distutils will replace " \
     "python interpreter in installing scripts (specified by shebang) with " \
     "current python interpreter (sys.executable). This option is equivalent " \
     "to appending 'build_scripts --executable PYTHON_EXECUTABLE' arguments " \
-    "to 'setup.py install' command."
+    "to 'setup.py install' command." do
+    logger.warn("Using deprecated flag --install-bin")
+  end
+
   option "--disable-dependency", "python_package_name",
     "The python package name to remove from dependency list",
     :multivalued => true, :attribute_name => :python_disable_dependency,
     :default => []
   option "--setup-py-arguments", "setup_py_argument",
-    "Arbitrary argument(s) to be passed to setup.py",
+    "(DEPRECATED) Arbitrary argument(s) to be passed to setup.py",
     :multivalued => true, :attribute_name => :python_setup_py_arguments,
-    :default => []
+    :default => [] do
+    logger.warn("Using deprecated flag --install-bin")
+  end
   option "--internal-pip", :flag,
     "Use the pip module within python to install modules - aka 'python -m pip'. This is the recommended usage since Python 3.4 (2014) instead of invoking the 'pip' script",
     :attribute_name => :python_internal_pip,
     :default => true
+ 
+  class PythonMetadata
+    require "strscan"
+
+    class MissingField < StandardError; end
+    class UnexpectedContent < StandardError; end
+
+    # According to https://packaging.python.org/en/latest/specifications/core-metadata/
+    # > Core Metadata v2.4 - August 2024
+    MULTIPLE_USE =  %w(Dynamic Platform Supported-Platform License-File Classifier Requires-Dist Requires-External Project-URL Provides-Extra Provides-Dist Obsoletes-Dist)
+
+    # METADATA files are described in Python Packaging "Core Metadata"[1] and appear to have roughly RFC822 syntax.
+    # [1] https://packaging.python.org/en/latest/specifications/core-metadata/#core-metadata
+    def self.parse(input)
+      s = StringScanner.new(input)
+      headers = {}
+
+      # Default "Multiple use" fields to empty array instead of nil.
+      MULTIPLE_USE.each do |field|
+        headers[field] = []
+      end
+
+      while !s.eos? and !s.scan("\n") do 
+        # Field is non-space up, but excluding the colon
+        field = s.scan(/[^\s:]+/)
+
+        # Skip colon and following whitespace
+        s.scan(/:\s*/)
+
+        # Value is text until newline, and any following lines if they have leading spaces.
+        value = s.scan(/[^\n]+(?:\Z|\n(?:[ \t][^\n]+\n)*)/)
+        if value.nil?
+          raise "Failed parsing Python package metadata value at field #{field}, char offset #{s.pos}"
+        end
+        value = value.chomp
+
+        if MULTIPLE_USE.include?(field)
+          raise "Header field should be an array. This is a bug in fpm." if !headers[field].is_a?(Array)
+          headers[field] << value
+        else
+          headers[field] = value
+        end
+      end # while reading headers
+
+      # If there's more content beyond the last header, then it's a content body.
+      # In Python Metadata >= 2.1, the descriptino can be written in the body.
+      if !s.eos? 
+        if headers["Metadata-Version"].to_f >= 2.1
+          # Per Python core-metadata spec:
+          # > Changed in version 2.1: This field may be specified in the message body instead.
+          #return PythonMetadata.new(headers, s.string[s.pos ...])
+          return headers, s.string[s.pos ... ]
+        elsif headers["Metadata-Version"].to_f >= 2.0
+          # dnspython v1.15.0 has a description body and Metadata-Version 2.0 
+          # this seems out of spec, but let's accept it anyway.
+          return headers, s.string[s.pos ... ]
+        else
+          raise "After reading METADATA headers, extra data is in the file but was not expected. This may be a bug in fpm."
+        end
+      end
+
+      #return PythonMetadata.new(headers)
+      return headers, nil # nil means no body in this metadata
+    rescue => e
+      puts "String scan failed: #{e}"
+      puts "Position: #{s.pointer}"
+      puts "---"
+      puts input
+      puts "==="
+      puts input[s.pointer...]
+      puts "---"
+      raise e
+    end # self.parse
+
+    def self.from(input)
+      return PythonMetadata.new(*parse(input))
+    end
 
-  private
+    # Only focusing on terms fpm may care about
+    attr_reader :name, :version, :summary, :description, :keywords, :maintainer, :license, :requires, :homepage
+
+    FIELD_MAP = {
+      :@name => "Name",
+      :@version => "Version",
+      :@summary => "Summary",
+      :@description => "Description",
+      :@keywords => "Keywords",
+      :@maintainer => "Author-email",
+
+      # Note: License can also come from the deprecated "License" field
+      # This is processed later in this method.
+      :@license => "License-Expression",
+
+      :@requires => "Requires-Dist",
+    }
+    
+    REQUIRED_FIELDS = [ "Metadata-Version", "Name", "Version" ]
+
+    # headers - a Hash containing field-value pairs from headers as read from a python METADATA file.
+    # body - optional, a string containing the body text of a METADATA file
+    def initialize(headers, body=nil)
+      REQUIRED_FIELDS.each do |field|
+        if !headers.include?(field)
+          raise MissingField, "Missing required Python metadata field, '#{field}'. This might be a bug in the package or in fpm."
+        end
+      end
+
+      FIELD_MAP.each do |attr, field|
+        if headers.include?(field)
+          instance_variable_set(attr, headers.fetch(field))
+        end
+      end
+
+      # Do any extra processing on fields to turn them into their expected content.
+      process_description(headers, body)
+      process_license(headers)
+      process_homepage(headers)
+      process_maintainer(headers)
+    end # def initialize
+
+    private
+    def process_description(headers, body)
+      if @description
+        # Per python core-metadata spec:
+        # > To support empty lines and lines with indentation with respect to the
+        # > RFC 822 format, any CRLF character has to be suffixed by 7 spaces
+        # > followed by a pipe (“|”) char. As a result, the Description field is
+        # > encoded into a folded field that can be interpreted by RFC822 parser [2].
+        @description = @description.gsub!(/^       |/, "")
+      end
+
+      if !body.nil?
+        if headers["Metadata-Version"].to_f >= 2.1
+          # Per Python core-metadata spec:
+          # > Changed in version 2.1: [Description] field may be specified in the message body instead.
+          # 
+          # The description is simply the rest of the METADATA file after the headers.
+          @description = body
+        elsif headers["Metadata-Version"].to_f >= 2.0
+          # dnspython v1.15.0 has a description body and Metadata-Version 2.0 
+          # this seems out of spec, but let's accept it anyway.
+          @description = body
+        else
+          raise UnexpectedContent, "Found a content body in METADATA file, but Metadata-Version(#{headers["Metadata-Version"]}) is below 2.1 and doesn't support this. This may be a bug in fpm or a malformed python package."
+        end
+
+        # What to do if we find a description body but already have a Description field set in the headers?
+        if headers.include?("Description")
+          raise "Found a description in the body of the python package metadata, but the package already set the Description field. I don't know what to do. This is probably a bug in fpm."
+        end
+      end
+
+      # XXX: The description field can be markdown, plain text, or reST. 
+      # Content type is noted in the "Description-Content-Type" field
+      # Should we transform this to plain text?
+    end # process_description
+
+    def process_license(headers)
+      # Ignore the "License" field if License-Expression is also present.
+      return if headers["Metadata-Version"].to_f >= 2.4 && headers.include?("License-Expression")
+
+      # Deprecated field, License,  as described in python core-metadata:
+      # > As of Metadata 2.4, License and License-Expression are mutually exclusive. 
+      # > If both are specified, tools which parse metadata will disregard License
+      # > and PyPI will reject uploads. See PEP 639.
+      if headers["License"]
+        # Note: This license can be free form text, so it's unclear if it's a great choice.
+        #       however, the original python metadata License field is quite old/deprecated
+        #       so maybe nobody uses it anymore?
+        @license = headers["License"]
+      elsif license_classifier = headers["Classifier"].find { |value| value =~ /^License ::/ }
+        # The license could also show up in the "Classifier" header with "License ::" as a prefix.
+          @license = license_classifier.sub(/^License ::/, "")
+      end # check for deprecated License field
+    end # process_license
+
+    def process_homepage(headers)
+      return if headers["Project-URL"].empty?
+
+      # Create a hash of Project-URL where the label is the key, url the value.
+      urls = Hash[*headers["Project-URL"].map do |text|
+        label, url = text.split(/, */, 2)
+        # Normalize the label by removing punctuation and spaces
+        # Reference: https://packaging.python.org/en/latest/specifications/well-known-project-urls/#label-normalization
+        # > In plain language: a label is normalized by deleting all ASCII punctuation and whitespace, and then converting the result to lowercase.
+        label = label.gsub(/[[:punct:][:space:]]/, "").downcase
+        [label, url]
+      end.flatten(1)]
+
+      # Prioritize certain URL labels when choosing the homepage url.
+      [ "homepage", "source", "documentation", "releasenotes" ].each do |label|
+        if urls.include?(label)
+          @homepage = urls[label]
+        end
+      end
+
+      # Otherwise, default to the first URL
+      @homepage = urls.values.first
+    end
+
+    def process_maintainer(headers)
+      # Python metadata supports both "Author-email" and "Maintainer-email"
+      # Of the "Maintainer" fields, python core-metadata says:
+      # > Note that this field is intended for use when a project is being maintained by someone other than the original author
+      #
+      # So we should prefer Maintainer-email if it exists, but fall back to Author-email otherwise.
+      @maintainer = headers["Maintainer-email"] unless headers["Maintainer-email"].nil?
+    end
+  end # class PythonMetadata
 
   # Input a package.
   #
   # The 'package' can be any of:
   #
   # * A name of a package on pypi (ie; easy_install some-package)
-  # * The path to a directory containing setup.py
-  # * The path to a setup.py
+  # * The path to a directory containing setup.py or pyproject.toml
+  # * The path to a setup.py or pyproject.toml
+  # * The path to a python sdist file ending in .tar.gz
+  # * The path to a python wheel file ending in .whl
   def input(package)
+    explore_environment
+
     path_to_package = download_if_necessary(package, version)
 
+    # Expect a setup.py or pyproject.toml if it's a directory.
     if File.directory?(path_to_package)
-      setup_py = File.join(path_to_package, "setup.py")
-    else
-      setup_py = path_to_package
+      if !(File.exist?(File.join(path_to_package, "setup.py")) or File.exist?(File.join(path_to_package, "pyproject.toml")))
+        raise FPM::InvalidPackageConfiguration, "The path ('#{path_to_package}') doesn't appear to be a python package directory. I expected either a pyproject.toml or setup.py but found neither."
+      end
     end
 
-    if !File.exist?(setup_py)
-      logger.error("Could not find 'setup.py'", :path => setup_py)
-      raise "Unable to find python package; tried #{setup_py}"
+    if File.file?(path_to_package)
+      if ["setup.py", "pyproject.toml"].include?(File.basename(path_to_package))
+        path_to_package = File.dirname(path_to_package)
+      end
     end
 
-    load_package_info(setup_py)
-    install_to_staging(setup_py)
+    if [".tar.gz", ".tgz"].any? { |suffix| path_to_package.end_with?(suffix) }
+      # Have pip convert the .tar.gz (source dist?) into a wheel
+      logger.debug("Found tarball and assuming it's a python source package.")
+      safesystem(*attributes[:python_pip], "wheel", "--no-deps", "-w", build_path, path_to_package)
+
+      path_to_package = ::Dir.glob(build_path("*.whl")).first
+      if path_to_package.nil?
+        raise FPM::InvalidPackageConfiguration, "Failed building python package format - fpm tried to build a python wheel, but didn't find the .whl file. This might be a bug in fpm."
+      end
+    elsif File.directory?(path_to_package)
+      logger.debug("Found directory and assuming it's a python source package.")
+      safesystem(*attributes[:python_pip], "wheel", "--no-deps", "-w", build_path, path_to_package)
+
+      if attributes[:python_obey_requirements_txt?]
+        reqtxt = File.join(path_to_package, "requirements.txt")
+        @requirements_txt = File.read(reqtxt).split("\n") if File.file?(reqtxt)
+      end
+
+      path_to_package = ::Dir.glob(build_path("*.whl")).first
+      if path_to_package.nil?
+        raise FPM::InvalidPackageConfiguration, "Failed building python package format - fpm tried to build a python wheel, but didn't find the .whl file. This might be a bug in fpm."
+      end
+
+    end
+
+    load_package_info(path_to_package)
+    install_to_staging(path_to_package)
   end # def input
 
+  def explore_environment
+    if !attributes[:python_bin_given?]
+      # If --python-bin isn't set, try to find a good default python executable path, because it might not be "python"
+      pythons = [ "python", "python3", "python2" ]
+      default_python = pythons.find { |py| program_exists?(py) }
+
+      if default_python.nil?
+        raise FPM::Util::ExecutableNotFound, "Could not find any python interpreter. Tried the following: #{pythons.join(", ")}"
+      end
+
+      logger.info("Setting default python executable", :name => default_python)
+      attributes[:python_bin] = default_python
+
+      if !attributes[:python_package_name_prefix_given?]
+        attributes[:python_package_name_prefix] = default_python
+        logger.info("Setting package name prefix", :name => default_python)
+      end
+    end
+
+    if attributes[:python_internal_pip?]
+      # XXX: Should we detect if internal pip is available?
+      attributes[:python_pip] = [ attributes[:python_bin], "-m", "pip"]
+    end
+  end # explore_environment
+
+
+
   # Download the given package if necessary. If version is given, that version
   # will be downloaded, otherwise the latest is fetched.
   def download_if_necessary(package, version=nil)
-    # TODO(sissel): this should just be a 'download' method, the 'if_necessary'
-    # part should go elsewhere.
     path = package
+
     # If it's a path, assume local build.
-    if File.directory?(path) or (File.exist?(path) and File.basename(path) == "setup.py")
-      return path
+    if File.exist?(path)
+      return path if File.directory?(path)
+
+      basename = File.basename(path)
+      return File.dirname(path) if basename == "pyproject.toml"
+      return File.dirname(path) if basename == "setup.py"
+
+      return path if path.end_with?(".tar.gz")
+      return path if path.end_with?(".tgz") # amqplib v1.0.2 does this
+      return path if path.end_with?(".whl")
+      return path if path.end_with?(".zip")
+      return path if File.exist?(File.join(path, "setup.py"))
+      return path if File.exist?(File.join(path, "pyproject.toml"))
+
+      raise [
+        "Local file doesn't appear to be a supported type for a python package. Expected one of:",
+        "  - A directory containing setup.py or pyproject.toml",
+        "  - A file ending in .tar.gz (a python source dist)",
+        "  - A file ending in .whl (a python wheel)",
+      ].join("\n")
     end
 
     logger.info("Trying to download", :package => package)
@@ -134,24 +429,16 @@ class FPM::Package::Python < FPM::Package
     target = build_path(package)
     FileUtils.mkdir(target) unless File.directory?(target)
 
-    if attributes[:python_internal_pip?]
-      # XXX: Should we detect if internal pip is available?
-      attributes[:python_pip] = [ attributes[:python_bin], "-m", "pip"]
-    end
-
     # attributes[:python_pip] -- expected to be a path
     if attributes[:python_pip]
       logger.debug("using pip", :pip => attributes[:python_pip])
-      # TODO: Support older versions of pip
-
       pip = [attributes[:python_pip]] if pip.is_a?(String)
       setup_cmd = [
         *attributes[:python_pip],
         "download",
         "--no-clean",
         "--no-deps",
-        "--no-binary", ":all:",
-        "-d", build_path,
+        "-d", target,
         "-i", attributes[:python_pypi],
       ]
 
@@ -166,130 +453,105 @@ class FPM::Package::Python < FPM::Package
 
       safesystem(*setup_cmd)
 
-      # Pip removed the --build flag sometime in 2021, it seems: https://github.com/pypa/pip/issues/8333
-      # A workaround for pip removing the `--build` flag. Previously, `pip download --build ...` would leave
-      # behind a directory with the Python package extracted and ready to be used.
-      # For example, `pip download ... Django` puts `Django-4.0.4.tar.tz` into the build_path directory.
-      # If we expect `pip` to leave an unknown-named file in the `build_path` directory, let's check for
-      # a single file and unpack it.
-      files = ::Dir.glob(File.join(build_path, "*.{tar.gz,zip}"))
+      files = ::Dir.entries(target).filter { |entry| entry =~ /\.(whl|tgz|tar\.gz|zip)$/ }
       if files.length != 1
-        raise "Unexpected directory layout after `pip download ...`. This might be an fpm bug? The directory is #{build_path}"
-      end
-
-      if files[0].end_with?("tar.gz")
-        safesystem("tar", "-zxf", files[0], "-C", target)
-      elsif files[0].end_with?("zip")
-        safesystem("unzip", files[0], "-d", target)
-      else
-        raise "Unexpected file format after `pip download ...`. This might be an fpm bug? The file is #{files[0]}"
+        raise "Unexpected directory layout after `pip download ...`. This might be an fpm bug? The directory contains these files: #{files.inspect}"
       end
+      return File.join(target, files.first)
     else
       # no pip, use easy_install
       logger.debug("no pip, defaulting to easy_install", :easy_install => attributes[:python_easyinstall])
       safesystem(attributes[:python_easyinstall], "-i",
                  attributes[:python_pypi], "--editable", "-U",
                  "--build-directory", target, want_pkg)
+      # easy_install will put stuff in @tmpdir/packagename/, so find that:
+      #  @tmpdir/somepackage/setup.py
+      #dirs = ::Dir.glob(File.join(target, "*"))
+      files = ::Dir.entries(target).filter { |entry| entry != "." && entry != ".." }
+      if dirs.length != 1
+        raise "Unexpected directory layout after easy_install. Maybe file a bug? The directory is #{build_path}"
+      end
+      return dirs.first
     end
-
-    # easy_install will put stuff in @tmpdir/packagename/, so find that:
-    #  @tmpdir/somepackage/setup.py
-    dirs = ::Dir.glob(File.join(target, "*"))
-    if dirs.length != 1
-      raise "Unexpected directory layout after easy_install. Maybe file a bug? The directory is #{build_path}"
-    end
-    return dirs.first
   end # def download
 
   # Load the package information like name, version, dependencies.
-  def load_package_info(setup_py)
-    if !attributes[:python_package_prefix].nil?
-      attributes[:python_package_name_prefix] = attributes[:python_package_prefix]
-    end
-
-    begin
-      json_test_code = [
-        "try:",
-        "  import json",
-        "except ImportError:",
-        "  import simplejson as json"
-      ].join("\n")
-      safesystem("#{attributes[:python_bin]} -c '#{json_test_code}'")
-    rescue FPM::Util::ProcessFailed => e
-      logger.error("Your python environment is missing json support (either json or simplejson python module). I cannot continue without this.", :python => attributes[:python_bin], :error => e)
-      raise FPM::Util::ProcessFailed, "Python (#{attributes[:python_bin]}) is missing simplejson or json modules."
-    end
+  def load_package_info(path)
+    if path.end_with?(".whl")
+      # XXX: Maybe use rubyzip to parse the .whl (zip) file instead?
+      metadata = nil
+      execmd(["unzip", "-p", path, "*.dist-info/METADATA"], :stdin => false, :stderr => false) do |stdout|
+        metadata = PythonMetadata.from(stdout.read(64<<10))
+      end
 
-    begin
-      safesystem("#{attributes[:python_bin]} -c 'import pkg_resources'")
-    rescue FPM::Util::ProcessFailed => e
-      logger.error("Your python environment is missing a working setuptools module. I tried to find the 'pkg_resources' module but failed.", :python => attributes[:python_bin], :error => e)
-      raise FPM::Util::ProcessFailed, "Python (#{attributes[:python_bin]}) is missing pkg_resources module."
+      wheeldata = nil
+      execmd(["unzip", "-p", path, "*.dist-info/WHEEL"], :stdin => false, :stderr => false) do |stdout|
+        wheeldata, _ = PythonMetadata.parse(stdout.read(64<<10))
+      end
+    else
+      raise "Unexpected python package path. This might be an fpm bug? The path is #{path}"
     end
 
-    # Add ./pyfpm/ to the python library path
-    pylib = File.expand_path(File.dirname(__FILE__))
+    self.architecture = wheeldata["Root-Is-Purelib"] == "true" ? "all" : "native"
 
-    # chdir to the directory holding setup.py because some python setup.py's assume that you are
-    # in the same directory.
-    setup_dir = File.dirname(setup_py)
+    self.description = metadata.description unless metadata.description.nil?
+    self.license = metadata.license unless metadata.license.nil?
+    self.version = metadata.version
+    self.url = metadata.homepage unless metadata.homepage.nil?
 
-    output = ::Dir.chdir(setup_dir) do
-      tmp = build_path("metadata.json")
-      setup_cmd = "env PYTHONPATH=#{pylib.shellescape}:$PYTHONPATH #{attributes[:python_bin]} " \
-        "setup.py --command-packages=pyfpm get_metadata --output=#{tmp}"
-
-      if attributes[:python_obey_requirements_txt?]
-        setup_cmd += " --load-requirements-txt"
-      end
-
-      # Capture the output, which will be JSON metadata describing this python
-      # package. See fpm/lib/fpm/package/pyfpm/get_metadata.py for more
-      # details.
-      logger.info("fetching package metadata", :setup_cmd => setup_cmd)
-
-      success = safesystem(setup_cmd)
-      #%x{#{setup_cmd}}
-      if !success
-        logger.error("setup.py get_metadata failed", :command => setup_cmd,
-                      :exitcode => $?.exitstatus)
-        raise "An unexpected error occurred while processing the setup.py file"
-      end
-      File.read(tmp)
-    end
-    logger.debug("result from `setup.py get_metadata`", :data => output)
-    metadata = JSON.parse(output)
-    logger.info("object output of get_metadata", :json => metadata)
-
-    self.architecture = metadata["architecture"]
-    self.description = metadata["description"]
-    # Sometimes the license field is multiple lines; do best-effort and just
-    # use the first line.
-    if metadata["license"]
-      self.license = metadata["license"].split(/[\r\n]+/).first
-    end
-    self.version = metadata["version"]
-    self.url = metadata["url"]
+    self.name = metadata.name
 
     # name prefixing is optional, if enabled, a name 'foo' will become
     # 'python-foo' (depending on what the python_package_name_prefix is)
-    if attributes[:python_fix_name?]
-      self.name = fix_name(metadata["name"])
-    else
-      self.name = metadata["name"]
-    end
+    self.name = fix_name(self.name) if attributes[:python_fix_name?] 
 
     # convert python-Foo to python-foo if flag is set
     self.name = self.name.downcase if attributes[:python_downcase_name?]
 
+    self.maintainer = metadata.maintainer 
+
     if !attributes[:no_auto_depends?] and attributes[:python_dependencies?]
-      metadata["dependencies"].each do |dep|
-        dep_re = /^([^<>!= ]+)\s*(?:([~<>!=]{1,2})\s*(.*))?$/
+      # Python Dependency specifiers are a somewhat complex format described here:
+      # https://packaging.python.org/en/latest/specifications/dependency-specifiers/#environment-markers
+      #
+      # We can ask python's packaging module to parse and evaluate these.
+      # XXX: Allow users to override environnment values.
+      #
+      # Example:
+      # Requires-Dist: tzdata; sys_platform = win32
+      # Requires-Dist: asgiref>=3.8.1
+
+      dep_re = /^([^<>!= ]+)\s*(?:([~<>!=]{1,2})\s*(.*))?$/
+
+      reqs = []
+
+      # --python-obey-requirements-txt should use requirements.txt
+      # (if found in the python package) and  replace the requirments listed from the metadata
+      if attributes[:python_obey_requirements_txt?] && !@requirements_txt.nil?
+        requires = @requirements_txt
+      else
+        requires = metadata.requires
+      end
+
+      # Evaluate python package requirements and only show ones matching the current environment
+      # (Environment markers, etc)
+      # Additionally, 'extra' features such as a requirement named `django[bcrypt]` isn't quite supported yet,
+      # since the marker.evaluate() needs to be passed some environment like { "extra": "bcrypt" }
+      execmd([attributes[:python_bin], File.expand_path(File.join("pyfpm", "parse_requires.py"), File.dirname(__FILE__))]) do |stdin, stdout, stderr|
+        requires.each { |r| stdin.puts(r) }
+        stdin.close
+        data = stdout.read
+        logger.pipe(stderr => :warn)
+        reqs += JSON.parse(data)
+      end
+
+      reqs.each do |dep|
         match = dep_re.match(dep)
         if match.nil?
           logger.error("Unable to parse dependency", :dependency => dep)
           raise FPM::InvalidPackageConfiguration, "Invalid dependency '#{dep}'"
         end
+
         name, cmp, version = match.captures
 
         next if attributes[:python_disable_dependency].include?(name)
@@ -308,8 +570,12 @@ class FPM::Package::Python < FPM::Package
         # convert dependencies from python-Foo to python-foo
         name = name.downcase if attributes[:python_downcase_dependencies?]
 
-        self.dependencies << "#{name} #{cmp} #{version}"
-      end
+        if cmp.nil? && version.nil?
+          self.dependencies << "#{name}"
+        else
+          self.dependencies << "#{name} #{cmp} #{version}"
+        end
+      end # parse Requires-Dist dependencies
     end # if attributes[:python_dependencies?]
   end # def load_package_info
 
@@ -329,55 +595,17 @@ class FPM::Package::Python < FPM::Package
   end # def fix_name
 
   # Install this package to the staging directory
-  def install_to_staging(setup_py)
-    project_dir = File.dirname(setup_py)
-
+  def install_to_staging(path)
     prefix = "/"
     prefix = attributes[:prefix] unless attributes[:prefix].nil?
 
-    # Some setup.py's assume $PWD == current directory of setup.py, so let's
-    # chdir first.
-    ::Dir.chdir(project_dir) do
-      flags = [ "--root", staging_path ]
-      if !attributes[:python_install_lib].nil?
-        flags += [ "--install-lib", File.join(prefix, attributes[:python_install_lib]) ]
-      elsif !attributes[:prefix].nil?
-        # setup.py install --prefix PREFIX still installs libs to
-        # PREFIX/lib64/python2.7/site-packages/
-        # but we really want something saner.
-        #
-        # since prefix is given, but not python_install_lib, assume PREFIX/lib
-        flags += [ "--install-lib", File.join(prefix, "lib") ]
-      end
-
-      if !attributes[:python_install_data].nil?
-        flags += [ "--install-data", File.join(prefix, attributes[:python_install_data]) ]
-      elsif !attributes[:prefix].nil?
-        # prefix given, but not python_install_data, assume PREFIX/data
-        flags += [ "--install-data", File.join(prefix, "data") ]
-      end
-
-      if !attributes[:python_install_bin].nil?
-        flags += [ "--install-scripts", File.join(prefix, attributes[:python_install_bin]) ]
-      elsif !attributes[:prefix].nil?
-        # prefix given, but not python_install_bin, assume PREFIX/bin
-        flags += [ "--install-scripts", File.join(prefix, "bin") ]
-      end
-
-      if !attributes[:python_scripts_executable].nil?
-        # Overwrite installed python scripts shebang binary with provided executable
-        flags += [ "build_scripts", "--executable", attributes[:python_scripts_executable] ]
-      end
+    # XXX: Note: pip doesn't seem to have any equivalent to `--install-lib` or similar flags.
+    # XXX: Deprecate :python_install_data, :python_install_lib, :python_install_bin
+    # XXX: Deprecate: :python_setup_py_arguments
+    flags = [ "--root", staging_path ]
+    flags += [ "--prefix", prefix ] if !attributes[:prefix].nil?
 
-      if !attributes[:python_setup_py_arguments].nil? and !attributes[:python_setup_py_arguments].empty?
-        # Add optional setup.py arguments
-        attributes[:python_setup_py_arguments].each do |a|
-          flags += [ a ]
-        end
-      end
-
-      safesystem(attributes[:python_bin], "setup.py", "install", *flags)
-    end
+    safesystem(*attributes[:python_pip], "install", "--no-deps", *flags, path)
   end # def install_to_staging
 
   public(:input)

data/lib/fpm/package/rpm.rb

@@ -156,7 +156,7 @@ class FPM::Package::RPM < FPM::Package
 
   option "--macro-expansion", :flag,
            "install-time macro expansion in %pre %post %preun %postun scripts " \
-           "(see: https://rpm.org/user_doc/scriptlet_expansion.html)", :default => false
+           "(see: https://rpm-software-management.github.io/rpm/manual/scriptlet_expansion.html)", :default => false
 
   option "--verifyscript", "FILE",
     "a script to be run on verification" do |val|
@@ -175,7 +175,7 @@ class FPM::Package::RPM < FPM::Package
      rpm_trigger = []
      option "--trigger-#{trigger_type}", "'[OPT]PACKAGE: FILEPATH'", "Adds a rpm trigger script located in FILEPATH, " \
             "having 'OPT' options and linking to 'PACKAGE'. PACKAGE can be a comma seperated list of packages. " \
-            "See: http://rpm.org/api/4.4.2.2/triggers.html" do |trigger|
+            "See: https://rpm-software-management.github.io/rpm/manual/triggers.html" do |trigger|
        match = trigger.match(/^(\[.*\]|)(.*): (.*)$/)
        @logger.fatal("Trigger '#{trigger_type}' definition can't be parsed ('#{trigger}')") unless match
        opt, pkg, file = match.captures
@@ -199,8 +199,8 @@ class FPM::Package::RPM < FPM::Package
   # If and only if any of the above are done, then also replace ' with \', " with \", and \ with \\\\
   #   to accommodate escape and quote processing that rpm will perform in that case (but not otherwise)
   def rpm_fix_name(name)
-    if name.match?(/[ \t*?%$\[\]]/)
-      name = name.gsub(/(\ |\t|\[|\]|\*|\?|\%|\$|'|"|\\)/, {
+    if name.match?(/[ \t*?%${}\[\]]/)
+      name = name.gsub(/(\ |\t|\[|\]|\*|\?|\%|\$|'|"|\{|\}|\\)/, {
         ' '  => '?',
         "\t" => '?',
         '%'  => '[%]',
@@ -209,6 +209,10 @@ class FPM::Package::RPM < FPM::Package
         '*'  => '[*]',
         '['  => '[\[]',
         ']'  => '[\]]',
+        #'{'  => '[\{]',
+        #'}'  => '[\}]',
+        '{'  => '?',
+        '}'  => '?',
         '"'  => '\\"',
         "'"  => "\\'",
         '\\' => '\\\\\\\\',

data/lib/fpm/package/virtualenv.rb

@@ -36,7 +36,7 @@ class FPM::Package::Virtualenv < FPM::Package
     :default => nil
 
   option "--setup-install", :flag, "After building virtualenv run setup.py install "\
-  "useful when building a virtualenv for packages and including their requirements from "
+  "useful when building a virtualenv for packages and including their requirements from "\
   "requirements.txt"
 
   option "--system-site-packages", :flag, "Give the virtual environment access to the "\
@@ -158,6 +158,31 @@ class FPM::Package::Virtualenv < FPM::Package
       end
     end
 
+    # [2025-09-30] virtualenv-tools seems broken?
+    # The --update-path will look for a VIRTUAL_ENV= line in bin/activate,
+    # however, the version I tested looks for it with quotations, like VIRTUAL_ENV='
+    # And at time of writing, my `virtualenv` tool doesn't use quotations on this variable
+    #
+    # Maybe best case we can patch it here instead. The path update tool
+    # looks for the original virtualenv path and I think updates any bin 
+    # files which point to it.
+    patched = []
+    activate_bin = File.join(virtualenv_build_folder, "bin/activate")
+    fd = File.open(activate_bin)
+    fd.each_line do |line|
+      re = /^VIRTUAL_ENV=([^'"].*)$/
+      match = line.match(re)
+      if match
+        # Quote the VIRTUAL_ENV var assignment to help virtualenv-tools work?
+        patched << "VIRTUAL_ENV='#{match}'\n"
+      else
+        patched << line
+      end
+    end
+    fd.close
+    File.write(activate_bin, patched.join)
+
+    # Rewrite the base path inside the virtualenv to prepare it to be packaged.
     ::Dir.chdir(virtualenv_build_folder) do
       safesystem("virtualenv-tools", "--update-path", virtualenv_folder)
     end
@@ -191,7 +216,6 @@ class FPM::Package::Virtualenv < FPM::Package
     dir.input(".")
     @staging_path = dir.staging_path
     dir.cleanup_build
-
   end # def input
 
   # Delete python precompiled files found in a given folder.

data/lib/fpm/package.rb

@@ -3,7 +3,6 @@ require "fpm/util" # local
 require "pathname" # stdlib
 require "find"
 require "tmpdir" # stdlib
-require "ostruct"
 require "backports/latest"
 require "socket" # stdlib, for Socket.gethostname
 require "shellwords" # stdlib, for Shellwords.escape

data/lib/fpm/rake_task.rb

@@ -1,13 +1,39 @@
 require "fpm/namespace"
-require "ostruct"
 require "rake"
 require "rake/tasklib"
 
 class FPM::RakeTask < Rake::TaskLib
+  class Options
+    attr_accessor :args
+
+    def initialize(defaults=nil)
+      if defaults.nil?
+        @h = Hash.new
+      else
+        @h = defaults
+      end
+    end
+
+    def method_missing(m, *args)
+      if m.end_with?("=")
+        raise ArgumentError, "#{self.class.name}##{m} ... Expected 1 arg, got #{args.length}" if args.length != 1
+        @h[m[0...-1]] = args[0]
+      else
+        raise ArgumentError, "Expected 0 arg, got #{args.length}" if args.length != 0
+        return @h[m]
+      end
+    end
+
+    def to_h
+      return @h
+    end
+  end # Options
+
   attr_reader :options
 
   def initialize(package_name, opts = {}, &block)
-    @options = OpenStruct.new(:name => package_name.to_s)
+    #@options = OpenStruct.new(:name => package_name.to_s)
+    @options = Options.new(:name => package_name.to_s)
     @source, @target = opts.values_at(:source, :target).map(&:to_s)
     @directory = File.expand_path(opts[:directory].to_s)
 
@@ -18,8 +44,8 @@ class FPM::RakeTask < Rake::TaskLib
 
     task(options.name) do |_, task_args|
       block.call(*[options, task_args].first(block.arity)) if block_given?
-      abort("Must specify args") unless options.respond_to?(:args)
-      @args = options.delete_field(:args)
+      abort("Must specify args") if options.args.nil?
+      @args = options.args
       run_cli
     end
   end

data/lib/fpm/util.rb

@@ -136,7 +136,7 @@ module FPM::Util
       raise ExecutableNotFound.new(program)
     end
 
-    logger.debug("Running command", :args => args2)
+    logger.info("Running command", :args => args2)
 
     stdout_r, stdout_w = IO.pipe
     stderr_r, stderr_w = IO.pipe
@@ -332,7 +332,15 @@ module FPM::Util
 
 
   def copy_entry(src, dst, preserve=false, remove_destination=false)
-    case File.ftype(src)
+    st = File.lstat(src)
+
+    filetype = if st.ftype == "file" && st.nlink > 1
+      "hardlink"
+    else
+      st.ftype
+    end
+
+    case filetype
     when 'fifo'
       if File.respond_to?(:mkfifo)
         File.mkfifo(dst)
@@ -350,18 +358,23 @@ module FPM::Util
       raise  UnsupportedSpecialFile.new("File is device which fpm doesn't know how to copy (#{File.ftype(src)}): #{src}")
     when 'directory'
       FileUtils.mkdir(dst) unless File.exist? dst
-    else
-      # if the file with the same dev and inode has been copied already -
+    when 'hardlink'
+      # Handle hardlinks
+      # if the file with the same dev and inode has been copied already.
       # hard link it's copy to `dst`, otherwise make an actual copy
-      st = File.lstat(src)
       known_entry = copied_entries[[st.dev, st.ino]]
       if known_entry
         FileUtils.ln(known_entry, dst)
+        logger.debug("Copying hardlink", :src => src, :dst => dst, :link => known_entry)
       else
         FileUtils.copy_entry(src, dst, preserve, false,
                              remove_destination)
         copied_entries[[st.dev, st.ino]] = dst
       end
+    else
+      # Normal file, just copy it.
+      FileUtils.copy_entry(src, dst, preserve, false,
+                           remove_destination)
     end # else...
   end # def copy_entry
 

data/lib/fpm/version.rb

@@ -1,3 +1,3 @@
 module FPM
-  VERSION = "1.16.0"
+  VERSION = "1.17.0"
 end

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: fpm
 version: !ruby/object:Gem::Version
-  version: 1.16.0
+  version: 1.17.0
 platform: ruby
 authors:
 - Jordan Sissel
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-12-09 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cabin
@@ -16,14 +15,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.6.0
+        version: 0.9.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.6.0
+        version: 0.9.1
 - !ruby/object:Gem::Dependency
   name: backports
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +113,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: 3.13.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: 3.13.0
 - !ruby/object:Gem::Dependency
   name: insist
   requirement: !ruby/object:Gem::Requirement
@@ -199,6 +198,7 @@ files:
 - lib/fpm/package/puppet.rb
 - lib/fpm/package/pyfpm/__init__.py
 - lib/fpm/package/pyfpm/get_metadata.py
+- lib/fpm/package/pyfpm/parse_requires.py
 - lib/fpm/package/python.rb
 - lib/fpm/package/rpm.rb
 - lib/fpm/package/sh.rb
@@ -238,7 +238,6 @@ homepage: https://github.com/jordansissel/fpm
 licenses:
 - MIT-like
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -254,8 +253,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.22
-signing_key:
+rubygems_version: 3.6.7
 specification_version: 4
 summary: fpm - package building and mangling
 test_files: []