Fedora provided source doesn't match upstream

This is bit of a strange problem I ran into. I was writing some code that uses python3-sh, and I encountered a crash. So to investigate I looked at the source (it’s essentially one file: /usr/lib/python3.11/site-packages/sh.py), but when I compare it to the upstream tag with the same release number (1.14.2), it doesn’t match! It seems mostly formatting but there are too many for me to compare and be sure. This makes reporting a bug upstream a bit more difficult than it should be.

If I’m not mistaken, this shouldn’t happen. I looked at the spec file, there doesn’t seem to be any steps that would do this. So what am I missing?

It could be useful to install the current upstream version in a venv to make sure you haven’t found a bug that has already been fixed upstream, in which case it would be appropriate to file a Fedora bug report asking for the fixed version. If upstream, also crashes you would do better to raise an issue with upstream.

As you can see in the spec file, the sources are grabbed from pypi.org and not from github.com

Source0:        %pypi_source

That is https://files.pythonhosted.org/packages/source/s/sh/sh-1.14.3.tar.gz

Yes, the sh.py file in the pypi gzipped tar file is different from the one on the git repository.

Actually, also the py.sh from the tar.gz source file on github (https://github.com/amoffat/sh/releases/tag/1.14.3) differs from the one in the git repository. But the content of the tar.gz file on github is the same as the one on pypi.

For sure, someone well versed with git workflows can explain the situation very well.
However, there is nothing to be concerned about! :slight_smile:


Thanks, you are right:

$ diff -q /usr/lib/python3.11/site-packages/sh.py pypi/sh-1.14.2/sh.py
$ diff -q pypi/sh-1.14.2/sh.py gh/sh-1.14.2/sh.py 
Files pypi/sh-1.14.2/sh.py and gh/sh-1.14.2/sh.py differ

Maybe something with upstream’s release process makes it differ. From a quick look at the CI, couldn’t tell.

I think you are mixing up versions here.

  • F37 ships 1.14.2
  • latest release (on PyPI, and tagged in the repo) is 1.14.3
  • the default branch in the upstream repo is develop, so release + changes

Thanks for finding the reason, I should have read the spec file more carefully :face_with_diagonal_mouth:

I checked against the development branch in the upstream repo, I get the same issue :frowning:

Whoops, sorry, I was looking at the spec file in Rawhide