URL: https://github.com/peterbe/hashin/issues/105

Prior to version 0.14.5 hashin would write write down the hashes of PyPI packages in the order they appear in PyPI's JSON response. That means there's a slight chance that two distinct clients/computers/humans might actually get different output when then run hashin Django==2.1.5.

The pull request has a pretty hefty explanation as it demonstrates the fix.

Do note that if the existing order of hashes in a requirements file is not in the "right" order, hashin won't correct it unless any of the hashes are different.

Thanks @SomberNight for patiently pushing for this.

Comments

Your email will never ever be published.

Previous:
How to encrypt a file with Emacs on macOS (ccrypt) January 29, 2019 Linux, macOS
Next:
Format thousands in Python February 1, 2019 Python
Related by category:
How I run standalone Python in 2025 January 14, 2025 Python
How to resolve a git conflict in poetry.lock February 7, 2020 Python
get in JavaScript is the same as property in Python February 13, 2025 Python
Best practice with retries with requests April 19, 2017 Python
Related by keyword:
Pip-Outdated.py - a script to compare requirements.in with the output of pip list --outdated December 22, 2022 Python
"ld: library not found for -lssl" trying to install mysqlclient in Python on macOS February 5, 2020 Python, macOS
Pip-Outdated.py with interactive upgrade September 21, 2023 Python
hashin 0.15.0 now copes nicely with under_scores June 15, 2020 Python