URL: https://github.com/peterbe/hashin/issues/105

Prior to version 0.14.5 hashin would write write down the hashes of PyPI packages in the order they appear in PyPI's JSON response. That means there's a slight chance that two distinct clients/computers/humans might actually get different output when then run hashin Django==2.1.5.

The pull request has a pretty hefty explanation as it demonstrates the fix.

Do note that if the existing order of hashes in a requirements file is not in the "right" order, hashin won't correct it unless any of the hashes are different.

Thanks @SomberNight for patiently pushing for this.

Comments

Your email will never ever be published.

Previous:
How to encrypt a file with Emacs on macOS (ccrypt) January 29, 2019 Linux, macOS
Next:
Format thousands in Python February 1, 2019 Python
Related by category:
A Python dict that can report which keys you did not use June 12, 2025 Python
Faster way to sum an integer series in Python August 28, 2025 Python
Combining Django signals with in-memory LRU cache August 9, 2025 Python
Native connection pooling in Django 5 with PostgreSQL June 25, 2025 Python
Related by keyword:
Pip-Outdated.py - a script to compare requirements.in with the output of pip list --outdated December 22, 2022 Python
Pip-Outdated.py with interactive upgrade September 21, 2023 Python
"ld: library not found for -lssl" trying to install mysqlclient in Python on macOS February 5, 2020 Python, macOS
hashin 0.14.0 with --update-all and a bunch of other features November 13, 2018 Python, Linux