Skip to content

Add version validation to prevent silent setuptools-scm fallback versions #1470

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
rwgk wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Add version validation to prevent silent setuptools-scm fallback versions #1470

rwgk wants to merge 1 commit into from
+99 −0

Conversation

@rwgk
Copy link
Collaborator

@rwgk rwgk commented Jan 13, 2026

Add import-time version validation to cuda.bindings, cuda.core, and cuda.pathfinder to detect and fail fast when setuptools-scm produces fallback versions (e.g., 0.1.dev...) due to missing git tags.

This prevents silent failures that can invalidate QA test runs and waste developer time debugging version-related issues.

Features:

  • User-friendly error messages explaining the problem and how to fix it
  • Opt-out mechanism via CUDA_PYTHON_ALLOW_FALLBACK_VERSIONING=1
  • Consistent implementation across all three packages with sync reminder comments

The validation checks that major.minor > 0.1, which catches common fallback versions while allowing legitimate early development versions.

@rwgk
Add version validation to prevent silent setuptools-scm fallback vers…
e4dd1dd 
…ions

Add import-time version validation to cuda.bindings, cuda.core, and
cuda.pathfinder to detect and fail fast when setuptools-scm produces
fallback versions (e.g., 0.1.dev...) due to missing git tags.

This prevents silent failures that can invalidate QA test runs and
waste developer time debugging version-related issues.

Features:
- User-friendly error messages explaining the problem and how to fix it
- Opt-out mechanism via CUDA_PYTHON_ALLOW_FALLBACK_VERSIONING=1
- Consistent implementation across all three packages with sync reminder comments

The validation checks that major.minor > 0.1, which catches common
fallback versions while allowing legitimate early development versions.
@copy-pr-bot
Copy link
Contributor

copy-pr-bot bot commented Jan 13, 2026

Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually.

Contributors can view more details about this message here.

@leofang
Copy link
Member

leofang commented Jan 14, 2026

Summarizing my understanding from the meeting (I could be missing something, since we discussed a lot 😅):

  • We'd prefer something like python -m numba --sysinfo or python -c "import cupy; cupy.show_config()" that can be opted in to report system/venv states, instead of adding something to __init__.py that requires opt-out
  • From Python packaging perspective the added check is duplicating the responsibility of a package manager, which is very uncommon in the Python land and not scalable if we ever add more dependencies
  • The fact that in-development cuda-bindings was uninstalled when installing in-development cuda-core, was because --no-build-isolation was not passed to pip. For testing against ToT we should always avoid creating a build isolation env which can install core dependencies from public PyPI.
  • We should find a mechanism (@kkraus14 pointed out offline that there's fallback_version) for setuptools-scm to have a fallback, when the source code is detached from git for whatever reason, instead of generating a dummy 0.1-dev.xxxxx version string.

My take is we should close or rewrite this PR in a different approach. WDYT @rwgk @mdboom?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rwgk @leofang