Deprecate legacy versions and version specifiers

[sbidoul]

Towards #11715

What is changing

pip has historically allowed many arbitrary strings as versions and version specifiers. Going forward, all versions and version specifiers will need to conform to https://packaging.python.org/en/latest/specifications/version-specifiers/ (based on PEP 440).

Quoting pypa/packaging#530:

>>> packaging.version.parse("This is a completely random string")
<LegacyVersion('This is a completely random string')>

>>> packaging.version.parse("This is a completely random string")
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "[...]/.venv/lib/python3.10/site-packages/packaging/version.py", line 52, in parse
    return Version(version)
  File "[...]/.venv/lib/python3.10/site-packages/packaging/version.py", line 197, in __init__
    raise InvalidVersion(f"Invalid version: '{version}'")
packaging.version.InvalidVersion: Invalid version: 'This is a completely random string'

This "feature" has been deprecated (pypa/packaging#321) for nearly two years now.

PyPI has not permitted uploading packages with invalid versions for even more years.

There are more details about this change in the aforementioned issue.

What you can do

Please do not comment on this issue with the message you're seeing.

x-ref https://pradyunsg.me/blog/2024/05/13/pip-24-1-betas/

If you reached this issue from the pip deprecation warning and lack information to know where the non-conforming string was used, please re-run your pip command with -v or -vv to show more detailed logs which will help in locating the problem.

If you are the user of a package that is causing pip to present this warning, reach out to the authors of the package. The message starts as DEPRECATION: [package name here] [version number here] has a non-standard [...].

If you are the author of the relevant package, please update your package version and dependency specifiers to use a compliant syntax. You can check those using packaging.version.parse("1.0") and packaging.requirements.Requirement("dependency >= 1.0") with the latest packaging release.

[wescorp]

DEPRECATION: torchsde 0.2.5 has a non-standard dependency specifier numpy>=1.19.*; python_version >= "3.7". pip 23.3 will enforce this behaviour change.

[pfmoore]

DEPRECATION: torchsde 0.2.5 has a non-standard dependency specifier

See #12146 - please report to torchsde

Edit: Looks like it's been reported as google-research/torchsde#131

[uranusjr]

Sorry, working on the wrong tab