Use PyPI Enforce Layout

JFrog Artifactory Documentation

Products
JFrog Artifactory
Content Type
User Guide
ft:sourceType
Paligo

In Artifactory versions 7.77 and above, you can use the Enforce Layout feature to bring Artifactory closer in alignment with the PyPI.org registry.

This feature helps you keep a consistent naming method for PyPI packages and reduce package name duplications due to a mismatch between package name and metadata. We recommend using this feature alongside File Path Name Normalization: for more information, see Use File Path Name Normalization and Using Both File Path Name Normalization and Enforce Layout.

Backward Compatibility

Enforce Layout applies to all PyPI repositories in your Artifactory instance. Previously uploaded packages that already exist in your instance will not be updated but if you attempt to upload a newer version or overwrite an existing one you will be prevented from doing so since the file path name sections must match the metadata values.

This feature allows you to upload only on artifacts where the file name and version in the artifact path match the package name and version stored in the artifact’s metadata.

The following examples explain how this feature applies without File Path Name Normalization:

enforce_layout_table.png

To enable PyPI Enforce Layout, set the system property:

pypi.enforce.layout = true 

Artifactory will return an error when trying to perform actions on an artifact with a name that does not match the package metadata, with a description of the issue:

Error

Description

403

Action prevented due to Enforce Layout policy - package file name/version <ARTIFACT_NAME> does not match the ” + package internal name/version <ARTIFACT_NAME> in the metadata file

403

Action prevented due to Enforce Layout policy - could not find metadata file to compare