Skip to content

flake8-1:7.2.0 was released without bumping python-pycodestyle

(I initially sent this report by email to the @felixonmars and @polyzen (who are listed as Maintainer in the python-pycodestyle PKGBUILD) on 2025-07-17, resubmitting this here since I didn't get a response. The original email is appended for transparency)

TL;DR: Please bump the python-pycodestyle version, and please take care when releasing new python-flake8 versions that the python-pycodestyle version is in sync.

As of version 7.2.0, flake8 needs python-pycodestyle>=2.13.0 (the next, as yet unpackaged, version 7.3.0 ratchets this further to >=2.14.0). However, the last release for python-pycodestyle is 2.12.1-2, dated 2024-11-16. While packages depending on flake8 which use the setuptools build backend will build finesetuptools5054, this still bites users who use other build backends.

(In particular, I was originally made aware of the issue via [papisDisc], since python-flake8-pyproject uses the flit backend, which checks installed transitive dependencies are all valid before building)

I have reported to setuptools upstream that the lack of warning in their tooling enabled this bug to happen, however this could've been caught here by duplicating the version lower bounds in the python-flake8 PKGBUILD.

Original email

As of version 7.2.0, flake8 needs python-pycodestyle>=2.13.0 (the next, as yet unpackaged, version 7.3.0 ratchets this further to >=2.14.0). However, the last release for python-pycodestyle is 2.12.1-2, dated 2024-11-16.

This breaks builds of packages that depend on flake8 at build time, eg python-flake8-pyproject1.

Moreover, python-pycodestyle has been flagged out of date for three months now (since 2025-04-15).

Two points jump out to me:

  • flake8 shouldn't have been released without its dependencies also being released in tandem (in fact, I'm surprised it managed to build without the newer python-pycodestyle)
  • Inserting the documented version lower bounds on flake8's dependencies might've helped catch that it was being installed on systems without an appropriately bumped python-pycodestyle.

In any case, the obvious workaround of just pkgctl version update on a clone of the python-pycodestyle repo works to fix the builds of dependent packages.

Please update python-pycodestyle.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information