Dependency resolution metadata. How is it gathered?

[stefanoborini]

• I have searched the issues of this repo and believe that this is not a duplicate.
• I have searched the documentation and believe that my question is not covered.

Issue

I tried to navigate the code but I could not find it. Maybe you can give me a better answer.

I suspect that the dependency resolver in poetry needs to know the dependency tree, and possibly backtrack if some constraints are not satisfied, but since the dependency tree depends on the version of the package downloaded (a package v1.2 might have different dependencies from v1.3), the tree must be rebuilt at every backtrack, at least for those parts that do not satisfy a found constraint.

How is the dependency list and constraints gathered? do you download the packages, unpack them every time, and get the subdependency information from the setup.py/pyproject.toml? Are they cached, or is an index built somewhere? As far as I know, pypi does not provide metadata files, hence the question.