When I use the default index URL for pip, it properly understands that certain version of the package is not compatible with the environment:
$ pip -v -i https://pypi.python.org/simple install setuptools
[...]
https://files.pythonhosted.org/packages/8f/6b/0dcf95d95086ce459152e4c0ac306f2dbbcf984177a2b8b77b320ebfbf22/setuptools-53.1.0.tar.gz#sha256=8181c4625cd58fa7817761e0fa60f6fa3adc4c437f5c25377b1aefa861ca15a2 (from https://pypi.org/simple/setuptools/) (requires-python:>=3.6)
This is the expected behavior (another suitable version of setuptools is selected). But when I install from own mirror, this wrong version is picked:
$ pip -v -i https://my.pypi.mirror install setuptools
[...]
Found link https://my.pypi.mirror/%2Bf/818/1c4625cd58fa7/setuptools-53.1.0.tar.gz#sha256=8181c4625cd58fa7817761e0fa60f6fa3adc4c437f5c25377b1aefa861ca15a2 (from https://my.pypi.mirror/+simple/setuptools/), version: 53.1.0
Using version 53.1.0
The files are identical as their SHA256 sums show. What can be the reason that in the second case pip fails to correctly use the metadata of the package?
You are probably encountering the case of your mirror not providing any requires-python info. For example look at the source code of the page for https://pypi.org/simple/setuptools and see how some of the <a> tags (links) have a data-requires-python=">=3.6" attribute. This is probably the info that your mirror does not provide and makes dependency resolution come to different choices.