Isolate conda python from site packages, like venv does by default #24506
Conversation
|
Hi! This is the friendly automated conda-forge-linting service. I wanted to let you know that I linted all conda-recipes in your PR ( Here's what I've got... For recipes/conda-ecosystem-site-packages-isolation:
|
|
Hi! Thanks for your contribution to conda-forge. |
|
I am willing to be a listed maintainer. |
|
Hi! This is the friendly automated conda-forge-linting service. I just wanted to let you know that I linted all conda-recipes in your PR ( |
This comment was marked as outdated.
This comment was marked as outdated.
|
Is this editing a file in-place? If so, you can't rely on the installation order so people could get either the fixed or unfixed version. |
|
AFAIK this is shipping the file, which is subject to clobbering. Having no deps, maybe it's installed last or first, not sure how the toposort treats lone leaves. An alternative is to use Realistically speaking I don't know if there are many packages clobbering A
Another option is to have this depend on At any rate, if this goes through, we need to be careful about where in the prefix tree this is placed, because according to PEP 405, it might change the values of |
|
If there is interest here in a conda solution, please comment on conda/conda#13337. |
|
I think I see two concerns about clobbering a
I don't think 1 is a problem, because the $PREFIX directory exists for any conda environment and I don't think installation of Python would remove an existing pyvenv.cfg file. I guess for 2 I'm not sure that we want to prevent users from altering a configuration file. The point of this package is to make it easy to create. If a user decides later they want a different configuration, that's okay. |
|
I agree @jaimergp that it makes more sense to implement the changes in a hook rather than ship as a static file. If one really wanted to enforce the status, one could check it (and potentially correct it) via an activation script. |
|
I'm not sure I understand what the suggestions to use a hook imply regarding a conda-forge package, but I believe the two alternatives proposed above (the |
|
@itcarroll apologies - I was perhaps a bit loose in referring to package scripts as "hooks". I'll clarify, since indeed I was still talking about this package. Currently, this recipe ships a static Jaime suggested to instead use a I then suggested this package could also use an Anyway, I think of these scripts as using "hooks" (invoked on events), but realize the Conda documentation has a precise meaning of "hook" in the context of plugin API. Mea culpa! |
|
Hi! This is the friendly automated conda-forge-linting service. I wanted to let you know that I linted all conda-recipes in your PR ( Here's what I've got... For recipes/conda-create-no-user-site:
|
|
Hi! This is the friendly automated conda-forge-linting service. I just wanted to let you know that I linted all conda-recipes in your PR ( |
|
Thanks all for the suggestions and help. I have refactored the package as a post-command plugin to I considered the advantages and disadvantages of using |
itcarroll
force-pushed
the
no-site-packages
branch
from
9e94c99 to
cb9b432
Compare
|
@conda-forge/help-python, ready for review! |
| - python -c "import sys, site; sys.exit(0 if site.ENABLE_USER_SITE==False else 1)" | ||
|
|
||
| about: | ||
| home: http://conda-forge.org/ |
There was a problem hiding this comment.
| home: http://conda-forge.org/ | |
| home: http://github.com/conda-forge/conda-create-no-user-site-feedstock |
| summary: conda create will configure Python to ignore packages outside the environment | ||
| description: > | ||
| This package extends `conda create` to configure Python so it will ignore packages | ||
| installed with `pip install --user`. Envrionment creation will now add a |
There was a problem hiding this comment.
| installed with `pip install --user`. Envrionment creation will now add a | |
| installed with `pip install --user`. Environment creation will now add a |
| This package extends `conda create` to configure Python so it will ignore packages | ||
| installed with `pip install --user`. Envrionment creation will now add a | ||
| prefix-level "pyvenv.cfg" file with the line `include-system-site-packages = false`, | ||
| which gets read by Python's `site` module whenver Python is run. This aligns Python |
There was a problem hiding this comment.
| which gets read by Python's `site` module whenver Python is run. This aligns Python | |
| which gets read by Python's `site` module whenever Python is run. This aligns Python |
| yield plugins.CondaPostCommand( | ||
| name="no-user-site", | ||
| action=action, | ||
| run_for={"create"}, |
There was a problem hiding this comment.
I would also consider adding install, remove and maybe even update. The reasons:
- A user had created an environment without Python, but then installs something that brings Python in.
- The user removes
pythonfrom the environment, and there's a lingeringpyvenv.cfgfile, which should be removed if possible.
| version: 0.1.0 | ||
|
|
||
| source: | ||
| path: . |
There was a problem hiding this comment.
What's the maintenance model for this package? Feedstocks are not usually equipped to deal with release processes and PRs, so maybe it's a better idea to commit this to a separate repo (maybe under conda-incubator, if you are inclined). I like seeing more conda plugins in the world and it would help with visibility.
| @@ -0,0 +1,44 @@ | |||
| package: | |||
| name: conda-create-no-user-site | |||
There was a problem hiding this comment.
I feel a better name would be conda-pyvenv-compat if that's the focus? Or conda-no-user-site?
|
Hi there, conda maintainer here (and former virtualenv developer): I believe this proposed package is solving the problem on the wrong level as it's using the plugin system to change a fundamental feature of conda and in effect makes you the maintainer of this pattern in the conda ecosystem going forward. That's not sustainable and would be better solved by a config option in conda instead. It would also make this available for user of conda that aren't using conda-forge, e.g. users of Anaconda Distribution. I would encourage you instead to work on a patch to conda to fix conda/conda#13337 via a condarc setting that would enable users to switch to Maybe, when we get feedback from users, we can even change the default for new conda installations in the future. Happy to discuss what we would need to know to make that decision. Hope that helps! |
|
Thank you @jaimergp and @jezdez for the review and comment! I would also much prefer to see a solution at the conda level, or perhaps on the anaconda/python "feedstock" (if there is such a thing for anaconda packages outside conda-forge) since it is specific to environments with Python. I started this package because I got zero support on conda/conda#13337. If you can generate some interest on the conda issue, we can continue finding the right solution over there and I'll just close this PR. |
|
Closing as won't fix in deference to conda/conda#13635. Thanks for the support! |
The package
(which is a one liner)addresses an issue repeatedly brought up in conda/conda#394, conda/conda#448, conda/conda#7707, conda/conda#7173, and conda/conda#13337. The solution is different from the solution introduced in the conda-ecosystem-user-package-isolation package; it only effects Python in the environment. All this package does it does duringbuildconda create, which is tocreate/append the line "include-system-site-packages = false" to a "pyvenv.cfg" file read by thecreate a "pyvenv.cfg" file, if one does not exist, with the line "include-system-site-packages = false" via a conda plugin implementing a post-command extension tositemodule from the Python standard library.conda create. As a result this package, if installed in the base environment,Checklist
url) rather than a repo (e.g.git_url) is used in your recipe (see here for more details). Not Applicable