-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reconcile computation of isolated build environment paths #11740
Conversation
6a601a9
to
c243e08
Compare
Fixes the failure reported in #11623 (comment) |
c243e08
to
2fdc070
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You removed way too much logic. This will break pip on Xcode-installed Python, and also suppress the path mismatch logic that we put in place for distutils-sysconfig migration.
I thought about it and I didn't find a situation in which the Xcode warning could be issued: the comment says it can trigger only on Python 3.10, but for Python 3.10 and later we use sysconfig and in this case the function exits early without evaluating that logic. Similarly for the distutils vs sysconfig paths: we don't care what the exact paths are, as long as |
Also, |
2fdc070
to
cdc7ebf
Compare
Force pushed to restart the Windows tests which failed on setup. |
Tested on Debian, and it seems to do the right thing. |
Is there any way to check that this does not break on Xcode installed Python and that the warnings that are supposed to be emitted are still emitted? The test suite does not seem to test this aspects. I do have a macOS system but system Python here is still 2.7. |
7b2e8b8
to
33c7dba
Compare
I spent some time setting up an environment in which I could test the generation of the warnings. All the warnings that where generated before are still generated withing @uranusjr The warnings are still generated here pip/src/pip/_internal/locations/__init__.py Lines 260 to 405 in 729032d
get_scheme() . Handling of Apple's Python (and to an extent also Homebrew's) is here pip/src/pip/_internal/locations/_sysconfig.py Lines 55 to 83 in 729032d
I think that this implementation is better than the existing one. So much that I cannot figure out why the paths lookup was implemented twice in slightly different ways. |
I have no idea how this happened. :/ |
Just for the records, the deleted comment pointed out that the condition for emitting a warning is obviously wrong. The fix is in #11741. However, this PR removes the affected code and is a much better solution. |
@pradyunsg Can you please review this? |
Can we assign this to the 23.0 milestone, so it is not forgotten? Thanks! |
33c7dba
to
fccd686
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, with one non-blocking concern.
Unfortunately there is no way to check in CI, all you can do is to find an actual machine (and it can’t be too new either). But thi would not actually “break” Xcode Python, in the sense that it is not actually fixable—all the old code does is emit a warning to tell users things are totally broken beyond repair. So what you should do is to add that Apple check back, and emit a warning when the function is called for build isolation purposes. This would require a flag, or (better IMO) a wrapper function instead of calling |
|
0687147
to
ad3a1e0
Compare
I'm gonna say that @uranusjr is the expert in this area of pip, so I'll defer to him on whether this is a blocker for 23.0. |
OK, had a chat with him over a different channel, and he reckons this isn't a blocker and I'm hapyp to trust his judgement on this. |
It is very unfortunate that you don't want to resolve this issue for the next release. It makes pip unsuitable to build wheels on Debian and thus incapable of installing any package that does not distribute wheels. It seems to me that the remaining objections to have this patch merged are based on a some misunderstanding ans cursory review. I'm willing to provide more explanation. I've tried to explain why the removed code is redundant, but apparently I failed.
If this is not the case, I would like to have a precise description of a setup where the current code fails to do what is expected. I've tested it on Debian, on Homebrew, and with the Python distributed by Apple. In all cases it works just fine. @uranusjr can you please formulate you objections more precisely, so that they are actionable? |
I've done it. And the warning triggers also for Homebrew's Python, when the condition for emitting the warning is written properly, see below.
The code does not emit any warning, see #11741. Also, isn't it better to handle the situation (as is done in existing code when |
Please moderate your statements here. Saying that "pip is broken on Debian" is over-stating the issue. It's perfectly possible for this particular breakage to be sufficiently limited in its effect that it doesn't warrant holding up the release, and I assume that's what we're saying. Over-exaggerated statements tend to simply polarise discussions. It's extremely tempting to respond to your statement by saying instead that Debian shouldn't customise things in a way that "breaks pip", and that's just as (in)valid, and just as exaggerated, as your claim. Doing this sort of thing won't help users, it will simply push people away from helping address this issue. I appreciate that you've worked hard on this, and want it to go in. And your work is valuable. But we have to balance this one change against other priorities and issues, and make sometimes hard judgements on when to draw the line. Please don't make that decision making process harder than it already is. |
@pfmoore Thank you. I rewrote that comment before you calling me out on this. I tried to explain better the implications of the bug this PR tries to fix and why I don't understand the objections that are being made. I hope this to be a more constructive way to approach the situation. Is there any reason why the release cannot be delayed a bit to take the proper time to evaluate this PR? |
@dnicolodi Thanks. Sorry our posts passed each other in transit. For my own understanding, can you confirm precisely which variants of Debian are affected? I just successfully built a dummy project on WSL (Ubuntu 22.04.1 LTS), so it clearly isn't every Debian variant. Although, to be honest, I don't really care that much about the details. I trust the other pip maintainers on this. I'm really just interested in avoiding having misleadingly broad statements appear "in print", where we know from experience people will end up quoting them out of context at us. As regards delaying the release, I know from my experience as RM, cutting a release is something you plan in, and "just delaying it" is non-trivial, especially with family and work commitments to work around. And we have a policy of "release what is currently on main" with pre-published release dates, to allow us to do that while still giving contributors clear expectations. In this case, there still seems to be a fair amount of misunderstanding, so it's not at all clear how much time it will take for this to be ready (especially given that we're all volunteers). That makes "delaying the release" a fairly imprecise prospect - and we probably have people waiting on other features of the release for whom delays are equally frustrating. |
Not my PR, but I came to this thread, because I was looking at https://bugs.debian.org/1019293 and this looks like the correct upstream solution to the problem. I've only been looking at Debian unstable/testing, here. I haven't checked what stable releases were affected by that bug. |
This comment was marked as duplicate.
This comment was marked as duplicate.
This comment was marked as duplicate.
This comment was marked as duplicate.
Signed-off-by: Filipe Laíns <[email protected]>
I've done some testing and indeed the impact is less severe than what I thought. Debian stable is not affects. On Debian unstable, the problem is encountered when building wheel (or installing packages from source distribution) outside a virtual environment and only in projects that run a binary provided by one of the build dependencies. This is done, for example, by Python packages that use meson-python and Meson as build system (SciPy is a good example, or siphash24, if you want something small to test with). I still very much like @uranusjr to indicate which platforms or systems may be adversely affected by the proposed change. As I already wrote, I'm unable to find any system where the warning gated by |
Use the same code to determine isolated environment paths at dependency install time and at environment setup time. We do not care about the exact paths but the paths needs to be consistent at package installation time and environment setup. This should fix all issues observed on platforms that customize the installation schemes, such as Debian and Homebrew, where dependency installation and isolated build environment setup resolved to different paths. See pypa#11598 and pypa#11623.
Unifying installation scheme path discovery makes this code obsolete.
ad3a1e0
to
5d7cfc9
Compare
Thanks for the rebase @dnicolodi, it's appreciated! |
I'll land this, given the discussion so far. Let's re-add the Apple-related warning in a separate follow up. |
Use the same code to determine isolated environment paths at dependency install time and at environment setup time. We do not care about the exact paths but the paths needs to be consistent at package installation time and environment setup. This should fix issues observed on platforms that customize the installation schemes, such as Debian and Homebrew, where dependency installation and isolated build environment setup resolved to different paths.
Bumps [pip](https://github.com/pypa/pip) from 23.0 to 23.0.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.0.1 (2023-02-17)</h1> <h2>Features</h2> <ul> <li>Ignore PIP_REQUIRE_VIRTUALENV for <code>pip index</code> (<code>[#11671](pypa/pip#11671) <https://github.com/pypa/pip/issues/11671></code>_)</li> <li>Implement <code>--break-system-packages</code> to permit installing packages into <code>EXTERNALLY-MANAGED</code> Python installations. (<code>[#11780](pypa/pip#11780) <https://github.com/pypa/pip/issues/11780></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Improve handling of isolated build environments on platforms that customize the Python's installation schemes, such as Debian and Homebrew. (<code>[#11740](pypa/pip#11740) <https://github.com/pypa/pip/issues/11740></code>_)</li> <li>Do not crash in presence of misformatted hash field in <code>direct_url.json</code>. (<code>[#11773](pypa/pip#11773) <https://github.com/pypa/pip/issues/11773></code>_)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/3817aef07f4c8a0cb1c43bb9a73f1bb624fc263b"><code>3817aef</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/9a0d9301c24dc5268ce2640096c301ff7190dd8d"><code>9a0d930</code></a> Reconcile computation of isolated build environment paths (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11740">#11740</a>)</li> <li><a href="https://github.com/pypa/pip/commit/e6deb9b87c18cdd27a9ba27cb7e0670ffb81d45e"><code>e6deb9b</code></a> Implement <code>--break-system-packages</code> for EXTERNALLY-MANAGED installations (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11">#11</a>...</li> <li><a href="https://github.com/pypa/pip/commit/864fd7764b97ffac8c08946caccc2286bee36ed1"><code>864fd77</code></a> Ignore PIP_REQUIRE_VIRTUALENV for <code>pip index</code> (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11671">#11671</a>)</li> <li><a href="https://github.com/pypa/pip/commit/0138bd54c6d346fc2b14e0a9554a1b636fe17001"><code>0138bd5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11779">#11779</a> from sbidoul/fix-direct_url-invalid-hash-sbi</li> <li>See full diff in <a href="https://github.com/pypa/pip/compare/23.0...23.0.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.0&new-version=23.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pip](https://github.com/pypa/pip) from 23.0 to 23.0.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.0.1 (2023-02-17)</h1> <h2>Features</h2> <ul> <li>Ignore PIP_REQUIRE_VIRTUALENV for <code>pip index</code> (<code>[#11671](pypa/pip#11671) <https://github.com/pypa/pip/issues/11671></code>_)</li> <li>Implement <code>--break-system-packages</code> to permit installing packages into <code>EXTERNALLY-MANAGED</code> Python installations. (<code>[#11780](pypa/pip#11780) <https://github.com/pypa/pip/issues/11780></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Improve handling of isolated build environments on platforms that customize the Python's installation schemes, such as Debian and Homebrew. (<code>[#11740](pypa/pip#11740) <https://github.com/pypa/pip/issues/11740></code>_)</li> <li>Do not crash in presence of misformatted hash field in <code>direct_url.json</code>. (<code>[#11773](pypa/pip#11773) <https://github.com/pypa/pip/issues/11773></code>_)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/3817aef07f4c8a0cb1c43bb9a73f1bb624fc263b"><code>3817aef</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/9a0d9301c24dc5268ce2640096c301ff7190dd8d"><code>9a0d930</code></a> Reconcile computation of isolated build environment paths (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11740">#11740</a>)</li> <li><a href="https://github.com/pypa/pip/commit/e6deb9b87c18cdd27a9ba27cb7e0670ffb81d45e"><code>e6deb9b</code></a> Implement <code>--break-system-packages</code> for EXTERNALLY-MANAGED installations (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11">#11</a>...</li> <li><a href="https://github.com/pypa/pip/commit/864fd7764b97ffac8c08946caccc2286bee36ed1"><code>864fd77</code></a> Ignore PIP_REQUIRE_VIRTUALENV for <code>pip index</code> (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11671">#11671</a>)</li> <li><a href="https://github.com/pypa/pip/commit/0138bd54c6d346fc2b14e0a9554a1b636fe17001"><code>0138bd5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11779">#11779</a> from sbidoul/fix-direct_url-invalid-hash-sbi</li> <li>See full diff in <a href="https://github.com/pypa/pip/compare/23.0...23.0.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.0&new-version=23.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Use the same code to determine isolated environment paths at
dependency install time and at environment setup time. We do not care
about the exact paths but the paths needs to be consistent at package
installation time and environment setup.
This should fix all issues observed on platforms that customize the
installation schemes, such as Debian and Homebrew, where dependency
installation and isolated build environment setup resolved to
different paths.
See #11598 and #11623.