Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix uninstallation of user scripts #8733

Merged
merged 4 commits into from
Feb 25, 2021

Conversation

DaanDeMeyer
Copy link
Contributor

@DaanDeMeyer DaanDeMeyer commented Aug 8, 2020

User scripts are installed to ~/.local/bin. pip was looking for scripts
to uninstall in ~/.local/lib/python3.8/site-packages/bin. This commit
makes it look in ~/.local/bin instead.

Fixes the reproducer reported in #5997.

Might break other use cases, I'm not familiar with pip at all. Will hapilly take guidance on the correct way to fix this.

@DaanDeMeyer DaanDeMeyer force-pushed the fix-local-script-uninstall branch 2 times, most recently from 07754fc to 56e85d0 Compare August 8, 2020 15:28
@behrmann
Copy link

behrmann commented Aug 8, 2020

I think this might brake the virtual environment usecase, as in a venv getuserbase() still evaluates to ~/.local/bin

@DaanDeMeyer DaanDeMeyer force-pushed the fix-local-script-uninstall branch from 56e85d0 to 781108f Compare August 8, 2020 15:37
@DaanDeMeyer
Copy link
Contributor Author

Gated the fix behind a running_in_virtualenv() check.

@uranusjr
Copy link
Member

uranusjr commented Aug 8, 2020

This feels hacky to me. Maybe we should rewrite the location detection stuff with sysconfig instead, which should return the correct scheme.

@behrmann
Copy link

behrmann commented Aug 8, 2020

Indeed, sysconfig.get_path("scripts") would return the proper path.

@behrmann
Copy link

behrmann commented Aug 8, 2020

Since site only seems to be used for the script related paths, all these paths could just be exchanged for sysconfig.get_path("scripts") and site would not be needed anymore.

@DaanDeMeyer DaanDeMeyer force-pushed the fix-local-script-uninstall branch 2 times, most recently from 4fad37f to 7b7b669 Compare August 8, 2020 15:57
@pypa pypa deleted a comment from DaanDeMeyer Aug 8, 2020
@DaanDeMeyer
Copy link
Contributor Author

Not sure how to fix the CI failure. I guess we need a fallback if get_path("scripts") fails but I'm not sure what that would be.

@uranusjr
Copy link
Member

uranusjr commented Aug 8, 2020

A simple assert bin_dir is not None would be fine. sysconfig.get_path() never returns None unless you pass in an invalid key. 'scripts' always exists.

@DaanDeMeyer DaanDeMeyer force-pushed the fix-local-script-uninstall branch 2 times, most recently from cfe82ea to e8b1614 Compare August 8, 2020 17:19
src/pip/_internal/locations.py Outdated Show resolved Hide resolved
news/8733.bugfix Outdated Show resolved Hide resolved
src/pip/_internal/locations.py Show resolved Hide resolved
@DaanDeMeyer DaanDeMeyer force-pushed the fix-local-script-uninstall branch from e8b1614 to 6330493 Compare August 8, 2020 19:24
@DaanDeMeyer DaanDeMeyer force-pushed the fix-local-script-uninstall branch from 6330493 to fa84038 Compare August 25, 2020 18:58
@DaanDeMeyer DaanDeMeyer force-pushed the fix-local-script-uninstall branch 5 times, most recently from e3b6baa to 7d9be73 Compare September 4, 2020 21:18
User scripts are installed to ~/.local/bin. pip was looking for scripts
to uninstall in ~/.local/lib/python3.8/site-packages/bin. This commit
makes it look in ~/.local/bin instead.
@DaanDeMeyer
Copy link
Contributor Author

@uranusjr All the tests are passing now.

One annoying thing is that this only fixes console_scripts and not normal scripts. Any ideas on how to fix that as well?

@uranusjr
Copy link
Member

IIUC, plain scripts (specified by setuptools scripts) is hopeless since they are not recorded anywhere for editable installs, and pip has no way to know what to uninstall. The only way to fix this would be to “modernise” editable installations to use .dist-info metadata. There are efforts toward this, but they are out of the scope for this PR.

Co-authored-by: Tzu-ping Chung <[email protected]>
Copy link
Member

@pradyunsg pradyunsg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems OK to me! If you could tweak the NEWS fragment, I'll be happy to merge this in!

I'll defer to @uranusjr's judgement of whether the Windows-specific logic is correct. :)

news/8733.bugfix Outdated Show resolved Hide resolved
@uranusjr
Copy link
Member

This can be merged once the suggested change to the news fragment is applied.

@uranusjr
Copy link
Member

uranusjr commented Feb 25, 2021

Weigh anchor, we’re going for a ride!

@uranusjr uranusjr merged commit 410e82a into pypa:master Feb 25, 2021
inmantaci added a commit to inmanta/inmanta-core that referenced this pull request Apr 27, 2021
Bumps [pip](https://github.com/pypa/pip) from 21.0.1 to 21.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>21.1 (2021-04-24)</h1>
<h2>Process</h2>
<ul>
<li>Start installation scheme migration from <code>distutils</code> to <code>sysconfig</code>. A
warning is implemented to detect differences between the two implementations to
encourage user reports, so we can avoid breakages before they happen.</li>
</ul>
<h2>Features</h2>
<ul>
<li>Add the ability for the new resolver to process URL constraints. (<code>[#8253](pypa/pip#8253) &lt;https://github.com/pypa/pip/issues/8253&gt;</code>_)</li>
<li>Add a feature <code>--use-feature=in-tree-build</code> to build local projects in-place
when installing. This is expected to become the default behavior in pip 21.3;
see <code>Installing from local packages &lt;https://pip.pypa.io/en/stable/user_guide/#installing-from-local-packages&gt;</code>_
for more information. (<code>[#9091](pypa/pip#9091) &lt;https://github.com/pypa/pip/issues/9091&gt;</code>_)</li>
<li>Bring back the &quot;(from versions: ...)&quot; message, that was shown on resolution failures. (<code>[#9139](pypa/pip#9139) &lt;https://github.com/pypa/pip/issues/9139&gt;</code>_)</li>
<li>Add support for editable installs for project with only setup.cfg files. (<code>[#9547](pypa/pip#9547) &lt;https://github.com/pypa/pip/issues/9547&gt;</code>_)</li>
<li>Improve performance when picking the best file from indexes during <code>pip install</code>. (<code>[#9748](pypa/pip#9748) &lt;https://github.com/pypa/pip/issues/9748&gt;</code>_)</li>
<li>Warn instead of erroring out when doing a PEP 517 build in presence of
<code>--build-option</code>. Warn when doing a PEP 517 build in presence of
<code>--global-option</code>. (<code>[#9774](pypa/pip#9774) &lt;https://github.com/pypa/pip/issues/9774&gt;</code>_)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Fixed <code>--target</code> to work with <code>--editable</code> installs. (<code>[#4390](pypa/pip#4390) &lt;https://github.com/pypa/pip/issues/4390&gt;</code>_)</li>
<li>Add a warning, discouraging the usage of pip as root, outside a virtual environment. (<code>[#6409](pypa/pip#6409) &lt;https://github.com/pypa/pip/issues/6409&gt;</code>_)</li>
<li>Ignore <code>.dist-info</code> directories if the stem is not a valid Python distribution
name, so they don't show up in e.g. <code>pip freeze</code>. (<code>[#7269](pypa/pip#7269) &lt;https://github.com/pypa/pip/issues/7269&gt;</code>_)</li>
<li>Only query the keyring for URLs that actually trigger error 401.
This prevents an unnecessary keyring unlock prompt on every pip install
invocation (even with default index URL which is not password protected). (<code>[#8090](pypa/pip#8090) &lt;https://github.com/pypa/pip/issues/8090&gt;</code>_)</li>
<li>Prevent packages already-installed alongside with pip to be injected into an
isolated build environment during build-time dependency population. (<code>[#8214](pypa/pip#8214) &lt;https://github.com/pypa/pip/issues/8214&gt;</code>_)</li>
<li>Fix <code>pip freeze</code> permission denied error in order to display an understandable error message and offer solutions. (<code>[#8418](pypa/pip#8418) &lt;https://github.com/pypa/pip/issues/8418&gt;</code>_)</li>
<li>Correctly uninstall script files (from setuptools' <code>scripts</code> argument), when installed with <code>--user</code>. (<code>[#8733](pypa/pip#8733) &lt;https://github.com/pypa/pip/issues/8733&gt;</code>_)</li>
<li>New resolver: When a requirement is requested both via a direct URL
(<code>req @ URL</code>) and via version specifier with extras (<code>req[extra]</code>), the
resolver will now be able to use the URL to correctly resolve the requirement
with extras. (<code>[#8785](pypa/pip#8785) &lt;https://github.com/pypa/pip/issues/8785&gt;</code>_)</li>
<li>New resolver: Show relevant entries from user-supplied constraint files in the
error message to improve debuggability. (<code>[#9300](pypa/pip#9300) &lt;https://github.com/pypa/pip/issues/9300&gt;</code>_)</li>
<li>Avoid parsing version to make the version check more robust against lousily
debundled downstream distributions. (<code>[#9348](pypa/pip#9348) &lt;https://github.com/pypa/pip/issues/9348&gt;</code>_)</li>
<li><code>--user</code> is no longer suggested incorrectly when pip fails with a permission
error in a virtual environment. (<code>[#9409](pypa/pip#9409) &lt;https://github.com/pypa/pip/issues/9409&gt;</code>_)</li>
<li>Fix incorrect reporting on <code>Requires-Python</code> conflicts. (<code>[#9541](pypa/pip#9541) &lt;https://github.com/pypa/pip/issues/9541&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/2b2a268d25963727c2a1c805de8f0246b9cd63f6"><code>2b2a268</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/ea761a6575f37b90cf89035ee8be3808cf872184"><code>ea761a6</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/2edd3fdf2af2f09dce5085ef0eb54684b4f9bc04"><code>2edd3fd</code></a> Postpone a deprecation to 21.2</li>
<li><a href="https://github.com/pypa/pip/commit/3cccfbf169bd35133ee25d2543659b9c1e262f8c"><code>3cccfbf</code></a> Rename mislabeled news fragment</li>
<li><a href="https://github.com/pypa/pip/commit/21cd124b5d40b510295c201b9152a65ac3337a37"><code>21cd124</code></a> Fix NEWS.rst placeholder position</li>
<li><a href="https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b"><code>e46bdda</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/9827">#9827</a> from pradyunsg/fix-git-improper-tag-handling</li>
<li><a href="https://github.com/pypa/pip/commit/0e4938d269815a5bf1dd8c16e851cb1199fc5317"><code>0e4938d</code></a> 📰</li>
<li><a href="https://github.com/pypa/pip/commit/ca832b2836e0bffa7cf95589acdcd71230f5834e"><code>ca832b2</code></a> Don't split git references on unicode separators</li>
<li><a href="https://github.com/pypa/pip/commit/1320bac4ff80d76b8fba2c8b4b4614a40fb9c6c3"><code>1320bac</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/9814">#9814</a> from pradyunsg/revamp-ci-apr-2021-v2</li>
<li><a href="https://github.com/pypa/pip/commit/e9cc23ffd97cb6d66d32dc3ec27cf832524bb33d"><code>e9cc23f</code></a> Skip checks on PRs only</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/21.0.1...21.1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=21.0.1&new-version=21.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

</details>
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 2, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants