https://github.com/python/cpython/commit/1494d9563f72e5ac14e55d8df3b5cb9391ccef6f commit: 1494d9563f72e5ac14e55d8df3b5cb9391ccef6f branch: 3.12 author: Miss Islington (bot) <[email protected]> committer: zooba <[email protected]> date: 2024-09-18T15:16:29+01:00 summary:
gh-117505: Run ensurepip in isolated env in Windows installer (GH-118257) ensurepip forks a subprocess to run pip itself, but that subprocess only inherits a -I isolated mode flag (see _run_pip() in Lib/ensurepip/__init__.py), not the "-E -s" flags that the installer has been using. This means that parts of ensurepip don't actually run in an isolated environment and can make incorrect decisions based on packages installed in the user site-packages. (cherry picked from commit c9073eb1a99606df1efeb8959e9f11a8ebc23ae2) Co-authored-by: Michael Vincent <[email protected]> files: A Misc/NEWS.d/next/Windows/2024-04-24-22-50-33.gh-issue-117505.gcTb_p.rst M Tools/msi/pip/pip.wxs diff --git a/Misc/NEWS.d/next/Windows/2024-04-24-22-50-33.gh-issue-117505.gcTb_p.rst b/Misc/NEWS.d/next/Windows/2024-04-24-22-50-33.gh-issue-117505.gcTb_p.rst new file mode 100644 index 00000000000000..0931687ecc521c --- /dev/null +++ b/Misc/NEWS.d/next/Windows/2024-04-24-22-50-33.gh-issue-117505.gcTb_p.rst @@ -0,0 +1 @@ +Fixes an issue with the Windows installer not running ensurepip in a fully isolated environment. This could cause unexpected interactions with the user site-packages. diff --git a/Tools/msi/pip/pip.wxs b/Tools/msi/pip/pip.wxs index 1d8083cad91a56..627c4710a9fdfa 100644 --- a/Tools/msi/pip/pip.wxs +++ b/Tools/msi/pip/pip.wxs @@ -25,8 +25,8 @@ <?endif ?> <!-- Install/uninstall pip --> - <CustomAction Id="SetUpdatePipCommandLine" Property="UpdatePip" Value='"[PYTHON_EXE]" -E -s -m ensurepip -U --default-pip' Execute="immediate" /> - <CustomAction Id="SetRemovePipCommandLine" Property="UpdatePip" Value='"[PYTHON_EXE]" -E -s -B -m ensurepip._uninstall' Execute="immediate" /> + <CustomAction Id="SetUpdatePipCommandLine" Property="UpdatePip" Value='"[PYTHON_EXE]" -I -m ensurepip -U --default-pip' Execute="immediate" /> + <CustomAction Id="SetRemovePipCommandLine" Property="UpdatePip" Value='"[PYTHON_EXE]" -I -B -m ensurepip._uninstall' Execute="immediate" /> <InstallExecuteSequence> <Custom Action="SetUpdatePipCommandLine" Before="UpdatePip">(&DefaultFeature=3) AND NOT (!DefaultFeature=3)</Custom> _______________________________________________ Python-checkins mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/python-checkins.python.org/ Member address: [email protected]
