Package: python3-pip Version: 18.1-5 Severity: normal The new version 19.3.1 is available and would fix #947069 (as well as any follow-up that'd raise the same problem about manylinux2014).
I've attempted to update the package quickly myself (just a `gbp import-dsc --uscan` and patch cleanup), but found that `python3 -m venv /tmp/testpath` does not work with that alone (it gives: > The virtual environment was not created successfully because ensurepip is not > available. On Debian/Ubuntu systems, you need to install the python3-venv > package using the following command. > > apt-get install python3-venv > > You may need to use sudo with that command. After installing the python3-venv > package, recreate your virtual environment. > > Failing command: ['/tmp/testpath/bin/python3', '-Im', 'ensurepip', > '--upgrade', '--default-pip'] so the update needs to be done by someone who understands what's going on and not blindly follows the last error message of dpkg). Still, I've had to refresh the patches to get into a working state. The refershings (patches attached) will need review (and are commented for that), but I still hope they save you a few minutes. Bes regards chrysn -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.3.0-3-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3-pip depends on: ii ca-certificates 20190110 ii python-pip-whl 19.3.1-1 ii python3 3.7.5-3 ii python3-distutils 3.8.0-1 ii python3.8 3.8.1-2 Versions of packages python3-pip recommends: ii build-essential 12.8 ii python3-dev 3.7.5-3 ii python3-setuptools 44.0.0-1 ii python3-wheel 0.33.6-2 python3-pip suggests no packages. -- no debconf information -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
From 7ae3b61c128bf46a8855b40004528cd321103d14 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=2E=20Ams=C3=BCss?= <chr...@fsfe.org> Date: Fri, 17 Jan 2020 08:53:44 +0100 Subject: [PATCH 1/4] Refresh hands-off-system-packages.patch This refreshment is slightly incomplete as upstream added note about normalization requirements on the paths (which the patched version does not assume); that will need to be reviewed by someone who knows the original intentions or more context. --- debian/patches/hands-off-system-packages.patch | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/debian/patches/hands-off-system-packages.patch b/debian/patches/hands-off-system-packages.patch index 564a266..ef28a6c 100644 --- a/debian/patches/hands-off-system-packages.patch +++ b/debian/patches/hands-off-system-packages.patch @@ -17,13 +17,11 @@ Last-Update: 2014-12-04 Patch-Name: hands-off-system-packages.patch --- -Index: python-pip/src/pip/_internal/utils/misc.py -=================================================================== ---- python-pip.orig/src/pip/_internal/utils/misc.py -+++ python-pip/src/pip/_internal/utils/misc.py -@@ -289,22 +289,40 @@ def renames(old, new): - +--- a/src/pip/_internal/utils/misc.py ++++ b/src/pip/_internal/utils/misc.py +@@ -348,25 +348,42 @@ def is_local(path): + # type: (str) -> bool """ - Return True if path is within sys.prefix, if we're running in a virtualenv. + Return True if this is a path pip is allowed to modify. @@ -39,11 +37,12 @@ Index: python-pip/src/pip/_internal/utils/misc.py + and the domain of the OS vendor. (In other words, everything _other + than_ sys.prefix is considered local.) + Caution: this function assumes the head of path has been normalized + with normalize_path. """ - if not running_under_virtualenv(): - return True -- return normalize_path(path).startswith(normalize_path(sys.prefix)) -+ +- return path.startswith(normalize_path(sys.prefix)) + path = normalize_path(path) + prefix = normalize_path(sys.prefix) + @@ -61,6 +60,7 @@ Index: python-pip/src/pip/_internal/utils/misc.py def dist_is_local(dist): + # type: (Distribution) -> bool """ - Return True if given Distribution object is installed locally - (i.e. within current virtualenv). -- 2.25.0.rc2
From 982000b6803625f9796c91d380a5c54c23543e0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=2E=20Ams=C3=BCss?= <chr...@fsfe.org> Date: Fri, 17 Jan 2020 09:09:22 +0100 Subject: [PATCH 2/4] Regular patch refreshing (some manual) --- debian/patches/set_user_default.patch | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/debian/patches/set_user_default.patch b/debian/patches/set_user_default.patch index 3858f55..f6ecb97 100644 --- a/debian/patches/set_user_default.patch +++ b/debian/patches/set_user_default.patch @@ -26,8 +26,8 @@ Patch-Name: set_user_default.patch @@ -545,8 +545,10 @@ location that is specific to a user. The default location for each OS is explained in the python documentation for the `site.USER_BASE - <https://docs.python.org/3/library/site.html#site.USER_BASE>`_ variable. This mode --of installation can be turned on by specifying the :ref:`--user + <https://docs.python.org/3/library/site.html#site.USER_BASE>`_ variable. +-This mode of installation can be turned on by specifying the :ref:`--user -<install_--user>` option to ``pip install``. +of installation is the default on Debian and derivative systems (--user has no +effect) when inside non-virtual environments, and when the script is run as @@ -38,15 +38,15 @@ Patch-Name: set_user_default.patch ``PYTHONUSERBASE`` environment variable, which updates the value of ``site.USER_BASE``. --- a/src/pip/_internal/commands/install.py +++ b/src/pip/_internal/commands/install.py -@@ -35,6 +35,7 @@ - except ImportError: - wheel = None +@@ -51,6 +51,7 @@ + from pip._internal.req.req_install import InstallRequirement + from pip._internal.wheel import BinaryAllowedPredicate +from pip._internal.locations import running_under_virtualenv logger = logging.getLogger(__name__) -@@ -95,11 +96,14 @@ +@@ -160,11 +161,14 @@ help="Install to the Python user install directory for your " "platform. Typically ~/.local/, or %APPDATA%\\Python on " "Windows. (See the Python documentation for site.USER_BASE " @@ -64,7 +64,7 @@ Patch-Name: set_user_default.patch help=SUPPRESS_HELP) cmd_opts.add_option( '--root', -@@ -116,6 +120,13 @@ +@@ -181,6 +185,13 @@ help="Installation prefix where lib, bin and other top-level " "folders are placed") @@ -78,9 +78,9 @@ Patch-Name: set_user_default.patch cmd_opts.add_option(cmdoptions.build_dir()) cmd_opts.add_option(cmdoptions.src()) -@@ -223,6 +234,15 @@ - else: - python_versions = None +@@ -290,6 +301,15 @@ + + cmdoptions.check_dist_restriction(options, check_target=True) + # compute install location defaults + if (not options.use_user_site and not options.prefix_path and not -- 2.25.0.rc2
From 04401bc547a2bfabc6479f2c9fc5e3a5684d116d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=2E=20Ams=C3=BCss?= <chr...@fsfe.org> Date: Fri, 17 Jan 2020 09:17:49 +0100 Subject: [PATCH 3/4] Remove patch resolved upstream --- ...catch_requests_HTTPError_in_index.py.patch | 47 ------------------- debian/patches/series | 1 - 2 files changed, 48 deletions(-) delete mode 100644 debian/patches/Properly_catch_requests_HTTPError_in_index.py.patch diff --git a/debian/patches/Properly_catch_requests_HTTPError_in_index.py.patch b/debian/patches/Properly_catch_requests_HTTPError_in_index.py.patch deleted file mode 100644 index 40aa882..0000000 --- a/debian/patches/Properly_catch_requests_HTTPError_in_index.py.patch +++ /dev/null @@ -1,47 +0,0 @@ -Description: Properly catch requests' HTTPError in index.py - This resolves issue #4195. - . - In index.py's index retrieval routine we were catching - requests.HTTPError to log and ignore 404s and other similar HTTP server - errors when pulling from (extra-)index-urls. Unfortunately, the actual - path to that exception is requests.exceptions.HTTPError and the alias we - were using does not work when pip is installed with unvendored libs as - with the debian packaged pip. - . - Thankfully the fix is simple. Import and use - requests.exceptions.HTTPError. This comes with the added bonus of - fitting in with the existing handling for RetryError and SSLError. With - this change in place upstream pip and downstream packaged pip should - both catch this exception properly. - . - Note: I've not added any tests cases as I'm unsure how to test the - distro packaging case within pip's testsuite. However, the existing test - suite should hopefully cover that this isn't a regression and I've - manually confirmed that this works with a hacked up debian package - install. Also this is how we handle RetryError and SSLError. -Author: Clark Boylan <clark.boy...@gmail.com> -Date: Fri, 29 Mar 2019 10:17:31 -0700 -Origin: upstream, https://github.com/pypa/pip/pull/6367/commits/f8292a304deebcf0e4cda2e40caa226c70030f11 -Bug-Debian: https://bugs.debian.org/837764 -Last-Update: 2019-03-30 - ---- python-pip-18.1.orig/src/pip/_internal/index.py -+++ python-pip-18.1/src/pip/_internal/index.py -@@ -16,7 +16,7 @@ from pip._vendor.distlib.compat import u - from pip._vendor.packaging import specifiers - from pip._vendor.packaging.utils import canonicalize_name - from pip._vendor.packaging.version import parse as parse_version --from pip._vendor.requests.exceptions import SSLError -+from pip._vendor.requests.exceptions import HTTPError, SSLError - from pip._vendor.six.moves.urllib import parse as urllib_parse - from pip._vendor.six.moves.urllib import request as urllib_request - -@@ -161,7 +161,7 @@ def _get_html_page(link, session=None): - return - - inst = HTMLPage(resp.content, resp.url, resp.headers) -- except requests.HTTPError as exc: -+ except HTTPError as exc: - _handle_get_page_fail(link, exc, url) - except SSLError as exc: - reason = "There was a problem confirming the ssl certificate: " diff --git a/debian/patches/series b/debian/patches/series index f681574..92fbab9 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -3,4 +3,3 @@ debundle.patch handle-unbundled-requests.patch set_user_default.patch disable-pip-version-check.patch -Properly_catch_requests_HTTPError_in_index.py.patch -- 2.25.0.rc2
From 9c9147fadb2bcde039639c9c6713ad5556a5eee6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=2E=20Ams=C3=BCss?= <chr...@fsfe.org> Date: Fri, 17 Jan 2020 09:34:08 +0100 Subject: [PATCH 4/4] Patches: Refresh fuzz --- debian/patches/debundle.patch | 4 +--- debian/patches/disable-pip-version-check.patch | 4 ++-- debian/patches/handle-unbundled-requests.patch | 2 +- debian/patches/set_user_default.patch | 4 ++-- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/debian/patches/debundle.patch b/debian/patches/debundle.patch index c59de1f..08f8d1e 100644 --- a/debian/patches/debundle.patch +++ b/debian/patches/debundle.patch @@ -8,11 +8,9 @@ Patch-Name: debundle.patch pip/_vendor/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -diff --git a/pip/_vendor/__init__.py b/pip/_vendor/__init__.py -index bee5f5e..7e9da3e 100644 --- a/src/pip/_vendor/__init__.py +++ b/src/pip/_vendor/__init__.py -@@ -14,13 +14,13 @@ import sys +@@ -14,13 +14,13 @@ # Downstream redistributors which have debundled our dependencies should also # patch this value to be true. This will trigger the additional patching # to cause things like "six" to be available as pip. diff --git a/debian/patches/disable-pip-version-check.patch b/debian/patches/disable-pip-version-check.patch index 33ca3db..019ff76 100644 --- a/debian/patches/disable-pip-version-check.patch +++ b/debian/patches/disable-pip-version-check.patch @@ -10,7 +10,7 @@ Patch-Name: disable-pip-version-check.patch --- a/src/pip/_internal/cli/cmdoptions.py +++ b/src/pip/_internal/cli/cmdoptions.py -@@ -613,7 +613,7 @@ +@@ -790,7 +790,7 @@ "--disable-pip-version-check", dest="disable_pip_version_check", action="store_true", @@ -18,4 +18,4 @@ Patch-Name: disable-pip-version-check.patch + default=True, help="Don't periodically check PyPI to determine whether a new version " "of pip is available for download. Implied with --no-index.", - ) # type: Any + ) # type: Callable[..., Option] diff --git a/debian/patches/handle-unbundled-requests.patch b/debian/patches/handle-unbundled-requests.patch index 7d5eb3d..c37dc63 100644 --- a/debian/patches/handle-unbundled-requests.patch +++ b/debian/patches/handle-unbundled-requests.patch @@ -10,7 +10,7 @@ Patch-Name: handle-unbundled-requests.patch --- a/src/pip/_vendor/__init__.py +++ b/src/pip/_vendor/__init__.py -@@ -91,8 +91,12 @@ +@@ -90,8 +90,12 @@ vendored("requests.packages.urllib3.fields") vendored("requests.packages.urllib3.filepost") vendored("requests.packages.urllib3.packages") diff --git a/debian/patches/set_user_default.patch b/debian/patches/set_user_default.patch index f6ecb97..3a18afb 100644 --- a/debian/patches/set_user_default.patch +++ b/debian/patches/set_user_default.patch @@ -23,7 +23,7 @@ Patch-Name: set_user_default.patch --- a/docs/html/user_guide.rst +++ b/docs/html/user_guide.rst -@@ -545,8 +545,10 @@ +@@ -553,8 +553,10 @@ location that is specific to a user. The default location for each OS is explained in the python documentation for the `site.USER_BASE <https://docs.python.org/3/library/site.html#site.USER_BASE>`_ variable. @@ -35,7 +35,7 @@ Patch-Name: set_user_default.patch +:ref:`--system <install_--system>` option to ``pip install``. Moreover, the "user scheme" can be customized by setting the - ``PYTHONUSERBASE`` environment variable, which updates the value of ``site.USER_BASE``. + ``PYTHONUSERBASE`` environment variable, which updates the value of --- a/src/pip/_internal/commands/install.py +++ b/src/pip/_internal/commands/install.py @@ -51,6 +51,7 @@ -- 2.25.0.rc2
signature.asc
Description: PGP signature
_______________________________________________ Python-modules-team mailing list Python-modules-team@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/python-modules-team