Re: PEP 668 -- Graceful cooperation between external and Python package managers

[Maxim Cournoyer]

Hi,

Liliana Marie Prikler  writes:

> Hi,
>
> Am Samstag, den 11.09.2021, 22:36 -0400 schrieb Maxim Cournoyer:
>> IIUC, PEP 668 is about *warning* a pip user when installing a package
>> would shadow a system one; it does so by reading a EXTERNALLY-MANAGED
>> file in the Python library site-packages directory.
>> 
>> So simply put, all we have to do to enable this future warning in pip
>> is to install an EXTERNALLY-MANAGED file as a phase in our
>> python-build-system.
> Imho I don't think Guix needs to do anything to address PEP 668.  PEP
> 668 concerns traditional distros, in which pip and the distro package
> manager may both write to the same location (that location typically
> being /usr/lib).  IIUC it does not concern Nix or Guix, whose store
> paths should already not be written to by pip.

pip defaults to install to a user location nowadays (pip install
--user) when run as an unprivileged user [0], so even on traditional
distributions, the temptation to "sudo pip install" things and overwrite
the distro's files has been reduced.

IIUC, the EXTERNALLY-MANAGED file would also warn users when they
override (as in shadow) an already available library installed at the
system level, which could be used on Guix also (although the benefit
seems small to me).

Maxim

[0]  https://github.com/pypa/pip/pull/7002

Re: PEP 668 -- Graceful cooperation between external and Python package managers

[Liliana Marie Prikler]

Hi,

Am Samstag, den 11.09.2021, 22:36 -0400 schrieb Maxim Cournoyer:
> IIUC, PEP 668 is about *warning* a pip user when installing a package
> would shadow a system one; it does so by reading a EXTERNALLY-MANAGED
> file in the Python library site-packages directory.
> 
> So simply put, all we have to do to enable this future warning in pip
> is to install an EXTERNALLY-MANAGED file as a phase in our
> python-build-system.
Imho I don't think Guix needs to do anything to address PEP 668.  PEP
668 concerns traditional distros, in which pip and the distro package
manager may both write to the same location (that location typically
being /usr/lib).  IIUC it does not concern Nix or Guix, whose store
paths should already not be written to by pip.

Regards

Re: PEP 668 -- Graceful cooperation between external and Python package managers

[Maxim Cournoyer]

Hello,

Leo Famulari  writes:

> On Tue, Sep 07, 2021 at 04:39:28PM +0200, Maxime Devos wrote:
>> See .
>> I haven't looked closely into this myself.
>> It might be relevant to Guix.
>> 
>> For LWN subscribers, there is an article about the PEP:
>> .
>
> Here is a link for everyone to read:
>
> https://lwn.net/SubscriberLink/867657/c4e77bb70e27c910/

Guix already makes life easier with dealing with Python environments
(especially with GUIX_PYTHONPATH on core-updates), but it's nice to know
this problem is getting addressed.

IIUC, PEP 668 is about *warning* a pip user when installing a package
would shadow a system one; it does so by reading a EXTERNALLY-MANAGED
file in the Python library site-packages directory.

So simply put, all we have to do to enable this future warning in pip is
to install an EXTERNALLY-MANAGED file as a phase in our
python-build-system.

Thanks for the link!

Maxim

Re: PEP 668 -- Graceful cooperation between external and Python package managers

[Leo Famulari]

On Tue, Sep 07, 2021 at 04:39:28PM +0200, Maxime Devos wrote:
> See .
> I haven't looked closely into this myself.
> It might be relevant to Guix.
> 
> For LWN subscribers, there is an article about the PEP:
> .

Here is a link for everyone to read:

https://lwn.net/SubscriberLink/867657/c4e77bb70e27c910/

PEP 668 -- Graceful cooperation between external and Python package managers

[Maxime Devos]

See .
I haven't looked closely into this myself.
It might be relevant to Guix.

For LWN subscribers, there is an article about the PEP:
.

Greetings,
Maxime.


signature.asc
Description: This is a digitally signed message part