Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

gh-117505: Run ensurepip in isolated env in Windows installer#118257

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
zooba merged 2 commits intopython:mainfromVynce:isolated-ensurepip
May 22, 2024

Conversation

Vynce
Copy link
Contributor

@VynceVynce commentedApr 24, 2024
edited by bedevere-appbot
Loading

ensurepip forks a subprocess to run pip itself, but that subprocess only inherits a-I isolated mode flag (see_run_pip() inLib/ensurepip/__init__.py), not the-E -s flags that the installer has been using. This means that parts of ensurepip don't actually run in an isolated environment and can make incorrect decisions based on packages installed in the user site-packages.

ensurepip forks a subprocess to run pip itself, but that subprocess only inherits a -I isolated mode flag (see _run_pip() in Lib/ensurepip/__init__.py), not the "-E -s" flags that the installer has been using. This means that parts of ensurepip don't actually run in an isolated environment and can make incorrect decisions based on packages installed in the user site-packages.
@VynceVynce requested a review froma team as acode ownerApril 24, 2024 22:40
@ghost
Copy link

ghost commentedApr 24, 2024
edited by ghost
Loading

All commit authors signed the Contributor License Agreement.
CLA signed

@bedevere-app
Copy link

Most changes to Pythonrequire a NEWS entry. Add one using theblurb_it web app or theblurb command-line tool.

If this change has little impact on Python users, wait for a maintainer to apply theskip news label instead.

@zooba
Copy link
Member

Before we go straight to-I I'd want to understand/remember why I used-E -s in the first place. I don't have time to figure it out right now - will have to be next week.

Vynce reacted with thumbs up emoji

@zooba
Copy link
Member

I haven't been able to find any record of why-E -s was used, so I'll just assume that it could've been-I. We'll find out in the next 3.13 beta, and if it's not a problem, it can be backported later.

@zoobazooba merged commitc9073eb intopython:mainMay 22, 2024
@zoobazooba added the needs backport to 3.13bugs and security fixes labelMay 22, 2024
@miss-islington-app
Copy link

Thanks@Vynce for the PR, and@zooba for merging it 🌮🎉.. I'm working now to backport this PR to: 3.13.
🐍🍒⛏🤖

@zoobazooba added the needs backport to 3.12only security fixes labelMay 22, 2024
miss-islington pushed a commit to miss-islington/cpython that referenced this pull requestMay 22, 2024
…ythonGH-118257)ensurepip forks a subprocess to run pip itself, but that subprocess only inherits a -I isolated mode flag (see _run_pip() in Lib/ensurepip/__init__.py), not the "-E -s" flags that the installer has been using. This means that parts of ensurepip don't actually run in an isolated environment and can make incorrect decisions based on packages installed in the user site-packages.(cherry picked from commitc9073eb)Co-authored-by: Michael Vincent <377567+Vynce@users.noreply.github.com>
@miss-islington-app
Copy link

Thanks@Vynce for the PR, and@zooba for merging it 🌮🎉.. I'm working now to backport this PR to: 3.12.
🐍🍒⛏🤖

miss-islington pushed a commit to miss-islington/cpython that referenced this pull requestMay 22, 2024
…ythonGH-118257)ensurepip forks a subprocess to run pip itself, but that subprocess only inherits a -I isolated mode flag (see _run_pip() in Lib/ensurepip/__init__.py), not the "-E -s" flags that the installer has been using. This means that parts of ensurepip don't actually run in an isolated environment and can make incorrect decisions based on packages installed in the user site-packages.(cherry picked from commitc9073eb)Co-authored-by: Michael Vincent <377567+Vynce@users.noreply.github.com>
@bedevere-app
Copy link

GH-119421 is a backport of this pull request to the3.13 branch.

@bedevere-appbedevere-appbot removed the needs backport to 3.13bugs and security fixes labelMay 22, 2024
@bedevere-app
Copy link

GH-119422 is a backport of this pull request to the3.12 branch.

@bedevere-appbedevere-appbot removed the needs backport to 3.12only security fixes labelMay 22, 2024
zooba pushed a commit that referenced this pull requestMay 22, 2024
)ensurepip forks a subprocess to run pip itself, but that subprocess only inherits a -I isolated mode flag (see _run_pip() in Lib/ensurepip/__init__.py), not the "-E -s" flags that the installer has been using. This means that parts of ensurepip don't actually run in an isolated environment and can make incorrect decisions based on packages installed in the user site-packages.(cherry picked from commitc9073eb)Co-authored-by: Michael Vincent <377567+Vynce@users.noreply.github.com>
@VynceVynce deleted the isolated-ensurepip branchJuly 12, 2024 18:27
estyxx pushed a commit to estyxx/cpython that referenced this pull requestJul 17, 2024
…ythonGH-118257)ensurepip forks a subprocess to run pip itself, but that subprocess only inherits a -I isolated mode flag (see _run_pip() in Lib/ensurepip/__init__.py), not the "-E -s" flags that the installer has been using. This means that parts of ensurepip don't actually run in an isolated environment and can make incorrect decisions based on packages installed in the user site-packages.
zooba pushed a commit that referenced this pull requestSep 18, 2024
)ensurepip forks a subprocess to run pip itself, but that subprocess only inherits a -I isolated mode flag (see _run_pip() in Lib/ensurepip/__init__.py), not the "-E -s" flags that the installer has been using. This means that parts of ensurepip don't actually run in an isolated environment and can make incorrect decisions based on packages installed in the user site-packages.(cherry picked from commitc9073eb)Co-authored-by: Michael Vincent <377567+Vynce@users.noreply.github.com>
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

2 participants
@Vynce@zooba
[8]ページ先頭
©2009-2025 Movatter.jp