Matej Cepl
e509746279
- Security - bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. - bpo-43472: Ensures interpreter-level audit hooks receive the cpython.PyInterpreterState_New event when called through the _xxsubinterpreters module. - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server. - Core and Builtins - bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations. - bpo-42924: Fix bytearray repetition incorrectly copying data from the start of the buffer, even if the data is offset within the buffer (e.g. after reassigning a slice at the start of the bytearray to a shorter byte string). - Library - bpo-43993: Update bundled pip to 21.1.1. - bpo-43937: Fixed the turtle module working with non-default root window. - bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0 - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python38?expand=0&rev=66
164 lines
6.2 KiB
Diff
164 lines
6.2 KiB
Diff
From 5754521af1d51aa8e445cba07a093bbc0c88596d Mon Sep 17 00:00:00 2001
|
|
From: Zackery Spytz <zspytz@gmail.com>
|
|
Date: Mon, 16 Dec 2019 18:24:08 -0700
|
|
Subject: [PATCH] bpo-31046: ensurepip does not honour the value of $(prefix)
|
|
|
|
Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
|
---
|
|
Doc/library/ensurepip.rst | 9 +++--
|
|
Lib/ensurepip/__init__.py | 18 +++++++---
|
|
Lib/test/test_ensurepip.py | 11 ++++++
|
|
Makefile.pre.in | 4 +-
|
|
Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst | 1
|
|
5 files changed, 34 insertions(+), 9 deletions(-)
|
|
create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst
|
|
|
|
--- a/Doc/library/ensurepip.rst
|
|
+++ b/Doc/library/ensurepip.rst
|
|
@@ -56,8 +56,9 @@ is at least as recent as the one bundled
|
|
By default, ``pip`` is installed into the current virtual environment
|
|
(if one is active) or into the system site packages (if there is no
|
|
active virtual environment). The installation location can be controlled
|
|
-through two additional command line options:
|
|
+through some additional command line options:
|
|
|
|
+* ``--prefix <dir>``: Installs ``pip`` using the given directory prefix.
|
|
* ``--root <dir>``: Installs ``pip`` relative to the given root directory
|
|
rather than the root of the currently active virtual environment (if any)
|
|
or the default root for the current Python installation.
|
|
@@ -89,7 +90,7 @@ Module API
|
|
Returns a string specifying the bundled version of pip that will be
|
|
installed when bootstrapping an environment.
|
|
|
|
-.. function:: bootstrap(root=None, upgrade=False, user=False, \
|
|
+.. function:: bootstrap(root=None, prefix=None, upgrade=False, user=False, \
|
|
altinstall=False, default_pip=False, \
|
|
verbosity=0)
|
|
|
|
@@ -99,6 +100,8 @@ Module API
|
|
If *root* is ``None``, then installation uses the default install location
|
|
for the current environment.
|
|
|
|
+ *prefix* specifies the directory prefix to use when installing.
|
|
+
|
|
*upgrade* indicates whether or not to upgrade an existing installation
|
|
of an earlier version of ``pip`` to the bundled version.
|
|
|
|
@@ -119,6 +122,8 @@ Module API
|
|
*verbosity* controls the level of output to :data:`sys.stdout` from the
|
|
bootstrapping operation.
|
|
|
|
+ .. versionchanged:: 3.9 the *prefix* parameter was added.
|
|
+
|
|
.. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap
|
|
|
|
.. note::
|
|
--- a/Lib/ensurepip/__init__.py
|
|
+++ b/Lib/ensurepip/__init__.py
|
|
@@ -52,27 +52,27 @@ def _disable_pip_configuration_settings(
|
|
os.environ['PIP_CONFIG_FILE'] = os.devnull
|
|
|
|
|
|
-def bootstrap(*, root=None, upgrade=False, user=False,
|
|
+def bootstrap(*, root=None, prefix=None, upgrade=False, user=False,
|
|
altinstall=False, default_pip=False,
|
|
verbosity=0):
|
|
"""
|
|
Bootstrap pip into the current Python installation (or the given root
|
|
- directory).
|
|
+ and directory prefix).
|
|
|
|
Note that calling this function will alter both sys.path and os.environ.
|
|
"""
|
|
# Discard the return value
|
|
- _bootstrap(root=root, upgrade=upgrade, user=user,
|
|
+ _bootstrap(root=root, prefix=prefix, upgrade=upgrade, user=user,
|
|
altinstall=altinstall, default_pip=default_pip,
|
|
verbosity=verbosity)
|
|
|
|
|
|
-def _bootstrap(*, root=None, upgrade=False, user=False,
|
|
+def _bootstrap(*, root=None, prefix=None, upgrade=False, user=False,
|
|
altinstall=False, default_pip=False,
|
|
verbosity=0):
|
|
"""
|
|
Bootstrap pip into the current Python installation (or the given root
|
|
- directory). Returns pip command status code.
|
|
+ and directory prefix). Returns pip command status code.
|
|
|
|
Note that calling this function will alter both sys.path and os.environ.
|
|
"""
|
|
@@ -115,6 +115,8 @@ def _bootstrap(*, root=None, upgrade=Fal
|
|
args = ["install", "--no-cache-dir", "--no-index", "--find-links", tmpdir]
|
|
if root:
|
|
args += ["--root", root]
|
|
+ if prefix:
|
|
+ args += ["--prefix", prefix]
|
|
if upgrade:
|
|
args += ["--upgrade"]
|
|
if user:
|
|
@@ -187,6 +189,11 @@ def _main(argv=None):
|
|
help="Install everything relative to this alternate root directory.",
|
|
)
|
|
parser.add_argument(
|
|
+ "--prefix",
|
|
+ default=None,
|
|
+ help="Install everything using this prefix.",
|
|
+ )
|
|
+ parser.add_argument(
|
|
"--altinstall",
|
|
action="store_true",
|
|
default=False,
|
|
@@ -205,6 +212,7 @@ def _main(argv=None):
|
|
|
|
return _bootstrap(
|
|
root=args.root,
|
|
+ prefix=args.prefix,
|
|
upgrade=args.upgrade,
|
|
user=args.user,
|
|
verbosity=args.verbosity,
|
|
--- a/Lib/test/test_ensurepip.py
|
|
+++ b/Lib/test/test_ensurepip.py
|
|
@@ -61,6 +61,17 @@ class TestBootstrap(EnsurepipMixin, unit
|
|
unittest.mock.ANY,
|
|
)
|
|
|
|
+ def test_bootstrapping_with_prefix(self):
|
|
+ ensurepip.bootstrap(prefix="/foo/bar/")
|
|
+ self.run_pip.assert_called_once_with(
|
|
+ [
|
|
+ "install", "--no-cache-dir", "--no-index", "--find-links",
|
|
+ unittest.mock.ANY, "--prefix", "/foo/bar/",
|
|
+ "setuptools", "pip",
|
|
+ ],
|
|
+ unittest.mock.ANY,
|
|
+ )
|
|
+
|
|
def test_bootstrapping_with_user(self):
|
|
ensurepip.bootstrap(user=True)
|
|
|
|
--- a/Makefile.pre.in
|
|
+++ b/Makefile.pre.in
|
|
@@ -1200,7 +1200,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni
|
|
install|*) ensurepip="" ;; \
|
|
esac; \
|
|
$(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \
|
|
- $$ensurepip --root=$(DESTDIR)/ ; \
|
|
+ $$ensurepip --root=$(DESTDIR)/ --prefix=$(prefix) ; \
|
|
fi
|
|
|
|
altinstall: commoninstall
|
|
@@ -1210,7 +1210,7 @@ altinstall: commoninstall
|
|
install|*) ensurepip="--altinstall" ;; \
|
|
esac; \
|
|
$(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \
|
|
- $$ensurepip --root=$(DESTDIR)/ ; \
|
|
+ $$ensurepip --root=$(DESTDIR)/ --prefix=$(prefix) ; \
|
|
fi
|
|
|
|
commoninstall: check-clean-src @FRAMEWORKALTINSTALLFIRST@ \
|
|
--- /dev/null
|
|
+++ b/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst
|
|
@@ -0,0 +1 @@
|
|
+A directory prefix can now be specified when using :mod:`ensurepip`.
|