Matej Cepl
6fa3cda544
- (CVE-2020-10735, bsc#1203125). Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This new limit can be configured or disabled by environment variable, command line flag, or sys APIs. See the integer string conversion length limitation documentation. The default limit is 4300 digits in string form. - Also other bug fixes: - http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. Vulnerability discovered, and initial fix proposed, by Hamza Avvan. - Fix contextvars HAMT implementation to handle iteration over deep trees. The bug was discovered and fixed by Eli Libman. See MagicStack/immutables#84 for more details. - Fix binding of unix socket to empty address on Linux to use an available address from the abstract namespace, instead of “0”. - Suppress writing an XML declaration in open files in ElementTree.write() with encoding='unicode' and xml_declaration=None. - Fix the formatting for await x and not x in the operator precedence table when using the help() system. - Fix ensurepip environment isolation for subprocess running pip. - Fix problem with test_ssl test_get_ciphers on systems that require perfect forward secrecy (PFS) ciphers. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python39?expand=0&rev=116
164 lines
6.2 KiB
Diff
164 lines
6.2 KiB
Diff
From 5754521af1d51aa8e445cba07a093bbc0c88596d Mon Sep 17 00:00:00 2001
|
|
From: Zackery Spytz <zspytz@gmail.com>
|
|
Date: Mon, 16 Dec 2019 18:24:08 -0700
|
|
Subject: [PATCH] bpo-31046: ensurepip does not honour the value of $(prefix)
|
|
|
|
Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
|
---
|
|
Doc/library/ensurepip.rst | 9 +++--
|
|
Lib/ensurepip/__init__.py | 18 +++++++---
|
|
Lib/test/test_ensurepip.py | 11 ++++++
|
|
Makefile.pre.in | 4 +-
|
|
Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst | 1
|
|
5 files changed, 34 insertions(+), 9 deletions(-)
|
|
create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst
|
|
|
|
--- a/Doc/library/ensurepip.rst
|
|
+++ b/Doc/library/ensurepip.rst
|
|
@@ -56,8 +56,9 @@ is at least as recent as the one bundled
|
|
By default, ``pip`` is installed into the current virtual environment
|
|
(if one is active) or into the system site packages (if there is no
|
|
active virtual environment). The installation location can be controlled
|
|
-through two additional command line options:
|
|
+through some additional command line options:
|
|
|
|
+* ``--prefix <dir>``: Installs ``pip`` using the given directory prefix.
|
|
* ``--root <dir>``: Installs ``pip`` relative to the given root directory
|
|
rather than the root of the currently active virtual environment (if any)
|
|
or the default root for the current Python installation.
|
|
@@ -89,7 +90,7 @@ Module API
|
|
Returns a string specifying the bundled version of pip that will be
|
|
installed when bootstrapping an environment.
|
|
|
|
-.. function:: bootstrap(root=None, upgrade=False, user=False, \
|
|
+.. function:: bootstrap(root=None, prefix=None, upgrade=False, user=False, \
|
|
altinstall=False, default_pip=False, \
|
|
verbosity=0)
|
|
|
|
@@ -99,6 +100,8 @@ Module API
|
|
If *root* is ``None``, then installation uses the default install location
|
|
for the current environment.
|
|
|
|
+ *prefix* specifies the directory prefix to use when installing.
|
|
+
|
|
*upgrade* indicates whether or not to upgrade an existing installation
|
|
of an earlier version of ``pip`` to the bundled version.
|
|
|
|
@@ -119,6 +122,8 @@ Module API
|
|
*verbosity* controls the level of output to :data:`sys.stdout` from the
|
|
bootstrapping operation.
|
|
|
|
+ .. versionchanged:: 3.9 the *prefix* parameter was added.
|
|
+
|
|
.. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap
|
|
|
|
.. note::
|
|
--- a/Lib/ensurepip/__init__.py
|
|
+++ b/Lib/ensurepip/__init__.py
|
|
@@ -57,27 +57,27 @@ def _disable_pip_configuration_settings(
|
|
os.environ['PIP_CONFIG_FILE'] = os.devnull
|
|
|
|
|
|
-def bootstrap(*, root=None, upgrade=False, user=False,
|
|
+def bootstrap(*, root=None, prefix=None, upgrade=False, user=False,
|
|
altinstall=False, default_pip=False,
|
|
verbosity=0):
|
|
"""
|
|
Bootstrap pip into the current Python installation (or the given root
|
|
- directory).
|
|
+ and directory prefix).
|
|
|
|
Note that calling this function will alter both sys.path and os.environ.
|
|
"""
|
|
# Discard the return value
|
|
- _bootstrap(root=root, upgrade=upgrade, user=user,
|
|
+ _bootstrap(root=root, prefix=prefix, upgrade=upgrade, user=user,
|
|
altinstall=altinstall, default_pip=default_pip,
|
|
verbosity=verbosity)
|
|
|
|
|
|
-def _bootstrap(*, root=None, upgrade=False, user=False,
|
|
+def _bootstrap(*, root=None, prefix=None, upgrade=False, user=False,
|
|
altinstall=False, default_pip=False,
|
|
verbosity=0):
|
|
"""
|
|
Bootstrap pip into the current Python installation (or the given root
|
|
- directory). Returns pip command status code.
|
|
+ and directory prefix). Returns pip command status code.
|
|
|
|
Note that calling this function will alter both sys.path and os.environ.
|
|
"""
|
|
@@ -120,6 +120,8 @@ def _bootstrap(*, root=None, upgrade=Fal
|
|
args = ["install", "--no-cache-dir", "--no-index", "--find-links", tmpdir]
|
|
if root:
|
|
args += ["--root", root]
|
|
+ if prefix:
|
|
+ args += ["--prefix", prefix]
|
|
if upgrade:
|
|
args += ["--upgrade"]
|
|
if user:
|
|
@@ -192,6 +194,11 @@ def _main(argv=None):
|
|
help="Install everything relative to this alternate root directory.",
|
|
)
|
|
parser.add_argument(
|
|
+ "--prefix",
|
|
+ default=None,
|
|
+ help="Install everything using this prefix.",
|
|
+ )
|
|
+ parser.add_argument(
|
|
"--altinstall",
|
|
action="store_true",
|
|
default=False,
|
|
@@ -210,6 +217,7 @@ def _main(argv=None):
|
|
|
|
return _bootstrap(
|
|
root=args.root,
|
|
+ prefix=args.prefix,
|
|
upgrade=args.upgrade,
|
|
user=args.user,
|
|
verbosity=args.verbosity,
|
|
--- a/Lib/test/test_ensurepip.py
|
|
+++ b/Lib/test/test_ensurepip.py
|
|
@@ -61,6 +61,17 @@ class TestBootstrap(EnsurepipMixin, unit
|
|
unittest.mock.ANY,
|
|
)
|
|
|
|
+ def test_bootstrapping_with_prefix(self):
|
|
+ ensurepip.bootstrap(prefix="/foo/bar/")
|
|
+ self.run_pip.assert_called_once_with(
|
|
+ [
|
|
+ "install", "--no-cache-dir", "--no-index", "--find-links",
|
|
+ unittest.mock.ANY, "--prefix", "/foo/bar/",
|
|
+ "setuptools", "pip",
|
|
+ ],
|
|
+ unittest.mock.ANY,
|
|
+ )
|
|
+
|
|
def test_bootstrapping_with_user(self):
|
|
ensurepip.bootstrap(user=True)
|
|
|
|
--- a/Makefile.pre.in
|
|
+++ b/Makefile.pre.in
|
|
@@ -1263,7 +1263,7 @@ install: @FRAMEWORKINSTALLFIRST@ commoni
|
|
install|*) ensurepip="" ;; \
|
|
esac; \
|
|
$(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \
|
|
- $$ensurepip --root=$(DESTDIR)/ ; \
|
|
+ $$ensurepip --root=$(DESTDIR)/ --prefix=$(prefix) ; \
|
|
fi
|
|
|
|
altinstall: commoninstall
|
|
@@ -1273,7 +1273,7 @@ altinstall: commoninstall
|
|
install|*) ensurepip="--altinstall" ;; \
|
|
esac; \
|
|
$(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \
|
|
- $$ensurepip --root=$(DESTDIR)/ ; \
|
|
+ $$ensurepip --root=$(DESTDIR)/ --prefix=$(prefix) ; \
|
|
fi
|
|
|
|
commoninstall: check-clean-src @FRAMEWORKALTINSTALLFIRST@ \
|
|
--- /dev/null
|
|
+++ b/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst
|
|
@@ -0,0 +1 @@
|
|
+A directory prefix can now be specified when using :mod:`ensurepip`.
|