2021-11-13 17:28:39 +01:00
|
|
|
---
|
|
|
|
|
src/pip/_vendor/certifi/core.py | 70 ++++------------------------------------
|
|
|
|
|
tests/unit/test_options.py | 5 ++
|
|
|
|
|
2 files changed, 13 insertions(+), 62 deletions(-)
|
|
|
|
|
|
|
|
|
|
--- a/src/pip/_vendor/certifi/core.py
|
|
|
|
|
+++ b/src/pip/_vendor/certifi/core.py
|
- update to 21.3.1:
* Always refuse installing or building projects that have no ``pyproject.toml`` nor
``setup.py``.
* Tweak running-as-root detection, to check ``os.getuid`` if it exists, on
Unix-y and non-Linux/non-MacOS machines.
* When installing projects with a ``pyproject.toml`` in editable mode, and the build
backend does not support :pep:`660`, prepare metadata using
``prepare_metadata_for_build_wheel`` instead of ``setup.py egg_info``. Also, refuse
installing projects that only have a ``setup.cfg`` and no ``setup.py`` nor
``pyproject.toml``. These restore the pre-21.3 behaviour.
* Restore compatibility of where configuration files are loaded from on MacOS
* Upgrade pep517 to 0.12.0
* Improve deprecation warning regarding the copying of source trees when
installing from a local directory.
* Suppress location mismatch warnings when pip is invoked from a Python source
tree, so ``ensurepip`` does not emit warnings on CPython ``make install``.
* On Python 3.10 or later, the installation scheme backend has been changed to use
``sysconfig``. This is to anticipate the deprecation of ``distutils`` in Python
3.10, and its scheduled removal in 3.12. For compatibility considerations, pip
installations running on Python 3.9 or lower will continue to use ``distutils``.
* Remove the ``--build-dir`` option and aliases, one last time.
* In-tree builds are now the default. ``--use-feature=in-tree-build`` is now
ignored. ``--use-deprecated=out-of-tree-build`` may be used temporarily to ease
the transition.
* Un-deprecate source distribution re-installation behaviour.
* Replace vendored appdirs with platformdirs.
* Support `PEP 610 <https://www.python.org/dev/peps/pep-0610/>`_ to detect
editable installs in ``pip freeze`` and ``pip list``. The ``pip list`` column output
has a new ``Editable project location`` column, and the JSON output has a new
``editable_project_location`` field.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pip?expand=0&rev=92
2021-11-07 19:12:24 +01:00
|
|
|
@@ -5,72 +5,18 @@ certifi.py
|
2020-10-15 10:14:59 +02:00
|
|
|
~~~~~~~~~~
|
2018-07-24 08:41:54 +02:00
|
|
|
|
2020-10-15 10:14:59 +02:00
|
|
|
This module returns the installation location of cacert.pem or its contents.
|
|
|
|
|
-"""
|
|
|
|
|
-import os
|
- update to 21.3.1:
* Always refuse installing or building projects that have no ``pyproject.toml`` nor
``setup.py``.
* Tweak running-as-root detection, to check ``os.getuid`` if it exists, on
Unix-y and non-Linux/non-MacOS machines.
* When installing projects with a ``pyproject.toml`` in editable mode, and the build
backend does not support :pep:`660`, prepare metadata using
``prepare_metadata_for_build_wheel`` instead of ``setup.py egg_info``. Also, refuse
installing projects that only have a ``setup.cfg`` and no ``setup.py`` nor
``pyproject.toml``. These restore the pre-21.3 behaviour.
* Restore compatibility of where configuration files are loaded from on MacOS
* Upgrade pep517 to 0.12.0
* Improve deprecation warning regarding the copying of source trees when
installing from a local directory.
* Suppress location mismatch warnings when pip is invoked from a Python source
tree, so ``ensurepip`` does not emit warnings on CPython ``make install``.
* On Python 3.10 or later, the installation scheme backend has been changed to use
``sysconfig``. This is to anticipate the deprecation of ``distutils`` in Python
3.10, and its scheduled removal in 3.12. For compatibility considerations, pip
installations running on Python 3.9 or lower will continue to use ``distutils``.
* Remove the ``--build-dir`` option and aliases, one last time.
* In-tree builds are now the default. ``--use-feature=in-tree-build`` is now
ignored. ``--use-deprecated=out-of-tree-build`` may be used temporarily to ease
the transition.
* Un-deprecate source distribution re-installation behaviour.
* Replace vendored appdirs with platformdirs.
* Support `PEP 610 <https://www.python.org/dev/peps/pep-0610/>`_ to detect
editable installs in ``pip freeze`` and ``pip list``. The ``pip list`` column output
has a new ``Editable project location`` column, and the JSON output has a new
``editable_project_location`` field.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pip?expand=0&rev=92
2021-11-07 19:12:24 +01:00
|
|
|
-
|
2018-07-24 08:41:54 +02:00
|
|
|
|
- update to 21.3.1:
* Always refuse installing or building projects that have no ``pyproject.toml`` nor
``setup.py``.
* Tweak running-as-root detection, to check ``os.getuid`` if it exists, on
Unix-y and non-Linux/non-MacOS machines.
* When installing projects with a ``pyproject.toml`` in editable mode, and the build
backend does not support :pep:`660`, prepare metadata using
``prepare_metadata_for_build_wheel`` instead of ``setup.py egg_info``. Also, refuse
installing projects that only have a ``setup.cfg`` and no ``setup.py`` nor
``pyproject.toml``. These restore the pre-21.3 behaviour.
* Restore compatibility of where configuration files are loaded from on MacOS
* Upgrade pep517 to 0.12.0
* Improve deprecation warning regarding the copying of source trees when
installing from a local directory.
* Suppress location mismatch warnings when pip is invoked from a Python source
tree, so ``ensurepip`` does not emit warnings on CPython ``make install``.
* On Python 3.10 or later, the installation scheme backend has been changed to use
``sysconfig``. This is to anticipate the deprecation of ``distutils`` in Python
3.10, and its scheduled removal in 3.12. For compatibility considerations, pip
installations running on Python 3.9 or lower will continue to use ``distutils``.
* Remove the ``--build-dir`` option and aliases, one last time.
* In-tree builds are now the default. ``--use-feature=in-tree-build`` is now
ignored. ``--use-deprecated=out-of-tree-build`` may be used temporarily to ease
the transition.
* Un-deprecate source distribution re-installation behaviour.
* Replace vendored appdirs with platformdirs.
* Support `PEP 610 <https://www.python.org/dev/peps/pep-0610/>`_ to detect
editable installs in ``pip freeze`` and ``pip list``. The ``pip list`` column output
has a new ``Editable project location`` column, and the JSON output has a new
``editable_project_location`` field.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pip?expand=0&rev=92
2021-11-07 19:12:24 +01:00
|
|
|
-class _PipPatchedCertificate(Exception):
|
|
|
|
|
- pass
|
2020-10-15 10:14:59 +02:00
|
|
|
+Patched by openSUSE: return the system bundle
|
|
|
|
|
+"""
|
|
|
|
|
|
|
|
|
|
+def read_text(_module=None, _path=None, encoding="ascii"):
|
|
|
|
|
+ with open(where(), "r", encoding=encoding) as data:
|
|
|
|
|
+ return data.read()
|
|
|
|
|
|
- update to 21.3.1:
* Always refuse installing or building projects that have no ``pyproject.toml`` nor
``setup.py``.
* Tweak running-as-root detection, to check ``os.getuid`` if it exists, on
Unix-y and non-Linux/non-MacOS machines.
* When installing projects with a ``pyproject.toml`` in editable mode, and the build
backend does not support :pep:`660`, prepare metadata using
``prepare_metadata_for_build_wheel`` instead of ``setup.py egg_info``. Also, refuse
installing projects that only have a ``setup.cfg`` and no ``setup.py`` nor
``pyproject.toml``. These restore the pre-21.3 behaviour.
* Restore compatibility of where configuration files are loaded from on MacOS
* Upgrade pep517 to 0.12.0
* Improve deprecation warning regarding the copying of source trees when
installing from a local directory.
* Suppress location mismatch warnings when pip is invoked from a Python source
tree, so ``ensurepip`` does not emit warnings on CPython ``make install``.
* On Python 3.10 or later, the installation scheme backend has been changed to use
``sysconfig``. This is to anticipate the deprecation of ``distutils`` in Python
3.10, and its scheduled removal in 3.12. For compatibility considerations, pip
installations running on Python 3.9 or lower will continue to use ``distutils``.
* Remove the ``--build-dir`` option and aliases, one last time.
* In-tree builds are now the default. ``--use-feature=in-tree-build`` is now
ignored. ``--use-deprecated=out-of-tree-build`` may be used temporarily to ease
the transition.
* Un-deprecate source distribution re-installation behaviour.
* Replace vendored appdirs with platformdirs.
* Support `PEP 610 <https://www.python.org/dev/peps/pep-0610/>`_ to detect
editable installs in ``pip freeze`` and ``pip list``. The ``pip list`` column output
has a new ``Editable project location`` column, and the JSON output has a new
``editable_project_location`` field.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pip?expand=0&rev=92
2021-11-07 19:12:24 +01:00
|
|
|
-try:
|
|
|
|
|
- # Return a certificate file on disk for a standalone pip zipapp running in
|
|
|
|
|
- # an isolated build environment to use. Passing --cert to the standalone
|
|
|
|
|
- # pip does not work since requests calls where() unconditionally on import.
|
|
|
|
|
- _PIP_STANDALONE_CERT = os.environ.get("_PIP_STANDALONE_CERT")
|
|
|
|
|
- if _PIP_STANDALONE_CERT:
|
|
|
|
|
- def where():
|
|
|
|
|
- return _PIP_STANDALONE_CERT
|
|
|
|
|
- raise _PipPatchedCertificate()
|
|
|
|
|
-
|
|
|
|
|
- from importlib.resources import path as get_path, read_text
|
|
|
|
|
-
|
|
|
|
|
- _CACERT_CTX = None
|
|
|
|
|
- _CACERT_PATH = None
|
|
|
|
|
-
|
2020-10-15 10:14:59 +02:00
|
|
|
- def where():
|
|
|
|
|
- # This is slightly terrible, but we want to delay extracting the file
|
|
|
|
|
- # in cases where we're inside of a zipimport situation until someone
|
|
|
|
|
- # actually calls where(), but we don't want to re-extract the file
|
|
|
|
|
- # on every call of where(), so we'll do it once then store it in a
|
|
|
|
|
- # global variable.
|
|
|
|
|
- global _CACERT_CTX
|
|
|
|
|
- global _CACERT_PATH
|
|
|
|
|
- if _CACERT_PATH is None:
|
|
|
|
|
- # This is slightly janky, the importlib.resources API wants you to
|
|
|
|
|
- # manage the cleanup of this file, so it doesn't actually return a
|
|
|
|
|
- # path, it returns a context manager that will give you the path
|
|
|
|
|
- # when you enter it and will do any cleanup when you leave it. In
|
|
|
|
|
- # the common case of not needing a temporary file, it will just
|
|
|
|
|
- # return the file system location and the __exit__() is a no-op.
|
|
|
|
|
- #
|
|
|
|
|
- # We also have to hold onto the actual context manager, because
|
|
|
|
|
- # it will do the cleanup whenever it gets garbage collected, so
|
|
|
|
|
- # we will also store that at the global level as well.
|
|
|
|
|
- _CACERT_CTX = get_path("pip._vendor.certifi", "cacert.pem")
|
|
|
|
|
- _CACERT_PATH = str(_CACERT_CTX.__enter__())
|
|
|
|
|
-
|
|
|
|
|
- return _CACERT_PATH
|
|
|
|
|
-
|
- update to 21.3.1:
* Always refuse installing or building projects that have no ``pyproject.toml`` nor
``setup.py``.
* Tweak running-as-root detection, to check ``os.getuid`` if it exists, on
Unix-y and non-Linux/non-MacOS machines.
* When installing projects with a ``pyproject.toml`` in editable mode, and the build
backend does not support :pep:`660`, prepare metadata using
``prepare_metadata_for_build_wheel`` instead of ``setup.py egg_info``. Also, refuse
installing projects that only have a ``setup.cfg`` and no ``setup.py`` nor
``pyproject.toml``. These restore the pre-21.3 behaviour.
* Restore compatibility of where configuration files are loaded from on MacOS
* Upgrade pep517 to 0.12.0
* Improve deprecation warning regarding the copying of source trees when
installing from a local directory.
* Suppress location mismatch warnings when pip is invoked from a Python source
tree, so ``ensurepip`` does not emit warnings on CPython ``make install``.
* On Python 3.10 or later, the installation scheme backend has been changed to use
``sysconfig``. This is to anticipate the deprecation of ``distutils`` in Python
3.10, and its scheduled removal in 3.12. For compatibility considerations, pip
installations running on Python 3.9 or lower will continue to use ``distutils``.
* Remove the ``--build-dir`` option and aliases, one last time.
* In-tree builds are now the default. ``--use-feature=in-tree-build`` is now
ignored. ``--use-deprecated=out-of-tree-build`` may be used temporarily to ease
the transition.
* Un-deprecate source distribution re-installation behaviour.
* Replace vendored appdirs with platformdirs.
* Support `PEP 610 <https://www.python.org/dev/peps/pep-0610/>`_ to detect
editable installs in ``pip freeze`` and ``pip list``. The ``pip list`` column output
has a new ``Editable project location`` column, and the JSON output has a new
``editable_project_location`` field.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pip?expand=0&rev=92
2021-11-07 19:12:24 +01:00
|
|
|
-except _PipPatchedCertificate:
|
|
|
|
|
- pass
|
2019-05-11 19:29:32 +02:00
|
|
|
-
|
2020-10-15 10:14:59 +02:00
|
|
|
-except ImportError:
|
|
|
|
|
- # This fallback will work for Python versions prior to 3.7 that lack the
|
|
|
|
|
- # importlib.resources module but relies on the existing `where` function
|
|
|
|
|
- # so won't address issues with environments like PyOxidizer that don't set
|
|
|
|
|
- # __file__ on modules.
|
|
|
|
|
- def read_text(_module, _path, encoding="ascii"):
|
|
|
|
|
- with open(where(), "r", encoding=encoding) as data:
|
|
|
|
|
- return data.read()
|
|
|
|
|
-
|
|
|
|
|
- # If we don't have importlib.resources, then we will just do the old logic
|
|
|
|
|
- # of assuming we're on the filesystem and munge the path directly.
|
|
|
|
|
- def where():
|
|
|
|
|
- f = os.path.dirname(__file__)
|
|
|
|
|
|
|
|
|
|
- return os.path.join(f, "cacert.pem")
|
|
|
|
|
+def where():
|
|
|
|
|
+ return "/etc/ssl/ca-bundle.pem"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def contents():
|
|
|
|
|
- return read_text("certifi", "cacert.pem", encoding="ascii")
|
|
|
|
|
+ return read_text(encoding="ascii")
|
2021-11-13 17:28:39 +01:00
|
|
|
--- a/tests/unit/test_options.py
|
|
|
|
|
+++ b/tests/unit/test_options.py
|
|
|
|
|
@@ -1,4 +1,5 @@
|
|
|
|
|
import os
|
|
|
|
|
+import os.path
|
|
|
|
|
from contextlib import contextmanager
|
|
|
|
|
from optparse import Values
|
|
|
|
|
from tempfile import NamedTemporaryFile
|
|
|
|
|
@@ -11,6 +12,7 @@ from pip._internal.cli.main import main
|
|
|
|
|
from pip._internal.commands import create_command
|
|
|
|
|
from pip._internal.commands.configuration import ConfigurationCommand
|
|
|
|
|
from pip._internal.exceptions import PipError
|
|
|
|
|
+from pip._vendor.certifi import where
|
|
|
|
|
from tests.lib.options_helpers import AddFakeCommandMixin
|
|
|
|
|
from tests.lib.path import Path
|
|
|
|
|
|
|
|
|
|
@@ -620,6 +622,9 @@ class TestOptionsConfigFiles:
|
|
|
|
|
else:
|
|
|
|
|
assert expect == cmd._determine_file(options, need_value=False)
|
|
|
|
|
|
|
|
|
|
+ def test_certificates(self):
|
|
|
|
|
+ assert os.path.exists(where())
|
|
|
|
|
+
|
|
|
|
|
|
|
|
|
|
class TestOptionsExpandUser(AddFakeCommandMixin):
|
|
|
|
|
def test_cache_dir(self) -> None:
|
