rpms/python-pip
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow setting $TMPDIR to $PWD/... during pip wheel

Browse Source 
Needed for https://bugzilla.redhat.com/show_bug.cgi?id=1806625
This commit is contained in:
Miro Hrončok 2020-04-10 15:30:03 +02:00 committed by Tomas Hrnciar
parent f5670068cb
commit 3e4dd1e249
2 changed files with 179 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
7873.patch Normal file
View File

@ -0,0 +1,168 @@
From b64c5c433af2edc38f9b69c9e331653be16085a0 Mon Sep 17 00:00:00 2001
From: Tomas Hrnciar <thrnciar@redhat.com>
Date: Mon, 20 Apr 2020 14:14:05 +0200
Subject: [PATCH 1/2] Backport of necessary changes from PR #6770, needed for
backport of PR #7872
https://github.com/pypa/pip/pull/6770
---
src/pip/_internal/download.py | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/src/pip/_internal/download.py b/src/pip/_internal/download.py
index 2683cf08..d5a94350 100644
--- a/src/pip/_internal/download.py
+++ b/src/pip/_internal/download.py
@@ -773,9 +773,20 @@ def unpack_file_url(
# If it's a url to a local directory
if is_dir_url(link):
+
+ def ignore(d, names):
+ # Pulling in those directories can potentially be very slow,
+ # exclude the following directories if they appear in the top
+ # level dir (and only it).
+ # See discussion at https://github.com/pypa/pip/pull/6770
+ return ['.tox', '.nox'] if d == link_path else []
if os.path.isdir(location):
rmtree(location)
- shutil.copytree(link_path, location, symlinks=True)
+ shutil.copytree(link_path,
+ location,
+ symlinks=True,
+ ignore=ignore)
+
if download_dir:
logger.info('Link is a directory, ignoring download_dir')
return
--
2.23.0
From 3ce83f36f5f33a76ff6a0451cd7001dc00971ef2 Mon Sep 17 00:00:00 2001
From: Tomas Hrnciar <thrnciar@redhat.com>
Date: Mon, 20 Apr 2020 14:46:49 +0200
Subject: [PATCH 2/2] Prevent infinite recursion with pip wheel with $TMPDIR in
$PWD
During a build of extension module within `pip wheel` the source directory is
recursively copied in a temporary directory.
See https://github.com/pypa/pip/issues/7555
When the temporary directory is inside the source directory
(for example by setting `TMPDIR=$PWD/tmp`) this caused an infinite recursion
that ended in:
[Errno 36] File name too long
We prevent that buy never copying the target to the target in _copy_source_tree.
Fixes https://github.com/pypa/pip/issues/7872
Avoid a test dependency on a C compiler, skip the test on Windows
---
news/7872.bugfix | 1 +
src/pip/_internal/download.py | 23 ++++++++++++++++++-----
tests/data/src/extension/extension.c | 0
tests/data/src/extension/setup.py | 4 ++++
tests/functional/test_wheel.py | 18 ++++++++++++++++++
5 files changed, 41 insertions(+), 5 deletions(-)
create mode 100644 news/7872.bugfix
create mode 100644 tests/data/src/extension/extension.c
create mode 100644 tests/data/src/extension/setup.py
diff --git a/news/7872.bugfix b/news/7872.bugfix
new file mode 100644
index 00000000..3550d573
--- /dev/null
+++ b/news/7872.bugfix
@@ -0,0 +1 @@
+Prevent an infinite recursion with ``pip wheel`` when ``$TMPDIR`` is within the source directory.
diff --git a/src/pip/_internal/download.py b/src/pip/_internal/download.py
index d5a94350..f589d42f 100644
--- a/src/pip/_internal/download.py
+++ b/src/pip/_internal/download.py
@@ -773,13 +773,26 @@ def unpack_file_url(
# If it's a url to a local directory
if is_dir_url(link):
+ target_abspath = os.path.abspath(location)
+ target_basename = os.path.basename(target_abspath)
+ target_dirname = os.path.dirname(target_abspath)
def ignore(d, names):
- # Pulling in those directories can potentially be very slow,
- # exclude the following directories if they appear in the top
- # level dir (and only it).
- # See discussion at https://github.com/pypa/pip/pull/6770
- return ['.tox', '.nox'] if d == link_path else []
+ # type: (str, List[str]) -> List[str]
+ skipped = [] # type: List[str]
+ if d == link_path:
+ # Pulling in those directories can potentially be very slow,
+ # exclude the following directories if they appear in the top
+ # level dir (and only it).
+ # See discussion at https://github.com/pypa/pip/pull/6770
+ skipped += ['.tox', '.nox']
+ if os.path.abspath(d) == target_dirname:
+ # Prevent an infinite recursion if the target is in source.
+ # This can happen when TMPDIR is set to ${PWD}/...
+ # and we copy PWD to TMPDIR.
+ skipped += [target_basename]
+ return skipped
+
if os.path.isdir(location):
rmtree(location)
shutil.copytree(link_path,
diff --git a/tests/data/src/extension/extension.c b/tests/data/src/extension/extension.c
new file mode 100644
index 00000000..e69de29b
diff --git a/tests/data/src/extension/setup.py b/tests/data/src/extension/setup.py
new file mode 100644
index 00000000..b26302b0
--- /dev/null
+++ b/tests/data/src/extension/setup.py
@@ -0,0 +1,4 @@
+from setuptools import Extension, setup
+
+module = Extension('extension', sources=['extension.c'])
+setup(name='extension', version='0.0.1', ext_modules = [module])
diff --git a/tests/functional/test_wheel.py b/tests/functional/test_wheel.py
index f67720f1..6cb87a4c 100644
--- a/tests/functional/test_wheel.py
+++ b/tests/functional/test_wheel.py
@@ -1,5 +1,6 @@
"""'pip wheel' tests"""
import os
+import sys
from os.path import exists
import pytest
@@ -218,6 +219,23 @@ def test_pip_wheel_with_user_set_in_config(script, data, common_wheels):
)
assert "Successfully built withpyproject" in result.stdout, result.stdout
+@pytest.mark.skipif(sys.platform.startswith('win'),
+ reason='The empty extension module does not work on Win')
+def test_pip_wheel_ext_module_with_tmpdir_inside(script, data, common_wheels):
+ tmpdir = data.src / 'extension/tmp'
+ tmpdir.mkdir()
+ script.environ['TMPDIR'] = str(tmpdir)
+
+ # To avoid a test dependency on a C compiler, we set the env vars to "noop"
+ # The .c source is empty anyway
+ script.environ['CC'] = script.environ['LDSHARED'] = str('true')
+
+ result = script.pip(
+ 'wheel', data.src / 'extension',
+ '--no-index', '-f', common_wheels
+ )
+ assert "Successfully built extension" in result.stdout, result.stdout
+
@pytest.mark.network
def test_pep517_wheels_are_not_confused_with_other_files(script, tmpdir, data):
--
2.23.0

12
python-pip.spec
View File

@ -23,7 +23,7 @@ Name: python-%{srcname}
# When updating, update the bundled libraries versions bellow!
# You can use vendor_meta.sh in the dist git repo
Version: 19.1.1
Release: 7%{?dist}
Release: 8%{?dist}
Summary: A tool for installing and managing Python packages
# We bundle a lot of libraries with pip, which itself is under MIT license.
@ -121,6 +121,12 @@ Patch7: urllib3-1.25.3.patch
# https://github.com/pypa/pip/commit/8e8d28dd8ecc9226ea4e0f75d54151df90f4d78e
Patch8: requests-2.22.0.patch
# Allow setting $TMPDIR to $PWD/... during pip wheel
# This is needed to have proper debugsource packages with pyproject-rpm-macros
# https://bugzilla.redhat.com/show_bug.cgi?id=1806625
# Backported from https://github.com/pypa/pip/pull/7873
Patch9: 7873.patch
# Downstream only patch
# Users might have local installations of pip from using
# `pip install --user --upgrade pip` on older/newer versions.
@ -321,6 +327,7 @@ popd
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
# this goes together with patch4
rm src/pip/_vendor/certifi/*.pem
@ -541,6 +548,9 @@ ln -sf %{buildroot}%{_bindir}/pip3 _bin/pip
%endif
%changelog
* Fri Apr 10 2020 Miro Hrončok <mhroncok@redhat.com> - 19.1.1-8
- Allow setting $TMPDIR to $PWD/... during pip wheel (#1806625)
* Thu Jan 02 2020 Miro Hrončok <mhroncok@redhat.com> - 19.1.1-7
- Upgrade urllib3 to 1.25.3, requests to 2.22.0
- Fix urllib3 CVE-2019-11324 (#1774595)