Update to 21.1.1

Changes:
- dropped emit-a-warning-when-running-with-root-privileges.patch (fixed in upstream)
- rebased dummy-certifi.patch, remove-existing-dist-only-if-path-conflicts.patch, nowarn-pip._internal.main.patch

Related: rhbz#1932713
This commit is contained in:
Karolina Surma 2021-05-11 16:58:03 +02:00 committed by Charalampos Stratakis
parent 780bcf6042
commit 000f490c2d
7 changed files with 85 additions and 149 deletions

View File

@ -1,25 +1,26 @@
From cf96ff346639d1b9f5efa3fd0976694e04df3f5f Mon Sep 17 00:00:00 2001
From: Tomas Hrnciar <thrnciar@redhat.com>
Date: Sun, 26 Apr 2020 21:38:44 +0200
From 2c58d7301dd5a47570f782fe2fce7fbb1918f60c Mon Sep 17 00:00:00 2001
From: Karolina Surma <ksurma@redhat.com>
Date: Mon, 10 May 2021 16:38:50 +0200
Subject: [PATCH] Dummy certifi patch
Co-Authored-By: Tomas Hrnciar <thrnciar@redhat.com>
---
src/pip/_vendor/certifi/core.py | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/pip/_vendor/certifi/core.py b/src/pip/_vendor/certifi/core.py
index 8987449..d174ced 100644
index b8140cf..f1a0b01 100644
--- a/src/pip/_vendor/certifi/core.py
+++ b/src/pip/_vendor/certifi/core.py
@@ -9,6 +9,7 @@ This module returns the installation location of cacert.pem or its contents.
import os
@@ -14,6 +14,7 @@ class _PipPatchedCertificate(Exception):
try:
+ raise ImportError # force fallback
from importlib.resources import path as get_path, read_text
_CACERT_CTX = None
@@ -51,9 +52,7 @@ except ImportError:
# Return a certificate file on disk for a standalone pip zipapp running in
# an isolated build environment to use. Passing --cert to the standalone
# pip does not work since requests calls where() unconditionally on import.
@@ -67,9 +68,7 @@ except ImportError:
# If we don't have importlib.resources, then we will just do the old logic
# of assuming we're on the filesystem and munge the path directly.
def where():
@ -31,5 +32,5 @@ index 8987449..d174ced 100644
def contents():
--
2.25.4
2.30.2

View File

@ -1,51 +0,0 @@
From 74bb5d26e232493de43adfa1f4b42b66fd701294 Mon Sep 17 00:00:00 2001
From: Tomas Hrnciar <thrnciar@redhat.com>
Date: Sun, 26 Apr 2020 13:52:24 +0200
Subject: [PATCH] Downstream only patch
Emit a warning to the user if pip install is run with root privileges
Issue upstream: https://github.com/pypa/pip/issues/4288
---
src/pip/_internal/commands/install.py | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/src/pip/_internal/commands/install.py b/src/pip/_internal/commands/install.py
index 70bda2e2..1e750ae1 100644
--- a/src/pip/_internal/commands/install.py
+++ b/src/pip/_internal/commands/install.py
@@ -13,6 +13,8 @@ import operator
import os
import shutil
import site
+import sys
+from os import path
from optparse import SUPPRESS_HELP
from pip._vendor import pkg_resources
@@ -241,6 +243,23 @@ class InstallCommand(RequirementCommand):
raise CommandError("Can not combine '--user' and '--target'")
cmdoptions.check_install_build_global(options)
+
+ def is_venv():
+ return (hasattr(sys, 'real_prefix') or
+ (hasattr(sys, 'base_prefix') and
+ sys.base_prefix != sys.prefix))
+
+ # Check whether we have root privileges and aren't in venv/virtualenv
+ if os.getuid() == 0 and not is_venv() and not options.root_path:
+ command = path.basename(sys.argv[0])
+ if command == "__main__.py":
+ command = path.basename(sys.executable) + " -m pip"
+ logger.warning(
+ "Running pip install with root privileges is "
+ "generally not a good idea. Try `%s install --user` instead."
+ % command
+ )
+
upgrade_strategy = "to-satisfy-only"
if options.upgrade:
upgrade_strategy = options.upgrade_strategy
--
2.23.0

View File

@ -1,10 +1,12 @@
From 7c36cb21910b415e0eb171d0f6c4dbf72382fdaf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
Date: Tue, 10 Mar 2020 11:03:22 +0100
From 8519679166122b7482a70f6c10d303520e5f83c9 Mon Sep 17 00:00:00 2001
From: Karolina Surma <ksurma@redhat.com>
Date: Mon, 10 May 2021 16:48:49 +0200
Subject: [PATCH] Don't warn the user about pip._internal.main() entrypoint
In Fedora, we use that in ensurepip and users cannot do anything about it,
this warning is juts moot. Also, the warning breaks CPython test suite.
Co-Authored-By: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
---
src/pip/_internal/__init__.py | 2 +-
src/pip/_internal/utils/entrypoints.py | 19 ++++++++++---------
@ -12,21 +14,21 @@ this warning is juts moot. Also, the warning breaks CPython test suite.
3 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/src/pip/_internal/__init__.py b/src/pip/_internal/__init__.py
index 3aa8a46..0ec017b 100755
index 41071cd..c7b4e65 100755
--- a/src/pip/_internal/__init__.py
+++ b/src/pip/_internal/__init__.py
@@ -15,4 +15,4 @@ def main(args=None):
@@ -12,4 +12,4 @@ def main(args=None):
"""
from pip._internal.utils.entrypoints import _wrapper
- return _wrapper(args)
+ return _wrapper(args, _nowarn=True)
diff --git a/src/pip/_internal/utils/entrypoints.py b/src/pip/_internal/utils/entrypoints.py
index befd01c..d6f3632 100644
index 879bf21..584e8b5 100644
--- a/src/pip/_internal/utils/entrypoints.py
+++ b/src/pip/_internal/utils/entrypoints.py
@@ -7,7 +7,7 @@ if MYPY_CHECK_RUNNING:
from typing import List, Optional
@@ -4,7 +4,7 @@ from typing import List, Optional
from pip._internal.cli.main import main
-def _wrapper(args=None):
@ -34,7 +36,7 @@ index befd01c..d6f3632 100644
# type: (Optional[List[str]]) -> int
"""Central wrapper for all old entrypoints.
@@ -20,12 +20,13 @@ def _wrapper(args=None):
@@ -17,12 +17,13 @@ def _wrapper(args=None):
directing them to an appropriate place for help, we now define all of
our old entrypoints as wrappers for the current one.
"""
@ -68,5 +70,5 @@ index e416315..7f57f67 100644
+ if entrypoint[0] != "fake_pip = pip._internal:main":
+ assert "old script wrapper" in result2.stderr
--
2.24.1
2.30.2

View File

@ -1,12 +1,8 @@
# This is just temporary, when upstream merges PRs it can be removed
# https://github.com/pypa/pip/pull/7959
# https://github.com/ActiveState/appdirs/pull/144
# https://github.com/psf/requests/pull/5410
# https://github.com/chardet/chardet/pull/192
addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_internal/__init__.py\b')
addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_vendor/appdirs.py\b')
addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_vendor/requests/certs.py\b')
addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_vendor/chardet/cli/chardetect.py\b')
# REQUESTED dist-info file is not meant to have any content
# Discussion: https://src.fedoraproject.org/rpms/python-pip/pull-request/69#comment-52525

View File

@ -13,7 +13,7 @@
%endif
%global srcname pip
%global base_version 21.0.1
%global base_version 21.1.1
%global upstream_version %{base_version}%{?prerel}
%global python_wheelname %{srcname}-%{upstream_version}-py3-none-any.whl
%global python_wheeldir %{_datadir}/python-wheels
@ -22,7 +22,7 @@
Name: python-%{srcname}
Version: %{base_version}%{?prerel:~%{prerel}}
Release: 6%{?dist}
Release: 1%{?dist}
Summary: A tool for installing and managing Python packages
# We bundle a lot of libraries with pip, which itself is under MIT license.
@ -33,7 +33,6 @@ Summary: A tool for installing and managing Python packages
# chardet: LGPLv2
# colorama: BSD
# CacheControl: ASL 2.0
# contextlib2: Python
# distlib: Python
# distro: ASL 2.0
# html5lib: MIT
@ -46,9 +45,9 @@ Summary: A tool for installing and managing Python packages
# pyparsing: MIT
# requests: ASL 2.0
# resolvelib: ISC
# retrying: ASL 2.0
# setuptools: MIT
# six: MIT
# tenacity: ASL 2.0
# toml: MIT
# urllib3: MIT
# webencodings: BSD
@ -68,12 +67,6 @@ BuildRequires: python-setuptools-wheel
BuildRequires: python-wheel-wheel
%endif
# Downstream only patch
# Emit a warning to the user if pip install is run with root privileges
# Upstream discussion:
# https://discuss.python.org/t/playing-nice-with-external-package-managers/1968/20
Patch1: emit-a-warning-when-running-with-root-privileges.patch
# Prevent removing of the system packages installed under /usr/lib
# when pip install -U is executed.
# https://bugzilla.redhat.com/show_bug.cgi?id=1550368#c24
@ -93,17 +86,6 @@ Patch5: nowarn-pip._internal.main.patch
# Upstream issue: https://github.com/pypa/packaging/issues/368
Patch6: no-version-warning.patch
# Update vendored urrlib3 to 1.26.4 to fix CVE-2021-28363
# Security patch backported from pip 21.1
Patch7: https://github.com/pypa/pip/pull/9760.patch
# Don't split git references on unicode separators,
# which could be maliciously used to install a different revision on the
# repository.
# Security patch backported from pip 21.1.1
# Upstream PR: https://github.com/pypa/pip/pull/9827
Patch8: don-t-split-git-references-on-unicode-separators.patch
# Downstream only patch
# Users might have local installations of pip from using
# `pip install --user --upgrade pip` on older/newer versions.
@ -144,21 +126,20 @@ Provides: bundled(python%{1}dist(cachecontrol)) = 0.12.6
Provides: bundled(python%{1}dist(certifi)) = 2020.12.5
Provides: bundled(python%{1}dist(chardet)) = 4
Provides: bundled(python%{1}dist(colorama)) = 0.4.4
Provides: bundled(python%{1}dist(contextlib2)) = 0.6^post1
Provides: bundled(python%{1}dist(distlib)) = 0.3.1
Provides: bundled(python%{1}dist(distro)) = 1.5
Provides: bundled(python%{1}dist(html5lib)) = 1.1
Provides: bundled(python%{1}dist(idna)) = 2.10
Provides: bundled(python%{1}dist(idna)) = 3.1
Provides: bundled(python%{1}dist(msgpack)) = 1.0.2
Provides: bundled(python%{1}dist(packaging)) = 20.9
Provides: bundled(python%{1}dist(pep517)) = 0.9.1
Provides: bundled(python%{1}dist(pep517)) = 0.10
Provides: bundled(python%{1}dist(progress)) = 1.5
Provides: bundled(python%{1}dist(pyparsing)) = 2.4.7
Provides: bundled(python%{1}dist(requests)) = 2.25.1
Provides: bundled(python%{1}dist(resolvelib)) = 0.5.4
Provides: bundled(python%{1}dist(retrying)) = 1.3.3
Provides: bundled(python%{1}dist(resolvelib)) = 0.7
Provides: bundled(python%{1}dist(setuptools)) = 44
Provides: bundled(python%{1}dist(six)) = 1.15
Provides: bundled(python%{1}dist(tenacity)) = 7
Provides: bundled(python%{1}dist(toml)) = 0.10.2
Provides: bundled(python%{1}dist(urllib3)) = 1.26.4
Provides: bundled(python%{1}dist(webencodings)) = 0.5.1
@ -239,6 +220,8 @@ Summary: A documentation for a tool for installing and managing Python pa
BuildRequires: python%{python3_pkgversion}-sphinx
BuildRequires: python%{python3_pkgversion}-sphinx-inline-tabs
BuildRequires: python%{python3_pkgversion}-sphinx-copybutton
BuildRequires: python%{python3_pkgversion}-myst-parser
%description doc
A documentation for a tool for installing and managing Python packages
@ -268,7 +251,7 @@ rm src/pip/_vendor/certifi/*.pem
sed -i '/html_theme = "furo"/d' docs/html/conf.py
# towncrier extension for Sphinx is not yet available in Fedora
sed -i "/'sphinxcontrib.towncrier',/d" docs/html/conf.py
sed -i '/"sphinxcontrib.towncrier",/d' docs/html/conf.py
# tests expect wheels in here
ln -s %{python_wheeldir} tests/data/common_wheels
@ -410,6 +393,9 @@ pytest_k='not completion and
%{python_wheeldir}/%{python_wheelname}
%changelog
* Mon Sep 13 2021 Karolina Surma <ksurma@redhat.com> - 21.1.1-1
- Update to 21.1.1
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 21.0.1-6
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

View File

@ -1,6 +1,6 @@
From f83eacf40f1506418e74d747906b8f108401f91d Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Tue, 26 Jan 2021 09:05:07 +0100
From d8df1b9010bc69bfdb606cb51aa3a8a5c6ae6d4c Mon Sep 17 00:00:00 2001
From: Karolina Surma <ksurma@redhat.com>
Date: Mon, 10 May 2021 18:16:20 +0200
Subject: [PATCH] Prevent removing of the system packages installed under
/usr/lib
@ -11,6 +11,7 @@ Resolves: rhbz#1550368
Co-Authored-By: Michal Cyprian <m.cyprian@gmail.com>
Co-Authored-By: Victor Stinner <vstinner@redhat.com>
Co-Authored-By: Petr Viktorin <pviktori@redhat.com>
Co-Authored-By: Lumir Balhar <lbalhar@redhat.com>
---
src/pip/_internal/req/req_install.py | 3 ++-
src/pip/_internal/resolution/legacy/resolver.py | 5 ++++-
@ -19,10 +20,10 @@ Co-Authored-By: Petr Viktorin <pviktori@redhat.com>
4 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/src/pip/_internal/req/req_install.py b/src/pip/_internal/req/req_install.py
index 6d0aa30..0a5f8ed 100644
index 55c17ac..9f6ba44 100644
--- a/src/pip/_internal/req/req_install.py
+++ b/src/pip/_internal/req/req_install.py
@@ -39,6 +39,7 @@ from pip._internal.utils.misc import (
@@ -43,6 +43,7 @@ from pip._internal.utils.misc import (
ask_path_exists,
backup_dir,
display_path,
@ -30,7 +31,7 @@ index 6d0aa30..0a5f8ed 100644
dist_in_site_packages,
dist_in_usersite,
get_distribution,
@@ -445,7 +446,7 @@ class InstallRequirement:
@@ -440,7 +441,7 @@ class InstallRequirement:
"lack sys.path precedence to {} in {}".format(
existing_dist.project_name, existing_dist.location)
)
@ -40,18 +41,18 @@ index 6d0aa30..0a5f8ed 100644
else:
if self.editable:
diff --git a/src/pip/_internal/resolution/legacy/resolver.py b/src/pip/_internal/resolution/legacy/resolver.py
index 665dba1..a219e63 100644
index 17de7f0..3dd872d 100644
--- a/src/pip/_internal/resolution/legacy/resolver.py
+++ b/src/pip/_internal/resolution/legacy/resolver.py
@@ -34,6 +34,7 @@ from pip._internal.resolution.base import BaseResolver
@@ -42,6 +42,7 @@ from pip._internal.resolution.base import BaseResolver, InstallRequirementProvid
from pip._internal.utils.compatibility_tags import get_supported
from pip._internal.utils.logging import indent_log
from pip._internal.utils.misc import dist_in_usersite, normalize_version_info
+from pip._internal.utils.misc import dist_in_install_path
from pip._internal.utils.packaging import check_requires_python, get_requires_python
from pip._internal.utils.typing import MYPY_CHECK_RUNNING
@@ -204,7 +205,9 @@ class Resolver(BaseResolver):
logger = logging.getLogger(__name__)
@@ -199,7 +200,9 @@ class Resolver(BaseResolver):
"""
# Don't uninstall the conflict if doing a user install and the
# conflict is not a user install.
@ -63,34 +64,35 @@ index 665dba1..a219e63 100644
req.satisfied_by = None
diff --git a/src/pip/_internal/resolution/resolvelib/factory.py b/src/pip/_internal/resolution/resolvelib/factory.py
index be0729e..bc2912b 100644
index 6e3f195..bf07c1b 100644
--- a/src/pip/_internal/resolution/resolvelib/factory.py
+++ b/src/pip/_internal/resolution/resolvelib/factory.py
@@ -1,5 +1,6 @@
@@ -1,6 +1,7 @@
import contextlib
import functools
import logging
+import sys
from pip._vendor.packaging.utils import canonicalize_name
@@ -19,7 +20,9 @@ from pip._internal.utils.misc import (
from typing import (
TYPE_CHECKING,
Dict,
@@ -46,7 +47,9 @@ from pip._internal.utils.misc import (
dist_in_site_packages,
dist_in_usersite,
get_installed_distributions,
+ dist_location,
)
+from pip._internal.locations import distutils_scheme
from pip._internal.utils.typing import MYPY_CHECK_RUNNING
+from pip._internal.locations import get_scheme
from pip._internal.utils.virtualenv import running_under_virtualenv
@@ -362,6 +365,13 @@ class Factory:
from .base import Candidate, CandidateVersion, Constraint, Requirement
@@ -479,6 +482,13 @@ class Factory:
if dist is None: # Not installed, no uninstallation required.
return None
+ # Prevent uninstalling packages from /usr
+ if dist_location(dist) in (
+ distutils_scheme('', prefix=sys.base_prefix)['purelib'],
+ distutils_scheme('', prefix=sys.base_prefix)['platlib'],
+ get_scheme('', prefix=sys.base_prefix).purelib,
+ get_scheme('', prefix=sys.base_prefix).platlib,
+ ):
+ return None
+
@ -98,18 +100,18 @@ index be0729e..bc2912b 100644
# be uninstalled, no matter it's in global or user site, because the
# user site installation has precedence over global.
diff --git a/src/pip/_internal/utils/misc.py b/src/pip/_internal/utils/misc.py
index 6dd94e2..7925518 100644
index 26037db..11b918d 100644
--- a/src/pip/_internal/utils/misc.py
+++ b/src/pip/_internal/utils/misc.py
@@ -27,6 +27,7 @@ from pip._vendor.retrying import retry # type: ignore
@@ -40,6 +40,7 @@ from pip._vendor.tenacity import retry, stop_after_delay, wait_fixed
from pip import __version__
from pip._internal.exceptions import CommandError
from pip._internal.locations import get_major_minor_version, site_packages, user_site
+from pip._internal.locations import distutils_scheme, get_major_minor_version, site_packages, user_site
+from pip._internal.locations import get_scheme
from pip._internal.utils.compat import WINDOWS, stdlib_pkgs
from pip._internal.utils.typing import MYPY_CHECK_RUNNING, cast
from pip._internal.utils.virtualenv import (
@@ -398,6 +399,16 @@ def dist_in_site_packages(dist):
running_under_virtualenv,
@@ -379,6 +380,16 @@ def dist_in_site_packages(dist):
return dist_location(dist).startswith(normalize_path(site_packages))
@ -120,12 +122,12 @@ index 6dd94e2..7925518 100644
+ """
+ norm_path = normalize_path(dist_location(dist))
+ return norm_path.startswith(normalize_path(
+ distutils_scheme("")['purelib'].split('python')[0]))
+ get_scheme("").purelib.split('python')[0]))
+
+
def dist_is_editable(dist):
# type: (Distribution) -> bool
"""
--
2.29.2
2.30.2

View File

@ -1 +1 @@
SHA512 (pip-21.0.1.tar.gz) = 2db5397f4ca3a3f56f5add3f827bf1f0a4296019703438d68498266b9d2559b6baa3132061c5ad4c2a08bec6e76a2768763fdca02d86cf32aadd4640afbf3664
SHA512 (pip-21.1.1.tar.gz) = 05157ed586597f16948afdad43d98cc095803d2d22b1427ac1028ca2a73a26d65e597446808194343ed36f9eb7cb910ac89e73a6a9a90ee868ec822fdbe641c5