[-- Attachment #1: Type: text/plain, Size: 244 bytes --] See <https://www.python.org/dev/peps/pep-0668/>. I haven't looked closely into this myself. It might be relevant to Guix. For LWN subscribers, there is an article about the PEP: <https://lwn.net/Articles/867657/>. Greetings, Maxime. [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 260 bytes --]
On Tue, Sep 07, 2021 at 04:39:28PM +0200, Maxime Devos wrote: > See <https://www.python.org/dev/peps/pep-0668/>. > I haven't looked closely into this myself. > It might be relevant to Guix. > > For LWN subscribers, there is an article about the PEP: > <https://lwn.net/Articles/867657/>. Here is a link for everyone to read: https://lwn.net/SubscriberLink/867657/c4e77bb70e27c910/
Hello,
Leo Famulari <leo@famulari.name> writes:
> On Tue, Sep 07, 2021 at 04:39:28PM +0200, Maxime Devos wrote:
>> See <https://www.python.org/dev/peps/pep-0668/>.
>> I haven't looked closely into this myself.
>> It might be relevant to Guix.
>>
>> For LWN subscribers, there is an article about the PEP:
>> <https://lwn.net/Articles/867657/>.
>
> Here is a link for everyone to read:
>
> https://lwn.net/SubscriberLink/867657/c4e77bb70e27c910/
Guix already makes life easier with dealing with Python environments
(especially with GUIX_PYTHONPATH on core-updates), but it's nice to know
this problem is getting addressed.
IIUC, PEP 668 is about *warning* a pip user when installing a package
would shadow a system one; it does so by reading a EXTERNALLY-MANAGED
file in the Python library site-packages directory.
So simply put, all we have to do to enable this future warning in pip is
to install an EXTERNALLY-MANAGED file as a phase in our
python-build-system.
Thanks for the link!
Maxim
Hi,
Am Samstag, den 11.09.2021, 22:36 -0400 schrieb Maxim Cournoyer:
> IIUC, PEP 668 is about *warning* a pip user when installing a package
> would shadow a system one; it does so by reading a EXTERNALLY-MANAGED
> file in the Python library site-packages directory.
>
> So simply put, all we have to do to enable this future warning in pip
> is to install an EXTERNALLY-MANAGED file as a phase in our
> python-build-system.
Imho I don't think Guix needs to do anything to address PEP 668. PEP
668 concerns traditional distros, in which pip and the distro package
manager may both write to the same location (that location typically
being /usr/lib). IIUC it does not concern Nix or Guix, whose store
paths should already not be written to by pip.
Regards
Hi, Liliana Marie Prikler <liliana.prikler@gmail.com> writes: > Hi, > > Am Samstag, den 11.09.2021, 22:36 -0400 schrieb Maxim Cournoyer: >> IIUC, PEP 668 is about *warning* a pip user when installing a package >> would shadow a system one; it does so by reading a EXTERNALLY-MANAGED >> file in the Python library site-packages directory. >> >> So simply put, all we have to do to enable this future warning in pip >> is to install an EXTERNALLY-MANAGED file as a phase in our >> python-build-system. > Imho I don't think Guix needs to do anything to address PEP 668. PEP > 668 concerns traditional distros, in which pip and the distro package > manager may both write to the same location (that location typically > being /usr/lib). IIUC it does not concern Nix or Guix, whose store > paths should already not be written to by pip. pip defaults to install to a user location nowadays (pip install --user) when run as an unprivileged user [0], so even on traditional distributions, the temptation to "sudo pip install" things and overwrite the distro's files has been reduced. IIUC, the EXTERNALLY-MANAGED file would also warn users when they override (as in shadow) an already available library installed at the system level, which could be used on Guix also (although the benefit seems small to me). Maxim [0] https://github.com/pypa/pip/pull/7002