#1 Backport patch to fix infinite recursion with pip wheel with $TMPDIR in $PWD
Closed a year ago by orion. Opened 2 years ago by orion.
rpms/ orion/python3x-pip pip7873  into  c8s-stream-3.8

file added
+84
@@ -0,0 +1,84 @@ 

+ diff -up pip-19.3.1/news/7872.bugfix.pip7873 pip-19.3.1/news/7872.bugfix

+ --- pip-19.3.1/news/7872.bugfix.pip7873	2022-05-24 08:34:03.285054864 -0600

+ +++ pip-19.3.1/news/7872.bugfix	2022-05-24 08:34:03.285054864 -0600

+ @@ -0,0 +1 @@

+ +Prevent an infinite recursion with ``pip wheel`` when ``$TMPDIR`` is within the source directory.

+ diff -up pip-19.3.1/src/pip/_internal/download.py.pip7873 pip-19.3.1/src/pip/_internal/download.py

+ --- pip-19.3.1/src/pip/_internal/download.py.pip7873	2019-10-17 13:32:34.000000000 -0600

+ +++ pip-19.3.1/src/pip/_internal/download.py	2022-05-24 08:35:17.013833331 -0600

+ @@ -350,12 +350,24 @@ def _copy2_ignoring_special_files(src, d

+  

+  def _copy_source_tree(source, target):

+      # type: (str, str) -> None

+ +    target_abspath = os.path.abspath(target)

+ +    target_basename = os.path.basename(target_abspath)

+ +    target_dirname = os.path.dirname(target_abspath)

+ +

+      def ignore(d, names):

+ -        # Pulling in those directories can potentially be very slow,

+ -        # exclude the following directories if they appear in the top

+ -        # level dir (and only it).

+ -        # See discussion at https://github.com/pypa/pip/pull/6770

+ -        return ['.tox', '.nox'] if d == source else []

+ +        skipped = []  # type: List[str]

+ +        if d == source:

+ +            # Pulling in those directories can potentially be very slow,

+ +            # exclude the following directories if they appear in the top

+ +            # level dir (and only it).

+ +            # See discussion at https://github.com/pypa/pip/pull/6770

+ +            skipped += ['.tox', '.nox']

+ +        if os.path.abspath(d) == target_dirname:

+ +            # Prevent an infinite recursion if the target is in source.

+ +            # This can happen when TMPDIR is set to ${PWD}/...

+ +            # and we copy PWD to TMPDIR.

+ +            skipped += [target_basename]

+ +        return skipped

+  

+      kwargs = dict(ignore=ignore, symlinks=True)  # type: CopytreeKwargs

+  

+ diff -up pip-19.3.1/src/pip/_internal/operations/prepare.py.pip7873 pip-19.3.1/src/pip/_internal/operations/prepare.py

+ diff -up pip-19.3.1/tests/data/src/extension/extension.c.pip7873 pip-19.3.1/tests/data/src/extension/extension.c

+ diff -up pip-19.3.1/tests/data/src/extension/setup.py.pip7873 pip-19.3.1/tests/data/src/extension/setup.py

+ --- pip-19.3.1/tests/data/src/extension/setup.py.pip7873	2022-05-24 08:34:03.285054864 -0600

+ +++ pip-19.3.1/tests/data/src/extension/setup.py	2022-05-24 08:34:03.285054864 -0600

+ @@ -0,0 +1,4 @@

+ +from setuptools import Extension, setup

+ +

+ +module = Extension('extension', sources=['extension.c'])

+ +setup(name='extension', version='0.0.1', ext_modules = [module])

+ diff -up pip-19.3.1/tests/functional/test_wheel.py.pip7873 pip-19.3.1/tests/functional/test_wheel.py

+ --- pip-19.3.1/tests/functional/test_wheel.py.pip7873	2019-10-17 13:32:34.000000000 -0600

+ +++ pip-19.3.1/tests/functional/test_wheel.py	2022-05-24 08:34:03.285054864 -0600

+ @@ -1,6 +1,7 @@

+  """'pip wheel' tests"""

+  import os

+  import re

+ +import sys

+  from os.path import exists

+  

+  import pytest

+ @@ -228,6 +229,24 @@ def test_pip_wheel_with_user_set_in_conf

+      assert "Successfully built withpyproject" in result.stdout, result.stdout

+  

+  

+ +@pytest.mark.skipif(sys.platform.startswith('win'),

+ +                    reason='The empty extension module does not work on Win')

+ +def test_pip_wheel_ext_module_with_tmpdir_inside(script, data, common_wheels):

+ +    tmpdir = data.src / 'extension/tmp'

+ +    tmpdir.mkdir()

+ +    script.environ['TMPDIR'] = str(tmpdir)

+ +

+ +    # To avoid a test dependency on a C compiler, we set the env vars to "noop"

+ +    # The .c source is empty anyway

+ +    script.environ['CC'] = script.environ['LDSHARED'] = str('true')

+ +

+ +    result = script.pip(

+ +        'wheel', data.src / 'extension',

+ +        '--no-index', '-f', common_wheels

+ +    )

+ +    assert "Successfully built extension" in result.stdout, result.stdout

+ +

+ +

+  @pytest.mark.network

+  def test_pep517_wheels_are_not_confused_with_other_files(script, tmpdir, data):

+      """Check correct wheels are copied. (#6196)

file modified
+10 -1
@@ -16,7 +16,7 @@ 

  # When updating, update the bundled libraries versions bellow!

  # You can use vendor_meta.sh in the dist git repo

  Version:        19.3.1

- Release:        5%{?dist}

+ Release:        6%{?dist}

  Summary:        A tool for installing and managing Python packages

  

  # We bundle a lot of libraries with pip, which itself is under MIT license.
@@ -101,6 +101,11 @@ 

  # Upstream fix: https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec

  Patch7:         CVE-2021-33503.patch

  

+ # Prevent infinite recursion with pip wheel with $TMPDIR in

+ # $PWD

+ # https://github.com/pypa/pip/pull/7873

+ Patch8:         7873.patch

+ 

  # Downstream only patch

  # Users might have local installations of pip from using

  # `pip install --user --upgrade pip` on older/newer versions.
@@ -256,6 +261,7 @@ 

  %patch5 -p1

  %patch6 -p1

  %patch7 -p1

+ %patch8 -p1

  

  # this goes together with patch4

  rm src/pip/_vendor/certifi/*.pem
@@ -420,6 +426,9 @@ 

  %{python_wheeldir}/%{python_wheelname}

  

  %changelog

+ * Tue May 24 2022 Orion Poplawski <orion@nwra.com> - 19.3.1-6

+ - Backport patch to fix infinite recursion with pip wheel with $TMPDIR in $PWD

+ 

  * Thu Oct 14 2021 Charalampos Stratakis <cstratak@redhat.com> - 19.3.1-5

  - Remove bundled windows executables

  - Resolves: rhbz#2006789

This should allow %pyproject_wheel to work in EL8.

@orion Coul you please close this? It has been done in RHEL.

Pull-Request has been closed by orion

a year ago