-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix multi-digit version in entry point replacement #11547
Fix multi-digit version in entry point replacement #11547
Conversation
06e12aa
to
24424a9
Compare
24424a9
to
7599077
Compare
Urgh, test failures due to #11541. |
@uranusjr let's skip those tests in this PR, and we'll unskip them in a follow up? |
e5d04d1
to
c8010f8
Compare
Can’t seem to make |
Previously, the special case to generate 'pip' and 'easy_install' entry points with the correct Python version (e.g. 'pip3.9' on Python 3.9) only accounted for single-digit version segments, and did not work correctly on Python 3.10 and up. This was missed when Python 3.10 was released because we (accidentally) generated wheels that did not need any such replacements, but was exposed in CPython 3.11.0 since it bundled pip 22.3 generated against Python 3.10.
c8010f8
to
2c195f9
Compare
This is somewhat tangential, but why does pip even define these versioned entry points if it's just going to strip them away later? |
Because not everyone uses pip to install pip, and those who don’t still want those commands. |
…n-replacement-multi-digit Fix multi-digit version in entry point replacement
@uranusjr I've just released 22.3.1 with this PR included. But I'm concerned, because if I create an empty venv, and run the new get-pip.py, I still get pip3.10.exe and pip3.11.exe binaries. So I don't think this PR fixed the issue properly 🙁 For what it's worth, I built the release using a nox running under Python 3.10.6, and entry_points.txt in the distributed wheel contains
|
Never mind, I appear to have messed up the test I did. Sorry for the noise. |
Bumps [pip](https://github.com/pypa/pip) from 22.3 to 22.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>22.3.1 (2022-11-05)</h1> <h2>Bug Fixes</h2> <ul> <li>Fix entry point generation of <code>pip.X</code>, <code>pipX.Y</code>, and <code>easy_install-X.Y</code> to correctly account for multi-digit Python version segments (e.g. the "11" part of 3.11). (<code>[#11547](pypa/pip#11547) <https://github.com/pypa/pip/issues/11547></code>_)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/1463081f10de6bfad81afe0d68272e7c3bedbadf"><code>1463081</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/22fd64ac0b68782acb308e2484b553a2ecadff78"><code>22fd64a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11547">#11547</a> from uranusjr/entry-point-python-version-replacemen...</li> <li>See full diff in <a href="https://github.com/pypa/pip/compare/22.3...22.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=22.3&new-version=22.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pip](https://github.com/pypa/pip) from 22.3 to 22.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>22.3.1 (2022-11-05)</h1> <h2>Bug Fixes</h2> <ul> <li>Fix entry point generation of <code>pip.X</code>, <code>pipX.Y</code>, and <code>easy_install-X.Y</code> to correctly account for multi-digit Python version segments (e.g. the "11" part of 3.11). (<code>[#11547](pypa/pip#11547) <https://github.com/pypa/pip/issues/11547></code>_)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/1463081f10de6bfad81afe0d68272e7c3bedbadf"><code>1463081</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/22fd64ac0b68782acb308e2484b553a2ecadff78"><code>22fd64a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11547">#11547</a> from uranusjr/entry-point-python-version-replacemen...</li> <li>See full diff in <a href="https://github.com/pypa/pip/compare/22.3...22.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=22.3&new-version=22.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pip](https://github.com/pypa/pip) from 21.0 to 22.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>22.3.1 (2022-11-05)</h1> <h2>Bug Fixes</h2> <ul> <li>Fix entry point generation of <code>pip.X</code>, <code>pipX.Y</code>, and <code>easy_install-X.Y</code> to correctly account for multi-digit Python version segments (e.g. the "11" part of 3.11). (<code>[#11547](pypa/pip#11547) <https://github.com/pypa/pip/issues/11547></code>_)</li> </ul> <h1>22.3 (2022-10-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate <code>--install-options</code> which forces pip to use the deprecated <code>install</code> command of <code>setuptools</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li>Deprecate installation with 'setup.py install' when no-binary is enabled for source distributions without 'pyproject.toml'. (<code>[#11452](pypa/pip#11452) <https://github.com/pypa/pip/issues/11452></code>_)</li> <li>Deprecate ```--no-binary`` disabling the wheel cache. (<code>[#11454](pypa/pip#11454) <https://github.com/pypa/pip/issues/11454></code>_)</li> <li>Remove <code>--use-feature=2020-resolver</code> opt-in flag. This was supposed to be removed in 21.0, but missed during that release cycle. (<code>[#11493](pypa/pip#11493) <https://github.com/pypa/pip/issues/11493></code>_)</li> <li>Deprecate installation with 'setup.py install' when the 'wheel' package is absent for source distributions without 'pyproject.toml'. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> <li>Remove the ability to use <code>pip list --outdated</code> in combination with <code>--format=freeze</code>. (<code>[#9789](pypa/pip#9789) <https://github.com/pypa/pip/issues/9789></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Use <code>shell=True</code> for opening the editor with <code>pip config edit</code>. (<code>[#10716](pypa/pip#10716) <https://github.com/pypa/pip/issues/10716></code>_)</li> <li>Use the <code>data-dist-info-metadata</code> attribute from :pep:<code>658</code> to resolve distribution metadata without downloading the dist yet. (<code>[#11111](pypa/pip#11111) <https://github.com/pypa/pip/issues/11111></code>_)</li> <li>Add an option to run the test suite with pip built as a zipapp. (<code>[#11250](pypa/pip#11250) <https://github.com/pypa/pip/issues/11250></code>_)</li> <li>Add a <code>--python</code> option to allow pip to manage Python environments other than the one pip is installed in. (<code>[#11320](pypa/pip#11320) <https://github.com/pypa/pip/issues/11320></code>_)</li> <li>Document the new (experimental) zipapp distribution of pip. (<code>[#11459](pypa/pip#11459) <https://github.com/pypa/pip/issues/11459></code>_)</li> <li>Use the much faster 'bzr co --lightweight' to obtain a copy of a Bazaar tree. (<code>[#5444](pypa/pip#5444) <https://github.com/pypa/pip/issues/5444></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix <code>--no-index</code> when <code>--index-url</code> or <code>--extra-index-url</code> is specified inside a requirements file. (<code>[#11276](pypa/pip#11276) <https://github.com/pypa/pip/issues/11276></code>_)</li> <li>Ensure that the candidate <code>pip</code> executable exists, when checking for a new version of pip. (<code>[#11309](pypa/pip#11309) <https://github.com/pypa/pip/issues/11309></code>_)</li> <li>Ignore distributions with invalid <code>Name</code> in metadata instead of crashing, when using the <code>importlib.metadata</code> backend. (<code>[#11352](pypa/pip#11352) <https://github.com/pypa/pip/issues/11352></code>_)</li> <li>Raise RequirementsFileParseError when parsing malformed requirements options that can't be sucessfully parsed by shlex. (<code>[#11491](pypa/pip#11491) <https://github.com/pypa/pip/issues/11491></code>_)</li> <li>Fix build environment isolation on some system Pythons. (<code>[#6264](pypa/pip#6264) <https://github.com/pypa/pip/issues/6264></code>_)</li> </ul> <p>Vendored Libraries</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/1463081f10de6bfad81afe0d68272e7c3bedbadf"><code>1463081</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/22fd64ac0b68782acb308e2484b553a2ecadff78"><code>22fd64a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11547">#11547</a> from uranusjr/entry-point-python-version-replacemen...</li> <li><a href="https://github.com/pypa/pip/commit/0a76da3a94130fad58b086e331c3d3e1b02a89eb"><code>0a76da3</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/25638287f8b8bd571a10c4f5ae1b7f4eae454dcc"><code>2563828</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/e86f27fe4ee3fe45fc0fcd2372f71d39d1d013c1"><code>e86f27f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11493">#11493</a> from pradyunsg/remove-2020-resolver-opt-in</li> <li><a href="https://github.com/pypa/pip/commit/1fcc3ce4b531ac6bc80c1d102d4ef9610074e195"><code>1fcc3ce</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11514">#11514</a> from pradyunsg/certifi-update</li> <li><a href="https://github.com/pypa/pip/commit/65c23fa99d19af8ebd375e7129213794dce4b4b2"><code>65c23fa</code></a> Unnormalise the certifi version</li> <li><a href="https://github.com/pypa/pip/commit/739158cc80f138dbed9e426f3408811acef2d993"><code>739158c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11516">#11516</a> from pradyunsg/check-manifest</li> <li><a href="https://github.com/pypa/pip/commit/4e48bbc31cf34b1b4ccd100a787d1204ddb8866b"><code>4e48bbc</code></a> Move check-manifest to a CI check</li> <li><a href="https://github.com/pypa/pip/commit/1b7e5ef34f926f33fa7932239229220dd65eb7a6"><code>1b7e5ef</code></a> Upgrade certifi to 2022.9.24</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/21.0...22.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=21.0&new-version=22.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Previously, the special case to generate
pip
andeasy_install
entry points with the correct Python version (e.g.pip3.9
on Python 3.9) only accounted for single-digit version segments, and did not work correctly on Python 3.10 and up. This was missed when Python 3.10 was released because we (accidentally) generated wheels that did not need any such replacements, but was exposed in CPython 3.11.0 since it bundled pip 22.3 generated against Python 3.10.See python/cpython#98682