Mailman 3 February 2015 - Distutils-SIG

Can now compile simple extensions
by Greg Ward 29 Apr '18

29 Apr '18

Hi all -- at long last, I found the time to hack in the ability to compile extension modules to the Distutils. Mainly, this meant adding a 'build_ext' command which uses a CCompiler instance for all its dirty work. I also had to add a few methods to CCompiler (and, of course, UnixCCompiler) to make this work. And I added a new module, 'spawn', which takes care of running sub-programs more efficiently and robustly (no shell involved) than os.system. That's needed, obviously, so we can run the compiler! If you're in the mood for grubbing over raw source code, then get the latest from CVS or download a current snapshot. See http://www.python.org/sigs/distutils-sig/implementation.html for a link to the code snapshot. I'm still waiting for more subclasses of CCompiler to appear. At the very least, we're going to need MSVCCompiler to build extensions on Windows. Any takers? Also, someone who knows the Mac, and how to run compilers programmatically there, will have to figure out how to write a Mac-specific concrete CCompiler subclass. The spawn module also needs a bit of work to be portable. I suspect that _win32_spawn() (the intended analog to my _posix_spawn()) will be easy to implement, if it even needs to go in a separate function at all. It looks from the Python Library documentation for 1.5.2 that the os.spawnv() function is all we need, but it's a bit hard to figure out just what's needed. Windows wizards, please take a look at the 'spawn()' function and see if you can make it work on Windows. As for actually compiling extensions: well, if you can figure out the build_ext command, go ahead and give it a whirl. It's a bit cryptic right now, since there's no documentation and no example setup.py. (I have a working example at home, but it's not available online.) If you feel up to it, though, see if you can read the code and figure out what's going on. I'm just hoping *I'll* be able to figure out what's going on when I get back from the O'Reilly conference next week... ;-) Enjoy -- Greg -- Greg Ward - software developer gward(a)cnri.reston.va.us Corporation for National Research Initiatives 1895 Preston White Drive voice: +1-703-620-8990 Reston, Virginia, USA 20191-5434 fax: +1-703-620-0913

2 1

Two fixes (at last)
by Greg Ward 29 Apr '18

29 Apr '18

Hi all -- at long last, I have fixed two problems that a couple people noticed a while ago: * I folded in Amos Latteier's NT patches almost verbatim -- just changed an `os.path.sep == "/"' to `os.name == "posix"' and added some comments bitching about the inadequacy of the current library installation model (I think this is Python's fault, but for now Distutils is slavishly aping the situation in Python 1.5.x) * I fixed the problem whereby running "setup.py install" without doing anything else caused a crash (because 'build' hadn't yet been run). Now, the 'install' command automatically runs 'build' before doing anything; to make this bearable, I added a 'have_run' dictionary to the Distribution class to keep track of which commands have been run. So now not only are command classes singletons, but their 'run' method can only be invoked once -- both restrictions enforced by Distribution. The code is checked into CVS, or you can download a snapshot at http://www.python.org/sigs/distutils-sig/distutils-19990607.tar.gz Hope someone (Amos?) can try the new version under NT. Any takers for Mac OS? BTW, all parties involved in the Great "Where Do We Install Stuff?" Debate should take a good, hard look at the 'set_final_options()' method of the Install class in distutils/install.py; this is where all the policy decisions about where to install files are made. Currently it apes the Python 1.5 situation as closely as I could figure it out. Obviously, this is subject to change -- I just don't know to *what* it will change! Greg -- Greg Ward - software developer gward(a)cnri.reston.va.us Corporation for National Research Initiatives 1895 Preston White Drive voice: +1-703-620-8990 Reston, Virginia, USA 20191-5434 fax: +1-703-620-0913

2 1

Package versioning
by Timothy Docker 29 Apr '18

29 Apr '18

Hi all, I've been aware that the distutils sig has been simmerring away, but until recently it has not been directly relevant to what I do. I like the look of the proposed api, but have one question. Will this support an installed system that has multiple versions of the same package installed simultaneously? If not, then this would seem to be a significant limitation, especially when dependencies between packages are considered. Assuming it does, then how will this be achieved? I am presently managing this with a messy arrangement of symlinks. A package is installed with its version number in it's name, and a separate directory is created for an application with links from the unversioned package name to the versioned one. Then I just set the pythonpath to this directory. A sample of what the directory looks like is shown below. I'm sure there is a better solution that this, and I'm not sure that this would work under windows anyway (does windows have symlinks?). So, has this SIG considered such versioning issues yet? Cheers, Tim -------------------------------------------------------------- Tim Docker timd(a)macquarie.com.au Quantative Applications Division Macquarie Bank -------------------------------------------------------------- qad16:qad $ ls -l lib/python/ total 110 drwxr-xr-x 2 mts mts 512 Nov 11 11:23 1.1 -r--r----- 1 root mts 45172 Sep 1 1998 cdrmodule_0_7_1.so drwxr-xr-x 2 mts mts 512 Sep 1 1998 chart_1_1 drwxr-xr-x 3 mts mts 512 Sep 1 1998 Fnorb_0_7_1 dr-xr-x--- 3 mts mts 512 Nov 11 11:21 Fnorb_0_8 drwxr-xr-x 3 mts mts 1536 Mar 3 12:45 mts_1_1 dr-xr-x--- 7 mts mts 512 Nov 11 11:22 OpenGL_1_5_1 dr-xr-x--- 2 mts mts 1024 Nov 11 11:23 PIL_0_3 drwxr-xr-x 3 mts mts 512 Sep 1 1998 Pmw_0_7 dr-xr-x--- 2 mts mts 512 Nov 11 11:21 v3d_1_1 qad16:qad $ ls -l lib/python/1.1 total 30 lrwxrwxrwx 1 root other 29 Apr 10 10:43 _glumodule.so -> ../OpenGL_1_5_1/_glumodule.so lrwxrwxrwx 1 root other 30 Apr 10 10:43 _glutmodule.so -> ../OpenGL_1_5_1/_glutmodule.so lrwxrwxrwx 1 root other 22 Apr 10 10:43 _imaging.so -> ../PIL_0_3/_imaging.so lrwxrwxrwx 1 root other 36 Apr 10 10:43 _opengl_nummodule.so -> ../OpenGL_1_5_1/_opengl_nummodule.so lrwxrwxrwx 1 root other 27 Apr 10 10:43 _tkinter.so -> ../OpenGL_1_5_1/_tkinter.so lrwxrwxrwx 1 mts mts 21 Apr 10 10:43 cdrmodule.so -> ../cdrmodule_0_7_1.so lrwxrwxrwx 1 mts mts 12 Apr 10 10:43 chart -> ../chart_1_1 lrwxrwxrwx 1 root other 12 Apr 10 10:43 Fnorb -> ../Fnorb_0_8 lrwxrwxrwx 1 mts mts 12 Apr 10 10:43 mts -> ../mts_1_1 lrwxrwxrwx 1 root other 15 Apr 10 10:43 OpenGL -> ../OpenGL_1_5_1 lrwxrwxrwx 1 root other 33 Apr 10 10:43 opengltrmodule.so -> ../OpenGL_1_5_1/opengltrmodule.so lrwxrwxrwx 1 root other 33 Apr 10 10:43 openglutil_num.so -> ../OpenGL_1_5_1/openglutil_num.so lrwxrwxrwx 1 root other 10 Apr 10 10:43 PIL -> ../PIL_0_3 lrwxrwxrwx 1 mts mts 10 Apr 10 10:43 Pmw -> ../Pmw_0_7 lrwxrwxrwx 1 root other 10 Apr 10 10:43 v3d -> ../v3d_1_1

3 2

[Distutils-sig] distutils charter and interscript
by John Skaller 29 Apr '18

29 Apr '18

3 2

force static linking
by gordon 24 Mar '15

24 Mar '15

Hello, I am attempting to build statically linked distributions. I am using docker containers to ensure the deployment environment matches the build environment so there is no compatibility concern. Is there any way to force static linking so that wheels can be installed into a virtual env without requiring specific packages on the host? Thanks, Gordon

7 7

API CHANGE - Migrating from MD5 to SHA2, Take 2
by Donald Stufft 08 Mar '15

08 Mar '15

Starting a new thread with more explicit details at Richard’s request. Essentially the tl;dr here is that we'll switch to using sha2 (specifically sha256). Simple API ---------- Drop the #md5= from the PyPI hosted tarballs and replace it with #sha256, the ~60 or so externally hosted files which are using #md5 links will be fetched (one time) verified, and have their #md5= hash replaced with a computed #sha256= hash. Impact: - pip: Will work with no issues, pip has supported sha256 since 1.2, and < 1.2 will install without a hash just fine. - setuptools: Will work with no issues, setuptools has supported sha256 since 0.9 and < 0.9 will install without a hash just fine. - distribute: Doesn't support sha256, will intall without a hash just fine. - buildout: Uses setuptools/distribute to do the downloads I believe. - z3c.pypimirror: Appears to use MD5 hashes, but appears it won't error out if they do not exist. JSON / XMLRPC API ----------------- Keep the md5_sum field, add an additional sha256_sum, suggest that applications switch to using sha256 for verification. Impact: - bandersnatch: bandersnatch will continue to use the md5_sum field from the JSON (and previously XMLRPC) and should be updated to using sha256 in the future. Web UI ------ Simply replace any use of MD5 with SHA256, no clients are expected to access anything here so this should be perfectly fine. Other Clients ------------- - pep381client: Doesn't do anything special with the hash, will continue to work. - devpi: ??? Unsure, I don't follow the code which fetches from PyPI so I can't determine where it gets the md5sum from and what it will do if it doesn't exist. It does have some handling of md5 though. List of clients to look at taken from http://d.stufft.io/image/402r1s442m2r, which is generated by looking at what is downloading the files from PyPI. --- Donald Stufft PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA

4 10

Installing a file into sitepackages
by Stuart Axon 08 Mar '15

08 Mar '15

Hi, In my project, I install a .pth file into site-packages, I use the data_files... in Ubuntu this seems to work OK, but in a Windows VM the file doesn't seem to be being installed: setup( .... # Install the import hook data_files=[ (site_packages_path, ["vext_importer.pth"] if environ.get('VIRTUAL_ENV') else []), ], ) - Is there a better way to do this ? I realise it's a bit odd installing a .pth - my project is to allow certain packages to use the system site packages from a virtualenv - https://github.com/stuaxo/vext S++

2 2

devpi maintenance releases
by holger krekel 24 Feb '15

24 Feb '15

Hi all, Florian Schulze just released several devpi package maintenance updates to PyPI, see the changelogs below for details. Upgrading is considered safe and does not require an export/import cycle on the server side. Note that the "devpi" metapackage is discontinued, please rather use:: pip install devpi-server devpi-client if you want to install both server and client. You can also install devpi-web if you want more web UI including search. Docs for devpi are here, including quickstart tutorials : http://doc.devpi.net have fun, holger devpi-client-2.0.5 ------------------ - fix issue209: argument default handling changed in argparse in Python 2.7.9. - fix issue163: use PIP_CONFIG_FILE environment variable if set. - fix issue191: provide return code !=0 for failures during push devpi-server-2.1.4 ------------------ - fix issue214: the whitelisting code stopped inheritance too early. - fix regression: easy_install went to the full simple project list for a non existing project. - When uploading an existing version to a non-volatile index, it's now a no op instead of an error if the content is identical. If the content is different, it's still an error. - Uploading documentation to non-volatile indexes is now protected the same way as packages. - added code to allow filtering on packages with stable version numbers. - Change nginx template to set the X-outside-url header based on the requested URL. This makes it possible to connect by IP address when the server name is not in DNS. devpi-web-2.2.3 --------------- - fix issue207: added documentation url for latest stable release of a package. devpi-common-2.0.5 ------------------ - added code to allow filtering on stable version numbers.

1 0

Upload signature (and signing key) after package upload
by Ben Finney 23 Feb '15

23 Feb '15

Howdy all, How can I upload an OpenPGP signature (and the signing key) for a version, after the upload of the distribution is complete? I have recently been informed of the ‘--sign’ and ‘--identity’ options to the ‘upload’ command. As described here: Signing a package is easy and it is done as part of the upload process to PyPI. […] <URL:https://www.davidfischer.name/2012/05/signing-and-verifying-python-packages-with-pgp/> Can it be done, not “as part of the upload process”, but subsequent to the upload of the distribution? How? -- \ “Try adding “as long as you don't breach the terms of service – | `\ according to our sole judgement” to the end of any cloud | _o__) computing pitch.” —Simon Phipps, 2010-12-11 | Ben Finney

4 5

my setup.py eats all the memory in my machine
by Stuart Axon 20 Feb '15

20 Feb '15

Hello All, If I run python setup.py install from my project [ https://github.com/stuaxo/vext.pygtk ] inside a virtualenv, the python process promptly uses more memory than the machine has and dies. I was able to hit ctrl-c before it locked up my machine and got the output: running install running bdist_egg running egg_info writing requirements to vext.pygtk.egg-info/requires.txt writing vext.pygtk.egg-info/PKG-INFO writing top-level names to vext.pygtk.egg-info/top_level.txt writing dependency_links to vext.pygtk.egg-info/dependency_links.txt reading manifest file 'vext.pygtk.egg-info/SOURCES.txt' reading manifest template 'MANIFEST.in' writing manifest file 'vext.pygtk.egg-info/SOURCES.txt' installing library code to build/bdist.linux-x86_64/egg running install_lib warning: install_lib: 'build/lib.linux-x86_64-2.7' does not exist -- no Python modules to install installing package data to build/bdist.linux-x86_64/egg running install_data creating build/bdist.linux-x86_64/egg creating build/bdist.linux-x86_64/egg/EGG-INFO copying vext.pygtk.egg-info/PKG-INFO -> build/bdist.linux-x86_64/egg/EGG-INFO copying vext.pygtk.egg-info/SOURCES.txt -> build/bdist.linux-x86_64/egg/EGG-INFO copying vext.pygtk.egg-info/dependency_links.txt -> build/bdist.linux-x86_64/egg/EGG-INFO copying vext.pygtk.egg-info/requires.txt -> build/bdist.linux-x86_64/egg/EGG-INFO copying vext.pygtk.egg-info/top_level.txt -> build/bdist.linux-x86_64/egg/EGG-INFO zip_safe flag not set; analyzing archive contents... creating 'dist/vext.pygtk-0.1.1-py2.7.egg' and adding 'build/bdist.linux-x86_64/egg' to it removing 'build/bdist.linux-x86_64/egg' (and everything under it) Processing vext.pygtk-0.1.1-py2.7.egg Removing /mnt/data/home/stu/.virtualenvs/tmpv/lib/python2.7/site-packages/vext.pygtk-0.1.1-py2.7.egg Copying vext.pygtk-0.1.1-py2.7.egg to /mnt/data/home/stu/.virtualenvs/tmpv/lib/python2.7/site-packages vext.pygtk 0.1.1 is already the active version in easy-install.pth Installed /mnt/data/home/stu/.virtualenvs/tmpv/lib/python2.7/site-packages/vext.pygtk-0.1.1-py2.7.egg Processing dependencies for vext.pygtk==0.1.1 Searching for vext Reading https://pypi.python.org/simple/vext/ Best match: vext 0.1.1 Downloading https://pypi.python.org/packages/source/v/vext/vext-0.1.1.tar.gz#md5=903962… Processing vext-0.1.1.tar.gz Writing /tmp/easy_install-MC0DcL/vext-0.1.1/setup.cfg Running vext-0.1.1/setup.py -q bdist_egg --dist-dir /tmp/easy_install-MC0DcL/vext-0.1.1/egg-dist-tmp-Od4X7D

1 0