When importing a plugin, Sideboard currently imports everything in that module's virtualenv. If a plugin has a bad requirements.txt then this could cause problems. For example, it's very important that when a plugin says "import cherrypy" they get the same cherrypy that Sideboard itself has imported. However, it's equally important that when a plugin says "import sqlalchemy" it gets its own version.
We should have a PLUGIN_MODULE_BLACKLIST of modules which plugins are not allowed to have in their own virtualenvs so that we fail fast if they do.
When importing a plugin, Sideboard currently imports everything in that module's virtualenv. If a plugin has a bad requirements.txt then this could cause problems. For example, it's very important that when a plugin says "import cherrypy" they get the same cherrypy that Sideboard itself has imported. However, it's equally important that when a plugin says "import sqlalchemy" it gets its own version.
We should have a PLUGIN_MODULE_BLACKLIST of modules which plugins are not allowed to have in their own virtualenvs so that we fail fast if they do.