search

jazzband / pip-tools

A set of tools to keep your pinned Python dependencies fresh.
https://pip-tools.rtfd.io
BSD 3-Clause "New" or "Revised" License
7.68k stars 609 forks source link

Poor interaction between isolated mode and `--python-executable` #2117

Open ncoghlan opened 1 month ago

ncoghlan commented 1 month ago

Running pip-sync with --python-executable, I was baffled as to why it was attempting to remove items from the local directory (any environment) and the user site directory (python-build-standalone environments with no virtual env present).

I eventually realised it was due to the following problem: even though pip-sync was being executed from a Python runtime configured to use isolated mode (no implied sys.path[0], no user site directory), the same was not true when pip-sync invoked the given Python executable to check the value of sys.path.

This means actually performing the sync in an isolated environment requires setting the relevant Python environment variables rather relying than solely on the -I command line flag:

PYTHONNOUSERSITE=1
PYTHONSAFEPATH=1
ncoghlan commented 1 month ago

I'm not sure what, if anything, pip-sync should change here. It may make the most sense to just document the status quo more clearly.

Alternatively, pip-sync could accepts its own -I option to indicate that python_executable should be invoked with the -I option.

chrysle commented 1 month ago

+1 on at least documenting this. I'm also fine with adding a specific option, but it'd require someone to step up.