Closed MichaIng closed 9 months ago
@cclauss since you added the safety
workflow. Do you have an idea why it is still failing? Previously pip install --upgrade pip
seems to not have upgraded pip
, which is strange in its own. However, with the added check-latest: true
, the setup-python
action upgrades to latest Python point release and upgrades pip
to 23.3.1. It does so for the intended instance in /opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages
, and two added -V
commands show that pip
as well as python3 -m pip
do call this very same pip
version. safety
says it checks packages in /opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages
, which we undoubtedly know contains the one upgraded pip
instance which is called by the pip
command. So how the hack can safety
still find a pip
23.2.1? Even upgrading the global system instance of pip
via sudo
does not change something about this.
Of course we could tell it to ignore pip
, but I would like to understand what's going on 😄.
EDIT: Sadly safety
does not seem to have a verbose flag to e.g. show which checked package it found where.
There it is:
drwxr-xr-x+ 5 runner docker 4096 Dec 10 18:59 pip
drwxr-xr-x+ 2 runner docker 4096 Dec 10 18:59 pip-23.2.1.dist-info
drwxrwxrwx+ 2 runner docker 4096 Dec 10 18:59 pip-23.3.1.dist-info
For whatever reason, there is an additional pip-23.2.1.dist-info
metadata directory left, which is for whatever reason not removed with the pip
upgrade, regardless which way. We can remove it manually for now.
I actually just wanted to (hopefully) fix the
satefy
test, which fails since somehowpip install --update pip
does not install the latestpip
version in this workflow.