Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #197411
| Path | csiph.com!fu-berlin.de!uni-berlin.de!not-for-mail |
|---|---|
| From | Left Right <olegsivokon@gmail.com> |
| Newsgroups | comp.lang.python |
| Subject | Re: Pip installs to unexpected place |
| Date | Thu, 17 Apr 2025 21:19:15 +0200 |
| Lines | 21 |
| Message-ID | <mailman.17.1744917569.3008.python-list@python.org> (permalink) |
| References | <CAApdmf2J69WgkR159sBSkxN0=mYoNmHZYboBmpPi+LdA-YBNpg@mail.gmail.com> <CAN06=CxPNLHtr_sdgphR2jrN1V+WbB8wZDJdbvfEDb-MYtmPHA@mail.gmail.com> <bbe32f47-13d2-459c-af22-4e0e37834091@tompassin.net> <4ZcdYR5WnWznV1q@mail.python.org> <cc1c6cf5-f8b9-4528-b6b0-110499b88162@wichmann.us> <4Zd3YM00SYznVKQ@mail.python.org> <CAJQBtgmfgC5aQy_7RXwHDbsxaf1UWYY0=FNsgPPR2UzzuKfTTA@mail.gmail.com> |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset="UTF-8" |
| X-Trace | news.uni-berlin.de 2TKGEXShlwhJK0di5+0MAAgMonhNO6r3GT7Nwvkb4QxQ== |
| Cancel-Lock | sha1:sLsKrslVhA5CehTNLrk3ONjUBpo= sha256:GKgXby7+XIhp7ZVWt7iAg4s5kYo+nm1+HweokRFEX08= |
| Return-Path | <olegsivokon@gmail.com> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| Authentication-Results | mail.python.org; dkim=pass reason="2048-bit key; unprotected key" header.d=gmail.com header.i=@gmail.com header.b=If0sDW8X; dkim-adsp=pass; dkim-atps=neutral |
| X-Spam-Status | OK 0.069 |
| X-Spam-Evidence | '*H*': 0.86; '*S*': 0.00; 'pip': 0.04; 'maintainers': 0.07; 'cc:addr:python-list': 0.09; 'dependencies': 0.09; 'general,': 0.09; 'pip.': 0.09; 'cc:no real name:2**0': 0.14; 'ensures': 0.16; 'packages.': 0.16; 'reason.': 0.16; "aren't": 0.19; 'installing': 0.19; 'cc:addr:python.org': 0.20; 'version': 0.23; 'install': 0.23; 'installed': 0.23; 'run': 0.23; 'actual': 0.25; 'stuff': 0.25; 'cc:2**0': 0.25; 'environment': 0.29; 'code,': 0.31; 'packages': 0.31; 'before.': 0.31; 'default': 0.31; 'message-id:@mail.gmail.com': 0.31; "doesn't": 0.32; 'but': 0.32; 'there': 0.33; 'particular': 0.33; 'header:In-Reply-To:1': 0.34; 'received:google.com': 0.34; 'package': 0.34; 'from:addr:gmail.com': 0.34; 'track': 0.35; 'really': 0.36; 'source': 0.36; "it's": 0.37; 'hard': 0.37; 'this,': 0.39; 'break': 0.39; 'happen': 0.40; 'want': 0.40; 'including': 0.60; 'between': 0.63; 'your': 0.64; 'top': 0.65; 'prevent': 0.67; 'malicious': 0.69; 'trust': 0.71; 'formatting': 0.76; 'subsequent': 0.76; 'damage': 0.80; 'bitcoin': 0.84; 'actors': 0.84; 'disagree': 0.84; 'manager:': 0.84; 'system).': 0.84; 'wheels': 0.84 |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1744917566; x=1745522366; darn=python.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Um4GMo9VtSyRVpOuMw1ygkRAmWtE5X8eydyZmFEOeqI=; b=If0sDW8XCPzG5FFTYHZPNeIPq+3UPuYBr907bgeINr/Dy+tK/mc59isyAjl4INom8K cxg/WOmGIXOqg/TRK6O4QDCziyLMrsQiJX2SpMwa8ZUvsSPJbzo58kPTz+xq+6i6eNha +sQYgDh0Yr8HzNrBDT7pxXtsVHdu8MNmGQ1jEoq75nu9mNEU8OhKY/8GrVJfLAUEyfbv jNyrVBd70YXwlYfQyQV4hR1wdq0Du4XaplgYJgBrPegoVfdsgbvLeZuYhL/SornNZnXD aEahEVF5fcOnwn6diviWW2XtPFdZO4m41ASSUDrlbDWXKkXq+6PPuuBjml7tovfqtti7 ohIA== |
| X-Google-DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744917566; x=1745522366; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Um4GMo9VtSyRVpOuMw1ygkRAmWtE5X8eydyZmFEOeqI=; b=sdEZELFxzjACqc2d9FATyw5tsq+H8oIQbNF7ZEWmN+Wr80jd44N6xKoecgehUQFLjA 8iJmraeWms24lorziwrWUtRQCLoeTqtc8nqUnMvyklO/OXzWvOOwIW23EedoAspLQEl1 itEn6ZCo1+72M4EQA2+bYr4cXSnQuHt0r2894wTtykbLPpEdAwzdbZowHUeDV92cV1ZC MIeoI7g+Y9RgpcU8KOEMGw9MBsks1HLfxmsg92c7TOEOMfknQjUPSeRIiiELf+x+/JGf tjqJwkBgrQjwErWFHpiCr3lGBPDFZvvzXgxunNe1nb/8vT6JK/qrg++VBOhAIHK6YSwD 9BOQ== |
| X-Gm-Message-State | AOJu0YxeCvo8B/TI2xg1LWdN9PDiI7pBN2IiL8KWenIVO7/vSqzEMWIc ZFDeAext5m5GuQeOgx7YVEdP28/2NdQRr+em/p/0muT1dPS70H6elWNEQeIiqSJeYfeqE131/8q XJrzq/qHK+OvQ7Q4tbJn68p6dLvg= |
| X-Gm-Gg | ASbGncvbvIw8IyiDKckf0+acWd9395ZW9aVoIFzJXygVm3bkxuFVjjGrB7MYewCGF1C 5ib2JadIH1l34CQRng0MiGFfUIHVrt8HzTwPBN0ZLfwJ2kru1TAZlWeK4SVZ5pWucijXNjD4XA3 fJcAthtf3EcbSsX33F3QqQujk2NgEiAxEFhTMmMp1J293AJRyTZC2f |
| X-Google-Smtp-Source | AGHT+IETjilL0DCNdZu31+mFL64U4B/6sNLYWmQDZQXgmNWCRC19EU/L91ZKBCROMd/EBNSZunBnrzAG/zaAx4t1EiM= |
| X-Received | by 2002:a05:620a:3188:b0:7c5:61b2:b7c with SMTP id af79cd13be357-7c92805f62fmr7298085a.47.1744917566582; Thu, 17 Apr 2025 12:19:26 -0700 (PDT) |
| In-Reply-To | <4Zd3YM00SYznVKQ@mail.python.org> |
| X-Gm-Features | ATxdqUELKQkKtzrzpbZAzwuX__1rWPGnlYEMgLDMflKnT5SXrB0XneWYygHUMVo |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.39 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <https://mail.python.org/pipermail/python-list/> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| X-Mailman-Original-Message-ID | <CAJQBtgmfgC5aQy_7RXwHDbsxaf1UWYY0=FNsgPPR2UzzuKfTTA@mail.gmail.com> |
| X-Mailman-Original-References | <CAApdmf2J69WgkR159sBSkxN0=mYoNmHZYboBmpPi+LdA-YBNpg@mail.gmail.com> <CAN06=CxPNLHtr_sdgphR2jrN1V+WbB8wZDJdbvfEDb-MYtmPHA@mail.gmail.com> <bbe32f47-13d2-459c-af22-4e0e37834091@tompassin.net> <4ZcdYR5WnWznV1q@mail.python.org> <cc1c6cf5-f8b9-4528-b6b0-110499b88162@wichmann.us> <4Zd3YM00SYznVKQ@mail.python.org> |
| Xref | csiph.com comp.lang.python:197411 |
Show key headers only | View raw
> Also... when installing stuff with pip --user, it is always a package > that is not installed for the system (usually not even available for > the system). How can that "break system packages"? pip installs dependencies. Dependencies may disagree on the version with the system packages. This is a difference between eg. how conda works and pip. Conda is an actual package manager: it ensures that all packages in a particular environment agree on version requirements. pip will break your environment in subsequent installs because it doesn't keep track of what was installed before. On top of this, pip may, in general, cause any amount of damage to your system regardless of where or how you install it because by default it's allowed to build wheels from source packages. The build may run whatever code, including formatting hard drives, mining bitcoin etc. The reason it doesn't happen very often is that package maintainers kind of trust each other to be nice. There aren't really any safeguards to prevent malicious actors from doing this, but you would have to want to install their package for some reason.
Back to comp.lang.python | Previous | Next | Find similar
Re: Pip installs to unexpected place Left Right <olegsivokon@gmail.com> - 2025-04-17 21:19 +0200
csiph-web