➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2018-01-06 23:59 by steve.dower, last changed 2022-04-11 14:58 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 5119 | merged | steve.dower, 2018-01-07 01:34 | |
| PR 5119 | merged | steve.dower, 2018-01-07 01:34 | |
| Messages (8) | |||
|---|---|---|---|
| msg309589 - (view) | Author: Steve Dower (steve.dower) *  |
Date: 2018-01-06 23:59 | |
There's enough instability due to using the proper UCRT installer (e.g. issue25546, issue25954, also others not reported on bpo) and good enough install base that we can simplify things by just installing it locally on machines that require it. This may also require updating venv (though I think we're fine) and virtualenv (I'll ping). My proposal is to bundle the UCRT redistributable DLLs into their own MSI and install them alongside the main executable when required. If a user later installs it properly, the up-to-date version will be used instead. This should be good enough to cover people still on Windows 7/8, and will also reduce the installer size slightly (though at the cost of potentially breaking non-standard virtual environments or entrypoint stubs that link to the CRT dynamically). |
|||
| msg309609 - (view) | Author: Steve Dower (steve.dower) * |
Date: 2018-01-07 06:55 | |
The PR is ready, but I'll leave this open for a few days in case anyone wants to comment. |
|||
| msg309614 - (view) | Author: Paul Moore (paul.moore) * |
Date: 2018-01-07 12:34 | |
Does this mean that we'll need to update the bundled ucrt whenever there are security patches to the baseline version? Are we happy with the security implications of that? I thought one of the key advantages of using the system CRT (whether the old msvcrXX.dll or the new ucrt) was that we automatically received security patches. |
|||
| msg309635 - (view) | Author: Steve Dower (steve.dower) * |
Date: 2018-01-07 20:53 | |
Technically yes, though I think at this stage it will be very few machines that end up with our copy, and users can patch their own system using Windows Update even if we've installed a copy. Particularly for our user base, where I suspect most pre-Win10 Python users will have installed 3.5 or 3.6 previously and so have the proper update. There should be very few first time Python users on older operating systems, and it will approach zero over time. |
|||
| msg309640 - (view) | Author: Paul Moore (paul.moore) * |
Date: 2018-01-07 22:36 | |
Oh, so we're talking here about bundling the ucrt installers and then if the user doesn't already have ucrt installed system wide, we will install a local copy, but if they do, we don't do anything? If we install a local copy, then it'll be used until the user installs a system copy, at which point the local copy remains but gets ignored, correct? That seems OK, although I can see a local copy that's not used being confusing - but it's for very few users so no real issue. I'm not sure what you're saying for venv/virtualenv though? Presumably they will need to copy the local copy if it's present, but that local copy will be ignored if there's a system copy? |
|||
| msg309653 - (view) | Author: Steve Dower (steve.dower) * |
Date: 2018-01-08 00:53 | |
All correct. I believe venv is fine, as it copies all DLLs, but virtualenv is more selective and will need to be updated. |
|||
| msg309688 - (view) | Author: Steve Dower (steve.dower) * |
Date: 2018-01-09 08:14 | |
New changeset d135f20ae8887acc7716561bc8f4c7eb6d58d24c by Steve Dower in branch 'master': bpo-32507: Change Windows install to include app-local UCRT (#5119) https://github.com/python/cpython/commit/d135f20ae8887acc7716561bc8f4c7eb6d58d24c |
|||
| msg309689 - (view) | Author: Steve Dower (steve.dower) * |
Date: 2018-01-09 08:16 | |
Missed the a4 cutoff, but it'll be in 3.7.0b1. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:56 | admin | set | github: 76688 |
| 2018-01-09 08:16:36 | steve.dower | set | status: open -> closed messages: + msg309689 keywords: patch, patch resolution: fixed stage: patch review -> resolved |
| 2018-01-09 08:14:51 | steve.dower | set | messages: + msg309688 |
| 2018-01-08 00:53:03 | steve.dower | set | keywords:
patch, patch messages: + msg309653 |
| 2018-01-07 22:36:46 | paul.moore | set | keywords:
patch, patch messages: + msg309640 |
| 2018-01-07 20:53:41 | steve.dower | set | keywords:
patch, patch messages: + msg309635 |
| 2018-01-07 12:34:39 | paul.moore | set | keywords:
patch, patch messages: + msg309614 |
| 2018-01-07 06:55:28 | steve.dower | set | keywords:
patch, patch messages: + msg309609 |
| 2018-01-07 01:36:14 | steve.dower | link | issue28888 superseder |
| 2018-01-07 01:34:16 | steve.dower | set | keywords:
+ patch stage: needs patch -> patch review pull_requests: + pull_request4985 |
| 2018-01-07 01:34:15 | steve.dower | set | keywords:
+ patch stage: needs patch -> needs patch pull_requests: + pull_request4984 |
| 2018-01-06 23:59:41 | steve.dower | link | issue25546 superseder |
| 2018-01-06 23:59:25 | steve.dower | link | issue25954 superseder |
| 2018-01-06 23:59:01 | steve.dower | create | |