This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: distutils make_zipfile uses random order
Type: behavior Stage: resolved
Components: Distutils Versions: Python 3.10, Python 3.9, Python 3.8, Python 3.7
process
Status: closed Resolution: out of date
Dependencies: Superseder:
Assigned To: Nosy List: dstufft, eric.araujo, ghost43, rhettinger, steve.dower
Priority: normal Keywords:

Created on 2020-06-12 17:30 by ghost43, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Messages (3)
msg371400 - (view) Author: ghost43 (ghost43) * Date: 2020-06-12 17:30 
I am trying to generate .zip sdists for a project in a reproducible manner, using setuptoools.
The generated zips differ in the order of packed files.

The root cause of the non-determinicity is using os.walk() in make_zipfile here:
https://github.com/python/cpython/blob/0d3350daa8123a3e16d4a534b6e873eb12c10d7c/Lib/distutils/archive_util.py#L174

For a potential fix, see https://github.com/pypa/setuptools/commit/29688821b381268a0d59c0d26317d88ad518f966

I guess https://bugs.python.org/issue30693 is sort of related. The change made there is necessary, and was sufficient to make the tars reproducible but not the zips.

(sidenote: Is it acceptable to sign the PSF CLA with a pseudonym?)
msg371515 - (view) Author: Raymond Hettinger (rhettinger) * (Python committer) Date: 2020-06-14 20:27 
+1 for sorting filenames prior to insertion
msg386270 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2021-02-03 18:08 
Distutils is now deprecated (see PEP 632) and all tagged issues are being closed. From now until removal, only release blocking issues will be considered for distutils.

If this issue does not relate to distutils, please remove the component and reopen it. If you believe it still requires a fix, most likely the issue should be re-reported at https://github.com/pypa/setuptools
History
Date User Action Args
2022-04-11 14:59:32adminsetgithub: 85135
2021-02-03 18:08:04steve.dowersetstatus: open -> closed

nosy: + steve.dower
messages: + msg386270

resolution: out of date
stage: resolved
2020-06-14 20:27:54rhettingersetnosy: + rhettinger
messages: + msg371515
2020-06-12 17:30:20ghost43create