New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
distutils creates unreproducible .so files #80483
Comments
While working on reproducible builds for openSUSE, I found countless python modules that come with binary .so files that did not build reproducibly from non-deterministic filesystem readdir order. One contributing factor is bpo-30461 that will not be fixed. |
I'm not excited about backporting this change to Python 3.8 and older. Python 3.8 also switch to its feature freeze for Python 3.8.0. This change is borderline between bugfix and feature. In case of doubt, I prefer to do nothing. See concerns in the PR discussion: |
An unfortunate side effect of this change is that changes the build order even if the source list order is relevant. In particular, I sort the source list by age when working on larger extensions, this makes sure that the source files I edited last get compiled first, which speeds up edit/build cycles. |
That sounds like a new feature. I don't think that it was supported previously. Or maybe it was more an implementation detail. Please open a new issue if you would like to add the ability to specify in which order source files must be compiled. |
That's the problem with any change to distutils, the API is unclear and that causes any change to be potentially breaking for existing users. That's why distutils has been mostly stagnant for years. I have no particular wish w.r.t. changing behaviour, I've a local workaround for now and am hoping someone will write a tool similar to flit for packages that include extensions. |
On the one hand, this sounds creepily like https://xkcd.com/1172, but on the other: why do we need to sort those extensions by name? Wouldn’t sorting by some attribute of those extensions (including their size) be better? |
Because calling sorted() is easy. Any other arbitrary choice would make sense. But giving the ability to build sources in a specific order, add dependencies, or something else, would a new features. Also, distutils is now deprecated in the stdlib: the steering council approved https://www.python.org/dev/peps/pep-0632/ You should now report distutils issues to setuptools. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: