Message361383
In our case we ended up stripping the .pth file and distributing that modified .zip files.
I guess the main problem here is that its really not clear that this version of python doesn't work like the others, or needs to be modified before use. It can be very confusing to try to debug the resulting error message which for me was:
```
C:\Users\circleci\project\python\3.7.4_64bit\python.exe
Traceback (most recent call last):
File "C:\Users\circleci\project\upstream\emscripten\\emcc", line 6, in <module>
from tools import python_selector
ModuleNotFoundError: No module named 'tools'
```
For us we really want a non-interactive installation so a zip file made sense. We are embeddeding python within another SDK so it sounds like it is applicable.
Maybe this is documented somewhere and I just missed it, but its certainly was a confusing difference from other distributions of python.
What about adding some kind of startup message such as "This version of python requires local modification before using"?
Also, I'm curious about the kind of security risk there is in including the script directory in sys.path? If an attacker had access to the script directory couldn't they just modify the script directly? |
|
Date |
User |
Action |
Args |
2020-02-05 00:08:07 | Sam Clegg | set | recipients:
+ Sam Clegg, ssapin, steve.dower, skoslowski |
2020-02-05 00:08:07 | Sam Clegg | set | messageid: <1580861287.71.0.443453397987.issue34841@roundup.psfhosted.org> |
2020-02-05 00:08:07 | Sam Clegg | link | issue34841 messages |
2020-02-05 00:08:07 | Sam Clegg | create | |
|