Bugfix: Fixes #3763, #3830, and #4453 #5010
Conversation
simnalamburt
force-pushed
the
issue-4453
branch
from
c01b90b
to
16b33ef
Compare
simnalamburt
force-pushed
the
issue-4453
branch
from
16b33ef
to
4bd8b06
Compare
Prevent '--install-option' and '--global-option' from leaking into the
next dependencies in the 'requirements.txt' file.
You should not mutate the parameters provided by the caller unless you
are aware of what you're doing.
# BAD! Mutating the parameter!
def bad(param):
param += ['a']
# OK. Binding a new object to the name.
def good(param):
param = param + ['a']
Fixes pypa#3763, pypa#3830, and pypa#4453.
Reference:
https://github.com/simnalamburt/snippets/blob/master/python/pip-4453.py
simnalamburt
force-pushed
the
issue-4453
branch
from
4bd8b06
to
7795408
Compare
simnalamburt
changed the title
| global_options = \ | ||
| global_options + self.options.get('global_options', []) | ||
| install_options = \ | ||
| install_options + self.options.get('install_options', []) |
There was a problem hiding this comment.
It's not at all clear why this makes a difference (I'm assuming it's something to do with in-place modification vs creating a new list?) so at a minimum, I'd want a comment explaining what's going on here. Better still would be a code change that didn't result in the reader having a huge temptation to switch back to the += form 😄
There was a problem hiding this comment.
Reading the conversation thread clarifies (must read things in the right order in future :-)) but I'd still like a comment in the code.
Maybe better would be
# Take a copy so we don't mutate the value supplied by the caller
global_options = list(global_options)
global_options += self.options.get('global_options', [])as that makes the point explicit in the code as well as in the comment.
There was a problem hiding this comment.
+1
Having a comment would definitely be helpful here. Nice catch btw.
There was a problem hiding this comment.
Hello @simnalamburt! Thanks for spotting this. 😄
If I may pitch in... If we are to take a copy, I would suggest to put it in another variable.
Currently, the global_options and install_options first refer to the arguments of the method, then refer to a modified copy of them. It can get confusing.
I would suggest something along:
package_global_options = \
global_options + self.options.get('global_options', [])
package_install_options = \
install_options + self.options.get('install_options', [])Of course renaming in the next usages as well would be required.
I don't know if the comment should be put in that case, but I believe it is at least much less tempting to refactor into the += form with different names.
There was a problem hiding this comment.
If I may pitch in... If we are to take a copy, I would suggest to put it in another variable.
It seems to be the best of the ideas so far. I'll update the PR.
|
Hello! I am an automated bot and I have noticed that this pull request is not currently able to be merged. If you are able to either merge the |
|
Closing in favour of #5090. |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
lock
bot
added
the
auto-locked
Prevent
--install-optionand--global-optionfrom leaking into the next dependencies in therequirements.txtfile.You should not mutate the parameters provided by the caller unless you are aware of what you're doing.
Fixes #3763, #3830, and #4453.
Reference