setuptools 18.3.2 cannot access PyPI if PyPI password has an embedded % #442
Comments
Original comment by jaraco (Bitbucket: jaraco, GitHub: jaraco): That's odd, because package_index.py hasn't changed since 15.2.
Is it possible that when you tested 15.2 that something else was different in your environment from your test against 18.3.2? |
Original comment by malemburg (Bitbucket: malemburg, GitHub: malemburg): I just tried to replicate this: it does indeed happen with setuptools 15.2 and the current 18.3.2. I must have done something else between reverting to 15.2 and trying the install again. Here's the command I tried to run:
I also checked with a Python 3.4.3 venv: same error. The install works fine in Python 2.7.10. BTW: I do wonder why setuptools is interested in my PyPI account details when simply downloading and installing software. Here's the complete pip output:
|
Original comment by malemburg (Bitbucket: malemburg, GitHub: malemburg): Just verified: commenting out the entry with the % in the password result in the install command to run through fine. It is interesting that all repo entries from the .pypirc are read. The one with the % wasn't the standard PyPI entry one. |
Original comment by rpodgorny (Bitbucket: rpodgorny, GitHub: rpodgorny): are you sure using rawconfigparser is a good idea? the docs say: Legacy variant of the ConfigParser with interpolation disabled... (mind the "legacy" word) also: Note Consider using ConfigParser instead which checks types of the values to be stored internally. If you don’t want interpolation, you can use ConfigParser(interpolation=None). cheers! |
Original comment by jaraco (Bitbucket: jaraco, GitHub: jaraco): I'm happy to share my rationale. I did read the docs, and was considering using I considered leaving interpolation on and using the SafeConfigParser on Python 2.7, which would at least bring the behavior into parity with Python 3, but on further consideration, I suspect that interpolation is never used in .pypirc, was never documented to support that functionality, and has the undesirable effect of requiring values containing I can imagine scenarios where this backward-incompatible change could cause substantial disruption, and I'm gambling on the hope that those scenarios don't exist in practice. If someone does encounter a real-world example of why this approach is problemmatic, I'd like the feedback and I'll consider another approach. |
Originally reported by: malemburg (Bitbucket: malemburg, GitHub: malemburg)
If you have a repository entry in .pypirc with a password using % in the password string, setuptools causes a traceback when trying to install packages with Python 3.4:
I tested this with setuptools 15.2 and this does not have the problem.
The text was updated successfully, but these errors were encountered: