Support the most esoteric setup.py files #3202
Labels
F: language-support
Issues specific to a particular language or ecosystem; may be paired with an L: label.
python
Dependabot pull requests that update Python code
T: feature-request
Requests for new features
Comments
jurre
added
F: language-support
|
Are you referring to this helper? |
|
Yeah. Also, i apologise for the tone in the initial message, I was still a bit weirded out at that point, and so i could've put my concerns down in a different manner. |
|
If it's something you'd like to see fixed and willing to submit a PR, I'm happy to give you pointers on how to debug further to pinpoint what code needs to change within However, I doubt the core team will spend much time on this as the python ecosystem seems to be moving away from |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While working on trying to figure out why dependabot doesn't work for synapse's
setup.pyfile, I came across the pythonsetup.pyhelper, which in my opinion takes a huge amount of liberties to assume howsetup.pyfiles look like.This helper tries to outsmart python itself by manually regex-replacing(!) contents of the file, before blindly
exec-ing it withlocals()andglobals().This can be simplified instead by using
multiprocessing(to isolate side-effects), then run a script that replacessetuptools'ssetupby making it send the passed requires and extras to the parent process, and then springboarding into thesetup.pyscript (after setting the right working directory).The only reason why i could see trying to outsmart python in regards to executing what in files would be to avoid malicious behaviour, that can be wrapped and isolated with containers, but that's not the case here, it's avoidance to dirty the output and such, that can be wrapped in a subprocess.
The text was updated successfully, but these errors were encountered: