Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
What to do about clobbering of packages in the prefix
See original GitHub issueWhat should we do when packages ship packages beyond themselves in site-packages. For instance if I have a package that ships itself and requests in site-packages that means that conda may no longer control what requests is installed, which could be problematic.
edit: this effects the entire prefix and we should address all of that at once
Issue Analytics
- State:
- Created 3 years ago
- Comments:18 (18 by maintainers)
Top Results From Across the Web
Why do we need -AllowClobber? | ACMESharp-docs
Now that we understand what clobbering is and why and when we need the -AllowClobber parameter, what about ACMESharp? ACMESharp uses the default...
Read more >conda update anaconda Fails | ClobberError - Stack Overflow
I am trying to update all conda packages. ... This path already exists in the target prefix, and it won't be removed by...
Read more >conda update <package...> - Fig.io
Options ; --clobber, Allow clobbering of overlapping file paths within packages, and suppress related warnings ; -C, --use-index-cache, Use cache of channel index ......
Read more >cmd - Go Packages
Command{ Use: "clobber", Short: "Clobber is a command-line application for ... Prefix = formatSpinnerText("Building base tools", false) runCommand("make -C" ...
Read more >conda-build — conda-build 3.21.7+0.gb98d7ec0.dirty documentation
Any variants with overlapping names within a build will clobber each other. ... depen- dency packages --prefix-length _PREFIX_LENGTH length of build prefix.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
You would have to edit the source code of conda-build/boa itself. I’m not certain if there are schemes to do that in a recipe but we could (and most likely should) have the build system hash itself when performing sensitive tasks. That way we can check if the build system was modified in some way during the build.
more difficult is not good enough here if we are calling this a security issue.