Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

when executed as a wheel, pip creates a temporary file containing ca certificates which is not cleaned up

See original GitHub issue

Description

a temporary file is leaked during the execution of pip as a wheel. repeated execution consumes ~250KB per execution which quickly fills up disk if run in a loop

Expected behavior

I expect the temporary file to be cleaned up instead of left around after execution

pip version

21.3.1

Python version

3.8.10

OS

ubuntu 20.04

How to Reproduce

python3 -m pip download pip==21.3.1
PYTHONPATH=pip-21.3.1-py3-none-any.whl python3 -m pip download astpretty

Output

$ du -hs /tmp/tmp*
du: cannot access '/tmp/tmp*': No such file or directory
$ PYTHONPATH=pip-21.3.1-py3-none-any.whl python3 -m pip download astpretty
Collecting astpretty
  Using cached astpretty-2.1.0-py2.py3-none-any.whl (5.3 kB)
Saved ./astpretty-2.1.0-py2.py3-none-any.whl
Successfully downloaded astpretty
$ du -hs /tmp/tmp*
256K	/tmp/tmpf4qxtczw

Code of Conduct

I agree to follow the PSF Code of Conduct.

Issue Analytics

State:
Created 2 years ago
Reactions:2
Comments:10 (10 by maintainers)

Top GitHub Comments

3reactions

vstinnercommented, May 31, 2022

Hi, I also noticed this bug and I found the root issue. It’s a bug in Python importlib.resources: https://github.com/python/cpython/issues/93353

0reactions

pfmoorecommented, Dec 28, 2021

It looks like certifi already has the importlib.resources code, and they are aware of the cleanup issue - see here. It’s definitely worth discussing this problem with them, not with us.

Also, get-pip uses different code which does do the cleanup[^1]. But the certifi/importlib approach is independent, and get-pip can’t fix that.

[^1]: You’re right, get-pip needs the certificates - that’s why we have that code in there. I believe it predates the importlib.resources mechanism.

Top Results From Across the Web

pip always fails ssl verification - Stack Overflow

URL host for python packages being blocked; invalid SSL certificate warnings popping up; SSL inspection certificate not trusted. As mentioned by ...

pip install — pip 10.0.0.dev0 documentation

Since version 7.0 pip supports controlling the command line options given to setup.py via requirements files. This disables the use of wheels (cached...

get-pip.py on pypa.io

# # If you're wondering how this is created, it is generated using # `scripts/generate.py` in https://github.com/pypa/get-pip. import sys this_python = sys.

Python developer reference for Azure Functions

json: Contains configuration options that affect all functions in a function app instance. This file does get published to Azure. Not all ...

Zscaler is not allowing PIP to download and install packages

Unable to download PIP packages from Anaconda or Python, Zscaler is blocking pip ... Please review this document Installing TLS / SSL ROOT...