pipenv checks outside of pipenv-managed venv
See original GitHub issueIssue description
pipenv check
can fail on packages not managed by pipenv
.
python3 -m venv venv
venv/bin/python -m pip install --upgrade 'pip<21' pipenv
venv/bin/pipenv --python="$PWD/venv/bin/python" install 'pip>=21'
venv/bin/pipenv check
It doesn’t seem to matter if PIPENV_IGNORE_VIRTUALENVS
is set.
Expected result
Checking PEP 508 requirements...
Passed!
Checking installed package safety...
All good!
Actual result
Checking PEP 508 requirements...
Passed!
Checking installed package safety...
40291: pip <21.1 resolved (20.3.4 installed)!
Pip version 21.1 updates its dependency "urllib3" to 1.26.4 to fix CVE-2021-28363.
pipenv check --verbose
Checking PEP 508 requirements... Running command: $ /ifs/home/dtucker/.local/share/virtualenvs/tmp.X2jD7mSKG6-hzRazx7h/bin/python /tmp/tmp.X2jD7mSKG6/venv/lib/python3.6/site-packages/pipenv/pep508checker.py Command output: {"os_name": "posix", "sys_platform": "linux", "platform_machine": "x86_64", "platform_python_implementation": "CPython", "platform_release": "4.15.0-159-generic", "platform_system": "Linux", "platform_version": "#167-Ubuntu SMP Tue Sep 21 08:55:05 UTC 2021", "python_version": "3.6", "python_full_version": "3.6.9", "implementation_name": "cpython", "implementation_version": "3.6.9"}Passed! Checking installed package safety… Running command: $ /ifs/home/dtucker/.local/share/virtualenvs/tmp.X2jD7mSKG6-hzRazx7h/bin/python /tmp/tmp.X2jD7mSKG6/venv/lib/python3.6/site-packages/pipenv/patched/safety check --json Command output: [ [ “pip”, “<21.1”, “20.3.4”, “Pip version 21.1 updates its dependency "urllib3" to 1.26.4 to fix CVE-2021-28363.”, “40291” ] ]
40291: pip <21.1 resolved (20.3.4 installed)! Pip version 21.1 updates its dependency “urllib3” to 1.26.4 to fix CVE-2021-28363.
$ pipenv --support
Pipenv version: '2021.5.29'
Pipenv location: '/tmp/tmp.X2jD7mSKG6/venv/lib/python3.6/site-packages/pipenv'
Python location: '/tmp/tmp.X2jD7mSKG6/venv/bin/python'
Python installations found:
3.10.0
:/ifs/home/dtucker/.pyenv/versions/3.10.0/bin/python3
3.9.7
:/ifs/home/dtucker/.pyenv/versions/3.9.7/bin/python3
3.9.0
:/ifs/home/dtucker/.pyenv/versions/3.9.0/bin/python3
3.8.12
:/ifs/home/dtucker/.pyenv/versions/3.8.12/bin/python3.8
3.8.6
:/ifs/home/dtucker/.pyenv/versions/3.8.6/bin/python3.8
3.8.0
:/ifs/home/dtucker/.pyenv/versions/3.8.0/bin/python3.8
3.8.0
:/usr/bin/python3.8
3.7.12
:/ifs/home/dtucker/.pyenv/versions/3.7.12/bin/python3.7m
3.7.9
:/ifs/home/dtucker/.pyenv/versions/3.7.9/bin/python3.7m
3.7.5
:/usr/bin/python3.7
3.7.5
:/usr/bin/python3.7m
3.7.4
:/ifs/home/dtucker/.pyenv/versions/3.7.4/bin/python3.7m
3.7.1
:/ifs/home/dtucker/.pyenv/versions/3.7.1/bin/python3.7m
3.6.15
:/ifs/home/dtucker/.pyenv/versions/3.6.15/bin/python3.6m
3.6.12
:/ifs/home/dtucker/.pyenv/versions/3.6.12/bin/python3.6m
3.6.9
:/ifs/home/dtucker/.pyenv/versions/3.6.9/bin/python3.6m
3.6.9
:/usr/bin/python3.6
3.6.9
:/usr/bin/python3.6m
3.6.9
:/usr/bin/python3
3.5.10
:/ifs/home/dtucker/.pyenv/versions/3.5.10/bin/python3.5m
3.5.7
:/ifs/home/dtucker/.pyenv/versions/3.5.7/bin/python3.5m
3.4.10
:/ifs/home/dtucker/.pyenv/versions/3.4.10/bin/python3.4m
2.7.18
:/ifs/home/dtucker/.pyenv/versions/2.7.18/bin/python2.7
2.7.17
:/usr/bin/python2
2.7.17
:/usr/bin/python2.7
2.7.16
:/ifs/home/dtucker/.pyenv/versions/2.7.16/bin/python2.7
2.6.9
:/ifs/home/dtucker/.pyenv/versions/2.6.9/bin/python2.6
PEP 508 Information:
{'implementation_name': 'cpython',
'implementation_version': '3.6.9',
'os_name': 'posix',
'platform_machine': 'x86_64',
'platform_python_implementation': 'CPython',
'platform_release': '4.15.0-159-generic',
'platform_system': 'Linux',
'platform_version': '#167-Ubuntu SMP Tue Sep 21 08:55:05 UTC 2021',
'python_full_version': '3.6.9',
'python_version': '3.6',
'sys_platform': 'linux'}
System environment variables:
LC_ALL
LS_COLORS
SSH_CONNECTION
LANG
HISTCONTROL
HOSTNAME
OLDPWD
EDITOR
GPG_TTY
PYENV_VIRTUALENV_INIT
JIRA_PROXY
S_COLORS
XDG_SESSION_ID
PIP_INDEX_URL
USER
PWD
HOME
SSH_CLIENT
TESTLAB_LOG_DIRECTORY
TMUX
PIP_REQUIRE_VIRTUALENV
SSH_TTY
MAIL
TERM
SHELL
TMUX_PANE
SHLVL
PYENV_SHELL
LOGNAME
DBUS_SESSION_BUS_ADDRESS
HELIX_LOGDIR
XDG_RUNTIME_DIR
PIP_TRUSTED_HOST
PATH
PS1
HISTSIZE
_
PIP_DISABLE_PIP_VERSION_CHECK
PYTHONDONTWRITEBYTECODE
PIP_SHIMS_BASE_MODULE
PIP_PYTHON_PATH
PYTHONFINDER_IGNORE_UNSUPPORTED
Pipenv–specific environment variables:
Debug–specific environment variables:
PATH
:/ifs/home/dtucker/.pyenv/plugins/pyenv-virtualenv/shims:/ifs/home/dtucker/.pyenv/bin:/ifs/home/dtucker/.local/bin:/ifs/home/dtucker/bin:/ifs/home/dtucker/.pyenv/plugins/pyenv-virtualenv/shims:/ifs/home/dtucker/.pyenv/shims:/ifs/home/dtucker/.pyenv/bin:/ifs/home/dtucker/.local/bin:/ifs/home/dtucker/bin:.:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
SHELL
:/bin/bash
EDITOR
:vim
LANG
:en_US.UTF-8
PWD
:/tmp/tmp.X2jD7mSKG6
Contents of Pipfile
(‘/tmp/tmp.X2jD7mSKG6/Pipfile’):
[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"
[packages]
pip = {version = ">=21", index = "http://artifactory.west.isilon.com/artifactory/api/pypi/pypi-repo/simple"}
[dev-packages]
[requires]
python_version = "3.6"
Contents of Pipfile.lock
(‘/tmp/tmp.X2jD7mSKG6/Pipfile.lock’):
{
"_meta": {
"hash": {
"sha256": "fb1685a8ca4420f6d2bad5672d155b3fdc508c19848f2cef4deeee0d6c74cea0"
},
"pipfile-spec": 6,
"requires": {
"python_version": "3.6"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.org/simple",
"verify_ssl": true
}
]
},
"default": {
"pip": {
"index": "http://artifactory.west.isilon.com/artifactory/api/pypi/pypi-repo/simple",
"version": ">=21"
}
},
"develop": {}
}
Issue Analytics
- State:
- Created 2 years ago
- Comments:13 (6 by maintainers)
@tucked and @matteius; I’m working on this issue right now. I’ll return to this thread soon with more info/questions or a PR.
@tucked Yeah sorry about that – if you wanted to try it now you can do the editable install of pipenv, it was broken in the wheel. Otherwise there should be a new release in the next day.