Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Emit less cryptic error message for a missing namespace package declaration #2

Closed
ghost opened this issue May 28, 2013 · 8 comments
Closed

Emit less cryptic error message for a missing namespace package declaration #2

ghost opened this issue May 28, 2013 · 8 comments
Labels
bug major

Comments

@ghost
Copy link

ghost commented May 28, 2013

Originally reported by: ncoghlan (Bitbucket: ncoghlan, GitHub: ncoghlan)

The error message received when a system installed package is missing a "namespace package" declaration is really cryptic. I encountered this for http://beaker-project.org when our common library was missing the namespace package declaration (it originally didn't seem necessary, since that package is the one that owns that namespace, and does have its __init__.py file installed as part of the OS package)

When running from a source checkout, we don't actually care that the system version is present, because sys.path ensures the installed released version is ignored. This also holds true for bkr.__path__.

However, because of the missing declaration, pkg_resources interprets this as an attempt to import a conflicting version of a top level module and ends up emitting a totally inappropriate error message from check_version_conflict() (see the final warning in
https://bitbucket.org/pypa/setuptools/src/6aa3034bc297e98ed1a8422d96754cc0d6734667/pkg_resources.py?at=default#cl-2545)

There should be something in declare_namespace() that checks for this and emits a less cryptic error message that makes it clear:

  1. It found some metadata for that package (and where it found it)
  2. The metadata doesn't say anything about this being a namespace package

See http://stackoverflow.com/questions/13915269/why-do-i-get-userwarning-module-dap-was-already-imported-from-none/ for some background
@ghost
Copy link
Author

ghost commented May 28, 2013

Original comment by jaraco (Bitbucket: jaraco, GitHub: jaraco):

Agreed. Let's tackle this first thing after the 0.7 release.

@ghost
Copy link
Author

ghost commented Feb 9, 2014

Original comment by jaraco (Bitbucket: jaraco, GitHub: jaraco):

I've started looking at this, but I'm unable to replicate the failure. Can you put together a minimal test case the reproduces the environment that surprisingly raises the warning? In particular, it should use setuptools and Python only and shouldn't involve package managers. The instructions should install a minimal package in such a way that working with that package in '.' and importing pkg_resources triggers the warning (at least, if I understand the failure conditions as described above). If I don't understand the failure properly, then describe a similar scenario that triggers the unexpected warning.

I suspect that the suggestion that "there should be something in declare_namespace()" may not be appropriate here because the packages in question are not namespace packages. Thus, I wouldn't expect declare_namespace to be involved.

@ghost
Copy link
Author

ghost commented Feb 9, 2014

Original comment by ncoghlan (Bitbucket: ncoghlan, GitHub: ncoghlan):

Building the docs on Fedora on a fresh CPython checkout is one current
reproducer, but I'll try to come up with something simpler soon.

General pattern:

  1. Have a package that includes a pkg_resources namespace package, but
    doesn't declare it as such in its setup.py metadata.
  2. Have a dev copy early on your path, plus a fully installed copy later on
    your path.
  3. Import the dev copy, get the warning.

The actual bug in the user code in this situation is most likely the
missing "this is a namespace package" declaration from setup.py, but unless
you already know that, the error message doesn't lead you in the right
direction.

@ghost
Copy link
Author

ghost commented May 2, 2014

Original comment by samposm (Bitbucket: samposm, GitHub: samposm):

This is not minimal in the sense @jaraco asked, but: On an Ubuntu machine:

#!shell

sudo apt-get install python-dap

and then

#!python

python
>>> import pkg_resources
__main__:1: UserWarning: Module dap was already imported from None, but /usr/lib/python2.7/dist-packages is being added to sys.path

@ghost ghost added major bug labels Mar 29, 2016
This was referenced Mar 29, 2016
Open
Closed
Closed
@silkentrance
Copy link
Contributor

@pganssle This might have been resolved by PEP420 and #1312.

@pganssle
Copy link
Member

Really hard for me to tell without an MWE.

@ncoghlan Should we close this?

@ncoghlan
Copy link
Member

I'd say close it - so much has changed with namespace handling since I first filed this that I don't think it's relevant any more, regardless of whether the original misbehaviour has been fixed or not.

@pganssle
Copy link
Member

Sounds good. We can re-open or open a new issue if something like this comes up again.

@aduskett aduskett mentioned this issue Aug 20, 2018
Closed
jaraco added a commit that referenced this issue Dec 7, 2020
@jaraco
Require tox 2.4 or later; fixes #2.

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode
110cb56
jaraco added a commit that referenced this issue Nov 18, 2021
@jaraco
Create hooks and implement Debian's patches against those hooks. Fixes
4bc2ec3 
…#2.
jaraco added a commit that referenced this issue Nov 18, 2021
@jaraco
Add a hook on import of distutils that will allow Debian to override …
888ab6d 
…the default behavior. Fixes #2.
abravalheri pushed a commit that referenced this issue Jun 7, 2022
@codeandfire
Merge pull request #2 from abravalheri/data-files-fix
4de04f4 
Data files fix
@bashtage bashtage mentioned this issue Aug 15, 2022
Closed
@mssalvatore mssalvatore mentioned this issue Sep 18, 2022
Merged
2 tasks
jaraco added a commit that referenced this issue Feb 4, 2023
@jaraco
Merge pull request #2 from abadger/feature/ssl-match-hostname-17997
6360097 
There's apparently another security issue in the python3 match_hostname code. No CVE has been issued for it yet:

http://bugs.python.org/issue17997#msg194950

This merge includes two commits. The first updates the included match_hostname code to reflect what's in the python-3.3.3 and python-3.4 stdlib (with a minor change to preserve python2 compat). The second commit adds a check for the backports.ssl_match_hostname module from pypi: https://pypi.python.org/pypi/backports.ssl_match_hostname

If the stdlib doesn't have ssl_match_hostname but backports.ssl_match_hostname exists it uses that code. If neither one are present, then it uses the code included in setuptools.

Using backports.ssl_match_hostname helps system packagers and system admins to have a single place to maintain SSL support rather than every package that's copying the match_hostname code. On the other hand, it means that users won't get any fixes before they go into the backports.ssl_match_hostname module. Brandon Rhodes is the owner of that module and Toshio has done the last several releases to make sure that module is current with the match_hostname security issues.
@jan-david-fischbach jan-david-fischbach mentioned this issue Jul 9, 2024
Merged
@wyd3x wyd3x mentioned this issue Jul 29, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug major
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ncoghlan @pganssle @silkentrance