-
Notifications
You must be signed in to change notification settings - Fork 120
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build does not validate that the "source directory" argument is a valid source directory #259
Comments
I am tempted to say this is an issue with setuptools? Though it might not be that clear. IMO setuptools itself should fail if the |
Personally, I think that build should fail early if it detects it's being run from the wrong directory. In a purist sense, that means there's no Yes, there's a setuptools issue here, as it shouldn't blindly package up something that's obviously wrong, but as a quality of implementation feature, build should check and fail early. After all, if it's left to setuptools, you would have to wait for the whole build environment to be created before you get told "nope, this isn't a Python project"... |
I'd accept a PR that fails early 👍 |
PEP 517 requires the existence of |
My argument against that is that I feel like it is not very correct, and might not work all that well in the long run. Checking for PEP 517 also says, if there is no
I understand your point, and I agree it would be good to have better behavior for users, but I do not really like to do this at the expense of correctness. This probably comes from my experience as arch packager, where I've had to deal with all sorts of different build systems and issues, and have seen how these decisions play out, and when things go wrong it's usually in a way I am left scratching my head and be forced to dive into the build system internals. A lot of times, things go fine, but a lot of time they also don't. I think the best path forward is to put pressure on getting this fixed in setuptools, rather than introduce potentially inconsistent behavior here. |
I don't really think it requires it necessarily, my interpretation is that it just hints.
Regardless, we would end up with inconsistent behavior. |
The PEP says "tools should revert to the legacy behaviour of running That setuptools does not verify that I think the logic surrounding the fallback is complex (see https://discuss.python.org/t/remove-wheel-as-minimum-requirement-from-pep-518/7513/18) and I appreciate not wanting to add another gate in the circuitry. |
Can we take a step back here? The issue I'm concerned about here¹ is that I did some additional tests, and apparently build doesn't even check that the "source directory" argument is a directory! It quite happily accepts non-existent directories, or filenames. I think those should be checked and reported to the user, rather than passing them to setuptools (which is the current behaviour). Getting into less obvious cases, I believe that a directory without I'm currently putting together a PR that checks for ¹ I'm happy to report the fact that setuptools will build junk in a directory with no |
I wrote the block below before testing pip. Pip does not support setup.cfg only projects, only build does. This should be still be clearly noted in the changelog, since it's a removal of existing functionality, but it looks like that functionality was likely incorrectly available before. I'm in favor of the check (we do a simliar one in cibuildwheel), but the check needs to include setup.cfg (as discussed in #260, support for setup.cfg-only projects was added in setuptools v40.9). That is also a valid source directory by convention if not by standard; the previous releases of build supports it PS: I'm not totally sure why setup.cfg-only projects work without setting |
I do not agree with the check including |
Yes, I was fine with this not being added when I realized that pip doesn't support it; currently only build supports a setup.cfg only project with no pyproject.toml. I think it's fine to match pip here. My only remaining point was that it might be mentioned in the changlog as a changed behavior, but it could be only people like me who throw together an example to check the behavior ( I think I did this when adding checks to cibuildwheel), but I'm pretty sure any real project would also require that a pip install without running |
Yes, I am gonna add a breaking change section before a new release. |
@FFY00 In Fedora, we choose the setuptool's legacy backed if pyproject.toml is not found. Do you think we should assert setup.py is present before we delegate to the backed to match the behavior of build and pip? I've opened pypa/setuptools#2329 about this ~1 year ago :/ |
Actually, since we delegate to pip (or in future, build) to build the wheel, we should. I've noted it down in https://bugzilla.redhat.com/show_bug.cgi?id=1976459 |
Your build system validation logic is also subtly different than what we have in build, see Lines 204 to 218 in 5a3c524
|
If I run build in an empty directory (or any directory that isn't a Python project), rather than reporting the error, the tool appears to run setuptools and creates an empty project called UNKNOWN. If there's no
pyproject.toml
, I guess it's assuming setuptools as a fallback. But if there's nosetup.py
orsetup.cfg
this is clearly incorrect, and so should fail.As it stands, the build runs and results in unwanted (and useless)
build
,dist
andUNKNOWN.egg-info
directories being created in my project. Luckily, I wasn't already usingbuild
ordist
as actual directories for my code...The text was updated successfully, but these errors were encountered: