[Python-modules-team] Bug#786440: python-pip: pip is out-of-date, 'pip list' fails sometimes

Brian Warner warner at lothar.com
Thu May 21 17:56:34 UTC 2015 

Package: python-pip
Version: 1.5.6-5
Severity: important

I noticed that 'pip list' on my sid system failed, with a rather obscure
error:

Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/pip/basecommand.py", line 122, in main
    status = self.run(options, args)
  File "/usr/lib/python2.7/dist-packages/pip/commands/list.py", line 80, in run
    self.run_listing(options)
  File "/usr/lib/python2.7/dist-packages/pip/commands/list.py", line 142, in run_listing
    self.output_package_listing(installed_packages)
  File "/usr/lib/python2.7/dist-packages/pip/commands/list.py", line 151, in output_package_listing
    if dist_is_editable(dist):
  File "/usr/lib/python2.7/dist-packages/pip/util.py", line 367, in dist_is_editable
    req = FrozenRequirement.from_dist(dist, [])
  File "/usr/lib/python2.7/dist-packages/pip/__init__.py", line 299, in from_dist
    assert len(specs) == 1 and specs[0][0] == '=='
AssertionError

After some digging, it turned out that the problem was that I have the
'python-pyhsm' package installed, which has a version string of "1.0.4k",
and the extra "k" causes pkg_resources to return a "spec" that looks like
"=== 1.0.4k" (with three equal signs, not two), triggering the assert. Most
packages have a "normalized" version string, for which pkg_resources emits
a spec like "== 1.0.0", which doesn't cause pip to complain.

This was fixed in pip-6.0, which tolerates both == and ===. Sid currently
has a pkg_resources that can emit ===, but not a pip that can tolerate it.
This only shows up if you happen to have at least one python package
installed with a non-normalized version string. For me, I was able to make
pip work again by uninstalling python-pyhsm.

I'm sure you're aware that sid's pip-1.5.6 is pretty out-of-date, and that
6.1.1 is the current version (https://pip.pypa.io/en/stable/news.html).
It's not a trivial upgrade, for sure, but consider this note as supporting
evidence in the campaign to get pip updated :).

cheers,
 -Brian


Steps To Reproduce:
 apt-get install python-pip python-pyhsm
 pip list
Expected:
 a list of packages
Got Instead:
 part of the list, then an exception with an AssertionError

cheers,
 -Brian


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages python-pip depends on:
ii  ca-certificates       20141019
ii  python                2.7.9-1
ii  python-colorama       0.3.3-1
ii  python-distlib        0.2.0-1
ii  python-html5lib       0.999-3
ii  python-pkg-resources  16.0-1
ii  python-requests       2.4.3-6
ii  python-setuptools     16.0-1
ii  python-six            1.9.0-3
pn  python:any            <none>

Versions of packages python-pip recommends:
ii  build-essential  11.7
pn  python-dev-all   <none>
ii  python-wheel     0.24.0-1

python-pip suggests no packages.

-- no debconf information

More information about the Python-modules-team mailing list