New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Python: add sitecustomize.py, listen to NIX_PYTHONPATH #64634
Conversation
This is a really neat idea - I've been doing something similar in a much hackier way to get virtualenvs to work with less hassle - simply using Moving towards preferring |
I don't follow you. This does not use |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Additionally, this commit introduces
NIX_PYTHON_SCRIPT_NAME
which
can be used for settingsys.argv[0]
.
Not in the commit, a rebasing mistake?
I needed to read on the previous discussions since I have completely forgotten what's the problem we are trying to solve :D
It's better than using PYTHONHOME
. I like the idea of unsetting the variable; if we apply it to NIX_PYTHON_SCRIPT_NAME
won't this solve its leakiness? I don't see any other problems with it, maybe I missed anything in #25985?
We still don't solve crazy cases like (5) from #25985 (comment) but that's a clear improvement.
And if we move to using them both in |
This commit adds a Nix-specific module that recursively adds paths that are on `NIX_PYTHONPATH` to `sys.path`. In order to process possible `.pth` files `site.addsitedir` is used. The paths listed in `PYTHONPATH` are added to `sys.path` afterwards, but they will be added before the entries we add here and thus take precedence. The reason for adding support for this environment variable is that we can set it in a wrapper without breaking support for `PYTHONPATH`.
I've updated the commit message. Yes, we could use |
@FRidh my point is just that users may have custom entries in their runtime environment's It's possible I've misunderstood how this is being handled with |
Ah, now I understand. No, this won't change. |
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/terminal-emulator-leaks-environment-variables-to-shell/33673/11 |
Motivation for this change
Split from #25985.
Add a
sitecustomize.py
file that listens toNIX_PYTHONPATH
and unsets it afterwards. This gives the same feature as bothPYTHONHOME
andPYTHONPATH
, however, without preventing the user from using those environment variables, and without leaking the variable.This variable is now used in
python.buildEnv
, thereby solving issues with a leakingPYTHONHOME
which could break nested Python programs/environments.In the future we may choose to use this as well in
buildPythonPackage
.Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)