-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
requirement: Close temporary files before passing them to pip
#551
Conversation
for filename in self._filenames: | ||
tmp_file = stack.enter_context(NamedTemporaryFile(mode="w")) | ||
# Deliberately pass `delete=False` so that our temporary file doesn't get | ||
# automatically deleted on close. We need to close it so that `pip` can |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm referring to pip
here instead of the requirements parser (where the actual error is at the moment) since we're about to remove the parser from this code path.
@woodruffw Actually, now that I think of it more, when we remove the requirements parser from this code path, perhaps this issue will disappear since we're no longer opening the file again in the same Python process. I don't think We can probably merge this to get a patch fix out the door but we can revert these changes as part of #540. Does that seem right to you? I might be able to confirm that #540 fixes the issue by asking the original reporter to try that branch. |
That sounds good to me -- let's merge here, confirm that #540 independently fixes, and then revert here if necessary. |
Signed-off-by: William Woodruff <[email protected]>
LGTM; I'll make a patch release after this. |
## [2.5.1] ### Fixed * Fixed a crash on Windows caused by multiple open file handles to input requirements ([#551](pypa/pip-audit#551)) ## [2.5.0] ### Changed * Improved error messaging when a requirements input or indirect dependency has an invalid (non-PEP 440) requirements specifier ([#507](pypa/pip-audit#507)) * `pip-audit`'s handling of dependency resolution has been significantly refactored and simplified ([#523](pypa/pip-audit#523)) ### Fixed * Fixed a potential crash on invalid unicode in subprocess streams ([#536](pypa/pip-audit#536)) ## [2.4.15] **YANKED** ### Fixed * Fixed an issue where hash checking would fail when using third-party indices ([#462](pypa/pip-audit#462)) * Fixed the behavior of the `--skip-editable` flag, which had regressed with an internal API change ([#499](pypa/pip-audit#499)) * Fixed a dependency resolution bug that can potentially be triggered when multiple packages have the same subdependency ([#488](pypa/pip-audit#488))
Closes #548