From d2e8ae0b4847a421d7842970285e7b59a703ac58 Mon Sep 17 00:00:00 2001
From: Eli Schwartz <eschwartz93@gmail.com>
Date: Sat, 9 Mar 2024 22:56:54 -0500
Subject: [PATCH] distutils-r1.eclass: remove wheel metadata that is bad for
 distros

In particular, RECORD is effectively hostile. It's the equivalent of
portage CONTENTS, but read by pip to figure out how to uninstall a
package. For obvious reasons, pip needs this functionality when
installing packages itself. But allowing pip the authority to uninstall
a package managed by portage is... not good. At all.

Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
---
 eclass/distutils-r1.eclass | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index 9be994595529..37274ca7102d 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -1334,7 +1334,10 @@ distutils_wheel_install() {
 	printf '%s\n' "${cmd[*]}"
 	"${cmd[@]}" || die "Wheel install failed"
 
-	# remove installed licenses
+	# remove installed:
+	# - licenses
+	# - RECORD, used solely by pip to know how to uninstall it
+	#   behind our back
 	find "${root}$(python_get_sitedir)" -depth \
 		\( -path '*.dist-info/COPYING*' \
 		-o -path '*.dist-info/LICENSE*' \
@@ -1342,6 +1345,7 @@ distutils_wheel_install() {
 		-o -path '*.dist-info/license_files' \
 		-o -path '*.dist-info/licenses/*' \
 		-o -path '*.dist-info/licenses' \
+		-o -path '*.dist-info/RECORD' \
 		\) -delete || die
 }
 
-- 
2.43.2