922211 – app-portage/elsw-0.0.0-r1 installs python packages with invalid/suspicious names or versions in the site-packages directory (GCC-14-SYSTEM)

Bug 922211 - app-portage/elsw-0.0.0-r1 installs python packages with invalid/suspicious names or versions in the site-packages directory (GCC-14-SYSTEM)

Summary: app-portage/elsw-0.0.0-r1 installs python packages with invalid/suspicious na...

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Maciej Barć

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	921641
	Show dependency tree

Reported:	2024-01-16 10:06 UTC by Agostino Sarubbo
Modified:	2024-01-16 17:39 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
build.log (build.log,44.76 KB, text/plain) 2024-01-16 10:06 UTC, Agostino Sarubbo	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2024-01-16 10:06:34 UTC

https://blogs.gentoo.org/ago/2020/07/04/gentoo-tinderbox/

Issue: app-portage/elsw-0.0.0-r1 installs python packages with invalid/suspicious names or versions in the site-packages directory (GCC-14-SYSTEM).
Discovered on: amd64 (internal ref: gcc14_tinderbox)

NOTE:
(GCC-14-SYSTEM) in the summary means that the bug was found on a machine that runs gcc-14 but this bug MAY or MAY NOT BE related to the new compiler

Comment 1 Agostino Sarubbo gentoo-dev

2024-01-16 10:06:36 UTC

Created attachment 882407 [details]
build.log

build log and emerge --info

Comment 2 Maciej Barć gentoo-dev

2024-01-16 15:52:36 UTC

> * QA Notice: The following Python packages were installed with
> * invalid/suspicious names or versions in the site-packages directory:
> * 
> *   /usr/lib/python3.10/site-packages/elsw-0.0.0.dist-info
> *   /usr/lib/python3.11/site-packages/elsw-0.0.0.dist-info

Why is this incorrect?

Comment 3 Sam James archtester

2024-01-16 16:06:14 UTC

0.0.0 is the default value in a bunch of things when they go wrong.

Are you really intentionally using that value??

Comment 4 Sam James archtester

2024-01-16 16:07:06 UTC

We could add a check to compare with PV but.. really?

Comment 5 Maciej Barć gentoo-dev

2024-01-16 16:57:58 UTC

(In reply to Sam James from comment #3)
> 0.0.0 is the default value in a bunch of things when they go wrong.
> 
> Are you really intentionally using that value??

I intentionally used it, I would have never imagined that Python ecosystem is so insane that it would reject it.

Comment 6 Maciej Barć gentoo-dev

2024-01-16 17:39:44 UTC

FYI, i released 1.0.0 --- https://gitlab.com/xgqt/python-elsw/-/commit/a3c3bd0770b38bb3dd312710af335217e17cd010