Log file Viewer

[18:14:45] <sumanah> LyndsySimon: I'm sorry - did you fix the problem?

[18:15:17] <sumanah> di_codes: I was thinking of asking Mason to take a crack at taking over https://github.com/pypa/warehouse/pull/3306 - what do you think?

[18:18:39] <LyndsySimon> sumanah: Nope.

[18:19:08] <sumanah> LyndsySimon: I just restarted the logging bot so I don't see all the logs of what you said previously

[18:19:37] <sumanah> LyndsySimon: when did you create the virtualenv? if you create a new virtualenv does the problem persist?

[18:20:01] <LyndsySimon> I've tried it in my brewed Python directly, and in a virtualenv suing both 2.7.14 and 3.6.5

[18:20:34] <sumanah> LyndsySimon: https://github.com/pypa/warehouse/issues/3293#issuecomment-378468534 has some more info that might be relevant -- but the fact that you are using pip 10.0.0 and macOS 10.13.4 stumps me

[18:21:16] <LyndsySimon> I'll read and get back to you. I'm on a call now, so I may be a few minutes.

[18:22:09] <sumanah> LyndsySimon: understood. if you are comfortable trying a pre-release version of Python 2.7.5, 2.7.15rc1 may solve this https://blog.python.org/2018/04/python-2715-release-candidate-1-is-now.html

[18:22:42] <sumanah> LyndsySimon: also, what's in your pip.conf file, if anything?

[18:23:40] <sumanah> we've just added a little help about a related issue to https://pypi.org/help/#tls-deprecation

[18:33:46] <LyndsySimon> sumanah: Back. I don't think my problem is lack fo support for TLS v1.2, I'm 99% sure it's that I'm lacking a root or intermediate cert.

[18:33:55] <sumanah> AH, got it, LyndsySimon

[18:33:59] <LyndsySimon> I can use Curl's bundled ca, and it works.

[18:34:20] <LyndsySimon> I'm checking now with my company's IT folks to see if they're mucking with the default certs on my system or something.

[18:36:43] <LyndsySimon> Do you by chance know what certificates Python uses by default, or where they're located?

[18:45:38] <cdunklau> LyndsySimon: pip should use the ca bundle included with requests

[18:46:20] <LyndsySimon> I'm using requests 2.18.4, which appears to be the latest version.

[18:46:41] <cdunklau> LyndsySimon: not necessarily, pip bundles requests

[18:46:45] <LyndsySimon> Ahhhh.

[18:47:03] <LyndsySimon> Well, hmm. I upgraded pip manually by downloading the wheel and installing it directly.

[18:47:51] <cdunklau> LyndsySimon: well pip 10 is real recent though so i wouldn't be surprised if it includes the latest requests too

[18:48:18] <cdunklau> yep https://github.com/pypa/pip/blob/10.0.0/src/pip/_vendor/requests/__version__.py#L8

[18:49:14] <LyndsySimon> What gets me is that I get `wget` the wheels directly and install them, but pip throws the SSL error.

[18:50:12] <cdunklau> LyndsySimon: requests uses a different set of certs

[18:50:23] <cdunklau> and it looks like pip uses certifi which is also a thing

[18:50:32] <cdunklau> (i'm not really well-versed in pip's codebase)

[18:51:11] <cdunklau> LyndsySimon: http://curl.haxx.se/ca/cacert.pem with that cert, you said you can download the file

[18:51:15] <cdunklau> right?

[18:51:26] <LyndsySimon> `requests.get(uri_to_wheel)` works without an error.

[18:51:29] <LyndsySimon> Yes.

[18:52:01] <cdunklau> LyndsySimon: ok what about pip._vendor.requests.get(uri_to_wheel)

[18:52:35] <LyndsySimon> One sec, creating a new virtualenv to check

[18:54:19] <LyndsySimon> Worked.

[18:54:32] <LyndsySimon> https://www.irccloud.com/pastebin/jwjbrATa/

[18:55:08] <cdunklau> LyndsySimon: and what's venv/bin/pip --version

[18:55:21] <LyndsySimon> `pip 10.0.0 from /Users/lyndsy/.local/share/virtualenvs/jupyter-notebooks-w1JeTRNB/lib/python3.6/site-packages/pip (python 3.6)`

[18:55:33] <cdunklau> ....kaaaay

[18:56:07] <cdunklau> LyndsySimon: what's env | grep -i 'proxy|requests'

[18:56:55] <LyndsySimon> None

[18:57:17] <LyndsySimon> Oh! I think I might see the problem.

[18:57:24] <LyndsySimon> `PIP_CERT=/Users/lyndsy/.config/ssl/certs/DigiCertHighAssuranceEVRootCA.pem`

[18:57:30] <cdunklau> heh

[18:57:40] <cdunklau> that'd do it :)

[18:58:26] <LyndsySimon> Yep, that's the problem.

[18:58:32] <cdunklau> \o/

[18:59:02] <cdunklau> sumanah: we win :)

[18:59:26] <cdunklau> LyndsySimon: now to figure out what set that env var :)

[18:59:34] <cdunklau> so you can tell it to stop being dumb

[18:59:36] <LyndsySimon> A previous employer mucked with my installed certs, which required that setting. I sync my zshrc, which carried over. The problem didn't arise until the changeover to the new PyPI, likely because the certfile I was using doesn't include the root cert necessary.

[18:59:42] <cdunklau> oh awesome

[19:00:06] <cdunklau> LyndsySimon: maybe time to reinstall the OS :)

[19:01:01] <LyndsySimon> Why's that?

[19:01:33] <cdunklau> LyndsySimon: if the things a _previous_ employer did still affect the system....

[19:01:58] <cdunklau> LyndsySimon: also cmon everyone needs a good reinstall every so often ;)

[19:02:04] <cdunklau> i could just be being paranoid

[19:02:35] <LyndsySimon> I'm pretty paranoid, but I don't think it's an issue here. It's a month-old laptop issued by the new employer.

[19:02:46] <cdunklau> LyndsySimon: ooooh ok i misunderstood

[19:03:16] <LyndsySimon> All my config is at https://gitlab.com/lyndsysimon/dotfiles - it was just a config that carried over, not their stuff directly.

[19:04:09] <LyndsySimon> I don't even have a personal laptop that I use anymore :) I've moved all of my development outside of work over to a cloud server, and connect to it on my iPad over MOSH.

[19:04:33] <LyndsySimon> If you're in the market for a mid-2015 Retina MBP or a Windows 10 tablet... :)

[19:05:24] <cdunklau> LyndsySimon: ahahaha you got mosh on an ipad

[19:05:41] <cdunklau> that's like next level apple nerd, good jorb :D :D :D

[19:06:01] <LyndsySimon> LOL. Remove the "Apple" qualifier, and I'll take it.

[19:06:09] <cdunklau> alrightythen

[19:06:34] <cdunklau> LyndsySimon: so you're all set?

[19:06:41] <LyndsySimon> I picked up a 6th-gen iPad a couple of weeks ago with LTE. My complete mobile kit now fits in a tiny leather folio case.

[19:06:49] <LyndsySimon> Yeah, I'm good. Much appreciated.

[19:06:53] <cdunklau> nice

[19:07:01] <cdunklau> glad i could push you in the right direction :)

[19:07:44] <LyndsySimon> I have a bluetooth mechanical keyboard that I use with the iPad, but even it's a tiny thing with low-profile switches. I'm going through a phase where I'm selling all my computing equipment and optimizing for mobility.

[19:10:21] <cdunklau> LyndsySimon: that's pretty cool

[19:27:19] <di_codes> sumanah: has mariatta given up on that PR?

[19:27:30] <sumanah> di_codes: not clear.

[19:28:33] <sumanah> LyndsySimon: which keyboard? that sounds great

[19:28:48] <LyndsySimon> sumanah: Dareu EK820

[19:28:57] <LyndsySimon> sumanah: https://flashquark.com/product/dareu-ek820-bluetooth-68-key-mechanical-keyboard-wkailh-low-profile-switches/

[19:29:00] <sumanah> also LyndsySimon is there any chance you'll be at any of our packaging sprints? https://wiki.python.org/psf/PackagingSprints

[19:29:11] <LyndsySimon> ^ US shipper, the only one I found. Got from NY to Arkansas in one day.

[19:29:50] <sumanah> Thanks for the recommendation, LyndsySimon

[19:29:57] <LyndsySimon> I will be at PyCon sprints, for a day or two. I'm not sure what I'll be working on yet; I'm giving priority to porting packages that my employer relies upon to Python 3.

[19:30:19] <LyndsySimon> Looks like they're out of stock on that site now :(.

[19:30:36] <sumanah> LyndsySimon: Right, I hear ya. If you have a spare moment to wave hi, I'll be with the Warehouse folks.

[19:41:42] <LyndsySimon> I'll drop by :)

[19:43:33] <sumanah> :)