PMXBOT Log file Viewer

Help | Karma | Search:

#pypa logs for Tuesday the 21st of October, 2014

(Back to #pypa overview) (Back to channel listing) (Animate logs)
[01:32:47] <weykent> can pip for python 2.x be coerced into sending SNI with its https requests? i can't find any documentation on it
[01:35:04] <Alex_Gaynor> weykent: if you install pyopenssl, pyasn1, and ndg-httpsclient it will
[01:35:15] <Alex_Gaynor> weykent: otherwise once Python 2.7.9 is released, taht will do it out of the box
[01:35:26] <weykent> oh okay cool
[01:35:41] <weykent> targeting debian 7, so i don't think i'll be able to get 2.7.9
[01:35:49] <weykent> i'll try installing those other things, though, thanks!
[01:35:51] <Alex_Gaynor> which one is 7?
[01:36:07] <weykent> 2.7.3
[01:36:10] <weykent> oh. wheezy
[01:36:19] <Alex_Gaynor> sorry. jessie will have this :-)
[01:36:46] <Alex_Gaynor> Maybe I'll try to convince the debian folks to backport 2.7.9 all the way to wheezy, probably won't happen though :-(
[01:40:30] <weykent> Alex_Gaynor, that would be awesome if you managed it
[01:48:05] <weykent> well, that fixed one problem but created another
[01:48:29] <weykent> it's able to validate the cert but pip is trying to connect with SSL3 now
[01:48:45] <weykent> is there a way to make pip use TLS?
[01:55:41] <weykent> and it looks like the ndg_httpclient binary is broken, whoops
[02:01:36] <dstufft> weykent: how did you install pyopenssl pyasn1 and ndg-httpsclient
[02:02:18] <weykent> `pip install pyopenssl pyasn1 ndg-httpsclient` i.e. from the pypi.python.org
[02:02:37] <weykent> in a virtualenv
[02:03:09] <weykent> brb
[02:11:16] <weykent> actually, i just ran wireshark on it, and it looks like it _is_ sending a TLSv1 hello, but the only cipher it's sending is RSA_WITH_RC4_128_SHA
[02:11:24] <weykent> and the server rejects it
[02:13:04] <dstufft> weykent: oh lol
[02:13:06] <dstufft> I bet
[02:13:17] <dstufft> you're on wheezy yea?
[02:13:26] <weykent> OS X on this machine, actually
[02:13:26] <dstufft> wheezy has a reaaaaaaaaaally old openssl
[02:13:28] <dstufft> oh
[02:13:30] <dstufft> hrm
[02:13:34] <dstufft> OSX should work
[02:13:48] <weykent> let me see which openssl it's linked against
[02:13:59] <dstufft> oh wait, you're working with SNI so you're not hitting the main pypi
[02:14:04] <weykent> yeah
[02:14:40] <dstufft> might be there isn't a valid set of ciphers that match between the server and client
[02:14:58] <weykent> well, it's connecting to cloudflare
[02:16:10] <weykent> /usr/lib/libssl.0.9.8.dylib
[02:16:11] <weykent> hmm
[02:20:14] <weykent> dstufft, well, i have openssl installed via homebrew on OS X; do you know if i can make cryptography use the homebrew version?
[02:20:33] <dstufft> cryptography can yes I think so, there's some documentation about it
[02:20:42] <weykent> ah
[02:22:22] <weykent> well, i found http://chriskief.com/2014/03/25/installing-cryptography-via-pip-with-macports-or-homebrew/
[02:22:25] <weykent> trying that now
[02:24:02] <weykent> yep, upgrading pyopenssl and installing cryptography with those flags made it connect
[02:24:11] <Alex_Gaynor> weykent: for the future: https://cryptography.io/en/latest/installation/#using-your-own-openssl-on-os-x
[02:24:22] <weykent> Alex_Gaynor, oh, thanks
[07:24:17] <mgedmin> cool, I see *.dist-info/RECORD contains sha256 checksums for some of the files
[07:24:29] <mgedmin> are there tools that verify them?
[07:25:30] <mgedmin> use case: I sometimes sprinkle print/pdb.set_trace() inside random modules in site-packages while debugging; would be nice to be able to check that I've removed all of them
[07:29:10] <apollo13> mgedmin: afaik it should have checksums for all files aside from the RECORD file itself
[07:29:29] <mgedmin> pyc files are listed without checksums also
[07:29:43] <apollo13> ah well
[07:31:39] <mgedmin> the important thing is that all the .py files have checksums
[07:33:25] <apollo13> jupp :)
[07:51:50] <mgedmin> https://pypi.python.org/pypi/diff-cover is giving me a 503 backend read error from varnish (Details: cache-iad2134-IAD 1413877880 3381290131)
[07:53:07] <apollo13> works for me
[07:54:08] <mgedmin> continues to not work for me
[18:05:25] <DanC> "Use the bdist_wheel setuptools extension available from the wheel project to create wheels. " -- https://python-packaging-user-guide.readthedocs.org/en/latest/current.html
[18:05:43] <DanC> I can't find this bdist_wheel setuptools extension. clue, please?
[18:07:30] <aclark> DanC: pip install wheel maybe
[18:07:57] <DanC> I did that. I still get: error: invalid command 'bdist_wheel'
[18:08:32] <DanC> "Note that bdist_wheel only works with distribute (import setuptools); plain distutils does not support pluggable commands like bdist_wheel."
[18:09:16] <aclark> that must be old documentation since distribute -> setuptools
[18:09:29] <DanC> http://wheel.readthedocs.org/en/latest/
[18:10:46] <aclark> DanC: works for me (once wheel is installed)
[18:11:06] <DanC> what does your setup.py import?
[18:11:26] <DanC> I got "from distutils.core import setup" from somewhere; now I'm not sure where.
[18:11:39] <DanC> I sure wish I could figure out which end is up w.r.t. python packaging documentation
[18:12:12] <aclark> DanC: setuptools, https://gist.github.com/aclark4life/f336ed86e6b6884aa4c0
[18:13:46] <DanC> no discussion of requirements.txt in https://packaging.python.org/en/latest/distributing.html#creating-your-own-project
[18:19:17] <carljm> DanC: https://caremad.io/blog/setup-vs-requirement/
[18:21:32] <DanC> so I shouldn't be trying to make a bdist_wheel of my application?
[18:24:27] <carljm> DanC: well, I typically wouldn't, but I guess it depends some on the nature of the application and where / how often it needs to be deployed/installed
[18:25:36] <DanC> suppose I don't want to think. I just want to do the recommended normal thing. Is there such a thing?
[18:29:51] <carljm> DanC: For developing a library there is a "recommended normal thing". For application deployment, not so much. Needs vary widely.
[18:30:57] <carljm> I think the closest to a "normal thing" there is for Python web app deployment would be to just drop your code on the server (whether via VCS, tarball, what-have-you, but outside of any packaging infrastructure), install its dependencies, and run a WSGI server.
[18:31:42] <carljm> Some people will give the application a setup.py (this is very common for e.g. Pyramid) and then develop-install it (python setup.py develop or pip install -e .), some people won't even give their application a setup.py at all (Django users typically don't)
[18:31:56] <carljm> Some people will install from RPMs
[18:32:29] <carljm> I haven't heard of people making wheels for their applications, but it wouldn't surprise me to learn that someone has done that, too.
[18:33:24] <DanielHolth> Anybody use toml? Seems like most of the Python parsers for it can't handle """ strings?
[18:35:24] <DanielHolth> DanC you have to import setuptools in setup.py instead of import distutils
[18:36:14] <DanielHolth> However IIRC what I usually do is "pip wheel ." in my project, creating wheels for all its dependencies, then I make sure it can be installed into a fresh virtualenv from all those wheels without touching pypi
[18:36:42] <DanielHolth> I usually use editable installs for my own project, and wheels for all its dependencies.
[18:47:22] <aclark> DanC: the "normal thing" is uploading packages to PyPI for other folks to install. I probably don't want to install your application so you probably don't need to make a bdist_wheel.
[18:48:53] <aclark> DanC: (unless you are making distributions for a private PyPI to install from)
[18:48:55] <DanC> so `pip install mercurial` is off the beaten path?
[18:49:17] <aclark> Hmmm?
[18:49:30] <DanC> mercurial is an applicatoin
[18:49:35] <DanC> application, even
[18:52:39] <DanielHolth> no more like `pip install internal_boring_application that has one end user`
[18:52:50] <DanielHolth> those don't need as much packaging necessarily
[18:54:49] <aclark> DanC: web application
[18:54:52] <DanC> what I'm working on used to be a boring internal application; now I'm trying to get it deployed at 10 peer sites.
[18:55:06] <aclark> DanC: Is there any other use for Python other than web apps? ;-)
[18:55:31] <DanC> I think so, but I don't recall clearly ;-)
[18:55:32] <aclark> DanC: if it can be public, then a wheel on PyPI is reasonable.
[18:56:33] <DanC> I don't have a PyPI account. I can make one, but it seems like an odd dependency
[18:57:02] <DanC> I'm leaning toward a zip file from `hg archive xyz.zip`