packages

openwrt/packages

Fork 0

mirror of https://github.com/openwrt/packages.git synced 2026-04-17 11:52:29 +00:00

Commit Graph

Author	SHA1	Message	Date
Alexandru Ardelean	7ca00dfa99	python-installer: update to 1.0.0 Update package to 1.0.0. This is the first stable release. Changes since 0.7.0: - Dropped support for Python 3.7, 3.8, 3.9; added Python 3.13/3.14 - Added --overwrite-existing and --validate-record CLI options - Support installing multiple wheels in a single invocation - Security: fixed a path traversal bug - Do not install __pycache__ directories from wheels - Switch to stream-based validation instead of in-memory (lower memory) - Sort entries before writing RECORD; fixed Windows relative path bug - Complete type annotations with strict mypy enforcement - API change: SchemeDictionaryDestination.overwrite_existing now defaults to True (was False); update patch 001 accordingly Remove patch 001-don-t-raise-error-if-file-exists.patch and set '--overwrite-existing' in build scripts. Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>	2026-04-16 07:08:59 +03:00
Jeffery To	fe78c07a31	python: Add pyproject.toml-based builds for host Python packages Using pip to install host packages with pyproject.toml-based (PEP 517) builds is problematic: * If build isolation is used, pip will create an isolated build environment, install any build dependencies for the requested package, then build the requested package. It does not appear currently possible to have pip install the build dependencies with hash-checking mode enabled[1]. * If build isolation is not used, any build dependencies must be installed in the build environment before invoking pip to build the requested package[2]. This would require creating a package dependency resolution system to install build dependencies, and any dependencies of dependencies, in the correct order. * It is very difficult to patch the packages installed by pip. This adds a new include file (python3-host-build.mk) with recipes to install host Python packages with pyproject.toml-based builds. This is backwards-compatible with packages that require running setup.py. Besides addressing the above issues (the OpenWrt build system already resolves dependencies between packages, checks all source downloads against known hashes, and supports patching packages), host packages also: * Capture package licensing and maintainer information * Enable uscan checking for package updates/CVEs * Are a known concept for OpenWrt packagers/developers The existing functionality of using host pip to install packages will remain for now, but should be considered deprecated and expected to be removed in the future. This also updates Py3Build/CheckHostPipVersionMatch for the case where the host-pip-requirements directory does not exist or is empty. [1]: https://pip.pypa.io/en/stable/user_guide/#changes-to-the-pip-dependency-resolver-in-20-3-2020 [2]: https://pip.pypa.io/en/stable/cli/pip_install/#cmdoption-no-build-isolation Signed-off-by: Jeffery To <jeffery.to@gmail.com>	2023-03-30 12:19:05 +08:00

Author

SHA1

Message

Date

Alexandru Ardelean

7ca00dfa99

python-installer: update to 1.0.0

Update package to 1.0.0. This is the first stable release.

Changes since 0.7.0:
- Dropped support for Python 3.7, 3.8, 3.9; added Python 3.13/3.14
- Added --overwrite-existing and --validate-record CLI options
- Support installing multiple wheels in a single invocation
- Security: fixed a path traversal bug
- Do not install __pycache__ directories from wheels
- Switch to stream-based validation instead of in-memory (lower memory)
- Sort entries before writing RECORD; fixed Windows relative path bug
- Complete type annotations with strict mypy enforcement
- API change: SchemeDictionaryDestination.overwrite_existing now defaults
  to True (was False); update patch 001 accordingly

Remove patch 001-don-t-raise-error-if-file-exists.patch and
set '--overwrite-existing' in build scripts.

Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>

2026-04-16 07:08:59 +03:00

Jeffery To

fe78c07a31

python: Add pyproject.toml-based builds for host Python packages

Using pip to install host packages with pyproject.toml-based (PEP 517)
builds is problematic:

* If build isolation is used, pip will create an isolated build
  environment, install any build dependencies for the requested package,
  then build the requested package.

  It does not appear currently possible to have pip install the build
  dependencies with hash-checking mode enabled[1].

* If build isolation is not used, any build dependencies must be
  installed in the build environment before invoking pip to build the
  requested package[2].

  This would require creating a package dependency resolution system to
  install build dependencies, and any dependencies of dependencies, in
  the correct order.

* It is very difficult to patch the packages installed by pip.

This adds a new include file (python3-host-build.mk) with recipes to
install host Python packages with pyproject.toml-based builds. This is
backwards-compatible with packages that require running setup.py.

Besides addressing the above issues (the OpenWrt build system already
resolves dependencies between packages, checks all source downloads
against known hashes, and supports patching packages), host packages
also:

* Capture package licensing and maintainer information
* Enable uscan checking for package updates/CVEs
* Are a known concept for OpenWrt packagers/developers

The existing functionality of using host pip to install packages will
remain for now, but should be considered deprecated and expected to be
removed in the future.

This also updates Py3Build/CheckHostPipVersionMatch for the case where
the host-pip-requirements directory does not exist or is empty.

[1]: https://pip.pypa.io/en/stable/user_guide/#changes-to-the-pip-dependency-resolver-in-20-3-2020
[2]: https://pip.pypa.io/en/stable/cli/pip_install/#cmdoption-no-build-isolation

Signed-off-by: Jeffery To <jeffery.to@gmail.com>

2023-03-30 12:19:05 +08:00

2 Commits