unicornhatmini-python icon indicating copy to clipboard operation
unicornhatmini-python copied to clipboard

Published 20 hours ago verified publisher icon pimoroni

Please don't suggest using `sudo pip install`

Open faxm0dem opened this issue 5 years ago • 9 comments

This project is awesome, but please don't teach people to use pip with sudo. Tell them to use virtualenv instead !

sudo pip is potentially dangerous, just like curl | bash

cheers

faxm0dem avatar Apr 26 '20 13:04 faxm0dem

I don't disagree. However this is- for better or worse- Python aimed at the lowest-common-denominator. The aim is to always get people doing something so they can worry about the implications later, rather than deflect beginners with things like virtualenv.

Gadgetoid avatar Apr 27 '20 14:04 Gadgetoid

I disagree :-) Security primes over convenience. Besides, it's just 4 additional steps. If we want people to copy-paste commands, they might as well copy-paste safe commands.

faxm0dem avatar May 02 '20 09:05 faxm0dem

Sorry, but I fail to understand how this is "completed". Of course it's your choice to refuse it.

faxm0dem avatar Jan 24 '23 10:01 faxm0dem

The simple answer: it's not. I have been bulk closing a lot of issues to stir up the dust as we start to add some management and oversight into how we deal with them.

Genuinely, thank you for still putting up this fight.

I think I'd now recommend python3 -m pip install and any mention of python2 is quite thoroughly redundant. Need to check and fix that across all of our repositories though.

And uh... we rely upon a lot of curl | bash installers... :grimacing:

Gadgetoid avatar Jan 24 '23 11:01 Gadgetoid

So for virtualenv and py3 it's :

bash> python3 -m venv ~/pimoroni
bash> . ~/pimoroni/bin/activate
(pimoroni) bash> pip install ...

faxm0dem avatar Jan 25 '23 08:01 faxm0dem

The next day...

bash> python3 some-example.py
bash>
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ModuleNotFoundError: No module named 'unicornhatmini'

"Hello, support, yes, I installed your library as per your instructions, started up my Pi today and it's not working?!?!?"

Gadgetoid avatar Jan 25 '23 11:01 Gadgetoid

pip install --user unicornhatmini

criptych avatar Sep 15 '23 13:09 criptych

I decided to dig out an old Pi & resurrect my office door sign, which uses the Unicorn Hat Mini. I know minimal Python, so I also tried the sudo pip3 install... route. Nowadays it immediately errors:

pi@pi-office-door:~ $ sudo pip3 install unicornhatmini
error: externally-managed-environment

× This environment is externally managed
╰─> To install Python packages system-wide, try apt install
    python3-xyz, where xyz is the package you are trying to
    install.
    
    If you wish to install a non-Debian-packaged Python package,
    create a virtual environment using python3 -m venv path/to/venv.
    Then use path/to/venv/bin/python and path/to/venv/bin/pip. Make
    sure you have python3-full installed.
    
    For more information visit http://rptl.io/venv

note: If you believe this is a mistake, please contact your Python installation or OS distribution provider. You can override this, at the risk of breaking your Python installation or OS, by passing --break-system-packages.
hint: See PEP 668 for the detailed specification.

Consdering the error also mentions venv, I think @faxm0dem's solution is the most suitable. Will do a pull request if I get time later.

LTheobald avatar Aug 24 '24 13:08 LTheobald

We have a new boilerplate that deals with this and other issues relating to Bookworm and also Pi 5, which I’m gradually migrating things to - https://github.com/pimoroni/boilerplate-python

Life comes at you fast!

A PR would be most welcome, but this is on my (long) todo list if you don’t get ‘round to it.

Gadgetoid avatar Aug 24 '24 21:08 Gadgetoid