installer icon indicating copy to clipboard operation
installer copied to clipboard
verified publisher icon pypa

src/installer/utils.py: sort entries before writing out RECORD file

Open kanavin opened this issue 1 year ago • 6 comments

This helps build reproducibility by ensuring the RECORD file is the same regardless of the order of the input files.

kanavin avatar Oct 15 '24 17:10 kanavin

Note that it is wiser to delete the RECORD file anyway since you do not want to indicate to pip that it knows how to uninstall projects it didn't install and which are tracked by a more comprehensive installation database.

(Plans for pip to respect an INSTALLER identity fell through, unfortunately.)

eli-schwartz avatar Oct 15 '24 18:10 eli-schwartz

@eli-schwartz I like that argument. Can you point at prior art in eg gentoo as a rationale for doing it distro-wide?

rossburton avatar Oct 17 '24 15:10 rossburton

(and if that's a generally accepted point of view, maybe installer should have an option to not write them for the case where we don't expect anything to remove the packages?)

rossburton avatar Oct 17 '24 15:10 rossburton

Either way though, reproducible files are good.

rossburton avatar Oct 17 '24 15:10 rossburton

@rossburton https://bugs.gentoo.org/927818

eli-schwartz avatar Oct 20 '24 10:10 eli-schwartz

Note that it is wiser to delete the RECORD file anyway

This is a typo, it should be "it is wise to delete [...] anyway" -- the word "wiser" would imply that this PR should be avoided and replaced by deletion but that wasn't what I was trying to write. :)

eli-schwartz avatar Oct 22 '24 17:10 eli-schwartz