calling `python -m pip install --upgrade pip` without the correct permissions destroys pip

[LqdBcnAtWork]

Description

While using pip it recommended running python -m pip install --upgrade pip, however when I did as such it uninstalled the old version of pip, but failed to modify the /Scripts/pip.exe file. This resulted in a broken pip installation where the pip command existed, but the module itself was gone.

Expected behavior

Pip should've upgraded, rolled back, or prechecked for potential permission errors to prevent destroying itself.

pip version

22.2.2

Python version

Python 3.10.8 (tags/v3.10.8:aaaf517) [MSC v.1933 64 bit (AMD64)] on win32

OS

win10 - 21H2 - 19044.2130

How to Reproduce

• python/Lib - 'Authenticated Users' has write permission, along with system and admins
• python/Scrips - only system and admins have write permission
• probably doesn't have to be this exact permission setup, as long as /Lib can be modified and /Scripts can't at a user level.

run python -m pip install --upgrade pip or python -m pip install --force-reinstall pip

Output

$ python -m pip install --force-reinstall pip

WARNING: Ignoring invalid distribution -p (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -ip (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution - (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -p (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -ip (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution - (c:\python310\lib\site-packages)
Collecting pip
  Using cached pip-22.3-py3-none-any.whl (2.1 MB)
WARNING: Ignoring invalid distribution -p (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -ip (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution - (c:\python310\lib\site-packages)
Installing collected packages: pip
  Attempting uninstall: pip
    WARNING: Ignoring invalid distribution -p (c:\python310\lib\site-packages)
    WARNING: Ignoring invalid distribution -ip (c:\python310\lib\site-packages)
    WARNING: Ignoring invalid distribution - (c:\python310\lib\site-packages)
    Found existing installation: pip 22.2.2
    Uninstalling pip-22.2.2:
ERROR: Could not install packages due to an OSError: [WinError 5] Access is denied: 'c:\\python310\\scripts\\pip.exe'
Consider using the `--user` option or check the permissions.

WARNING: Ignoring invalid distribution -p (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -ip (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution - (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -p (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -ip (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution - (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -p (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution -ip (c:\python310\lib\site-packages)
WARNING: Ignoring invalid distribution - (c:\python310\lib\site-packages)

$ pip

Traceback (most recent call last):
  File "C:\Python310\lib\runpy.py", line 196, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "C:\Python310\lib\runpy.py", line 86, in _run_code
    exec(code, run_globals)
  File "C:\Python310\Scripts\pip.exe\__main__.py", line 4, in <module>
ModuleNotFoundError: No module named 'pip'

I've broken Pip so many times testing this just to report this issue. I use the python installer to 'modify' pip back into existence every time. Probably why I have so many invalid distribution warnings. Doesn't help that I have to run it twice, the first time going 'modify' -> uncheck Pip, then I run 'modify' -> leave pip checked.

Code of Conduct

• [X] I agree to follow the PSF Code of Conduct.

[pfmoore]

This isn't a standard permission setup. How did you get your permissions in that state? The fix is to correct your permissions.

[LqdBcnAtWork]

Yes my permissions are 'non-standard'. However even with a slightly off setup Pip should not remove itself with no fall back unless it knows 100% that it can complete. Ideal worlds don't exist, nor can we account for everything. But failing that Pip should back itself up prior to removing as a fail-safe. There's lots of reasons Pip might fail, being able to roll back to a functioning version should be standard.

Fixing my permissions is probably the 'best' solution for me. But because of them it still exposes a larger issue: Pip is unable to recover itself after uninstall from a failed install. Which is a much bigger issue than my non-standard permissions.

Writing this off as 'non-standard setup' is the cheep way out. It's not a solution. It may be a solution for exclusively me, but it's not one for every other edge case that Pip might fail to install, but has already uninstalled itself.

Creating a backup before removing/changing anything is highly recommended practice across the board in every form of software. Pip failing to do so is non-standard.

[pfmoore]

A PR to improve the situation would be welcomed.