pip: pip freeze crashes with Invalid requirement, parse error at "'-lxc==0'"

  • Pip version: 8.1.2
  • Python version: 3.4
  • Operating System: Ubuntu 15.10

Description:

While trying to run pip freeze we got a very long stacktrace that is ending with the line below:

file "/var/lib/jenkins/jobs/exampletech/jobs/example-portal/branches/devops/workspace/.tox/py34-linux/lib/python3.4/site-packages/pip/_vendor/pkg_resources/__init__.py", line 2790, in __init__
    raise RequirementParseError(str(e))
pip._vendor.pkg_resources.RequirementParseError: Invalid requirement, parse error at "'-lxc==0.'"

While I suspect that one of the packages installed from public pypi.python.org may have some weird version, i do find unacceptable to block pip freeze from working completely.

About this issue

  • Original URL
  • State: closed
  • Created 8 years ago
  • Reactions: 1
  • Comments: 39 (15 by maintainers)

Most upvoted comments

That being said. We should probably just issue a warning and skip this package rather than bomb out completely.

Sent from my iPhone

On May 18, 2016, at 6:11 AM, bricewge notifications@github.com wrote:

For -lxc==0.1 it come from /usr/lib/python3/dist-packages/_lxc-0.1.egg-info owned by the package lxc of debian stable. Here is it’s content:

Metadata-Version: 1.0 Name: _lxc Version: 0.1 Summary: LXC Home-page: UNKNOWN Author: UNKNOWN Author-email: UNKNOWN License: UNKNOWN Description: UNKNOWN Platform: UNKNOWN — You are receiving this because you commented. Reply to this email directly or view it on GitHub

+4
dstufft on May 18, 2016

@Mausy5043 Take a look at /etc/apt/sources.list. It should look something like this:

deb http://us.archive.ubuntu.com/ubuntu/ xenial main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial main restricted

deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-updates main restricted

deb http://us.archive.ubuntu.com/ubuntu/ xenial universe
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial universe
deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates universe
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-updates universe

deb http://us.archive.ubuntu.com/ubuntu/ xenial multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial multiverse
deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-updates multiverse

deb http://us.archive.ubuntu.com/ubuntu/ xenial-backports main restricted universe multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-backports main restricted universe multiverse

deb http://security.ubuntu.com/ubuntu xenial-security main restricted
deb-src http://security.ubuntu.com/ubuntu xenial-security main restricted
deb http://security.ubuntu.com/ubuntu xenial-security universe
deb-src http://security.ubuntu.com/ubuntu xenial-security universe
deb http://security.ubuntu.com/ubuntu xenial-security multiverse
deb-src http://security.ubuntu.com/ubuntu xenial-security multiverse

I’m using the USA mirror, so YMMV. This page might also help.

+1
warsaw on Aug 10, 2016

Release: 16.04

Now it makes sense! Thanks. A fix for Xenial is in the SRU pipeline. If you have xenial-updates enabled, you should get the fix soon. It has to be approved by the SRU team, but I expect there shouldn’t be any hiccups with that.

+1
warsaw on Aug 10, 2016

@Mausy5043 That’s exactly what you should see.

pip is a package that’s installed to a particular python version. AFAIK for most linux distros, pip is installed with python and pip3 is installed with python3. Note, that it’s still the pip package, regardless of python or python3. The only difference is that with pip3 it does something like ln -s /path/to/python/bin/pip /usr/bin/pip3.

+1
waynew on Aug 8, 2016

Agreed pip shouldn’t crash. A warning and skipping the package seems like a reasonable fix (as @dstufft suggested). PRs, as usual, welcome 😃

Also, help in making people more aware of the standards - either in the form of passing the word around, or PRs to documentation to clarify it, or as in this case bug reports to projects that don’t conform - is hugely appreciated. The biggest problem we have in Python packaging is making people aware when we tighten up risks/loopholes (as in this case), or enforce long-standing but previously ignored rules. So getting the word out is a great help.

+1
pfmoore on May 18, 2016

The problem is very easy to replicate with any recent Ubuntu distribution (like 15.10). Just do

apt-get install python-lxc
# create a virtual environment that has --system-site-packages and activate it
pip freeze

While I totally agree that the naming is not good, I find unacceptable to for pip to crash. That’s what we need to fix first, the pip failure.

We will always have broken package names, as we cannot control the ability of people to make mistakes. What we can do is to improve our ability to deal with them.

+1
ssbarnea on May 18, 2016
Read more comments on GitHub
← pip: pip fails to remove __pycache__ folders and pyc files on uninstall, breaking future installs
pip: pip freeze does case sensitive comparsion →