Skip to content

Suppress pip root user warning by conditionally skipping ensurepip in installer scripts #369

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
lmvysakh wants to merge 2 commits into
base: main
Choose a base branch
from
+7 −1
Open

Suppress pip root user warning by conditionally skipping ensurepip in installer scripts #369

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
de6d7f6
Ensurepip logic change
Oct 14, 2025
51efaca
Merge branch 'actions:main' into ensurepip_resolution
lmvysakh Oct 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion installers/nix-setup-template.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,13 @@ chmod +x ../python $PYTHON_MAJOR $PYTHON_MAJOR_DOT_MINOR $PYTHON_MAJORMINOR pyth

echo "Upgrading pip..."
export PIP_ROOT_USER_ACTION=ignore
./python -m ensurepip

if [ -d "$(./python -c 'import site; print(site.getsitepackages()[0])')/pip" ]; then
Copy link

Copilot AI Nov 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pip directory check uses command substitution without proper error handling. If the Python command fails (e.g., site module not available, or getsitepackages() returns an empty list), the script will continue with potentially incorrect behavior due to set -e being active. The command should be wrapped with error handling or the result should be validated.

Consider using a safer approach:

SITE_PACKAGES=$(./python -c 'import site; print(site.getsitepackages()[0])' 2>/dev/null) || SITE_PACKAGES=""
if [ -n "$SITE_PACKAGES" ] && [ -d "$SITE_PACKAGES/pip" ]; then
  echo "pip directory found in site-packages, skipping ensurepip."
else
  echo "pip directory not found, running ensurepip..."
  ./python -m ensurepip
fi
Suggested change
if [ -d "$(./python -c 'import site; print(site.getsitepackages()[0])')/pip" ]; then
SITE_PACKAGES=$(./python -c 'import site; s=site.getsitepackages(); print(s[0] if s else "")' 2>/dev/null) || SITE_PACKAGES=""
if [ -n "$SITE_PACKAGES" ] && [ -d "$SITE_PACKAGES/pip" ]; then

Copilot uses AI. Check for mistakes.
echo "pip directory found in site-packages, skipping ensurepip."
else
echo "pip directory not found, running ensurepip..."
./python -m ensurepip
fi
./python -m pip install --upgrade --force-reinstall pip --disable-pip-version-check --no-warn-script-location

Comment on lines 61 to 62
Copy link

Copilot AI Nov 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After conditionally skipping ensurepip, the script still runs pip install --upgrade --force-reinstall pip. This creates a logical inconsistency: if pip already exists (ensurepip skipped), the force-reinstall makes the skip pointless. If pip doesn't exist (ensurepip runs), the upgrade is redundant since ensurepip just installed pip. Additionally, if ensurepip was skipped because pip was detected but pip is broken or incomplete, this line may fail.

Consider verifying pip is functional after the conditional ensurepip step, or reconsider the logic flow to ensure pip is properly available before attempting to upgrade it.

Suggested change
./python -m pip install --upgrade --force-reinstall pip --disable-pip-version-check --no-warn-script-location
# Verify pip is functional before attempting to upgrade
if ./python -m pip --version >/dev/null 2>&1; then
./python -m pip install --upgrade --force-reinstall pip --disable-pip-version-check --no-warn-script-location
else
echo "Error: pip is not functional after ensurepip. Aborting pip upgrade."
exit 1
fi

Copilot uses AI. Check for mistakes.
echo "Create complete file"
Expand Down
Loading