tox must upgrade Pip in `.tox` env before installing any other dists
I'm hitting the same problem that pytest hit a while back:
https://ci.appveyor.com/project/CherryPy/cheroot/builds/27622282/job/6etbt4hn5hv08x3y#L132
So basically tox does pip install 'pip >= 9' 'tox-run-command >= 0.4' 'tox >= 3.13.2' in .tox venv but Pip that is invoked is Pip 8.
So this pulls in more-itertools via as a dependency choosing v7.0.0 which is incompatible with Python 2.
I think, it's reasonable to upgrade Pip as a pre-requisite step.
webknjaz
All 6 comments
I would recommend to update to a newer virtualenv. A solution could be that we pin to virtualenv 16+. Feel free to add a PR for that. We'll not bump pip ourselves. Perhaps install tox with pip install tox -U --force-reinstall.
gaborbernat
on 24 Sep 2019
Do you mean pinning the dependency of tox itself?
webknjaz
on 26 Sep 2019
gaborbernat
on 26 Sep 2019
:laughing: you need this one last bot here: https://twitter.com/gabro27/status/1173547934132178944
“So this just happened: - a bot found a vulnerability in a dependency - a bot sent a PR to fix it - the CI verified the PR - a bot merged it - a bot celebrated the merge with a GIF https://t.co/mHnWudZlUs ”
webknjaz
on 26 Sep 2019
hope neither your or me are qualified as a both yet 😆
gaborbernat
on 26 Sep 2019
Thanks for bumping up virtualenv! This problem with an old virtualenv always happens in AppVeyor, so I almost in every project (in appveyor.yml) install the latest virtualenv before tox to fix weird bugs mostly related to pip==8.1.1 or old setuptools==28.0.0.
atugushev
on 9 Nov 2019
Related issues
pytoxbot
·
5Comments
gaborbernat
·
4Comments
Borda
·
4Comments
obestwalter
·
3Comments
jugmac00
·
3Comments