Critical: Autoupdate installs Python 3.9 too early killing all critical python packages

Maxim_Godzi · December 18, 2020, 6:05pm

I need to highlight this issue. The os update tonight had just destroyed my python environment, as most of python libs essential for my work are not yet compatible with python 3.9, requiring python 3.7.

More info here:

github.com/numba/numba

Python 3.9 Support

opened 11:14AM - 10 Oct 20 UTC

closed 03:08PM - 13 Jan 21 UTC

mjsteinbaugh

feature_request

## Reporting a bug  - [X] I have tried using the latest released version of Numba (most recent is visible in the change log (https://github.com/numba/numba/blob/master/CHANGE_LOG). - [X] I have included below a minimal working reproducer (if you are unsure how to write one see http://matthewrocklin.com/blog/work/2018/02/28/minimal-bug-reports).  I'm seeing this warning pop up for a clean installation of numba with Python 3.9: ```sh python3 -m pip install numba ``` ``` Collecting numba Using cached numba-0.51.2.tar.gz (2.1 MB) Processing ./.cache/pip/wheels/40/08/53/26580f3607587bd3fa1a18619841d1dcfedcabf2be52f8e2cd/llvmlite-0.34.0-cp39-cp39-linux_x86_64.whl Processing ./.cache/pip/wheels/a3/17/dd/f2dba23a35bb6008732772ccfb13d3d0e537fbc6919ce6862b/numpy-1.19.2-cp39-cp39-linux_x86_64.whl Requirement already satisfied: setuptools in /usr/local/lib/python3.9/site-packages (from numba) (50.3.0) Building wheels for collected packages: numba Building wheel for numba (setup.py) ... error ERROR: Command errored out with exit status 1: command: /usr/local/bin/python3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-t2pl9xsf/numba/setup.py'"'"'; __file__='"'"'/tmp/pip-install-t2pl9xsf/numba/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' bdist_wheel -d /tmp/pip-wheel-3k5ws828 cwd: /tmp/pip-install-t2pl9xsf/numba/ Complete output (7 lines): Traceback (most recent call last): File "<string>", line 1, in <module> File "/tmp/pip-install-t2pl9xsf/numba/setup.py", line 354, in <module> metadata['ext_modules'] = get_ext_modules() File "/tmp/pip-install-t2pl9xsf/numba/setup.py", line 87, in get_ext_modules import numpy.distutils.misc_util as np_misc ModuleNotFoundError: No module named 'numpy' ---------------------------------------- ERROR: Failed building wheel for numba Running setup.py clean for numba ERROR: Command errored out with exit status 1: command: /usr/local/bin/python3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-t2pl9xsf/numba/setup.py'"'"'; __file__='"'"'/tmp/pip-install-t2pl9xsf/numba/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' clean --all cwd: /tmp/pip-install-t2pl9xsf/numba Complete output (7 lines): Traceback (most recent call last): File "<string>", line 1, in <module> File "/tmp/pip-install-t2pl9xsf/numba/setup.py", line 354, in <module> metadata['ext_modules'] = get_ext_modules() File "/tmp/pip-install-t2pl9xsf/numba/setup.py", line 87, in get_ext_modules import numpy.distutils.misc_util as np_misc ModuleNotFoundError: No module named 'numpy' ---------------------------------------- ERROR: Failed cleaning build dir for numba Failed to build numba Installing collected packages: llvmlite, numpy, numba Running setup.py install for numba ... done DEPRECATION: numba was installed using the legacy 'setup.py install' method, because a wheel could not be built for it. pip 21.0 will remove support for this functionality. A possible replacement is to fix the wheel build issue reported above. You can find discussion regarding this at https://github.com/pypa/pip/issues/8368. Successfully installed llvmlite-0.34.0 numba-0.51.2 numpy-1.19.2 ``` I can see on the `README` that these versions are currently recommended: - Python versions: 3.6-3.8 - llvmlite 0.33.* Is Python 3.9 and llvmlite 0.34.* not supported? Pip is currently warning about wheel build failure, but numba will install.

I don’t have any option to rollback as I see it was removed as an option (see discussion “rollback-update/40” ) and can’t downgrade python either (see discussion topic “is-it-possible-to-downgrade-single-packages/3115”)

Due to these errors, I am forced to stop being a loyal Clear Linux user and switch back to Ubuntu. Which is sad. Do you have any options on how to overcome this issue?

doct0rHu · December 18, 2020, 6:24pm

Have you heard of pyenv and virtualenv?

Siddharth_Naithani · December 18, 2020, 8:00pm

Roll back the complete distro to previous version :

sudo swupd verify -m <version number> --fix --force

After that :

sudo swupd repair

And try using mixer to manage your python updates. Python is volatile and any cutting edge distro like clear would have broken it anyways (fedora and void too). Ubuntu uses lts versioning of itself so it is stable but gets a fewer kernel or other “core” updates.

You can also see changelogs here before updating (34100 → clear → RELEASENOTES).

doct0rHu · December 18, 2020, 10:02pm

There is no need of rolling back OS for python.
You should use virtualenv and install multiple Python versions.

Maxim_Godzi · December 18, 2020, 10:24pm

Thank you for your reply. I based my topic on this answer: Is it possible to downgrade single packages? , probably it would be helpful if you can comment there as well.

Due to some other constraints, virtualenv was not a good choice for me.

This solution you had suggested worked great for me:
“Roll back the complete distro to previous version :
sudo swupd verify -m --fix --force
After that :
sudo swupd repair”

Thank you a lot!

doct0rHu · December 18, 2020, 11:11pm

No they’re not related.
That post is on how to rollback a OS update.

For Python specifically, you should always use a virtual environment.
Your workaround is not solution.

Businux · December 19, 2020, 12:30am

Don’t forget Conda.

Miniconda is a free minimal installer for conda. It is a small, bootstrap version of Anaconda that includes only conda, Python, the packages they depend on, and a small number of other useful packages, including pip, zlib and a few others. Use the conda install command to install 720+ additional conda packages from the Anaconda repository.

https://docs.conda.io/en/latest/miniconda.html

fabriclogin · December 19, 2020, 2:20pm

With the recent cybersecurity hack, having rolling updates @ the OS layer will probably become a requirement. I’m happy to see that Clear Linux gas this feature baked-in. For production environments some stability is expected, but that friction can be unnatural for end users or developers. Security is important. The suggestions here are indeed helpful and you also may want to consider setting up a secondary environment to automate any tests after an autoupdate. Once your tests pass successfully you can destroy the sandbox assuming you’re using a virtual environment. Storage is cheap when compared to the work involved with a security breach.

inmanturbo · December 21, 2020, 8:56pm

Or pipenv ?? There are plenty of options. One of pythons biggest advantages is flexibility across environments. Rolling back an entire system over a python library seems well, strange.

pipenv allows you to actually define your environment as code! Example below:

[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true

[dev-packages]

[packages]
fastapi = "*"
jinja2 = "*"
aiofiles = "*"
uvicorn = "*"
sqlalchemy = "*"
mysql-connector-python = "*"

[requires]
python_version = "3.8"

[scripts]
start = "python run.py"

Topic		Replies	Views
Python 3.8 in Clear Linux* OS News and Announcements	1	1904	December 18, 2019
Python version help Q&A	6	974	August 15, 2022
Updating really makes you nervous Developer Discussion	0	312	November 15, 2022
How would I install python-newt? Q&A	2	802	September 27, 2019
Installing Python versions with pyenv Q&A	9	5736	September 17, 2021

Critical: Autoupdate installs Python 3.9 too early killing all critical python packages

Related topics