Critical: Autoupdate installs Python 3.9 too early killing all critical python packages

I need to highlight this issue. The os update tonight had just destroyed my python environment, as most of python libs essential for my work are not yet compatible with python 3.9, requiring python 3.7.

More info here:

I don’t have any option to rollback as I see it was removed as an option (see discussion “rollback-update/40” ) and can’t downgrade python either (see discussion topic “is-it-possible-to-downgrade-single-packages/3115”)

Due to these errors, I am forced to stop being a loyal Clear Linux user and switch back to Ubuntu. Which is sad. Do you have any options on how to overcome this issue?

Have you heard of pyenv and virtualenv?

1 Like

Roll back the complete distro to previous version :

sudo swupd verify -m <version number> --fix --force

After that :

sudo swupd repair

And try using mixer to manage your python updates. Python is volatile and any cutting edge distro like clear would have broken it anyways (fedora and void too). Ubuntu uses lts versioning of itself so it is stable but gets a fewer kernel or other “core” updates.

You can also see changelogs here before updating (34100 -> clear -> RELEASENOTES).

1 Like

There is no need of rolling back OS for python.
You should use virtualenv and install multiple Python versions.

2 Likes

Thank you for your reply. I based my topic on this answer: Is it possible to downgrade single packages? , probably it would be helpful if you can comment there as well.

Due to some other constraints, virtualenv was not a good choice for me.

This solution you had suggested worked great for me:
“Roll back the complete distro to previous version :
sudo swupd verify -m --fix --force
After that :
sudo swupd repair”

Thank you a lot!

No they’re not related.
That post is on how to rollback a OS update.

For Python specifically, you should always use a virtual environment.
Your workaround is not solution.

1 Like

Don’t forget Conda.

Miniconda is a free minimal installer for conda. It is a small, bootstrap version of Anaconda that includes only conda, Python, the packages they depend on, and a small number of other useful packages, including pip, zlib and a few others. Use the conda install command to install 720+ additional conda packages from the Anaconda repository.

https://towardsdatascience.com/environment-management-with-conda-python-2-3-b9961a8a5097

2 Likes

With the recent cybersecurity hack, having rolling updates @ the OS layer will probably become a requirement. I’m happy to see that Clear Linux gas this feature baked-in. For production environments some stability is expected, but that friction can be unnatural for end users or developers. Security is important. The suggestions here are indeed helpful and you also may want to consider setting up a secondary environment to automate any tests after an autoupdate. Once your tests pass successfully you can destroy the sandbox assuming you’re using a virtual environment. Storage is cheap when compared to the work involved with a security breach.

3 Likes

Or pipenv ?? There are plenty of options. One of pythons biggest advantages is flexibility across environments. Rolling back an entire system over a python library seems well, strange.

pipenv allows you to actually define your environment as code! Example below:

[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true

[dev-packages]

[packages]
fastapi = "*"
jinja2 = "*"
aiofiles = "*"
uvicorn = "*"
sqlalchemy = "*"
mysql-connector-python = "*"

[requires]
python_version = "3.8"

[scripts]
start = "python run.py"
3 Likes