New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure that each package has a separate list of data elements. #675
Conversation
for more information, see https://pre-commit.ci
|
Additional context: Commit c3a19ba from 2018 added relevant tests and introduced the use of - package_data = kw.get('package_data', {}).copy()
+ package_data = copy.deepcopy(kw.get('package_data', {}))Source: c3a19ba#diff-31c811f03446fcfe70dbf03560cef0781f582d6f5d66334b76b2282e2e0b8733L386-R388 For comparison, this pull request introduces the following changes: - package_data = copy.deepcopy(kw.get("package_data", {}))
+ package_data = {k: copy.copy(v) for k, v in kw.get("package_data", {}).items()} |
|
To give some context about why these behavior are different: My guess is that the first change you linked was made to fix an issue where if a user did and you just called In this scenario the |
|
The analysis sounds correct to me, and this seems fairly safe. I would guess you could still do a deep copy inside ( |
|
You could safely do a deepcopy. I think that the API explicitly requires the values to be lists of strings, so anything that required a deep rather than a shallow copy for safety would violate the existing API, but there's probably no harm in future-proofing in case that changes. |
Currently when scikit-build copies files from the source tree to the build tree (files that do not need to be compiled, e.g. pure Python files or Cython headers) it uses the
package_datadict as a way to keep track of these files since data files are subject to the same requirements at this stage.skbuildassumes that modifying thepackage_datadict in place is safe here because it deep copies thepackage_dataparameter passed to setup.py here. However, deep copying is not sufficient in the scenario where the calling code constructs the input dict such that all values are actually references to the same dictionary, e.g.or
setuptools.setupappears to have no problem with these inputs, soscikit-buildshould support them as well. The safer approach here is to use a dict comprehension that explicitly copies each list. The lists will not be nested, so this approach is sufficient to guarantee that each list is unique and can be safely modified.