lxml

  1. Bug #2029411
  2. Activity log

Activity log for bug #2029411

Date Who What changed Old value New value Message
2023-08-02 19:55:04 Janne Pulkkinen bug added bug
2023-08-02 19:55:48 Janne Pulkkinen description The binary wheels published on PyPI starting with lxml 4.9.3 have a wrong hardcoded default path for the XML catalog file. This causes XML schema discovery to fail unless the XML catalog is specified manually using the `XML_CATALOG_FILES` environment variable. The hardcoded path is compiled as part of the statically linked libxml2, and it defaults to `%{sysconfdir}/xml/catalog`. In newer wheels this points to a temporary build directory instead of `/etc/xml/catalog`. This can be checked by downloading a whl file from [PyPI](https://pypi.org/project/lxml/#files) and extracting the `etree` dynamic library and looking up the string: ``` # From lxml-4.9.3-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl ❯ strings etree.pypy310-pp73-x86_64-linux-gnu.so | grep "/xml/catalog" file:///tmp/pip-req-build-svyupjhx/build/tmp/libxml2/etc/xml/catalog # From lxml-4.9.2-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl ❯ strings etree.pypy39-pp73-x86_64-linux-gnu.so | grep "/xml/catalog" file:///etc/xml/catalog ``` Possibly a result of CI changes? The binary wheels published on PyPI starting with lxml 4.9.3 have a wrong hardcoded default path for the XML catalog file. This causes XML schema discovery to fail unless the XML catalog is specified manually using the `XML_CATALOG_FILES` environment variable. The hardcoded path is compiled as part of the statically linked libxml2, and it defaults to `%{sysconfdir}/xml/catalog`. In newer wheels this points to a temporary build directory instead of `/etc/xml/catalog`. This can be checked by downloading a whl file from PyPI (https://pypi.org/project/lxml/#files) and extracting the `etree` dynamic library and looking up the string: ``` # From lxml-4.9.3-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl ❯ strings etree.pypy310-pp73-x86_64-linux-gnu.so | grep "/xml/catalog" file:///tmp/pip-req-build-svyupjhx/build/tmp/libxml2/etc/xml/catalog # From lxml-4.9.2-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl ❯ strings etree.pypy39-pp73-x86_64-linux-gnu.so | grep "/xml/catalog" file:///etc/xml/catalog ``` Possibly a result of CI changes?
2023-09-21 07:51:53 scoder lxml: importance Undecided Medium
2023-09-21 07:51:53 scoder lxml: status New Confirmed