Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Parentheses escaping bug when running pipenv shell #4615

Closed
leohku opened this issue Feb 7, 2021 · 0 comments · Fixed by #4616
Closed

Parentheses escaping bug when running pipenv shell #4615

leohku opened this issue Feb 7, 2021 · 0 comments · Fixed by #4616

Comments

@leohku
Copy link

leohku commented Feb 7, 2021

Summary:

When running pipenv shell in POSIX (zsh), running /bin/activate will fail if there are parentheses in the virtualenv path due to the regex in _get_activate_script() (Line 53, pipenv/shells.py) not escaping parentheses properly.

How to reproduce the issue:

  1. Create a new directory a ( )
  2. Create .venv folder inside the directory
  3. Run pipenv install in a ( )
  4. Run pipenv shell. The issue should now be reproduced.
  5. To verify, run pipenv shell again to confirm the improper activation.

What is expected to happen:

Step 4 successfully activates virtual environment without error return code (1).

What actually happens:

Step 4 output:

$ pipenv shell
Launching subshell in virtual environment...
 . /Users/leohku/a\ (\ )/.venv/bin/activate
zsh: no matches found: /Users/leohku/a ( )/.venv/bin/activate

Step 5 output:

$ pipenv shell
Shell for UNKNOWN_VIRTUAL_ENVIRONMENT already activated.
No action taken to avoid nested environments.

Environment:

pipenv, version 2020.11.15
running zsh on macOS Big Sur v11.1 x86

frostming added a commit that referenced this issue Mar 16, 2021
Fix #4615 - Improve sanitization to allow virtualenv paths with () and [] characters to activate
wip-sync referenced this issue in NetBSD/pkgsrc-wip Jan 21, 2022
2022.1.8 (2022-01-08)
=====================

Bug Fixes
---------

- Remove the extra parentheses around the venv prompt.  `#4877 <https://github.com/pypa/pipenv/issues/4877>`_
- Fix a bug of installation fails when extra index url is given.  `#4881 <https://github.com/pypa/pipenv/issues/4881>`_
- Fix regression where lockfiles would only include the hashes for releases for the platform generating the lockfile  `#4885 <https://github.com/pypa/pipenv/issues/4885>`_
- Fix the index parsing to reject illegal requirements.txt.  `#4899 <https://github.com/pypa/pipenv/issues/4899>`_

2021.11.23 (2021-11-23)
=======================

Bug Fixes
---------

- Update ``charset-normalizer`` from ``2.0.3`` to ``2.0.7``, this fixes an import error on Python 3.6.  `#4865 <https://github.com/pypa/pipenv/issues/4865>`_
- Fix a bug of deleting a virtualenv that is not managed by Pipenv.  `#4867 <https://github.com/pypa/pipenv/issues/4867>`_
- Fix a bug that source is not added to ``Pipfile`` when index url is given with ``pipenv install``.  `#4873 <https://github.com/pypa/pipenv/issues/4873>`_

2021.11.15 (2021-11-15)
=======================

Bug Fixes
---------

- Return an empty dict when ``PIPENV_DONT_LOAD_ENV`` is set.  `#4851 <https://github.com/pypa/pipenv/issues/4851>`_
- Don't use ``sys.executable`` when inside an activated venv.  `#4852 <https://github.com/pypa/pipenv/issues/4852>`_

Vendored Libraries
------------------

- Drop the vendored ``jinja2`` dependency as it is not needed any more.  `#4858 <https://github.com/pypa/pipenv/issues/4858>`_
- Update ``click`` from ``8.0.1`` to ``8.0.3``, to fix a problem with bash completion.  `#4860 <https://github.com/pypa/pipenv/issues/4860>`_
- Drop unused vendor ``chardet``.  `#4862 <https://github.com/pypa/pipenv/issues/4862>`_

Improved Documentation
----------------------

- Fix the documentation to reflect the fact that special characters must be percent-encoded in the URL.  `#4856 <https://github.com/pypa/pipenv/issues/4856>`_

2021.11.9 (2021-11-09)
======================

Features & Improvements
-----------------------

- Replace ``click-completion`` with ``click``'s own completion implementation.  `#4786 <https://github.com/pypa/pipenv/issues/4786>`_

Bug Fixes
---------

- Fix a bug that ``pipenv run`` doesn't set environment variables correctly.  `#4831 <https://github.com/pypa/pipenv/issues/4831>`_
- Fix a bug that certifi can't be loaded within ``notpip``'s vendor library. This makes several objects of ``pip`` fail to be imported.  `#4833 <https://github.com/pypa/pipenv/issues/4833>`_
- Fix a bug that ``3.10.0`` can be found be python finder.  `#4837 <https://github.com/pypa/pipenv/issues/4837>`_

Vendored Libraries
------------------

- Update ``pythonfinder`` from ``1.2.8`` to ``1.2.9``.  `#4837 <https://github.com/pypa/pipenv/issues/4837>`_

2021.11.5.post0 (2021-11-05)
============================

Bug Fixes
---------

- Fix a regression that ``pipenv shell`` fails to start a subshell.  `#4828 <https://github.com/pypa/pipenv/issues/4828>`_
- Fix a regression that ``pip_shims`` object isn't imported correctly.  `#4829 <https://github.com/pypa/pipenv/issues/4829>`_

2021.11.5 (2021-11-05)
======================

Features & Improvements
-----------------------

- Avoid sharing states but create project objects on demand. So that most integration test cases are able to switch to a in-process execution method.  `#4757 <https://github.com/pypa/pipenv/issues/4757>`_
- Shell-quote ``pip`` commands when logging.  `#4760 <https://github.com/pypa/pipenv/issues/4760>`_

Bug Fixes
---------

- Ignore empty .venv in rood dir and create project name base virtual environment  `#4790 <https://github.com/pypa/pipenv/issues/4790>`_

Vendored Libraries
------------------

- Update vendored dependencies
  - ``attrs`` from ``20.3.0`` to ``21.2.0``
  - ``cerberus`` from ``1.3.2`` to ``1.3.4``
  - ``certifi`` from ``2020.11.8`` to ``2021.5.30``
  - ``chardet`` from ``3.0.4`` to ``4.0.0``
  - ``click`` from ``7.1.2`` to ``8.0.1``
  - ``distlib`` from ``0.3.1`` to ``0.3.2``
  - ``idna`` from ``2.10`` to ``3.2``
  - ``importlib-metadata`` from ``2.0.0`` to ``4.6.1``
  - ``importlib-resources`` from ``3.3.0`` to ``5.2.0``
  - ``jinja2`` from ``2.11.2`` to ``3.0.1``
  - ``markupsafe`` from ``1.1.1`` to ``2.0.1``
  - ``more-itertools`` from ``5.0.0`` to ``8.8.0``
  - ``packaging`` from ``20.8`` to ``21.0``
  - ``pep517`` from ``0.9.1`` to ``0.11.0``
  - ``pipdeptree`` from ``1.0.0`` to ``2.0.0``
  - ``ptyprocess`` from ``0.6.0`` to ``0.7.0``
  - ``python-dateutil`` from ``2.8.1`` to ``2.8.2``
  - ``python-dotenv`` from ``0.15.0`` to ``0.19.0``
  - ``pythonfinder`` from ``1.2.5`` to ``1.2.8``
  - ``requests`` from ``2.25.0`` to ``2.26.0``
  - ``shellingham`` from ``1.3.2`` to ``1.4.0``
  - ``six`` from ``1.15.0`` to ``1.16.0``
  - ``tomlkit`` from ``0.7.0`` to ``0.7.2``
  - ``urllib3`` from ``1.26.1`` to ``1.26.6``
  - ``zipp`` from ``1.2.0`` to ``3.5.0``

  Add new vendored dependencies
  - ``charset-normalizer 2.0.3``
  - ``termcolor 1.1.0``
  - ``tomli 1.1.0``
  - ``wheel 0.36.2``  `#4747 <https://github.com/pypa/pipenv/issues/4747>`_
- Drop the dependencies for Python 2.7 compatibility purpose.  `#4751 <https://github.com/pypa/pipenv/issues/4751>`_
- Switch the dependency resolver from ``pip-tools`` to `pip`.

  Update vendor libraries:
  - Update ``requirementslib`` from ``1.5.16`` to ``1.6.1``
  - Update ``pip-shims`` from ``0.5.6`` to ``0.6.0``
  - New vendor ``platformdirs 2.4.0``  `#4759 <https://github.com/pypa/pipenv/issues/4759>`_

Improved Documentation
----------------------

- remove prefixes on install commands for easy copy/pasting  `#4792 <https://github.com/pypa/pipenv/issues/4792>`_
- Officially drop support for Python 2.7 and Python 3.5.  `#4261 <https://github.com/pypa/pipenv/issues/4261>`_

2021.5.29 (2021-05-29)
======================

Bug Fixes
---------

- Fix a bug where passing --skip-lock when PIPFILE has no [SOURCE] section throws the error: "tomlkit.exceptions.NonExistentKey: 'Key "source" does not exist.'"  `#4141 <https://github.com/pypa/pipenv/issues/4141>`_
- Fix bug where environment wouldn't activate in paths containing & and $ symbols  `#4538 <https://github.com/pypa/pipenv/issues/4538>`_
- Fix a bug that ``importlib-metadata`` from the project's dependencies conflicts with that from ``pipenv``'s.  `#4549 <https://github.com/pypa/pipenv/issues/4549>`_
- Fix a bug where ``pep508checker.py`` did not expect double-digit Python minor versions (e.g. "3.10").  `#4602 <https://github.com/pypa/pipenv/issues/4602>`_
- Fix bug where environment wouldn't activate in paths containing () and [] symbols  `#4615 <https://github.com/pypa/pipenv/issues/4615>`_
- Fix bug preventing use of pipenv lock --pre  `#4642 <https://github.com/pypa/pipenv/issues/4642>`_

Vendored Libraries
------------------

- Update ``packaging`` from ``20.4`` to ``20.8``.  `#4591 <https://github.com/pypa/pipenv/issues/4591>`_

2020.11.15 (2020-11-15)
=======================

Features & Improvements
-----------------------

- Support expanding environment variables in requirement URLs.  `#3516 <https://github.com/pypa/pipenv/issues/3516>`_
- Show warning message when a dependency is skipped in locking due to the mismatch of its markers.  `#4346 <https://github.com/pypa/pipenv/issues/4346>`_

Bug Fixes
---------

- Fix a bug that executable scripts with leading backslash can't be executed via ``pipenv run``.  `#4368 <https://github.com/pypa/pipenv/issues/4368>`_
- Fix a bug that VCS dependencies always satisfy even if the ref has changed.  `#4387 <https://github.com/pypa/pipenv/issues/4387>`_
- Restrict the acceptable hash type to SHA256 only.  `#4517 <https://github.com/pypa/pipenv/issues/4517>`_
- Fix the output of ``pipenv scripts`` under Windows platform.  `#4523 <https://github.com/pypa/pipenv/issues/4523>`_
- Fix a bug that the resolver takes wrong section to validate constraints.  `#4527 <https://github.com/pypa/pipenv/issues/4527>`_

Vendored Libraries
------------------

- Update vendored dependencies:
    - ``colorama`` from ``0.4.3`` to ``0.4.4``
    - ``python-dotenv`` from ``0.10.3`` to ``0.15.0``
    - ``first`` from ``2.0.1`` to ``2.0.2``
    - ``iso8601`` from ``0.1.12`` to ``0.1.13``
    - ``parse`` from ``1.15.0`` to ``1.18.0``
    - ``pipdeptree`` from ``0.13.2`` to ``1.0.0``
    - ``requests`` from ``2.23.0`` to ``2.25.0``
    - ``idna`` from ``2.9`` to ``2.10``
    - ``urllib3`` from ``1.25.9`` to ``1.26.1``
    - ``certifi`` from ``2020.4.5.1`` to ``2020.11.8``
    - ``requirementslib`` from ``1.5.15`` to ``1.5.16``
    - ``attrs`` from ``19.3.0`` to ``20.3.0``
    - ``distlib`` from ``0.3.0`` to ``0.3.1``
    - ``packaging`` from ``20.3`` to ``20.4``
    - ``six`` from ``1.14.0`` to ``1.15.0``
    - ``semver`` from ``2.9.0`` to ``2.13.0``
    - ``toml`` from ``0.10.1`` to ``0.10.2``
    - ``cached-property`` from ``1.5.1`` to ``1.5.2``
    - ``yaspin`` from ``0.14.3`` to ``1.2.0``
    - ``resolvelib`` from ``0.3.0`` to ``0.5.2``
    - ``pep517`` from ``0.8.2`` to ``0.9.1``
    - ``zipp`` from ``0.6.0`` to ``1.2.0``
    - ``importlib-metadata`` from ``1.6.0`` to ``2.0.0``
    - ``importlib-resources`` from ``1.5.0`` to ``3.3.0``  `#4533 <https://github.com/pypa/pipenv/issues/4533>`_

Improved Documentation
----------------------

- Fix suggested pyenv setup to avoid using shimmed interpreter  `#4534 <https://github.com/pypa/pipenv/issues/4534>`_

2020.11.4 (2020-11-04)
======================

Features & Improvements
-----------------------

- Add a new command ``pipenv scripts`` to display shortcuts from Pipfile.  `#3686 <https://github.com/pypa/pipenv/issues/3686>`_
- Retrieve package file hash from URL to accelerate the locking process.  `#3827 <https://github.com/pypa/pipenv/issues/3827>`_
- Add the missing ``--system`` option to ``pipenv sync``.  `#4441 <https://github.com/pypa/pipenv/issues/4441>`_
- Add a new option pair ``--header/--no-header`` to ``pipenv lock`` command,
  which adds a header to the generated requirements.txt  `#4443 <https://github.com/pypa/pipenv/issues/4443>`_

Bug Fixes
---------

- Fix a bug that percent encoded characters will be unquoted incorrectly in the file URL.  `#4089 <https://github.com/pypa/pipenv/issues/4089>`_
- Fix a bug where setting PIPENV_PYTHON to file path breaks environment name  `#4225 <https://github.com/pypa/pipenv/issues/4225>`_
- Fix a bug that paths are not normalized before comparison.  `#4330 <https://github.com/pypa/pipenv/issues/4330>`_
- Handle Python major and minor versions correctly in Pipfile creation.  `#4379 <https://github.com/pypa/pipenv/issues/4379>`_
- Fix a bug that non-wheel file requirements can be resolved successfully.  `#4386 <https://github.com/pypa/pipenv/issues/4386>`_
- Fix a bug that ``pexept.exceptions.TIMEOUT`` is not caught correctly because of the wrong import path.  `#4424 <https://github.com/pypa/pipenv/issues/4424>`_
- Fix a bug that compound TOML table is not parsed correctly.  `#4433 <https://github.com/pypa/pipenv/issues/4433>`_
- Fix a bug that invalid Python paths from Windows registry break ``pipenv install``.  `#4436 <https://github.com/pypa/pipenv/issues/4436>`_
- Fix a bug that function calls in ``setup.py`` can't be parsed rightly.  `#4446 <https://github.com/pypa/pipenv/issues/4446>`_
- Fix a bug that dist-info inside ``venv`` directory will be mistaken as the editable package's metadata.  `#4480 <https://github.com/pypa/pipenv/issues/4480>`_
- Make the order of hashes in resolution result stable.  `#4513 <https://github.com/pypa/pipenv/issues/4513>`_

Vendored Libraries
------------------

- Update ``tomlkit`` from ``0.5.11`` to ``0.7.0``.  `#4433 <https://github.com/pypa/pipenv/issues/4433>`_
- Update ``requirementslib`` from ``1.5.13`` to ``1.5.14``.  `#4480 <https://github.com/pypa/pipenv/issues/4480>`_

Improved Documentation
----------------------

- Discourage homebrew installation in installation guides.  `#4013 <https://github.com/pypa/pipenv/issues/4013>`_
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant