Google brings up this: sudo pip install pilDownloading/unpacking PIL You are installing a potentially insecure and unverifiable file. Future versions of pip will default to disallowing insecure files. Downloading PIL-1.1.7.tar.gz (506kB): 506kB downloaded
from a couple months ago, so apparantly pip's behavior regarding offsite packages changed since then. (Or maybe you have a non-default setting - mediawiki-vagrant with standard settings worked fine just a few days ago). Couldn't you just use --allow-external? With something as big as PIL it shouldn't be a security issue. As Aaron said, downgrading is not a problem for us, but adding a command-line parameter would be even simpler. On Wed, Jan 22, 2014 at 2:27 PM, Aaron Arcos <[email protected]> wrote: > I don't think 1.1.7 is need, I just specified that because it was the > latest version. > Can you guys try with 1.1.6? If you don't like this route, the Pillow fork > is also fine. > I checked the documentation and the code should work with any of these > choices. > Let me know if any issues though. > > Thanx ! > > > > On Wed, Jan 22, 2014 at 1:44 PM, Antoine Musso <[email protected]>wrote: > >> Le 22/01/14 08:49, Željko Filipin a écrit : >> > Downloading/unpacking PIL>=1.1.7 (from -r test/api/requirements.txt >> > (line 3)) >> > Could not find any downloads that satisfy the requirement PIL>=1.1.7 >> > (from -r test/api/requirements.txt (line 3)) >> > Some externally hosted files were ignored (use --allow-external PIL to >> > allow). >> > Cleaning up... >> > No distributions at all found for PIL>=1.1.7 (from -r >> > test/api/requirements.txt (line 3)) >> >> That is interesting. PIL is a popular library unfortunately the pip >> repository still has version 1.1.6: >> >> https://pypi.python.org/pypi/PIL >> >> Although upstream released 1.1.7: >> >> http://www.pythonware.com/products/pil/ >> >> >> Aaron, would it make sense to migrate to the Pillow fork which is >> properly updated on pypi ? >> >> https://pypi.python.org/pypi/Pillow/2.3.0 >> >> The API is most probably slightly different so that would need some code >> to be changed in the python smoke test script. >> >> >> -- >> Antoine "hashar" Musso >> Mob.: +33 6 98 81 18 38 -- Skype: hashar >> > >
_______________________________________________ QA mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/qa
