This fixes an issue with tox/virtualenv/pip where the pip and wheel
shebang lines were wrapped with a quote " that prevents the command
from executing.
66e4805271/distlib/scripts.py (scripts.py-66)
I confirmed that with the updated distlib I was able to create a
virtualenv, and then install the updated `pip` into it.
```
virtualenv --no-wheel --no-pip --no-setuptools --python=jython jython.env
jython -c 'import sys, pip; sys.exit(pip.main(["install", "--ignore-installed"] + sys.argv[1:]))' pip
```
```
$ pip list
decorator (4.0.9)
ipython (4.1.1)
ipython-genutils (0.1.0)
path.py (8.1.2)
pexpect (4.0.1)
pickleshare (0.6)
pip (8.0.2)
ptyprocess (0.5.1)
py (1.4.31)
pytest (2.8.7)
requests (2.9.1)
setuptools (20.0)
simplegeneric (0.8.1)
simplejson (3.8.1)
six (1.10.0)
traitlets (4.1.0)
wheel (0.29.0)
```
Aside: The process for tracking and updating _vendor libs should be streamlined.
The Makefile blows away modified code, making it a manual process to update
vendored libs.
RECORD now contains only relative path.
some bugs triggered by a bleeding edge usage of python may disappear a result (https://github.com/pypa/pip/issues/3433)
Commit 5bb989993 added some code for hiding/showing the cursor when
running on the terminal, but accidentally made it so that it always
printed the invisible control codes, even when not on a tty or when
--quiet was specified. This turns out to be surprisingly bad (e.g. it
breaks the official docker python builds). So, let's not do that.
Fixes gh-3418
This won't actually let the final error silently pass, since it
will mean that when pip attempts to import one of the aliased
modules we'll get the standard ImportError then instead of when
the aliasing attempts to happen.
We started trying to locate the system trust stores, because
downstream was patching out our bundled copies anyways and it would
provide a smoother experience when people upgraded their pip inside
of their system.
However, if we just use OpenSSL's CAFile then we're broken on systems
like Debian which currently ship a broken CAFile configuration. If
we just use OpenSSL's CAPath then we're broken on systems like CentOS
and Fedora that currently are shipping a broken OpenSSL CAPath.
So basically, none of the major distributions seem to be capable of
shipping an OpenSSL that isn't broken, so we're going back to relying
on our own CA bundle exclusively.
