Package: src:natsort
Version: 6.0.0-1.1
Severity: serious
Tags: sid bullseye
natsort's autopkg test pulls in a complete test environment from the net and
doesn't use system packages, it even downloads a natsort-6.0.0.zip.
it also hardcodes python3.7 in the autopkg test.
autopkgtest [21:36:08]: test unittests: [-----------------------
GLOB sdist-make: /tmp/autopkgtest-lxc.v8f2_h_p/downtmp/build.Sz4/src/setup.py
py37 create: /tmp/autopkgtest-lxc.v8f2_h_p/downtmp/build.Sz4/src/.tox/py37
py37 installdeps: -rdev-requirements.txt
py37 inst:
/tmp/autopkgtest-lxc.v8f2_h_p/downtmp/build.Sz4/src/.tox/.tmp/package/1/natsort-6.0.0.zip
py37 installed:
atomicwrites==1.3.0,attrs==19.3.0,coverage==4.5.4,hypothesis==4.42.10,importlib-metadata==0.23,more-itertools==7.2.0,natsort==6.0.0,packaging==19.2,pkg-resources==0.0.0,pluggy==0.13.0,py==1.8.0,pyparsing==2.4.2,pytest==5.2.2,pytest-cov==2.8.1,pytest-faulthandler==2.0.1,pytest-mock==1.11.2,semver==2.9.0,six==1.12.0,wcwidth==0.1.7,zipp==0.6.0
py37 run-test-pre: PYTHONHASHSEED='1889279568'
py37 run-test: commands[0] | pytest README.rst docs/intro.rst docs/examples.rst
============================= test session starts ==============================
platform linux -- Python 3.7.5, pytest-5.2.2, py-1.8.0, pluggy-0.13.0
cachedir: .tox/py37/.pytest_cache
rootdir: /tmp/autopkgtest-lxc.v8f2_h_p/downtmp/build.Sz4/src
plugins: cov-2.8.1, hypothesis-4.42.10, mock-1.11.2
collected 3 items
If tox is used for the autopkg tests, then it should be called with
--sitepackages, limiting tox's activity to the archive. Or better don't use tox
in autopkg testing.
