Heroku上的新鲜部署失败,而“使用 - 未经验证的PIL允许” [英] Fresh deploy on Heroku fails with "use --allow-unverified PIL to allow"
问题描述
尝试将Django项目部署到Heroku上的新应用程序(该代码在其他实例上运行了两年),并被击中:
Tried deploying a Django project to a fresh app on Heroku (The code is running on other instances for past two years) - and was hit with this:
Downloading/unpacking PIL==1.1.7 (from -r requirements.txt (line 7))
Could not find any downloads that satisfy the requirement PIL==1.1.7 (from -r requirements.txt (line 7))
Some insecure and unverifiable files were ignored (use --allow-unverified PIL to allow).
Cleaning up...
No distributions at all found for PIL==1.1.7 (from -r requirements.txt (line 7))
Storing debug log for failure in /app/.pip/pip.log
! Push rejected, failed to compile Python app
我知道最近的变化 pip ,并希望使用安全的软件包,但是直到所有软件包都可以按照pip的期望正确打包,我们需要一些解决方法。特别是缺乏全无证据的标志使得这是一个无条件的黑匣子练习而不是无节制的部署的试错。
I'm aware of the recent changes in pip and would like to use packages that are secure, but until all are available properly packaged as per pip's expectations, we need some workarounds. Especially the lack of --allow-all-unverified flag makes this a trial-and-error mucking about with a blackbox exercise instead of a painless deployment.
有没有通过这个路障的平静道路? (不只是PIL,但是这是第一个失败的软件包,还有其他几个如pyPdf,如果我设法修复这个就会失败)
Is there a sane way to get past this roadblock? (Not just PIL, but that's the first package that failed, there are several others like pyPdf that will fail if I manage to fix just this)
任何指针都赞赏! / p>
Any pointers appreciated!
推荐答案
我问了维护者,他用一个简单的解决方案回答。我正在详细说明如何回应我自己的问题。这是您现在需要做的 - 直到软件包内部托管并进行验证。
I asked the maintainer of pip, and he replied with a simple solution. I am detailing how to go about it as a response to my own question. Here is what you need to do for now - until the packages are hosted internally and verified.
在本地计算机上,创建一个新的虚拟环境,并在 requirements.txt 文件:
On local machine, create a new virtual environment and add one line on top of the requirements.txt file:
- allow-all-external
保存并运行:
pip install -r requirements .txt --download =〜/ temp / packages
这样做只需将每个包名称从 requirements.txt 并将包下载到〜/ temp / packages 目录中,并进行验证。
What this will do is simply take every package name from requirements.txt and download the package into ~/temp/packages directory and verify it.
对于验证失败的每个程序包,请将另一行添加到 requires.txt 中,紧跟第一行,允许所有外部程序包,如下所示:
For every package that fails verification, add another line to requirements.txt, just below first line allowing all external packages, that goes like this:
- allow-unverified package-name
希望ping维护者来解决这个问题;)
You might want to ping the maintainer to fix this ;)
继续,直到pip成功完成,然后提交updat ed requirements.txt to vcs and deploy。
Continue till pip completes successfully, then commit the updated requirements.txt to vcs and deploy.
应该是全部。
这篇关于Heroku上的新鲜部署失败,而“使用 - 未经验证的PIL允许”的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
