Anthony Sottile <asott...@umich.edu> added the comment:
> > There was a single .pth file that I deemed "malicious" since it completely breaks the `subprocess` module (`subprocess-run`) > > It only seems to set an attribute. What's wrong with that? Does the early import of subprocess cause problems? It assigns `subprocess.run`, which is an api in python3.5+. In those versions, `subprocess.check_*` is implemented in terms of `subprocess.run`. The `subprocess.run` provided by that package has a different api than the stdlib one so any use of the subprocess module is broken just by having that package installed ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue33944> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
