Description
As mentioned in #161, #187, and #191, the version of autoenv on PyPI doesn't track with recent releases.
This is confusing to novices, like myself, who either accidentally or habitually pip install autoenv from PyPI, only to discover it doesn't work exactly how the "official" project README states that it should.
I get that everyone has their favorite way of installing shell scripts from the InterWebs, and maybe that's curling into bash these days. I've even seen NPM (ab)used for such purposes, and the project author's justification was convincing. But due to the original autoenv author's being a fixture in the Python community, PyPI really makes sense in this case.
Describe the solution you'd like
- Call it 1.x.
- Publish a 1.0.1 to PyPI as soon as possible so that
pip installis a viable and trustworthy installation method again. - Remove inactive maintainers from the PyPI record, and update the description and other project metadata.
It looks like @timofurrer is still active with some projects (like pipenv) in Python- and autoenv-adjacent spaces, so perhaps he'd be willing to help.
Describe alternatives you've considered
- Not worry about it.
- Use the documented procedure(s) in the official project README and ignore the abandoned PyPI record
- …because nobody else seems to have noticed this problem (or thought it was a problem) since 2017.
- Report the problem to PyPI, so someone doesn't finagle the project away from PyPI maintainers and reappropriate it to distribute malware.
Additional context
Funny side node: pipx creates a virtualenv for you, and of course virtualenvs have a script called activate (no .sh), as well as activate.csh and Activate.ps1 (Because PowerShell Likes Sentence Case, I Guess). These are all dumped in to the same ~/.local/pipx/venv/autoenv/bin directory together, but only (autoenv's) activate.sh is actually added to your search path.
Boy was that confusing, when I was trying to figure out what actual release the 1.0.0 PyPI package corresponded to in this repository. The answer is, roughly, v0.1.0:
$ diff -wu ~/.local/pipx/venvs/autoenv/bin/activate.sh \
<(cd ~/src/util/autoenv; git cat-file -p v0.1.0:activate.sh)--- /home/me/.local/pipx/venvs/autoenv/bin/activate.sh 2025-06-19 12:01:28.478736278 -0400
+++ /dev/fd/63 2025-06-19 14:04:14.800685103 -0400
@@ -60,7 +60,7 @@
envfile=$1
hash=$(autoenv_hashline "$envfile")
touch $AUTOENV_AUTH_FILE
- \grep -Gq "$hash" $AUTOENV_AUTH_FILE
+ grep -Gq "$hash" $AUTOENV_AUTH_FILE
}
autoenv_check_authz_and_run()
@@ -69,16 +69,13 @@
envfile=$1
if autoenv_check_authz "$envfile"; then
source "$envfile"
- return 0
- fi
- if [[ -z $MC_SID ]]; then #make sure mc is not running
+ else
autoenv_env
autoenv_env "WARNING:"
autoenv_env "This is the first time you are about to source $envfile":
autoenv_env
autoenv_env " --- (begin contents) ---------------------------------------"
autoenv_indent "$envfile"
- autoenv_env
autoenv_env " --- (end contents) -----------------------------------------"
autoenv_env
autoenv_printf "Are you sure you want to allow this? (y/N) "