Bug #5722
closedsuricata-update releases missing from PyPI
Description
suricata-update documentation recommends installing through pip. However, as of 30 Nov 2022, the latest package version available on PyPI is 1.2.2, while there are GitHub releases for versions up to 1.2.6 that are not uploaded to PyPI.
Updated by Jason Ish about 2 years ago
I hope to get this fixed up soon, but for now, and I'll update the documentation for this as well, the recommended way to install Suricata-Update is as bundled with Suricata.
From what I can tell, PyPi stopped accepting our distutils created bundles, so we have to move to something more modern.
Updated by Bradley Solomon about 2 years ago
Jason Ish wrote in #note-1:
I hope to get this fixed up soon, but for now, and I'll update the documentation for this as well, the recommended way to install Suricata-Update is as bundled with Suricata.
From what I can tell, PyPi stopped accepting our distutils created bundles, so we have to move to something more modern.
Actually, it's not bundled with Suricata. Reproducible on python:3.9-slim-buster Docker image:
echo "deb http://http.debian.net/debian buster-backports main" > \
/etc/apt/sources.list.d/backports.list && \
apt-get update -y && apt-get install -y --no-install-recommends \
curl=7.64.0-4+deb10u3 \
git=1:2.20.1-2+deb10u4 \
git-man=1:2.20.1-2+deb10u4 \
libcurl4=7.64.0-4+deb10u3 \
suricata=1:6.0.1-2~bpo10+1 -t buster-backports && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
Then find / -name 'suricata-update' -type f
returns 0 results when run as root.
Secondly the installation of Suricata 6.x from source is also outright broken on Debian, per https://github.com/rusticata/der-parser/issues/36.
Updated by Bradley Solomon about 2 years ago
OISF is a well-funded organization. What's the excuse for using outdated distutils for years after setuptools became the de-facto tool? I don't even see an open pull request.
Updated by Jason Ish about 2 years ago
Bradley Solomon wrote in #note-2:
Jason Ish wrote in #note-1:
I hope to get this fixed up soon, but for now, and I'll update the documentation for this as well, the recommended way to install Suricata-Update is as bundled with Suricata.
From what I can tell, PyPi stopped accepting our distutils created bundles, so we have to move to something more modern.
Actually, it's not bundled with Suricata. Reproducible on python:3.9-slim-buster Docker image:
echo "deb http://http.debian.net/debian buster-backports main" > \
/etc/apt/sources.list.d/backports.list && \
apt-get update -y && apt-get install -y --no-install-recommends \
curl=7.64.0-4+deb10u3 \
git=1:2.20.1-2+deb10u4 \
git-man=1:2.20.1-2+deb10u4 \
libcurl4=7.64.0-4+deb10u3 \
suricata=1:6.0.1-2~bpo10+1 -t buster-backports && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*Then
find / -name 'suricata-update' -type f
returns 0 results when run as root.Secondly the installation of Suricata 6.x from source is also outright broken on Debian, per https://github.com/rusticata/der-parser/issues/36.
Debian unbundles it.
Updated by Bradley Solomon about 2 years ago
Debian unbundles it.
So the recommended install method on Debian would be ... what, exactly?
python3 -m pip install https://github.com/OISF/suricata-update/archive/refs/tags/1.2.6.tar.gz
it is, for lack of a better option.
Updated by Victor Julien about 2 years ago
Bradley Solomon wrote in #note-3:
OISF is a well-funded organization. What's the excuse for using outdated distutils for years after setuptools became the de-facto tool? I don't even see an open pull request.
Please behave yourself professionally in this forum. OISF doesn't owe you any excuse or explanation. We're happy discuss reasons and point to prior discussions, but not in this way.
Updated by Jason Ish about 2 years ago
Bradley Solomon wrote in #note-5:
Debian unbundles it.
So the recommended install method on Debian would be ... what, exactly?
python3 -m pip install https://github.com/OISF/suricata-update/archive/refs/tags/1.2.6.tar.gz
it is, for lack of a better option.
See https://suricata.readthedocs.io/en/suricata-6.0.9/install.html#debian. Adapt as needed for your Debian version. But packaging for Debian is a Debian detail, not Suricata.
Updated by Jason Ish about 2 years ago
- Status changed from New to Closed
- Assignee changed from Shivani Bhardwaj to Jason Ish
Pushed to PyPI with Twine. Documentation updated to note that Suricata-Update is best installed bundled with Suricata, as its released bundled with Suricata.