Python packages installed via config.packages leak into Python VIRTUAL_ENV

[vlaci]

Describe the bug

I don't know the reason why we add devenv.profile to PYTHONPATH, but we do:

devenv/src/modules/languages/python.nix

Line 487 in 6c987a8

export PYTHONPATH="$DEVENV_PROFILE/${package.sitePackages}''${PYTHONPATH:+:$PYTHONPATH}"

I don't know if it is a bug, edge-case or by-design.

I came to this rabbit hole as one environment we are using devenv for specifies a dependency in config.packages and also in pyproject.toml and I was surprised that the former overrides the latter.

Is there a reason for setting PYTHONPATH? It may make sense in cases where venv.enable = false, so it can be used as an ad-hoc environment, but I think it should not be set in the venv.enable = true case. Maybe a .pth file could be injected to the virtual env, pointing to the profile, so it would behave as a fallback for packages not already present in the virtual environment.

To reproduce

$ <<EOF > devenv.nix 
{ pkgs, ... }:

{
  languages.python = {
    enable = true;
    venv.enable = true;
    venv.requirements = ''
      jefferson
    '';
  };
  packages = [ pkgs.jefferson ];
}
EOF
$ devenv shell
(devenv) $ python
Python 3.12.7 (main, Oct  1 2024, 02:05:46) [GCC 13.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import jefferson
>>> jefferson
<module 'jefferson' from '/nix/store/y0y42rimg0l6rpygxq4ww3hy9d01jbx2-devenv-profile/lib/python3.12/site-packages/jefferson/__init__.py'>

Version

devenv 1.3.1 (x86_64-linux)

---

P.S.

PYTHONPATH is also adjusted by the individual package's setup-hooks, so it may not be a devenv-only issue. It may be a good idea if devenv would be able to clear PYTHONPATH altogether when venv.enable is set 🤔. This could wreak havoc if languages.python.package is different from the default pkgs.python package, as those could contain extensions compiled for a different version.