Need to be able to add site packages into temporary venvs

[James-E-A]

On networks that use fake root certificates for TLS MitM ALG proxies (such as corporate firewalls or certain antivirus software), pip version 23.3* or newer is required because it allows the user to prefer the system-wide configuration over a hard-coded CA bundle.

I have the upgraded pip installed in my user packages; it's the only site package I have. But version 1.0.3 of pypa build has hard-coded that there's no way to pass system_site_packages=True to the EnvBuilder, for users who "really know what they're doing" and want to "contaminate" the venv.

Of course, the "upgrade" logic currently in there will not work for this use-case, since you can't use a non-functioning version of pip to install a functioning version.

*Technically, the feature was "added" in version 22.2, but it doesn't actually function in that version due to a catch-22 of requiring a 3rd-party package to be installed before any 3rd-party packages can be installed.

[henryiii]

Not directly an answer, but can you use virtualenv instead of venv? That should have a recent version of pip, I think?

[James-E-A]

Well, that's a fantastic fix, thanks @henryiii—

cd Documents\code\proj1
REM modifying system-wide packages, need to use a light touch
py -m pip install --user "virtualenv >= 20.24.6"
py -m virtualenv .venv

.venv\Scripts\activate.bat
REM in dev environment now, can install anything needed to build this package
python -m pip install black build twine
python -m pip install "virtualenv >= 20.24.6"
python -m build

—this works perfectly; it looks like build automatically detects virtualenv, uses it, and the result is an upgraded & functioning version of pip in the temporary venvs, which leads to a functioning build.