Angela Wong via Plone Community wrote at 2023-9-6 22:20 +0000:
I have already installed libxmlsec1-dev and even tried collective.saml2 and still end up with the same error message:
Getting distribution for 'dm.xmlsec.binding>1.1'.
Couldn't find index page for 'lxml' (maybe misspelled?)
No local packages or working download links found for lxml>=3.0
error: Could not find suitable distribution for Requirement.parse('lxml>=3.0')
An error occurred when trying to install dm.xmlsec.binding 2.2. Look above this message for any errors that were output by easy_install.
While:
Installing client1.
Getting distribution for 'dm.xmlsec.binding>1.1'.
Error: Couldn't install: dm.xmlsec.binding 2.2
dm.xmlsec.binding
depends on lxml
.
For some (unknown) reason, no lxml>=3.0
distribution is found in your
case. This is strange, because lxml==4.9.3
is available on PyPI.
I know about one problem with dm.xmlsec.binding
and buildout
:
dm.xmlsec.binding
has a lxml
dependency both in its
setup_requires
and install_requires
. To resolve setup_requires
dependencies, buildout
does not set up the buildout
configuration, i.e.
the buildout
configuration options index
and find-links
are not
applied.
Usually, this should not make a problem because lxml
can be found on PyPI
(the default index). However, older buildout
versions access PyPI
via http
and nowadays PyPI requires https
.
Such older buildout
versions require an index
definition telling
buildout
to use https
for PyPI access. And such a definition is
not applied for the resolution of setup_requires
dependencies.
My suggestion: try to use the newest buildout
version compatible
with your setup. Maybe, this will resolve the issue.
Note that there may still be a problem: the lxml
version
used to resolve setup_requires
may be different from that
used by your Plone
installation. However, the likelyhood of
corresponding problems is small: dm.xmlsec.binding
depends
only weakly on lxml
for its setup -- small parts of the interface
description files and those are quite stable across lxml
versions.
If the compilation of dm.xmlsec.bindung
succeeds, you should not
have further problems.
If using the newest buildout
version compatible with your setup
does not resolve the problem, you may try to install
dm.xmlsec.binding
manually.
You have serveral options:
-
install it via pip
in the virtual env used by your setup.
BUT this may have unexpected side effects:
I have observed problems when some packages of a namespace package
(e.g. the "dm" above) have been directly installed in the virtual env
and others have been installed via builtout
: the path for such
a namespace package was not set up correctly resulting in
import failures for some subpackages.
-
install it via pip
and create from the installation a folder
in the eggs
directory used by your buildout
installation
representing the installation for buildout
.
BUT this is not easy: a modern pip
installation
uses a different layout than the one used by buildout
:
pip
typically puts package metadata into an EGG_INFO
and
copies the package code into the normal folder structure
determined by the package name (this means that subpackages
of the samr namespace package share upper folder levels);
buildout
, too, uses EGG_INFO
but part of the metadata
is coded in the folder name, the package code is managed
in its own folder tree (no sharing) and an ".pth" file is required.
When you install manually, you must ensure that the manual installation
uses the same versions (both for primary installation as well as for
its dependencies) than those used by buildout
.
You can achieve this via a pip
requirements or constrains file.
As you see from the description above, manual installation may not be easy.
A further option is to use LXML_HOME
.
dm.xmlsec.binding
only uses lxml
in its setup_requires
if the environment variable LXML_HOME
is not set.
Thus, the setup_requires/buildout
problem disappears when this envvar is set.
However, the value of this envvar must point to the source of
the correct lxml
version. Thus, you must download this source
and let the envvar point to it.