|
|
#1 |
|
Enthusiast
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 50
Karma: 50002
Join Date: Nov 2017
Device: Nook, Kindle
|
Some unexpected Calibre behavior
Today, I found that an old but stable and working Calibre installation suddenly ceased to fetch metadata.
The error was pervasive, with every metadata source: Code:
ERROR: Download failed: Failed to download metadata. Click Show Details to see details ... File "<string>", line 15, in <module> ImportError: cannot import name _ 1. Add the single line `127.0.0.1 code.calibre-ebook.com` to `C:\Windows\System32\drivers\etc` 2. Rename or Delete the file `Calibre Settings\metadata-sources-cache.json' The reason for this error are with the dynamic code execution that Calibre does when it checks updates. This mechanism does not check a version number so it will run python code intended for new Calibre releases on old versions. That mechanism is in the Updates plugin at https://github.com/kovidgoyal/calibr...rces/update.py Note that this plugin is expressly forbidden to be disabled in the Calibre UI! The code will fetch `https://code.calibre-ebook.com/metadata-sources/hashes.json` (which, despite the file name, is `bzip2` compressed. It can be expanded with `bzcat`. If a hash in this download doesn't match the previous hashes, calibre will fetch the updated python code from `https://code.calibre-ebook.com/metadata-sources/<NAME>` (eg, google, amazon, etc) Then, it will pass that code directly to `exec()` I was worried when I first looked at this, because `code.calibre-ebook.com` has a strange certificate - fortunately it is self-signed so that only people with the private key can dynamically run Python code on every Calibre installation. The initial error was because the new plugins all use the Python "throwaway" syntax in an import: Code:
from calibre.utils.localization import _ |
|
|
|
|
|
#2 |
|
Well trained by Cats
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 31,874
Karma: 64181416
Join Date: Aug 2009
Location: The Central Coast of California
Device: Kobo Libra2,Kobo Aura2v1, K4NT(Fixed: New Bat.), Galaxy Tab A
|
localhost (127.0.0.1) is how Calibre talks to some of its pieces (worker process is a background piece).
This is a very common method. |
|
|
|
| Advert | |
|
|
|
|
#3 |
|
creator of calibre
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Posts: 46,369
Karma: 29630884
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
|
Not sure what's so unexpected about that? You get the entire calibre program from the same server (group of servers), if someone compromised the developer (me) they could just as well serve you compromised calibre binaries in the first place.
And it uses a self signed certificate deliberately, precisely so no third parties other than me are in the network trust chain. FYI various network facing bits of calibre are dynamically updated recipes, get books, metadata sources etc etc. and have been for a decade plus. |
|
|
|
![]() |
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Zebedi's unexpected behavior | Zebedi | justRead.app | 9 | 05-14-2026 05:14 AM |
| Unexpected behavior when editing enumerated columns | ownedbycats | Library Management | 1 | 02-01-2022 04:02 AM |
| Unexpected behavior from check_library | tlfamm | Library Management | 2 | 04-03-2014 10:37 PM |
| Unexpected behavior - Calibre 0.8 | zdt0343 | Calibre | 2 | 12-11-2011 08:03 AM |
| unexpected behavior when bulk editing | curantil | Calibre | 1 | 06-07-2010 06:45 PM |