Move self_outdated_check import to the top to stop WHL exec on install.

Fixes pypa#13079.

Signed-off-by: Caleb Brown <[email protected]>

src/pip/_internal/commands/install.py

@@ -47,6 +47,14 @@
 )
 from pip._internal.wheel_builder import build, should_build_for_install_command
 
+# Eagerly import this module to avoid crashes. Otherwise, this
+# module would be imported *after* pip was replaced, resulting in
+# crashes if the new self_outdated_check module was incompatible
+# with the rest of pip that's already imported, or allowing a
+# wheel to execute arbitrary code on install by replacing
+# self_outdated_check.
+import pip._internal.self_outdated_check  # noqa: F401
+
 logger = getLogger(__name__)
 
 
@@ -408,12 +416,6 @@ def run(self, options: Values, args: List[str]) -> int:
                 # If we're not replacing an already installed pip,
                 # we're not modifying it.
                 modifying_pip = pip_req.satisfied_by is None
-                if modifying_pip:
-                    # Eagerly import this module to avoid crashes. Otherwise, this
-                    # module would be imported *after* pip was replaced, resulting in
-                    # crashes if the new self_outdated_check module was incompatible
-                    # with the rest of pip that's already imported.
-                    import pip._internal.self_outdated_check  # noqa: F401
             protect_pip_from_modification_on_windows(modifying_pip=modifying_pip)
 
             reqs_to_build = [