Python
/
uv
mirror of https://github.com/astral-sh/uv
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,226 Commits 563 Branches 239 Tags 209 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
konsti 3eda248ef5
Always attach URL to network errors (#8444) 2024-10-25 09:10:18 +00:00
samypr100 68abf85f0d
feat: mTLS support (#4171) 
## Summary

Closes https://github.com/astral-sh/uv/issues/3626

This adds mTLS support to uv via the standard env var `SSL_CLIENT_CERT`.

## Test Plan

Tested locally using a [nginx proxy to
pypi](https://github.com/hauntsaninja/nginx_pypi_cache) using my own
self-signed ca + certs + client certs generated via
[mkcert](https://github.com/FiloSottile/mkcert). Used this proxy with
both uv and pip to make sure we have feature partity in mTLS
functionality.
 2024-06-10 20:11:35 -05:00
Charlie Marsh a01143980a
Upgrade `reqwest` to v0.12.3 (#2817) 
## Summary

Closes #2814.
 2024-04-10 11:20:44 -04:00
Charlie Marsh e9c16e9aa2
Enable TLS native root toggling at runtime (#2362) 
## Summary

It turns out that on macOS, reading the native certificates can add
hundreds of milliseconds to client initialization. This PR makes
`--native-tls` a command-line flag, to toggle (at runtime) the choice of
the `webpki` roots or the native system roots.

You can't accomplish this kind of configuration with the `reqwest`
builder API, so instead, I pulled out the heart of that logic from the
crate
(e319263851/src/async_impl/client.rs (L498)),
and modified it to allow toggling a choice of root.

Note that there's an open PR for this in reqwest
(https://github.com/seanmonstar/reqwest/pull/1848), along with an issue
(https://github.com/seanmonstar/reqwest/issues/1843), which I may ping,
but it's been around for a while and I believe reqwest is focused on its
next major release.

Closes https://github.com/astral-sh/uv/issues/2346.
 2024-03-12 04:05:49 +00:00