Python
/
uv
mirror of https://github.com/astral-sh/uv
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
uv/crates/uv-python/src
History
Charlie Marsh d86075fc1e
Add support for `--trusted-host` (#6591) 
## Summary

This PR revives https://github.com/astral-sh/uv/pull/4944, which I think
was a good start towards adding `--trusted-host`. Last night, I tried to
add `--trusted-host` with a custom verifier, but we had to vendor a lot
of `reqwest` code and I eventually hit some private APIs. I'm not
confident that I can implement it correctly with that mechanism, and
since this is security, correctness is the priority.

So, instead, we now use two clients and multiplex between them.

Closes https://github.com/astral-sh/uv/issues/1339.

## Test Plan

Created self-signed certificate, and ran `python3 -m http.server --bind
127.0.0.1 4443 --directory . --certfile cert.pem --keyfile key.pem` from
the packse index directory.

Verified that `cargo run pip install
transitive-yanked-and-unyanked-dependency-a-0abad3b6 --index-url
https://127.0.0.1:8443/simple-html` failed with:

```
error: Request failed after 3 retries
  Caused by: error sending request for url (https://127.0.0.1:8443/simple-html/transitive-yanked-and-unyanked-dependency-a-0abad3b6/)
  Caused by: client error (Connect)
  Caused by: invalid peer certificate: Other(OtherError(CaUsedAsEndEntity))
```

Verified that `cargo run pip install
transitive-yanked-and-unyanked-dependency-a-0abad3b6 --index-url
'https://127.0.0.1:8443/simple-html' --trusted-host '127.0.0.1:8443'`
failed with the expected error (invalid resolution) and made valid
requests.

Verified that `cargo run pip install
transitive-yanked-and-unyanked-dependency-a-0abad3b6 --index-url
'https://127.0.0.1:8443/simple-html' --trusted-host '127.0.0.2' -n` also
failed.
 		2024-08-27 09:36:50 -04:00
..
discovery.rs Add support for configuring `python-downloads` with `UV_PYTHON_DOWNLOADS` (#6436) 2024-08-22 23:19:03 +00:00
downloads.inc Update Pythons to include Python 3.12.5 (#6087) 2024-08-14 15:18:01 +00:00
downloads.inc.mustache Change "toolchain" to "python" (#4735) 2024-07-03 07:44:29 -05:00
downloads.rs Add support for `--trusted-host` (#6591) 2024-08-27 09:36:50 -04:00
environment.rs feat(venv): add relocatable flag (#5515) 2024-07-29 00:10:11 +00:00
implementation.rs Use max rather than min to sort managed Pythons (#5205) 2024-07-19 12:35:17 +00:00
installation.rs Detect musl and error for musl pbs builds (#6643) 2024-08-27 00:06:53 +00:00
interpreter.rs Use separate types to represent raw vs. resolver markers (#6646) 2024-08-26 18:00:21 +00:00
lib.rs Detect musl and error for musl pbs builds (#6643) 2024-08-27 00:06:53 +00:00
libc.rs Detect musl and error for musl pbs builds (#6643) 2024-08-27 00:06:53 +00:00
managed.rs Detect musl and error for musl pbs builds (#6643) 2024-08-27 00:06:53 +00:00
platform.rs Detect musl and error for musl pbs builds (#6643) 2024-08-27 00:06:53 +00:00
pointer_size.rs Change "toolchain" to "python" (#4735) 2024-07-03 07:44:29 -05:00
prefix.rs Initialize all `--prefix` subdirectories (#4895) 2024-07-08 14:15:25 +00:00
py_launcher.rs Upgrade to Rust 1.80.0 (#5472) 2024-07-27 01:49:47 +00:00
python_version.rs Use separate types to represent raw vs. resolver markers (#6646) 2024-08-26 18:00:21 +00:00
target.rs Change "toolchain" to "python" (#4735) 2024-07-03 07:44:29 -05:00
version_files.rs Fix priority for `.python-versions` files in `uv python install` (#6382) 2024-08-21 22:17:14 +00:00
virtualenv.rs feat(venv): add relocatable flag (#5515) 2024-07-29 00:10:11 +00:00
which.rs Search for all `python3.x` in PATH (#5148) 2024-07-18 17:00:01 +02:00