In bugwarrior.services.gitlab.GitlabClient._fetch(), the verify_ssl configuration value is given as the requests verify parameter, which can either be a boolean or a path to a CA certificate bundle:
Simply extending the configuration type to include bugwarrior.config.ExpandedPath allows users to use non-public certificate authorities without disabling TLS verification entirely. This is preferable to setting the REQUESTS_CA_BUNDLE environment variable, which may interfere with other services using different certificate authorities.
In
bugwarrior.services.gitlab.GitlabClient._fetch()
, theverify_ssl
configuration value is given as the requestsverify
parameter, which can either be a boolean or a path to a CA certificate bundle:https://docs.python-requests.org/en/latest/user/advanced/#ssl-cert-verification
Simply extending the configuration type to include
bugwarrior.config.ExpandedPath
allows users to use non-public certificate authorities without disabling TLS verification entirely. This is preferable to setting theREQUESTS_CA_BUNDLE
environment variable, which may interfere with other services using different certificate authorities.