pombredanne
commented
5 months ago @oheger-bosch Thank you for the report and the detailed investigation.
Open oheger-bosch opened 5 months ago
pombredanne
commented
5 months ago @oheger-bosch Thank you for the report and the detailed investigation.
Python inspector relies on the
.netrcfile to obtain the credentials for private repositories. This file typically has a format as follows:When looking up the credentials for a repository referenced by an
--extra-index-urlin arequirements.txtfile, the full URL is matched against themachinefield, not only the host name. This happens in api.py and in the get_netrc_auth helper function.This means that credentials defined in
.netrcfiles following the standard conventions cannot be found. In verbose mode, the tool logs the involved repositories with their credentials, and here None was printed, even though the host of the repository was defined in the file. To test whether my theory is correct, I changed my local.netrcfile to actually contain the full index URL, and then it was indeed picked up, and the correct credentials were logged.I think, this issue may be related to #127; if no credentials for private repositories are found, the packages cannot be resolved from there.