Open EdAyers opened 3 weeks ago
I'm not sure what the correct behavior is here \cc @zanieb.
I think something that would help here is uv should give a different error if the entire index is returning a 403 or 404 rather than saying that the package can't be found.
Unfortunately AFAIK there is no way to differentiate between these scenarios.
I'm guessing uv is using the keyring installed in the venv instead of the global one and then is failing because artifacts-keyring is not installed.
I'm not really sure what we can do about this. This sounds like the correct behavior.
Yeah that's how I was feeling.
I guess either:
keyring
in the venv fails, fall back to running in the global tool venvartifacts-keyring
package.I originally got this because keyring was being installed implicitly by another dependency, so my developer-experience was uv stopped working in an illegible way after installing a seemingly unrelated dependency. It took me a while of fiddling with venvs etc to figure it out. Using the verbose logs of uv didn't help either.
Anyway, I'm rooting for you!
Reproduction steps
uv 0.4.4 (3d75df6ab 2024-09-04)
You need a private Azure Devops repository you can point to.
uv tool install keyring --with artifacts-keyring
export UV_KEYRING_PROVIDER=subprocess
export UV_INDEX_URL=https://VssSessionToken@pkgs.dev.azure.com/{organisation}/{project}/_packaging/{feedName}/pypi/simple/
(note this is index_url not extra_index. I want all package installs to use my index.)uv venv
;source .venv/bin/activate
uv add keyring
: installskeyring 25.3.0
via the private index.uv add pandas
(or any package)If I don't run
uv add keyring
, uv works as expected. If instead I runuv add keyring artifacts-keyring
, it works as expected.It might be possible to reproduce with an --extra-index-url too.
I'm guessing
uv
is using thekeyring
installed in the venv instead of the global one and then is failing becauseartifacts-keyring
is not installed. Keyring is silently failing and uv fails to find the registry. I think something that would help here is uv should give a different error if the entire index is returning a 403 or 404 rather than saying that the package can't be found.