Closed jacksmith15 closed 11 months ago
Name | Link |
---|---|
Latest commit | 5ffc30bc76d5b59d8bab44cec41aa368ccafa6d6 |
Latest deploy log | https://app.netlify.com/sites/conda-lock/deploys/64b5805e7f0e9c0008c8a82a |
Deploy Preview | https://deploy-preview-470--conda-lock.netlify.app |
Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify site configuration.
Description
Related issue: https://github.com/conda/conda-lock/issues/461 Related PRs: https://github.com/conda/conda-lock/pull/323
https://github.com/conda/conda-lock/pull/323 aimed to implement
--strip-auth
support for private PyPi packages, however it only targeted--kind explicit
lockfiles.This PR adds support for
--kind lock
lockfiles (the default, unified kind).To achieve this, I pass the
--strip-auth
flag through to the resolver, and strip HTTP Basic auth from the URLs. This avoids the need for first writing a temporary lockfile containing the credentials, and then fixing them after the fact. It also avoids edge cases where users may have requested multiple types of lockfiles.Currently only HTTP Basic auth is supported for private PyPi repositories, so this should catch all cases.