logangrado
commented
1 year ago I would only suggest that we add allow_netrc=True to this call here: https://github.com/frostming/unearth/blob/d2dd7cf7a8c989f35a467997f2bb8f9c47fe12f0/src/unearth/auth.py#L238
That way we are not only relying on the default value in _get_new_credentials, but also encoding it here. This would make it clear that we always want to use netrc for the initial call.
frostming
Signed-off-by: Frost Ming me@frostming.com
This PR reverts some changes made by #70 but uses a different way, so that:
Before sending request to the index, the credentials in netrc will be read to authenticate the request. And only when the request fails with 401 error, the keyring will be queried and then prompt in the console.
This means if your index returns 403 or even 404 on unauthorized requests, you must rely on the credentials provided via netrc. Otherwise the error response will be returned without any atttempt to load other credentials.
This behavior is also the same as pip.