search

mamba-org / mamba

The Fast Cross-Platform Package Manager
https://mamba.readthedocs.io
BSD 3-Clause "New" or "Revised" License
6.97k stars 359 forks source link

Micromamba queries Conda channel server with censored URL #3628

Open maresb opened 4 days ago

maresb commented 4 days ago

Search tried in issue tracker

token

Latest version of Mamba

2.0.4a3

Tried in Conda?

I do not have this problem with Conda, just with Mamba

Describe your issue

This comes from the conda-lock test suite when using micromamba v2.0.4.

In short, whenever Micromamba prints a channel URL to the console and that URL contains a token, it censors the token by replacing it with *****. The regression here is that when Micromamba requests a URL from the Conda channel server, the token is sent as ***** instead of its original value, so Micromamba is making invalid requests.

The input to micromamba is this explicit lockfile:

/tmp/explicit.txt:

# Generated by conda-lock.
# platform: linux-64
# input_hash: 701a99b2fc55ca5b4c2b84680513be14da721036646ddd36de7b37723525a55c
@EXPLICIT
http://localhost:32826/t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/_libgcc_mutex-0.1-conda_forge.tar.bz2#d7c89558ba9fa0495403155b64376d81
http://localhost:32826/t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/libgomp-14.2.0-h77fa898_1.conda#cc3573974587f12dda90d96e3e55a702
http://localhost:32826/t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/_openmp_mutex-4.5-2_gnu.tar.bz2#73aaf86a425cc6e73fcf236a5a46396d
http://localhost:32826/t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/libgcc-14.2.0-h77fa898_1.conda#3cb76c3f10d3bc7f1105b2fc9db984df
http://localhost:32826/t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/libzlib-1.3.1-hb9d3cd8_2.conda#edb0dca6bc32e4f4789199455a1dbeb8
http://localhost:32826/t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/zlib-1.3.1-hb9d3cd8_2.conda#c9f075ab2f33b3bbee9e62d4ad0a6cd8

To monitor what's going on, run

python3 -m http.server 32826

If I run

micromamba create --file /tmp/explicit.txt -n 3628 --yes

then I get warnings and an error:

Transaction starting
warning  libmamba Extracted package cache '~/micromamba/pkgs/libgomp-14.2.0-h77fa898_1' has invalid url
warning  libmamba Extracted package cache '~/micromamba/pkgs/_openmp_mutex-4.5-2_gnu' has invalid url
warning  libmamba Package tarball '~/micromamba/pkgs/_openmp_mutex-4.5-2_gnu.tar.bz2' is invalid
warning  libmamba Extracted package cache '~/micromamba/pkgs/libgcc-14.2.0-h77fa898_1' has invalid url
warning  libmamba Package tarball '~/micromamba/pkgs/libgcc-14.2.0-h77fa898_1.conda' is invalid
warning  libmamba Extracted package cache '~/micromamba/pkgs/libzlib-1.3.1-hb9d3cd8_2' has invalid url
warning  libmamba Extracted package cache '~/micromamba/pkgs/zlib-1.3.1-hb9d3cd8_2' has invalid url
...
p://localhost:32826/t/**********/get/proxy-channel/linux-64/libgomp-14.2.0-h77fa898_1.conda (status 404)
critical libmamba Transfer finalized, status: 404 [http://localhost:32826/t/**********/get/proxy-channel/linux-64/zlib-1.3.1-hb9d3cd8_2.conda] 469 bytes

The webserver shows that the token is being censored in the URL:

127.0.0.1 - - [25/Nov/2024 00:28:58] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:28:58] "GET /t/*****/get/proxy-channel/linux-64/zlib-1.3.1-hb9d3cd8_2.conda HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:28:58] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:28:58] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:28:58] "GET /t/*****/get/proxy-channel/linux-64/_openmp_mutex-4.5-2_gnu.tar.bz2 HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:28:58] "GET /t/*****/get/proxy-channel/linux-64/libgomp-14.2.0-h77fa898_1.conda HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:28:58] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:28:58] "GET /t/*****/get/proxy-channel/linux-64/libgcc-14.2.0-h77fa898_1.conda HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:28:58] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:28:58] "GET /t/*****/get/proxy-channel/linux-64/libzlib-1.3.1-hb9d3cd8_2.conda HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:28:58] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:28:58] "GET /t/*****/get/proxy-channel/linux-64/zlib-1.3.1-hb9d3cd8_2.conda HTTP/1.1" 404 -

When I replace micromamba with conda, you see the token being logged by the webserver:

127.0.0.1 - - [25/Nov/2024 00:30:40] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:30:40] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:30:40] "GET /t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/libzlib-1.3.1-hb9d3cd8_2.conda HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:30:40] "GET /t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/libgomp-14.2.0-h77fa898_1.conda HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:30:40] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:30:40] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:30:40] "GET /t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/libgcc-14.2.0-h77fa898_1.conda HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:30:40] code 404, message File not found
127.0.0.1 - - [25/Nov/2024 00:30:40] "GET /t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/_libgcc_mutex-0.1-conda_forge.tar.bz2 HTTP/1.1" 404 -
127.0.0.1 - - [25/Nov/2024 00:30:40] "GET /t/1a5eb8d110994feaa53d0d9f8bf13bbb/get/proxy-channel/linux-64/_openmp_mutex-4.5-2_gnu.tar.bz2 HTTP/1.1" 404 -

If I downgrade to 2.0.2 then the token is sent.

jjerphan commented 3 days ago

Thank you for the report and the handy reproducer

Using git bisect, I found that https://github.com/mamba-org/mamba/pull/3178/ caused the regression.