Closed uranusjr closed 4 years ago
With something like this, we'd also be able to drop the keyring out-of-the-box integration in those tools (at least in pip) in favor of a plugin like this -- which would help usability as well -- and is worth noting here.
Can you add these issues into the markdown file?
I second @xmunoz -- I think you should add the details you shared in the comment on this pull request into the FUNDABLES item itself.
I’ve added the content of the PR description as a part of the patch.
Thanks! Updated.
Thanks @uranusjr and thanks reviewers! I have polished wording slightly in 5f62a3a00cb9492a6e52ac8685c008ac741e3c0f .
Close #5.
What is the current situation/context? Standard packaging tools currently only supports package indexes using basic authentication.
What ought to be fixed, made, or implemented? See pypa/pip#4475 and pypa/twine#362. A shared interface and implementation for various alternative authentication method support can be developed for both tools (and maybe more), so organisations can choose to install them to be able to use e.g. Kerberos to secure their private package indexes.
What kinds of work are necessary to make this happen?