Credentials for private pypi repository are printed if dependency resolution fails

Issue description

If you configure pipenv to use a private repository that requires a username and password them you must include these credentials in the URL. If the install of a dependency fails then this full URL will be printed to the terminal, including the credentials.

Expected result

Credentials should not be printed to the terminal. If I run the underlying pip command then the password is removed:

➜ /home/matthew/.local/share/virtualenvs/testing-new-repo-o-waS-vm/bin/pip install --verbose --upgrade jupyter -i https://matthew:PASSWORD@PRIVATE_PYPI/pypi/
...
1 location(s) to search for versions of pip:
* https://matthew:****@PRIVATE_PYPI/pypi/pip/
Getting page https://matthew:****@PRIVATE_PYPI/pypi/pip/
Looking up "https://PRIVATE_PYPI/pypi/pip/" in the cache
Request header has "max_age" as 0, cache bypassed
Starting new HTTPS connection (1): PRIVATE_PYPI:443
https://PRIVATE_PYPI:443 "GET /pypi/pip/ HTTP/1.1" 404 None
Status code 404 not in (200, 203, 300, 301)
Could not fetch URL https://matthew:****@PRIVATE_PYPI/pypi/pip/: 404 Client Error: Not Found for url: https://PRIVATE_PYPI/pypi/pip/ - skipping

There are several points where it prints this URL.

Actual result

➜ pipenv install jupyter
Installing jupyter…
Adding jupyter to Pipfile's [packages]…
✔ Installation Succeeded
Pipfile.lock (774340) out of date, updating to (81ce55)…
Locking [dev-packages] dependencies…
Locking [packages] dependencies…
✘ Locking Failed!
[pipenv.exceptions.ResolutionFailure]:   File "/home/matthew/.local/lib/python3.7/site-packages/pipenv/resolver.py", line 69, in resolve
[pipenv.exceptions.ResolutionFailure]:       req_dir=requirements_dir
[pipenv.exceptions.ResolutionFailure]:   File "/home/matthew/.local/lib/python3.7/site-packages/pipenv/utils.py", line 726, in resolve_deps
[pipenv.exceptions.ResolutionFailure]:       req_dir=req_dir,
[pipenv.exceptions.ResolutionFailure]:   File "/home/matthew/.local/lib/python3.7/site-packages/pipenv/utils.py", line 480, in actually_resolve_deps
[pipenv.exceptions.ResolutionFailure]:       resolved_tree = resolver.resolve()
[pipenv.exceptions.ResolutionFailure]:   File "/home/matthew/.local/lib/python3.7/site-packages/pipenv/utils.py", line 395, in resolve
[pipenv.exceptions.ResolutionFailure]:       raise ResolutionFailure(message=str(e))
[pipenv.exceptions.ResolutionFailure]:       pipenv.exceptions.ResolutionFailure: ERROR: ERROR: Could not find a version that matches jupyter
[pipenv.exceptions.ResolutionFailure]:       No versions found
[pipenv.exceptions.ResolutionFailure]: Warning: Your dependencies could not be resolved. You likely have a mismatch in your sub-dependencies.
  First try clearing your dependency cache with $ pipenv lock --clear, then try the original command again.
 Alternatively, you can use $ pipenv install --skip-lock to bypass this mechanism, then run $ pipenv graph to inspect the situation.
  Hint: try $ pipenv lock --pre if it is a pre-release dependency.
ERROR: ERROR: Could not find a version that matches jupyter
No versions found
Was https://matthew:PASSWORD@PRIVATE_PYPI/pypi/ reachable?
[pipenv.exceptions.ResolutionFailure]:       req_dir=requirements_dir
[pipenv.exceptions.ResolutionFailure]:   File "/home/matthew/.local/lib/python3.7/site-packages/pipenv/utils.py", line 726, in resolve_deps
[pipenv.exceptions.ResolutionFailure]:       req_dir=req_dir,
[pipenv.exceptions.ResolutionFailure]:   File "/home/matthew/.local/lib/python3.7/site-packages/pipenv/utils.py", line 480, in actually_resolve_deps
[pipenv.exceptions.ResolutionFailure]:       resolved_tree = resolver.resolve()
[pipenv.exceptions.ResolutionFailure]:   File "/home/matthew/.local/lib/python3.7/site-packages/pipenv/utils.py", line 395, in resolve
[pipenv.exceptions.ResolutionFailure]:       raise ResolutionFailure(message=str(e))
[pipenv.exceptions.ResolutionFailure]:       pipenv.exceptions.ResolutionFailure: ERROR: ERROR: Could not find a version that matches jupyter
[pipenv.exceptions.ResolutionFailure]:       No versions found
[pipenv.exceptions.ResolutionFailure]: Warning: Your dependencies could not be resolved. You likely have a mismatch in your sub-dependencies.
  First try clearing your dependency cache with $ pipenv lock --clear, then try the original command again.
 Alternatively, you can use $ pipenv install --skip-lock to bypass this mechanism, then run $ pipenv graph to inspect the situation.
  Hint: try $ pipenv lock --pre if it is a pre-release dependency.
ERROR: ERROR: Could not find a version that matches jupyter
No versions found
Was https://matthew:PASSWORD@PRIVATE_PYPI/pypi/ reachable?

Steps to replicate

$ pipenv --support

Pipenv version: `'2018.11.26'` Pipenv location: `'/home/matthew/.local/lib/python3.7/site-packages/pipenv'` Python location: `'/home/matthew/.pyenv/versions/3.7.1/bin/python3.7'` Python installations found: - `3.7.3`: `/home/matthew/.pyenv/versions/3.7.3/bin/python3.7m` - `3.7.3`: `/home/matthew/.pyenv/versions/3.7.3/bin/python3.7` PEP 508 Information: ``` {'implementation_name': 'cpython', 'implementation_version': '3.7.1', 'os_name': 'posix', 'platform_machine': 'x86_64', 'platform_python_implementation': 'CPython', 'platform_release': '4.15.0-46-generic', 'platform_system': 'Linux', 'platform_version': '#49-Ubuntu SMP Wed Feb 6 09:33:07 UTC 2019', 'python_full_version': '3.7.1', 'python_version': '3.7', 'sys_platform': 'linux'} ``` System environment variables: - `LC_ALL` - `LS_COLORS` - `XDG_MENU_PREFIX` - `LANG` - `LESS` - `FZF_DEFAULT_COMMAND` - `DISPLAY` - `PYENV_ROOT` - `OLDPWD` - `SDKMAN_CANDIDATES_API` - `AWS_SECRET_ACCESS_KEY` - `EDITOR` - `KEYTIMEOUT` - `GTK2_MODULES` - `_ZCACHE_CACHE_LOADED` - `_ZCACHE_PATH` - `COLORTERM` - `USERNAME` - `VIRTUAL_ENV_DISABLE_PROMPT` - `JAVA_HOME` - `PYENV_HOOK_PATH` - `J2SDKDIR` - `ARTIFACTORY_PASSWORD` - `XDG_VTNR` - `ZSH` - `GIT_EDITOR` - `SSH_AUTH_SOCK` - `MANDATORY_PATH` - `S_COLORS` - `TMUX_PLUGIN_MANAGER_PATH` - `GLADE_CATALOG_PATH` - `XDG_SESSION_ID` - `DERBY_HOME` - `USER` - `GLADE_MODULE_PATH` - `PYENV_DIR` - `FZF_DEFAULT_OPTS` - `PAGER` - `LSCOLORS` - `DESKTOP_SESSION` - `_ZCACHE_EXTENSION_CLEAN_FUNCTIONS` - `OS_CLOUD` - `GRADLE_HOME` - `GNOME_TERMINAL_SCREEN` - `DEFAULTS_PATH` - `QT_QPA_PLATFORMTHEME` - `PWD` - `HOME` - `LC_CTYPE` - `J2REDIR` - `SSH_AGENT_PID` - `PYENV_VERSION` - `QT_ACCESSIBILITY` - `TMUX` - `XDG_SESSION_TYPE` - `_ZCACHE_CACHE_VERSION` - `XDG_DATA_DIRS` - `_ZCACHE_PAYLOAD_PATH` - `SVN_EDITOR` - `XDG_SESSION_DESKTOP` - `ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE` - `SDKMAN_DIR` - `GLADE_PIXMAP_PATH` - `GTK_MODULES` - `UBUNTU_MENUPROXY` - `VISUAL` - `_ZCACHE_BUNDLES_PATH` - `WINDOWPATH` - `VTE_VERSION` - `TERM` - `SHELL` - `SDKMAN_CANDIDATES_DIR` - `XDG_CURRENT_DESKTOP` - `POWERLINE_COMMAND` - `GNOME_TERMINAL_SERVICE` - `TMUX_PANE` - `AWS_ACCESS_KEY_ID` - `PYENV_SHELL` - `XDG_SEAT` - `SHLVL` - `LANGUAGE` - `ANTIGEN_COMPDUMPFILE` - `ADOTDIR` - `GDMSESSION` - `ANTIGEN_DEFAULT_REPO_URL` - `LOGNAME` - `DBUS_SESSION_BUS_ADDRESS` - `XDG_RUNTIME_DIR` - `XAUTHORITY` - `XDG_CONFIG_DIRS` - `PATH` - `_ANTIGEN_LOG_PATH` - `SDKMAN_VERSION` - `SDKMAN_PLATFORM` - `ARTIFACTORY_USERNAME` - `SESSION_MANAGER` - `DEFAULT_USER` - `PIP_DISABLE_PIP_VERSION_CHECK` - `PYTHONDONTWRITEBYTECODE` - `PIP_SHIMS_BASE_MODULE` - `PIP_PYTHON_PATH` - `PYTHONFINDER_IGNORE_UNSUPPORTED` Pipenv–specific environment variables: Debug–specific environment variables: - `PATH`: `/home/matthew/.local/bin:/home/matthew/.pyenv/libexec:/home/matthew/.pyenv/plugins/python-build/bin:/home/matthew/.pyenv/plugins/pyenv-virtualenv/bin:/home/matthew/.pyenv/plugins/pyenv-update/bin:/home/matthew/.pyenv/plugins/pyenv-installer/bin:/home/matthew/.pyenv/plugins/pyenv-doctor/bin:/home/matthew/.antigen/repos/git@github.com-COLON-BrandwatchLtd-SLASH-aws-credentials.git:/home/matthew/Programming/Kubernetes/google-cloud-sdk/bin:/home/matthew/.sdkman/candidates/gradle/current/bin:/home/matthew/.pyenv/shims:/home/matthew/.local/bin:/home/matthew/bin:/home/matthew/.local/bin:/usr/lib/jvm/java-8-oracle//bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/usr/lib/jvm/java-8-oracle/bin:/usr/lib/jvm/java-8-oracle/db/bin:/usr/lib/jvm/java-8-oracle/jre/bin:/opt/puppetlabs/bin:/home/matthew/.pyenv/bin:/home/matthew/.gem/ruby/2.3.0/bin:/home/matthew/.gem/ruby/2.5.0/bin:/home/matthew/.antigen/repos/https-COLON--SLASH--SLASH-gitlab.com-SLASH-matthewfranglen-SLASH-docker-go/bin:/home/matthew/.antigen/repos/https-COLON--SLASH--SLASH-gitlab.com-SLASH-matthewfranglen-SLASH-format-python:/home/matthew/.antigen/repos/https-COLON--SLASH--SLASH-gitlab.com-SLASH-matthewfranglen-SLASH-git-stashes:/home/matthew/.antigen/repos/https-COLON--SLASH--SLASH-gitlab.com-SLASH-matthewfranglen-SLASH-random:/home/matthew/.antigen/repos/https-COLON--SLASH--SLASH-github.com-SLASH-matthewfranglen-SLASH-gitflow-avh.git-PIPE-master:/home/matthew/.antigen/repos/git@github.com-COLON-BrandwatchLtd-SLASH-spark-submit-wrapper.git:/home/matthew/Programming/Scala/spark-binaries/current/bin:/home/matthew/.fzf/bin` - `SHELL`: `/bin/zsh` - `EDITOR`: `vim` - `LANG`: `en_GB.UTF-8` - `PWD`: `/home/matthew/Programming/Python/testing-new-repo` --------------------------- Contents of `Pipfile` ('/home/matthew/Programming/Python/testing-new-repo/Pipfile'): ```toml [[source]] name = "pypi" url = "https://${ARTIFACTORY_USERNAME}:${ARTIFACTORY_PASSWORD}@PRIVATE_PYPI/pypi/" verify_ssl = true [dev-packages] [packages] jupyter = "*" [requires] python_version = "3.7" ``` Contents of `Pipfile.lock` ('/home/matthew/Programming/Python/testing-new-repo/Pipfile.lock'): ```json { "_meta": { "hash": { "sha256": "3ee3f6bde4b23da806b90daf832b955bd1cee84c61cbfa3b3e19fe867c81ce55" }, "pipfile-spec": 6, "requires": { "python_version": "3.7" }, "sources": [ { "name": "pypi", "url": "https://${ARTIFACTORY_USERNAME}:${ARTIFACTORY_PASSWORD}@PRIVATE_PYPI/pypi/", "verify_ssl": true } ] }, "default": {}, "develop": {} } ```

pypa / pipenv