Fix issues with authenticated indexes #231
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
According to the netrc specification (see [1] and [2]), the `machine` part should not be a full URL, but only a host name. Before, using the correct netrc format with only a host name did not work for authentication purposes in Python Inspector. Fix this by using urllib.parse to find the matching host name. [1]: https://www.ibm.com/docs/en/aix/7.2.0?topic=formats-netrc-file-format-tcpip [2]: https://docs.python.org/3/library/netrc.html#netrc.netrc.hosts Resolves: aboutcode-org#176. Signed-off-by: Marcel Bochtler <marcel.bochtler@bosch.com>
Support the fallback to `default` if the user did not set a specific host name in their netrc file. Signed-off-by: Marcel Bochtler <marcel.bochtler@bosch.com>
MarcelBochtler
force-pushed
the
netrc-format-fix
branch
from
1dc35a9 to
a280803
Compare
Signed-off-by: Marcel Bochtler <marcel.bochtler@bosch.com>
MarcelBochtler
changed the title
In PyPI simple repository format, package URLs typically end with the package name and should have a trailing slash [1]. To ensure this trailing slash, the some web servers might redirect to the URL with the trailing slash. This causes the issue that the BasicAuth credentials are removed from the request for security reasons. This was observed with an internal Artifactory repository and adding a trailing slash to the package_url fixes the issue. [1]: https://peps.python.org/pep-0503/#specification Resolves: aboutcode-org#127. Signed-off-by: Marcel Bochtler <marcel.bochtler@bosch.com>
MarcelBochtler
force-pushed
the
netrc-format-fix
branch
from
4ca8e8f to
e1b179e
Compare
|
@pombredanne do you mind taking a look? |
|
Hi @pombredanne, Could you give us an update here? Can you approve Marcel's PR and create a release? It would be extremely important for us, as our customer has been waiting for a solution for months. If there's anything we can do to help, please let us know. Thank you! |
|
@tsteenbe can you help to move this forward? |
|
@sschuberth Had a call with Philippe - the PR was blocked due to failing tests, updated expected test results was needed - created a 2nd PR as we couldn't update the one from @MarcelBochtler due to lack of permissions. |
|
@pombredanne @tsteenbe Could you please make a release with this fix? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes two issues with the netrc handling of
python-inspector:defaulthost namePlease take a look at the specific commits for details.
Resolves: #127 and #176