hiro/poetry2nix
1
0
Fork 0
mirror of https://github.com/vale981/poetry2nix synced 2025-03-04 08:41:42 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
1489 commits 40 branches 35 tags 5.4 MiB
Commit graph

10 commits

Author SHA1 Message Date
Patrick Stevens
283b30a5c4
Allow legacy package indices to return absolute paths (#719) 2022-10-03 11:44:06 +13:00
adisbladis
f46e65a006 Fix python2 compat issues in fetch_from_legacy.py 2022-01-12 18:48:06 +13:00
adisbladis
8078110a7f Reformat all Python code using Black 2022-01-12 18:48:06 +13:00
Antoine Eiche
48c228ac63 The package URL is relative to the index URL 
This fixes a regression introduced by f7ab15e390.

In case of a devpi repository,
- the index url looks like

    https://devpi.company/company/dev/+simple/python-package

- the package relative URL looks like

    /../../+f/d00/a3edd114f3e81/package.tar.gz#sha256=d00a3edd114f3e813e0e22e07513361b00d925fb67057a3452a897c8623f73f6

- the URL to download the package is

    https://devpi.company/company/dev/+f/d00/a3edd114f3e81/package.tar.gz#sha256=d00a3edd114f3e813e0e22e07513361b00d925fb67057a3452a897c8623f73f6

With the commit f7ab15e390, the URL to
download the package was

    https://devpi.company/+f/d00/a3edd114f3e81/package.tar.gz#sha256=d00a3edd114f3e813e0e22e07513361b00d925fb67057a3452a897c8623f73f6

which doesn't exist.
 2022-01-11 09:37:05 +01:00
Rowan Skewes
f7ab15e390 Enable private PYPI repositories via netrc 2021-12-26 02:44:11 -08:00
George Macon
42b1e673aa Include the trailing slash in legacy index URL 
The PyPI Legacy API documentation [1] says that the distribution
downloads for project can be accessed via a request

    GET /simple/<project>/

but the current implementation instead makes a request

    GET /simple/<project>

There exist some custom repository servers that give erroneous responses
to requests without the slash, so include the slash.

[1]: https://warehouse.pypa.io/api-reference/legacy.html
 2021-11-29 16:08:30 -05:00
Johan Wirén
0550a673cc
Handles urls containing "../" 2021-07-01 18:47:49 +02:00
Antoine Eiche
f6765af4e7 Fix insecure ssl in fetch_from_legacy 2021-06-30 21:38:10 +02:00
adisbladis
106c4248ed
fetch_from_legacy: Ignore TLS certificates validity 
We want this fetcher to still work even when the CA certs and server
certs are expired or otherwise considered insecure for backwards
compatibility reasons.
 2021-06-01 16:25:29 -05:00
Antoine Eiche
28fba9f743
Add support to the legacy Pypi API 
Some private repositories (such as Devpi) expose the legacy Pypi
API (https://warehouse.pypa.io/api-reference/legacy.html).

This commit adds a dedicated fetcher which basically queries this API
to get the URL pointing to the actual file.

Since Pypi still exposes this API, it has been possible to write a
test that uses this legacy API.

Fixes https://github.com/nix-community/poetry2nix/issues/277.
 2021-06-01 16:25:29 -05:00