Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Publish: Warn when keyring has no password #8827

Merged
merged 3 commits into from
Nov 27, 2024
Merged

Publish: Warn when keyring has no password #8827

merged 3 commits into from
Nov 27, 2024

Conversation

konstin
Copy link
Member

@konstin konstin commented Nov 5, 2024

When trying to upload without a password but with the keyring, check that the keyring has a password for the upload URL and username and warn if it doesn't.

Fixes #8781

@konstin konstin added enhancement New feature or improvement to existing functionality preview Experimental behavior labels Nov 5, 2024
@konstin konstin temporarily deployed to uv-test-publish November 5, 2024 08:46 — with GitHub Actions Inactive
@konstin konstin force-pushed the konsti/check-keyring branch from bb7bc8c to a5e75b2 Compare November 5, 2024 13:00
@konstin konstin temporarily deployed to uv-test-publish November 5, 2024 13:03 — with GitHub Actions Inactive
@konstin konstin temporarily deployed to uv-test-publish November 5, 2024 13:52 — with GitHub Actions Inactive
@konstin konstin force-pushed the konsti/check-keyring branch from 6061397 to afb374e Compare November 15, 2024 10:06
@konstin konstin force-pushed the konsti/check-keyring branch from 3433d67 to 183454f Compare November 27, 2024 16:35
zanieb
zanieb reviewed Nov 27, 2024
View reviewed changes
crates/uv/tests/it/publish.rs Outdated
Comment on lines 213 to 220
context
.pip_install()
.arg("keyring")
// Contains the plaintext keyring
.arg("keyrings.alt")
.env_remove(EnvVars::UV_EXCLUDE_NEWER)
.assert()
.success();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you know we have a dedicated test keyring plugin? Might make life easier

uv/crates/uv/tests/it/lock.rs

Lines 16221 to 16272 in cc6bfa1

// Install our keyring plugin
keyring_context
.pip_install()
.arg(
keyring_context
.workspace_root
.join("scripts")
.join("packages")
.join("keyring_test_plugin"),
)
.assert()
.success();
let context = TestContext::new("3.12");
let pyproject_toml = context.temp_dir.child("pyproject.toml");
pyproject_toml.write_str(
r#"
[project]
name = "foo"
version = "0.1.0"
requires-python = ">=3.12"
dependencies = ["iniconfig"]
[build-system]
requires = ["setuptools>=42"]
build-backend = "setuptools.build_meta"
[tool.uv]
keyring-provider = "subprocess"
[[tool.uv.index]]
name = "proxy"
url = "https://pypi-proxy.fly.dev/basic-auth/simple"
default = true
"#,
)?;
// Provide credentials via environment variables.
uv_snapshot!(context.filters(), context.lock()
.env(EnvVars::index_username("PROXY"), "public")
.env(EnvVars::KEYRING_TEST_CREDENTIALS, r#"{"pypi-proxy.fly.dev": {"public": "heron"}}"#)
.env(EnvVars::PATH, venv_bin_path(&keyring_context.venv)), @r###"
success: true
exit_code: 0
----- stdout -----
----- stderr -----
Request for public@https://pypi-proxy.fly.dev/basic-auth/simple/iniconfig/
Request for public@pypi-proxy.fly.dev
Resolved 2 packages in [TIME]
"###);

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's neat!

@konstin konstin merged commit 0b0d0f4 into main Nov 27, 2024
64 checks passed
@konstin konstin deleted the konsti/check-keyring branch November 27, 2024 19:54
@konstin konstin mentioned this pull request Nov 28, 2024
Open
@BrewTestBot BrewTestBot mentioned this pull request Dec 3, 2024
Merged
tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request Dec 5, 2024
@tmeijn
build(deps): update astral-sh/uv to v0.5.6
be6c629 
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [astral-sh/uv](https://github.com/astral-sh/uv) | patch | `0.5.5` -> `0.5.6` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>astral-sh/uv (astral-sh/uv)</summary>

### [`v0.5.6`](https://github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#056)

[Compare Source](astral-sh/uv@0.5.5...0.5.6)

##### Enhancements

-   Add `--dry-run` to `uv pip uninstall` ([#&#8203;9557](astral-sh/uv#9557))
-   Allow `--constraints` and `--overrides` in `uv tool install` ([#&#8203;9547](astral-sh/uv#9547))
-   Display removed Python executables on uninstall ([#&#8203;9459](astral-sh/uv#9459))
-   Warn when keyring has no password for `uv publish` ([#&#8203;8827](astral-sh/uv#8827))
-   Add suggested action when `.python-version` pin is incompatible with the project ([#&#8203;9590](astral-sh/uv#9590))
-   Improve error messages for mismatches in `tool.uv.sources` ([#&#8203;9482](astral-sh/uv#9482))
-   Use constraints in trace rather than irrelevant `requires-python` ([#&#8203;9529](astral-sh/uv#9529))

##### Preview features

-   Add `uv python install --default` ([#&#8203;8650](astral-sh/uv#8650))
-   Fix Python executable installation when multiple patch versions are requested ([#&#8203;9607](astral-sh/uv#9607))
-   Build backend: Revamp `include` / `exclude` ([#&#8203;9525](astral-sh/uv#9525))
-   Build backend: Add fast path  ([#&#8203;9556](astral-sh/uv#9556))
-   Build backend: Add functions to collect file list ([#&#8203;9602](astral-sh/uv#9602))
-   Build backend: Default excludes ([#&#8203;9552](astral-sh/uv#9552))
-   Build backend: Refactoring before list ([#&#8203;9558](astral-sh/uv#9558))
-   Build backend: Warn when visiting over 10k files  ([#&#8203;9523](astral-sh/uv#9523))

##### Configuration

-   Make `check-url` available in configuration files ([#&#8203;9032](astral-sh/uv#9032))

##### Performance

-   Avoid adding non-extra package with extra dependencies ([#&#8203;9540](astral-sh/uv#9540))
-   Avoid cloning `String` in marker evaluation ([#&#8203;9598](astral-sh/uv#9598))

##### Rust API

-   `uv-pep508`: Add more methods for simplifying `extra`-related expressions ([#&#8203;9469](astral-sh/uv#9469))

##### Bug fixes

-   Allow `file:` URLs to include package names ([#&#8203;9493](astral-sh/uv#9493))
-   Avoid using IDs across PubGrub states ([#&#8203;9538](astral-sh/uv#9538))
-   Consistently enforce requested-vs.-built metadata when retrieving wheels ([#&#8203;9484](astral-sh/uv#9484))
-   Do not show empty version specifier in `uv tool list` ([#&#8203;9605](astral-sh/uv#9605))
-   Include Git member information when getting metadata from cache ([#&#8203;9388](astral-sh/uv#9388))
-   Include base installation directory in uv run PATH ([#&#8203;9585](astral-sh/uv#9585))
-   Insert backslash when appending to system drive ([#&#8203;9488](astral-sh/uv#9488))
-   Normalize paths when lowering Git dependencies ([#&#8203;9595](astral-sh/uv#9595))
-   Omit origin when comparing requirements ([#&#8203;9570](astral-sh/uv#9570))
-   Override `manylinux_compatible` with `--python-platform` ([#&#8203;9526](astral-sh/uv#9526))
-   Pass extra when evaluating lockfile markers ([#&#8203;9539](astral-sh/uv#9539))
-   Propagate markers for recursive extras in resolver ([#&#8203;9509](astral-sh/uv#9509))
-   Respect path dependencies within Git dependencies ([#&#8203;9594](astral-sh/uv#9594))
-   Support recursive extras with marker in `pip compile -r pyproject.toml` ([#&#8203;9535](astral-sh/uv#9535))
-   Don't emit unpinned warning for proxy packages ([#&#8203;9497](astral-sh/uv#9497))
-   Fix `--refresh-package` flag mentioned as `--refresh-dependency` ([#&#8203;9486](astral-sh/uv#9486))
-   Handle Windows AV/EDR file locks during script installations ([#&#8203;9543](astral-sh/uv#9543))
-   Re-enable conflicting extra/group tests and fix regression from [#&#8203;9540](astral-sh/uv#9540) ([#&#8203;9582](astral-sh/uv#9582))

##### Documentation

-   Add missing word to docs for `run.md` ([#&#8203;9527](astral-sh/uv#9527))
-   Add policies reference section and license document ([#&#8203;9367](astral-sh/uv#9367))
-   Fix typo in entry point docs ([#&#8203;9491](astral-sh/uv#9491))
-   Fix up version in prior uninstall instructions ([#&#8203;9485](astral-sh/uv#9485))
-   Mention `uv pip` behavior in build system note ([#&#8203;9586](astral-sh/uv#9586))
-   Update build failures document ([#&#8203;9584](astral-sh/uv#9584))
-   Correct wording for multiple sources section ([#&#8203;9504](astral-sh/uv#9504))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zanieb zanieb zanieb approved these changes

Assignees
No one assigned
Labels
enhancement New feature or improvement to existing functionality preview Experimental behavior
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Warn when using the keyring in uv publish but it doesn't have credentials
2 participants
@konstin @zanieb