`--trusted-host` not passed to `pip` when installing from a lockfile
See original GitHub issueIssue description
On the latest pipenv release, running pipenv install
does not pass --trusted-host
to pip
.
Running pipenv install xyz
does.
Expected result
--trusted-host
is passed to pip
.
Actual result
> pipenv install --verbose
Installing dependencies from Pipfile…
Installing 'aiohttp'▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 0/7 — 00:00:00
$ ['/Users/tom/.local/share/virtualenvs/tmp.YkTM0kln-68P7VPaZ/bin/pip', 'install', '--verbose', '--upgrade', '--no-deps', '-r', '/var/folders/9w/twrv54nd0v19gsbjhjs3mlhc0000gn/T/pipenv-wgs4narf-requirements/pipenv-h6s3thx1-requirement.txt', '-i', 'http://x.x.co.uk:8080', '--require-hashes']
And:
> pipenv install --verbose pytest
⠋Installing 'pytest'
$ ['/Users/tom/.local/share/virtualenvs/tmp.YkTM0kln-68P7VPaZ/bin/pip', 'install', '--verbose', '--upgrade', 'pytest', '-i', 'http://x.x.co.uk:8080', '--trusted-host', 'x.x.co.uk']
Steps to replicate
Have a Pipfile
like this:
[[source]]
url = "http://INTERNAL_PYPI:8080"
verify_ssl = false
name = "xyz"
[packages]
aiohttp = "*"
Notice how the argument is not passed to pip when calling pipenv install
.
Issue Analytics
- State:
- Created 5 years ago
- Comments:12 (1 by maintainers)
Top Results From Across the Web
How to make pipenv install <package> use SSL certificate of ...
So on the bottom line I am looking for a way to make pipenv use my firewall's certificate. EDIT: here's the output when...
Read more >pipenv Documentation - Read the Docs
run will run a given command from the virtualenv, with any arguments forwarded (e.g. $ pipenv run python or $ pipenv run pip...
Read more >pipenv Documentation
While pip can install Python packages, Pipenv is recommended as it's a higher-level tool that simplifies dependency management for common use ...
Read more >Dependency Resolution - pip documentation v22.3.1
The process of determining which version of a dependency to install is known as dependency resolution. This behaviour can be disabled by passing...
Read more >Installation — ESMValTool 2.5.0 documentation
However, this requires first installing dependencies that are not available ... the option --trusted-host , e.g. pip install --trusted-host=pypi.python.org ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Hello. It is seems to me that this bug is back again. I am trying ty install a package from my private repo:
pipenv install --verbose my_package>=4.0.0 --index="http://private.repo.org/x/y/z/simple" --trusted-host private.repo.org
but got this output (
trusted-host
is missing and command fails):Installation via pip directly succeeds. It is frustrating that solution provided by the error output is the thing which is not working.
Edit: Using a current version of pipenv:
No. Things start to work after I deleted pypi source (so only one source in my Pipfile is my private repo).
Ok. I will make some more experiments and create some extract some minimalistic case (probably during next week). Thanks for your help so far.