mirror of https://github.com/pypa/pip
If --allow-unverified is used assume it also means --allow-external
This commit is contained in:
parent
822a12edcf
commit
57acb26498
|
@ -56,6 +56,9 @@ class PackageFinder(object):
|
|||
normalize_name(n) for n in allow_unverified
|
||||
)
|
||||
|
||||
# Anything that is allowed unverified is also allowed external
|
||||
self.allow_external |= self.allow_unverified
|
||||
|
||||
# Do we allow all (safe and verifiable) externally hosted files?
|
||||
self.allow_all_external = allow_all_external
|
||||
|
||||
|
|
|
@ -484,6 +484,22 @@ def test_finder_finds_external_links_without_hashes_scraped_all_all_insecure(dat
|
|||
link = finder.find_requirement(req, False)
|
||||
assert link.filename == "bar-4.0.tar.gz"
|
||||
|
||||
|
||||
def test_finder_finds_external_links_without_hashes_scraped_insecure(data):
|
||||
"""
|
||||
Tests that PackageFinder finds externally scraped links without the
|
||||
external flag
|
||||
"""
|
||||
req = InstallRequirement.from_line("bar", None)
|
||||
|
||||
# using a local index
|
||||
finder = PackageFinder([], [data.index_url("externals")],
|
||||
allow_unverified=["bar"],
|
||||
)
|
||||
link = finder.find_requirement(req, False)
|
||||
assert link.filename == "bar-4.0.tar.gz"
|
||||
|
||||
|
||||
class test_link_package_versions(object):
|
||||
|
||||
# patch this for travis which has distribute in it's base env for now
|
||||
|
|
Loading…
Reference in New Issue