McSinyx/pip
1
1
Fork 0
mirror of https://github.com/pypa/pip synced 2023-12-13 21:30:23 +01:00
Code Issues Releases Activity
2527 commits 3 branches 142 tags 93 MiB
Commit graph

137 commits

Author SHA1 Message Date
Donald Stufft 57acb26498 If --allow-unverified is used assume it also means --allow-external 2014-01-10 10:35:55 -05:00
Donald Stufft b2a60f9088 Dont' fail on ConnectionErrors 2014-01-07 14:36:13 -05:00
Donald Stufft cb7af82f20 Remove the setuptools version check 
With the vendoring of pkg_resources we no longer need to worry
about the version of the installed setuptools.
 2014-01-07 08:11:28 -05:00
Donald Stufft 073ae0d0b1 Switch to importing the vendored pkg_resources 2014-01-07 04:47:04 -05:00
Donald Stufft 325cd513aa Add Accept: text/html header when processing an index 2014-01-07 03:12:52 -05:00
Marcus Smith 73b8692d86 a single path_to_url function with tests 2013-11-18 22:12:41 -08:00
Marcus Smith 3dc40cad46 - if installing directly from a wheel, fail if it has an invalid name or is unsupported 
- when walking links, skip invalid wheel filenames, don't crash
 2013-11-14 16:35:24 -08:00
Donald Stufft 787a9b11dd Enable Downloading Wheels by Default 
* Switches the default in pip.index.PackageFinder to True
* Supresses --use-wheel
* Adds --no-use-wheel which prevents the use of Wheel
 2013-11-07 12:29:14 -05:00
Marcus Smith ebb52ee12c use "INSTALLED_VERSION" (not "InfLink") as the name for the object that represents the "link" for the installed version of a requirement 2013-11-06 09:35:57 -08:00
Donald Stufft 62776e0d3d Merge pull request #1278 from qwcode/allow_mac_wheels 
allow pip to install mac wheels from pypi
 2013-11-04 13:45:51 -08:00
Donald Stufft 14d83f5333 Add a deprecation warning for dependency links 2013-11-02 13:27:10 -04:00
Marcus Smith 04f78cc71f allow pip to install Mac wheels from pypi (in addition to Windows wheels) 2013-10-31 20:54:25 -07:00
Donald Stufft 12ee7cc6d9 Do not respect dependency links by default 2013-10-27 18:34:46 -04:00
Donald Stufft dd160beb0b Better name the need_allow_insecure variable 2013-10-26 23:53:21 -04:00
Donald Stufft 840db882de Remove the allow_all_unverified 2013-10-26 23:52:04 -04:00
Donald Stufft 616ce39061 Rename --allow-insecure to --allow-unverified 2013-10-26 23:47:57 -04:00
Donald Stufft 814514e1bd Rename pip.vendor.* to pip._vendor.* to ensure it's obviously private 2013-10-22 21:32:25 -04:00
Donald Stufft 7cf21c6d2c Merge pull request #1213 from dstufft/deprecate-regex-parsing 
Deprecate the regex <th> finding
 2013-10-14 12:33:48 -07:00
Paul Moore 55272b264e Clarify setuptools requirement message by including the minimum version 2013-10-10 16:32:05 +01:00
Paul Moore 2902ce7985 Make the check for wheel support in setuptools test for DistInfoDistribution rather than check the version 2013-10-06 20:15:47 +01:00
Marcus Smith 3c0072cc00 merge from 1.4.X 2013-10-05 21:49:41 -07:00
Marcus Smith 11a178fda2 1) If the wheel name != search_name, then return immediately. Not doing so, 
exposes wheel link matching unnecessarily to Issue #1217.
2) If somehow the pip code is broken, and unsupported wheels are being
passed to the sorter, then atleast fail with a meaningful error.
 2013-10-01 21:33:26 -07:00
Donald Stufft 0530d555e0 Deprecate the regex <th> finding 2013-09-28 12:18:17 -04:00
Donald Stufft 74889a5413 Remove unused imports 2013-09-24 23:32:03 -04:00
Donald Stufft a2dffaf3a7 Remove old error handling that is no longer required 2013-09-24 23:32:03 -04:00
Donald Stufft f34d02d09f Refactor error hnadling into a function 2013-09-24 23:32:03 -04:00
Donald Stufft 13ba411c72 Add a missing text from the exception message 2013-09-24 23:32:03 -04:00
Donald Stufft cf0c6e74dd Move the requests.HTTPError into it's own exception handler 2013-09-24 23:32:03 -04:00
Donald Stufft 059ef170ee Catch the requests SSLError instead of ssl.SSLError 2013-09-24 23:32:03 -04:00
Donald Stufft 92c40c3e06 Ensure that we successfully utilize requests timeout functionality 2013-09-24 23:32:03 -04:00
Donald Stufft a8b94878f3 Remove threaded page downloads 
Threaded page downloads was causing issues with the requests
pool being closed. It also makes this area of code harder to debug
and quite often the pool has a size of 1.

Further more the pool only affects the scaning of the index which
should not have as great of a need for parallezation now that there
is only a single request per download by default.
 2013-09-24 23:32:03 -04:00
Donald Stufft ff2854a855 Use requests instead of urllib2 2013-09-24 23:32:03 -04:00
Donald Stufft 3c61ba7040 Warn when using an insecure transport for index or find-links 2013-08-15 09:29:11 -04:00
Donald Stufft 3ef4ee4693 Remove direct support for PEP381 Mirrors 
* PEP381 Mirroring support was never fully implemented leaving
  users of it trivially exploitable to a MITM or malicious mirror
  operator.
* 2 out of 6 of the mirrors have been removed from the pool and
  will never resolve.
* The remaining mirrors often fall behind
* The mirrors will likely never be available under HTTPS
* People who wish to use a mirror of PyPI can still do so by
  manually specifying a mirror url for --index-url or
  --extra-index-url which is more flexible, allowing for
  mirrors to be hosted under any domain.
 2013-07-29 12:42:33 -04:00
Donald Stufft 84ea16cd58 Don't ignore already installed pre-releases 2013-07-23 19:44:13 -04:00
Donald Stufft 44e43e250e Merge pull request #1075 from dstufft/always-consider-installed 
Don't ignore already installed pre-releases
 2013-07-23 16:43:56 -07:00
Donald Stufft 65342ef37b Don't ignore already installed pre-releases 2013-07-23 19:19:19 -04:00
Marcus Smith 9a22f06d18 merge from release-1.4 branch 2013-07-21 23:53:47 -07:00
David Aguilar bafcf59b2e pip.index: fix crash getting Content-Type header 
Returned headers may not always have the "Content-Type"
field available.  Avoid KeyError exceptions by using
dict.get() instead of blindly grabbing the header value.

Closes #32
 2013-07-15 13:09:09 -04:00
Donald Stufft 1aff8f53df Default to disallowing external and insecurely hosted files 2013-07-14 12:52:32 -04:00
Donald Stufft 8cef363327 --pre flag should affect the finder and not the requirements 
Storing the --pre flag on the finder enables easily being able
to have it affect all package discoveries made with that finder.
The previous method of passing it into the InstallRequirement
meant that only top level dependencies were controlled by
--pre
 2013-07-11 12:28:15 -04:00
Daniel Holth 05035e9258 fix #1029 (urlparse.urlparse() instead of just urlparse()) 2013-07-04 19:46:02 -04:00
Daniel Holth 07da91c842 cleaner "don't install pypi-hosted binary wheels on linux" feature 2013-06-30 14:15:03 -04:00
Donald Stufft 899d48021b Filter out binary Wheels for non Windows 2013-06-28 19:37:00 -04:00
Marcus Smith fb397cd1ec have "pip wheel" only be satisfied by setuptools 2013-06-27 00:20:28 -07:00
Marcus Smith 72f0ec9419 wheel is also supported now with setuptools>=0.7.2 2013-06-13 22:04:05 -07:00
Donald Stufft fb24b3eaaa Change --allow-external to work per project and add --allow-all-external 2013-06-07 10:43:52 -04:00
Donald Stufft d3638aa7a0 Change wording from "unsafe" to "insecure" 2013-06-07 10:43:52 -04:00
Donald Stufft 2731f06474 Default to allowing unsafe urls and allow disabling them via option 2013-06-07 10:43:52 -04:00
Donald Stufft cc46cdc8b3 Differentiate between safe and unsafe urls where possible 
* Links and HTMLPages know if they are "trusted"
* File Links know if they are safe or not
* A "Safe" file Link comes from a trusted Link/HTMLPage and has
  a hash allowing verification of the download
* Adds a --allow-unsafe PACKAGE argument to allow unsafe files on
  a per package basis
* Optimizes scraping external sites by short circuiting if
  the current trust rules won't allow using it's files anyways
 2013-06-07 10:43:52 -04:00