Donald Stufft
57acb26498
If --allow-unverified is used assume it also means --allow-external
2014-01-10 10:35:55 -05:00
Donald Stufft
b2a60f9088
Dont' fail on ConnectionErrors
2014-01-07 14:36:13 -05:00
Donald Stufft
cb7af82f20
Remove the setuptools version check
...
With the vendoring of pkg_resources we no longer need to worry
about the version of the installed setuptools.
2014-01-07 08:11:28 -05:00
Donald Stufft
073ae0d0b1
Switch to importing the vendored pkg_resources
2014-01-07 04:47:04 -05:00
Donald Stufft
325cd513aa
Add Accept: text/html header when processing an index
2014-01-07 03:12:52 -05:00
Marcus Smith
73b8692d86
a single path_to_url
function with tests
2013-11-18 22:12:41 -08:00
Marcus Smith
3dc40cad46
- if installing directly from a wheel, fail if it has an invalid name or is unsupported
...
- when walking links, skip invalid wheel filenames, don't crash
2013-11-14 16:35:24 -08:00
Donald Stufft
787a9b11dd
Enable Downloading Wheels by Default
...
* Switches the default in pip.index.PackageFinder to True
* Supresses --use-wheel
* Adds --no-use-wheel which prevents the use of Wheel
2013-11-07 12:29:14 -05:00
Marcus Smith
ebb52ee12c
use "INSTALLED_VERSION" (not "InfLink") as the name for the object that represents the "link" for the installed version of a requirement
2013-11-06 09:35:57 -08:00
Donald Stufft
62776e0d3d
Merge pull request #1278 from qwcode/allow_mac_wheels
...
allow pip to install mac wheels from pypi
2013-11-04 13:45:51 -08:00
Donald Stufft
14d83f5333
Add a deprecation warning for dependency links
2013-11-02 13:27:10 -04:00
Marcus Smith
04f78cc71f
allow pip to install Mac wheels from pypi (in addition to Windows wheels)
2013-10-31 20:54:25 -07:00
Donald Stufft
12ee7cc6d9
Do not respect dependency links by default
2013-10-27 18:34:46 -04:00
Donald Stufft
dd160beb0b
Better name the need_allow_insecure variable
2013-10-26 23:53:21 -04:00
Donald Stufft
840db882de
Remove the allow_all_unverified
2013-10-26 23:52:04 -04:00
Donald Stufft
616ce39061
Rename --allow-insecure to --allow-unverified
2013-10-26 23:47:57 -04:00
Donald Stufft
814514e1bd
Rename pip.vendor.* to pip._vendor.* to ensure it's obviously private
2013-10-22 21:32:25 -04:00
Donald Stufft
7cf21c6d2c
Merge pull request #1213 from dstufft/deprecate-regex-parsing
...
Deprecate the regex <th> finding
2013-10-14 12:33:48 -07:00
Paul Moore
55272b264e
Clarify setuptools requirement message by including the minimum version
2013-10-10 16:32:05 +01:00
Paul Moore
2902ce7985
Make the check for wheel support in setuptools test for DistInfoDistribution rather than check the version
2013-10-06 20:15:47 +01:00
Marcus Smith
3c0072cc00
merge from 1.4.X
2013-10-05 21:49:41 -07:00
Marcus Smith
11a178fda2
1) If the wheel name != search_name, then return immediately. Not doing so,
...
exposes wheel link matching unnecessarily to Issue #1217 .
2) If somehow the pip code is broken, and unsupported wheels are being
passed to the sorter, then atleast fail with a meaningful error.
2013-10-01 21:33:26 -07:00
Donald Stufft
0530d555e0
Deprecate the regex <th> finding
2013-09-28 12:18:17 -04:00
Donald Stufft
74889a5413
Remove unused imports
2013-09-24 23:32:03 -04:00
Donald Stufft
a2dffaf3a7
Remove old error handling that is no longer required
2013-09-24 23:32:03 -04:00
Donald Stufft
f34d02d09f
Refactor error hnadling into a function
2013-09-24 23:32:03 -04:00
Donald Stufft
13ba411c72
Add a missing text from the exception message
2013-09-24 23:32:03 -04:00
Donald Stufft
cf0c6e74dd
Move the requests.HTTPError into it's own exception handler
2013-09-24 23:32:03 -04:00
Donald Stufft
059ef170ee
Catch the requests SSLError instead of ssl.SSLError
2013-09-24 23:32:03 -04:00
Donald Stufft
92c40c3e06
Ensure that we successfully utilize requests timeout functionality
2013-09-24 23:32:03 -04:00
Donald Stufft
a8b94878f3
Remove threaded page downloads
...
Threaded page downloads was causing issues with the requests
pool being closed. It also makes this area of code harder to debug
and quite often the pool has a size of 1.
Further more the pool only affects the scaning of the index which
should not have as great of a need for parallezation now that there
is only a single request per download by default.
2013-09-24 23:32:03 -04:00
Donald Stufft
ff2854a855
Use requests instead of urllib2
2013-09-24 23:32:03 -04:00
Donald Stufft
3c61ba7040
Warn when using an insecure transport for index or find-links
2013-08-15 09:29:11 -04:00
Donald Stufft
3ef4ee4693
Remove direct support for PEP381 Mirrors
...
* PEP381 Mirroring support was never fully implemented leaving
users of it trivially exploitable to a MITM or malicious mirror
operator.
* 2 out of 6 of the mirrors have been removed from the pool and
will never resolve.
* The remaining mirrors often fall behind
* The mirrors will likely never be available under HTTPS
* People who wish to use a mirror of PyPI can still do so by
manually specifying a mirror url for --index-url or
--extra-index-url which is more flexible, allowing for
mirrors to be hosted under any domain.
2013-07-29 12:42:33 -04:00
Donald Stufft
84ea16cd58
Don't ignore already installed pre-releases
2013-07-23 19:44:13 -04:00
Donald Stufft
44e43e250e
Merge pull request #1075 from dstufft/always-consider-installed
...
Don't ignore already installed pre-releases
2013-07-23 16:43:56 -07:00
Donald Stufft
65342ef37b
Don't ignore already installed pre-releases
2013-07-23 19:19:19 -04:00
Marcus Smith
9a22f06d18
merge from release-1.4 branch
2013-07-21 23:53:47 -07:00
David Aguilar
bafcf59b2e
pip.index: fix crash getting Content-Type header
...
Returned headers may not always have the "Content-Type"
field available. Avoid KeyError exceptions by using
dict.get() instead of blindly grabbing the header value.
Closes #32
2013-07-15 13:09:09 -04:00
Donald Stufft
1aff8f53df
Default to disallowing external and insecurely hosted files
2013-07-14 12:52:32 -04:00
Donald Stufft
8cef363327
--pre flag should affect the finder and not the requirements
...
Storing the --pre flag on the finder enables easily being able
to have it affect all package discoveries made with that finder.
The previous method of passing it into the InstallRequirement
meant that only top level dependencies were controlled by
--pre
2013-07-11 12:28:15 -04:00
Daniel Holth
05035e9258
fix #1029 (urlparse.urlparse() instead of just urlparse())
2013-07-04 19:46:02 -04:00
Daniel Holth
07da91c842
cleaner "don't install pypi-hosted binary wheels on linux" feature
2013-06-30 14:15:03 -04:00
Donald Stufft
899d48021b
Filter out binary Wheels for non Windows
2013-06-28 19:37:00 -04:00
Marcus Smith
fb397cd1ec
have "pip wheel" only be satisfied by setuptools
2013-06-27 00:20:28 -07:00
Marcus Smith
72f0ec9419
wheel is also supported now with setuptools>=0.7.2
2013-06-13 22:04:05 -07:00
Donald Stufft
fb24b3eaaa
Change --allow-external to work per project and add --allow-all-external
2013-06-07 10:43:52 -04:00
Donald Stufft
d3638aa7a0
Change wording from "unsafe" to "insecure"
2013-06-07 10:43:52 -04:00
Donald Stufft
2731f06474
Default to allowing unsafe urls and allow disabling them via option
2013-06-07 10:43:52 -04:00
Donald Stufft
cc46cdc8b3
Differentiate between safe and unsafe urls where possible
...
* Links and HTMLPages know if they are "trusted"
* File Links know if they are safe or not
* A "Safe" file Link comes from a trusted Link/HTMLPage and has
a hash allowing verification of the download
* Adds a --allow-unsafe PACKAGE argument to allow unsafe files on
a per package basis
* Optimizes scraping external sites by short circuiting if
the current trust rules won't allow using it's files anyways
2013-06-07 10:43:52 -04:00