-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Possible to configure "truststore" to be persistent? #12689
Comments
We do have plans to eventually flip the switch and make I don't work in environments where truststore would be applicable, and corporate TLS/CAs are outside of my wheelhouse, but AFAIU, the feedback has been generally positive judging from recent issue tracker activity. |
Every command line flag in pip can be configured via environment variables or configuration files. See https://pip.pypa.io/en/stable/topics/configuration/ which discusses the details. You can use |
Thanks a lot for the tip @pradyunsg. I hereby confirm that |
@ichard26 I don't have any concerns about switching to using Truststore by default. PDM has been using Truststore as their default for some time now and we've only received two reports in that time about any issues. All that would be needed is upgrading pip to truststore 0.9.1 and then rebasing the "truststore by default" PR. |
Coolio. I'm only speaking for myself here, but perhaps it'd be good to take a look at revitalising the PR and target pip 24.2 then! |
What's the problem this feature will solve?
I've read on https://pip.pypa.io/en/latest/topics/https-certificates/ that users can now pass
--use-feature=truststore
as argument to pip to utilize the system certificate store. This is great for corporations with network infrastructures with custom CAs. Thank you!However, it can still be clumsy to always having to provide the "truststore" argument. I'm therefore wondering if pip can be configured to always use it?
Describe the solution you'd like
Pip configuration file parameter to persistently enable "truststore".
Alternative Solutions
Open for alternatives.
Additional context
N/A
Code of Conduct
The text was updated successfully, but these errors were encountered: