Possible to configure "truststore" to be persistent? #12689
Comments
forderud
added
S: needs triage
ichard26
added
project: vendored dependency
|
We do have plans to eventually flip the switch and make I don't work in environments where truststore would be applicable, and corporate TLS/CAs are outside of my wheelhouse, but AFAIU, the feedback has been generally positive judging from recent issue tracker activity. |
|
Every command line flag in pip can be configured via environment variables or configuration files. See https://pip.pypa.io/en/stable/topics/configuration/ which discusses the details. You can use |
pradyunsg
added
type: question
|
Thanks a lot for the tip @pradyunsg. I hereby confirm that |
|
@ichard26 I don't have any concerns about switching to using Truststore by default. PDM has been using Truststore as their default for some time now and we've only received two reports in that time about any issues. All that would be needed is upgrading pip to truststore 0.9.1 and then rebasing the "truststore by default" PR. |
|
Coolio. I'm only speaking for myself here, but perhaps it'd be good to take a look at revitalising the PR and target pip 24.2 then! |
What's the problem this feature will solve?
I've read on https://pip.pypa.io/en/latest/topics/https-certificates/ that users can now pass
--use-feature=truststoreas argument to pip to utilize the system certificate store. This is great for corporations with network infrastructures with custom CAs. Thank you!However, it can still be clumsy to always having to provide the "truststore" argument. I'm therefore wondering if pip can be configured to always use it?
Describe the solution you'd like
Pip configuration file parameter to persistently enable "truststore".
Alternative Solutions
Open for alternatives.
Additional context
N/A
Code of Conduct
The text was updated successfully, but these errors were encountered: