From 698e62283857f0545fecf9e94fb8ecdce377ba7f Mon Sep 17 00:00:00 2001 From: Zanie Blue Date: Tue, 3 Sep 2024 17:08:11 -0500 Subject: [PATCH] Consistently create base clients with trusted host settings --- crates/uv/src/commands/project/add.rs | 15 ++++++--------- crates/uv/src/commands/project/init.rs | 10 ++++++++-- crates/uv/src/commands/project/run.rs | 20 +++++--------------- crates/uv/src/commands/python/install.rs | 3 +++ crates/uv/src/commands/tool/install.rs | 7 ++----- crates/uv/src/commands/tool/run.rs | 10 +++------- crates/uv/src/lib.rs | 2 ++ 7 files changed, 29 insertions(+), 38 deletions(-) diff --git a/crates/uv/src/commands/project/add.rs b/crates/uv/src/commands/project/add.rs index 158bbb74686b..a64ded65bec8 100644 --- a/crates/uv/src/commands/project/add.rs +++ b/crates/uv/src/commands/project/add.rs @@ -89,6 +89,12 @@ pub(crate) async fn add( } } + let client_builder = BaseClientBuilder::new() + .connectivity(connectivity) + .native_tls(native_tls) + .keyring(settings.keyring_provider) + .allow_insecure_host(settings.allow_insecure_host.clone()); + let reporter = PythonDownloadReporter::single(printer); let target = if let Some(script) = script { @@ -114,10 +120,6 @@ pub(crate) async fn add( ); } - let client_builder = BaseClientBuilder::new() - .connectivity(connectivity) - .native_tls(native_tls); - // If we found a script, add to the existing metadata. Otherwise, create a new inline // metadata tag. let script = if let Some(script) = Pep723Script::read(&script).await? { @@ -230,11 +232,6 @@ pub(crate) async fn add( Target::Project(project, venv) }; - let client_builder = BaseClientBuilder::new() - .connectivity(connectivity) - .native_tls(native_tls) - .keyring(settings.keyring_provider); - // Read the requirements. let RequirementsSpecification { requirements, .. } = RequirementsSpecification::from_simple_sources(&requirements, &client_builder).await?; diff --git a/crates/uv/src/commands/project/init.rs b/crates/uv/src/commands/project/init.rs index 9f156e26485b..a81d7cc33c51 100644 --- a/crates/uv/src/commands/project/init.rs +++ b/crates/uv/src/commands/project/init.rs @@ -8,6 +8,7 @@ use pep508_rs::PackageName; use tracing::{debug, warn}; use uv_cache::Cache; use uv_client::{BaseClientBuilder, Connectivity}; +use uv_configuration::TrustedHost; use uv_fs::{Simplified, CWD}; use uv_python::{ EnvironmentPreference, PythonDownloads, PythonInstallation, PythonPreference, PythonRequest, @@ -35,6 +36,7 @@ pub(crate) async fn init( python_preference: PythonPreference, python_downloads: PythonDownloads, connectivity: Connectivity, + allow_insecure_host: Vec, native_tls: bool, cache: &Cache, printer: Printer, @@ -78,6 +80,7 @@ pub(crate) async fn init( python_preference, python_downloads, connectivity, + allow_insecure_host, native_tls, cache, printer, @@ -126,6 +129,7 @@ async fn init_project( python_preference: PythonPreference, python_downloads: PythonDownloads, connectivity: Connectivity, + allow_insecure_host: Vec, native_tls: bool, cache: &Cache, printer: Printer, @@ -197,7 +201,8 @@ async fn init_project( let reporter = PythonDownloadReporter::single(printer); let client_builder = BaseClientBuilder::new() .connectivity(connectivity) - .native_tls(native_tls); + .native_tls(native_tls) + .allow_insecure_host(allow_insecure_host); let interpreter = PythonInstallation::find_or_download( Some(&request), EnvironmentPreference::Any, @@ -224,7 +229,8 @@ async fn init_project( let reporter = PythonDownloadReporter::single(printer); let client_builder = BaseClientBuilder::new() .connectivity(connectivity) - .native_tls(native_tls); + .native_tls(native_tls) + .allow_insecure_host(allow_insecure_host); let interpreter = PythonInstallation::find_or_download( Some(&request), EnvironmentPreference::Any, diff --git a/crates/uv/src/commands/project/run.rs b/crates/uv/src/commands/project/run.rs index 4047f6c48483..35f508cbecdc 100644 --- a/crates/uv/src/commands/project/run.rs +++ b/crates/uv/src/commands/project/run.rs @@ -93,6 +93,11 @@ pub(crate) async fn run( // Initialize any output reporters. let download_reporter = PythonDownloadReporter::single(printer); + let client_builder = BaseClientBuilder::new() + .connectivity(connectivity) + .native_tls(native_tls) + .allow_insecure_host(settings.allow_insecure_host.clone()); + // Determine whether the command to execute is a PEP 723 script. let temp_dir; let script_interpreter = if let Some(script) = script { @@ -122,10 +127,6 @@ pub(crate) async fn run( }) }; - let client_builder = BaseClientBuilder::new() - .connectivity(connectivity) - .native_tls(native_tls); - let interpreter = PythonInstallation::find_or_download( python_request.as_ref(), EnvironmentPreference::Any, @@ -352,9 +353,6 @@ pub(crate) async fn run( // If we're isolating the environment, use an ephemeral virtual environment as the // base environment for the project. - let client_builder = BaseClientBuilder::new() - .connectivity(connectivity) - .native_tls(native_tls); // Resolve the Python request and requirement for the workspace. let WorkspacePython { @@ -468,10 +466,6 @@ pub(crate) async fn run( debug!("No project found; searching for Python interpreter"); let interpreter = { - let client_builder = BaseClientBuilder::new() - .connectivity(connectivity) - .native_tls(native_tls); - // (1) Explicit request from user let python_request = if let Some(request) = python.as_deref() { Some(PythonRequest::parse(request)) @@ -529,10 +523,6 @@ pub(crate) async fn run( let spec = if requirements.is_empty() { None } else { - let client_builder = BaseClientBuilder::new() - .connectivity(connectivity) - .native_tls(native_tls); - let spec = RequirementsSpecification::from_simple_sources(&requirements, &client_builder).await?; diff --git a/crates/uv/src/commands/python/install.rs b/crates/uv/src/commands/python/install.rs index 4d94975cb38d..c1e049410f70 100644 --- a/crates/uv/src/commands/python/install.rs +++ b/crates/uv/src/commands/python/install.rs @@ -9,6 +9,7 @@ use itertools::Itertools; use owo_colors::OwoColorize; use uv_client::Connectivity; +use uv_configuration::TrustedHost; use uv_fs::CWD; use uv_python::downloads::{DownloadResult, ManagedPythonDownload, PythonDownloadRequest}; use uv_python::managed::{ManagedPythonInstallation, ManagedPythonInstallations}; @@ -26,6 +27,7 @@ pub(crate) async fn install( python_downloads: PythonDownloads, native_tls: bool, connectivity: Connectivity, + allow_insecure_host: Vec, no_config: bool, printer: Printer, ) -> Result { @@ -131,6 +133,7 @@ pub(crate) async fn install( let client = uv_client::BaseClientBuilder::new() .connectivity(connectivity) .native_tls(native_tls) + .allow_insecure_host(allow_insecure_host) .build(); let reporter = PythonDownloadReporter::new(printer, downloads.len() as u64); diff --git a/crates/uv/src/commands/tool/install.rs b/crates/uv/src/commands/tool/install.rs index eef29cea3d0f..44dee8f9045d 100644 --- a/crates/uv/src/commands/tool/install.rs +++ b/crates/uv/src/commands/tool/install.rs @@ -52,7 +52,8 @@ pub(crate) async fn install( ) -> Result { let client_builder = BaseClientBuilder::new() .connectivity(connectivity) - .native_tls(native_tls); + .native_tls(native_tls) + .allow_insecure_host(settings.allow_insecure_host.clone()); let reporter = PythonDownloadReporter::single(printer); @@ -75,10 +76,6 @@ pub(crate) async fn install( // Initialize any shared state. let state = SharedState::default(); - let client_builder = BaseClientBuilder::new() - .connectivity(connectivity) - .native_tls(native_tls); - // Parse the input requirement. let target = Target::parse(&package, from.as_deref()); diff --git a/crates/uv/src/commands/tool/run.rs b/crates/uv/src/commands/tool/run.rs index 55d9042386b4..1f1d57363b62 100644 --- a/crates/uv/src/commands/tool/run.rs +++ b/crates/uv/src/commands/tool/run.rs @@ -316,7 +316,8 @@ async fn get_or_create_environment( ) -> Result<(Requirement, PythonEnvironment), ProjectError> { let client_builder = BaseClientBuilder::new() .connectivity(connectivity) - .native_tls(native_tls); + .native_tls(native_tls) + .allow_insecure_host(settings.allow_insecure_host.clone()); let reporter = PythonDownloadReporter::single(printer); @@ -393,12 +394,7 @@ async fn get_or_create_environment( }; // Read the `--with` requirements. - let spec = { - let client_builder = BaseClientBuilder::new() - .connectivity(connectivity) - .native_tls(native_tls); - RequirementsSpecification::from_simple_sources(with, &client_builder).await? - }; + let spec = RequirementsSpecification::from_simple_sources(with, &client_builder).await?; // Resolve the `--from` and `--with` requirements. let requirements = { diff --git a/crates/uv/src/lib.rs b/crates/uv/src/lib.rs index 92d470953d95..52306e629e7f 100644 --- a/crates/uv/src/lib.rs +++ b/crates/uv/src/lib.rs @@ -925,6 +925,7 @@ async fn run(cli: Cli) -> Result { globals.python_downloads, globals.native_tls, globals.connectivity, + vec![], // TODO(zanieb): Add support for trusted hosts here cli.no_config, printer, ) @@ -1033,6 +1034,7 @@ async fn run_project( globals.python_preference, globals.python_downloads, globals.connectivity, + vec![], // TODO(zanieb): Add support for trusted hosts here globals.native_tls, &cache, printer,