astral-sh
netrc authentication seems to fail for index_url specified in requirements.txt.
Description:
netrc authentication seems to fail for index_url specified in requirements.txt.
How to reproduce:
uv pip install -r requirement.txt does not work if requirement.txt contains an --index-url whose authentication is stored in ~/.netrc.
error: HTTP status client error (401 Unauthorized) for url
It works, however, if one moves the url out of the txt file and does uv pip install --index-url url_without_authentication -r requirement.txt.
The current uv platform: Linux.
uv version: 0.1.38.
Interesting... Can you share RUST_LOG=uv=trace uv pip install -v ... logs for the installation? Ensure you replace your password with asterisks in the logs.
Interesting... Can you share
RUST_LOG=uv=trace uv pip install -v ...logs for the installation? Ensure you replace your password with asterisks in the logs.
Thanks for the fast response! I assume you are asking for the logs for uv pip install -r requirement.txt?
TRACE No cache entry exists for /home/****/.cache/uv/simple-v7/89b815c496164a1b/absl-py.rkyv
DEBUG No cache entry for: https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Sending fresh GET request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Handling request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/ is unauthenticated, checking cache
TRACE No credentials in cache for URL https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Attempting unauthenticated request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
...
TRACE Request for https://****/artifactory/api/pypi/pypi-remote/simple/gitpython/ failed with 401 Unauthorized, checking for credentials
FWIW, directly use pip install instead of uv pip install works.
We're missing the relevant logs there, we don't try the netrc file until the request fails so where you stopped at "failed with 401 Unauthorized, checking for credentials" is the important part :)
Lol ok! It basically failed and exit at that point, so I didn't include it. Here it is:
TRACE No cache entry exists for /home/****/.cache/uv/simple-v7/89b815c496164a1b/absl-py.rkyv
DEBUG No cache entry for: https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Sending fresh GET request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Handling request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/ is unauthenticated, checking cache
TRACE No credentials in cache for URL https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Attempting unauthenticated request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
...
TRACE Request for https://****/artifactory/api/pypi/pypi-remote/simple/gitpython/ failed with 401 Unauthorized, checking for credentials
TRACE No credentials in cache for realm https://****
error: HTTP status client error (401 Unauthorized) for url (https://****/artifactory/api/pypi/pypi-remote/simple/gitpython/)
Hm so we're not seeing this log
https://github.com/astral-sh/uv/blob/c1370cab1b153a3d45c82cc2afe414cf2e1b2c82/crates/uv-auth/src/middleware.rs#L333
which suggests to me that we're not discovering the netrc file which is pretty weird. Would it be feasible to share the full logs in a gist or something?
This is basically the full log. I removed all entries in the requirements.txt except one. And here is the full log:
INFO Found a virtualenv through CONDA_PREFIX at: /home/****/.dotfiles/mambaforge/envs/sandbox
DEBUG Cached interpreter info for Python 3.10.14, skipping probing: /home/****/.dotfiles/mambaforge/envs/sandbox/bin/python
DEBUG Using Python 3.10.14 environment at /home/****/.dotfiles/mambaforge/envs/sandbox/bin/python
DEBUG Trying to lock if free: /tmp/uv-d91bf38ff76b0a64.lock
DEBUG Using registry request timeout of 30s
DEBUG Solving with target Python version 3.10.14
DEBUG Adding direct dependency: absl-py>=1.2.0
TRACE Fetching metadata for absl-py from https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE No cache entry exists for /home/****/.cache/uv/simple-v7/89b815c496164a1b/absl-py.rkyv
DEBUG No cache entry for: https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Sending fresh GET request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Handling request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/ is unauthenticated, checking cache
TRACE No credentials in cache for URL https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Attempting unauthenticated request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/
TRACE Request for https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/ failed with 401 Unauthorized, checking for credentials
TRACE No credentials in cache for realm https://****
error: HTTP status client error (401 Unauthorized) for url (https://****/artifactory/api/pypi/pypi-remote/simple/absl-py/)
Or do you want me to try something else?
Interestingly, I added a test case for this and it succeeds: https://github.com/astral-sh/uv/pull/3485
Does it look meaningfully different than your setup?
In case this might help, in my scenario, the $HOME environment variable wasn't populated and hence, uv did not detect the .netrc file, whereas pypi is able to find and use it.
Opened https://github.com/gribouille/netrc/issues/4 in upstream.
