Open
Description
Description
Installing from a VCS URL that included credentials as environment variables, those variables are stripped from the "url" in direct_url.json, meaning they are also not included in the output of pip freeze.
Original comment: #11410 (comment)
Expected behavior
I would expect the "url" field in direct_url.json to include the environment variables that are used for authentication.
pip version
22.0.2
Python version
3.10.12
OS
Ubuntu 22.04
How to Reproduce
- Create a
venvvirutal environment - Activate the environment
- Add a VCS URL containing environment variables to a
requirements.txtfile - Run
pip install -r requirements.txt - Inspect
direct_url.jsonor runpip freeze
Output
$ mkdir pip-test; cd pip-test
$ echo "resolvelib @ git+https://${TEST_USER}:${TEST_PASS}@github.com/sarugaku/[email protected]" > requirements.txt
$ python3 -m venv .venv
$ . .venv/bin/activate
$ export TEST_USER="test-user"
$ export TEST_PASS="test-pass"
$ pip install -r requirements.txt
Collecting resolvelib@ git+https://:@github.com/sarugaku/[email protected]
Cloning https://:****@github.com/sarugaku/resolvelib (to revision 1.0.1) to /tmp/pip-install-jq6_4h_8/resolvelib_b660f6e7cd70411981cf94b5c4a10857
Running command git clone --filter=blob:none --quiet 'https://:****@github.com/sarugaku/resolvelib' /tmp/pip-install-jq6_4h_8/resolvelib_b660f6e7cd70411981cf94b5c4a10857
warning: redirecting to https://github.com/sarugaku/resolvelib/
Running command git checkout -q 969c5c75ded426dac43eff9619e1e857f22f37bb
warning: redirecting to https://github.com/sarugaku/resolvelib/
Resolved https://:****@github.com/sarugaku/resolvelib to commit 969c5c75ded426dac43eff9619e1e857f22f37bb
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing metadata (pyproject.toml) ... done
Building wheels for collected packages: resolvelib
Building wheel for resolvelib (pyproject.toml) ... done
Created wheel for resolvelib: filename=resolvelib-1.0.1-py2.py3-none-any.whl size=17195 sha256=b4352dc966ecd7ddfd72a009d6f370860bff476027ab34990265cdbf5e8aa2f7
Stored in directory: /tmp/pip-ephem-wheel-cache-e4my4hf4/wheels/37/d4/ac/771993aa3deae60395d34f040f543177533359d0efa0034ecf
Successfully built resolvelib
Installing collected packages: resolvelib
Successfully installed resolvelib-1.0.1
$ python -m json.tool .venv/lib/python3.10/site-packages/resolvelib-1.0.1.dist-info/direct_url.json
{
"url": "https://github.com/sarugaku/resolvelib",
"vcs_info": {
"commit_id": "c9ef371ad96e698bf3e0bb09acc682bd43e39bd7",
"requested_revision": "1.0.1",
"vcs": "git"
}
}
$ pip freeze
resolvelib @ git+https://github.com/sarugaku/resolvelib@c9ef371ad96e698bf3e0bb09acc682bd43e39bd7Code of Conduct
- I agree to follow the PSF Code of Conduct.