[Distutils] Disabling non HTTPS access to APIs on PyPI
Wes Turner
wes.turner at gmail.com
Fri Oct 27 22:24:16 EDT 2017
On Friday, October 27, 2017, Paul Moore <p.f.moore at gmail.com> wrote:
> On 27 October 2017 at 22:22, Alex Domoradov <alex.hha at gmail.com
> <javascript:;>> wrote:
> > I got it. And what I should do with old system? For e.g. we still use
> ubuntu
> > 12.04. Is there any way to upgrade pip/setuptools?
>
> Well, if Ubuntu aren't offering an upgrade, you can do
>
> pip install -i https://pypi.python.org/simple/ ...
>
> Or install your own copy of pip/setuptools, I guess (get-pip --user,
> see https://pip.pypa.io/en/stable/installing/#installing-with-get-pip-py).
> Paul
Does this upgrade system pip, regardless of the package checksums:
$ sudo pip install -i https://pypi.python.org/simple/ -U pip setuptools
If that doesn't work (or **isn't advisable because `sudo pip` is
dangerous**),
you can also configure the index URL with a config file or an environment
variable:
https://pip.pypa.io/en/latest/user_guide/#config-file lists the paths for
Windows, MacOS, and Linux.
/etc/pip.conf
~/.pip/pip.conf
$VIRTUAL_ENV/pip.conf
```
[global]
index-url = https://pypi.python.org/simple/
```
$ export PIP_INDEX_URL="https://pypi.python.org/simple/"
Setuptools (easy_install) uses ~/.pydistutils.cfg :
```
[easy_install]
index_url = https://pypi.python.org/simple/
```
Buildout uses buildout.cfg and ~/.buildout/default.cfg :
```
[buildout]
index = https://pypi.python.org/simple/
```
"What to do when PyPi goes down" (2010)
https://jacobian.org/writing/when-pypi-goes-down/
This URL also works as the -i/--index-url?
https://pypi.org/simple/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20171027/677cc1d3/attachment.html>
More information about the Distutils-SIG
mailing list