Handle 403 response from secondary repos #3608
Conversation
If find_packages() for any pool repository raised a RepositoryError, no results would be returned even if the package had already been located in the default repository. This is problematic if a secondary returns a 403, such as in the case of Artifactory pypi repositories which can return 403 when a package does not exist. This change permits find_packages to continue in the event that a request to a secondary repo raises a RepositoryError.
|
This appears to be a dupe of #3337 |
|
@GooseYArd thank you for your contribution. :) I believe majority of this is a due of #3337. That said we would still welcome a rework of this, at the very least to just add to the documentation. :) |
|
@abn whoops I meant to close this PR after I noticed #3337, I'll close it now and may send it up again with just the docs changes. By the way- I made this change after tracking down a pair of issues that prevented us from being able to use our private pypi repository (which requires client cert auth) with poetry. As it turns out, both of them already had fixes in pull requests, but both pull requests have been un-merged for a very long time. I'm wondering if you might mind to look at the other as well? It's #3490 . We'd love to use poetry at my company, but these two small issues make it impossible, and I'm worried that it might be difficult for us to get bug fixes merged in the future :( |
|
@GooseYArd happy to get that reviewed and merged for 1.2. Regarding your "getting bug fixes merged" concern, I do intend to focus a bit more on the more enterprise-y use cases and hardening going forward fwiw. But that said, as with most FOSS, we are volunteer driven with all core maintainers holding down fairly involved day jobs. We do want to add more maintainers who are willing to spend more time reviewing community contributions, but this is a challenge on its own. :) As the project matures, I suspect the need for this kind of bug fixes or improvements would be less critical, since hopefully then it would be gnarly edge cases. |
|
@abn I understand completely, and delighted to help out however I can :) Thanks and good luck with the next release!! |
|
This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Pull Request Check List
Resolves: #2783
Hi all- this is my first PR for the project and thus I'm still somewhat clueless about the architecture as well as the teams practices, so begging your pardon in advance. Although this fixes the issue I've been encountering, I'm not confident that it's the ideal fix. I'm consulting with our Artifactory admins now to see if its possible to modify the behavior of the repo. Also I suspect that a few other open bugs related to failures when using secondary repositories may be the result of the same issue.