From a543352e641b294d9579111604a72521b5035bde Mon Sep 17 00:00:00 2001 From: James Edington Administrator Date: Thu, 1 Feb 2024 17:16:21 -0600 Subject: [PATCH] cli: use truststore if available The lack of this has been a *perennial* thorn for people behind corporate TLS MITM ALG proxies; when it's soluble, it's still annoying, and sometimes the proxy applications don't use a stable root bundle, rendering the situation kinda insoluble. - https://github.com/pypa/twine/issues/328 - https://github.com/pypa/twine/issues/387 - https://github.com/pypa/twine/issues/536 - https://github.com/pypa/twine/issues/740 - https://github.com/pypa/twine/issues/741 - https://github.com/pypa/twine/issues/835 - https://github.com/pypa/twine/issues/915 - https://github.com/pypa/twine/issues/1025 --- twine/cli.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/twine/cli.py b/twine/cli.py index 46d6d01b..69586ae5 100644 --- a/twine/cli.py +++ b/twine/cli.py @@ -12,6 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. import argparse +import logging import logging.config from typing import Any, List, Tuple @@ -23,6 +24,8 @@ import twine +logger = logging.getLogger(__name__) + args = argparse.Namespace() @@ -69,6 +72,18 @@ def configure_output() -> None: ) +def init_truststore(required: bool = False) -> None: + try: + import truststore + except ImportError as exc: + logger.debug("Error importing truststore", exc_info=exc) + if required: + raise + else: + # https://truststore.readthedocs.io/en/latest/#using-truststore-with-requests + truststore.inject_into_ssl() + + def list_dependencies_and_versions() -> List[Tuple[str, str]]: deps = ( "importlib-metadata", @@ -118,6 +133,8 @@ def dispatch(argv: List[str]) -> Any: configure_output() + init_truststore() + main = registered_commands[args.command].load() # type: ignore[no-untyped-call] # python/importlib_metadata#288 # noqa: E501 return main(args.args)