{"id":3183,"date":"2024-01-24T14:23:58","date_gmt":"2024-01-24T20:23:58","guid":{"rendered":"http:\/\/www.ishygddt.xyz\/~blog\/?p=3183"},"modified":"2024-01-24T14:27:56","modified_gmt":"2024-01-24T20:27:56","slug":"python-packaging-tls-mitm","status":"publish","type":"post","link":"http:\/\/www.ishygddt.xyz\/~blog\/2024\/01\/python-packaging-tls-mitm","title":{"rendered":"Using \"pip\" behind a corporate firewall"},"content":{"rendered":"<p>Pip behind a corporate firewall<\/p>\n<p>The tldr is:<\/p>\n<ol>\n<li>Pip 23.3 or newer \"just works\" after you add a simple snippet to your config file.\n<pre><code class=\"language-ini\" data-line=\"\">; %AppData%\\pip\\pip.ini\n; &quot;${XDG_HOME-$HOME\/.config}\/pip\/pip.ini&quot;\n[global]\nuse-feature = \n\ttruststore<\/code><\/pre>\n<\/li>\n<li><strong>However<\/strong>, said snippet will break older versions of pip.\n<ul>\n<li>In particular, <code class=\"language-toml\" data-line=\"\">pip &lt; 23.3, &gt;= 22.2<\/code> will break, complaining that you need to install the \"truststore\" package before you can install <em>any<\/em> packages\u2014a perfect \"catch 22\".<\/li>\n<\/ul>\n<\/li>\n<li>As of the last time I checked (CPython 3.12.1), ensurepip, which is what's used to bootstrap virtual environments) <a href=\"https:\/\/github.com\/python\/cpython\/tree\/v3.12.1\/Lib\/ensurepip\/_bundled\">installs one of these broken versions of pip<\/a>.\n<ul>\n<li>If you create your venvs with PyPA's \"<a href=\"https:\/\/virtualenv.pypa.io\/\">virtualenv<\/a>\" (specifically <code class=\"language-toml\" data-line=\"\">virtualenv &gt;= 20.24.6<\/code>) rather than <a href=\"https:\/\/docs.python.org\/3\/library\/venv.html#creating-virtual-environments\">venv<\/a>, you will get a version of pip that works.\n<ul>\n<li>If you're using PyPA's \"build\" tool, it will automatically switch to using virtualenv if available, which means your \"isolated\" builds will work behind a corporate firewall.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Pip behind a corporate firewall The tldr is: Pip 23.3 or newer \"just works\" after you add a simple snippet to your config file. ; %AppData%\\pip\\pip.ini ; &quot;${XDG_HOME-$HOME\/.config}\/pip\/pip.ini&quot; [global] use-feature = truststore However, said snippet will break older versions of pip. In particular, pip &lt; 23.3, &gt;= 22.2 will break, complaining that you need to &hellip;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[96,97],"tags":[],"class_list":["post-3183","post","type-post","status-publish","format-standard","hentry","category-howto","category-original-content"],"_links":{"self":[{"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/posts\/3183","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/comments?post=3183"}],"version-history":[{"count":11,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/posts\/3183\/revisions"}],"predecessor-version":[{"id":3194,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/posts\/3183\/revisions\/3194"}],"wp:attachment":[{"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/media?parent=3183"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/categories?post=3183"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/tags?post=3183"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}