cabal-install: update curl transport to support Basic authentication #10089
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
frasertweedale
force-pushed
the
fix/curl-transport-support-basic
branch
3 times, most recently
from
6f13072 to
9693c34
Compare
|
I don't think we can merge it into 3.12. Please, target |
andreabedini
force-pushed
the
fix/curl-transport-support-basic
branch
from
9693c34 to
5fc9672
Compare
|
@frasertweedale I rebased your PR on top of master. I hope it's ok. |
|
@andreabedini that's fine. Note that we do want to backport this change for maintenance releases on older branches (you know the reasons). If you prefer a variant of the patch for backports with the minimal changes and without the refactors, I can prepare that. Or else, I suppose it lands in master first and then the backports can be created (is there automation for that?) |
ffaf1
reviewed
Aug 1, 2024
|
Please, disregard my previous message, I was wrong about the branch. Let me put a label on this so that it gets merged. |
mergify
bot
added
the
merge delay passed
Extract a bunch of string equality checks for the URI scheme to top-level functions.
"They're the same picture". Thus, refactor the *transport supports https* checks.
Allow the curl transport to use Basic authentication, if and only if the url scheme is HTTPS (i.e. TLS will be used). Retain the existing behaviour (force Digest scheme) for insecure requests. This change is required to support upcoming hackage-server changes. The wget transport already supports Basic authentication.
geekosaur
force-pushed
the
fix/curl-transport-support-basic
branch
from
36faf8b to
6364221
Compare
erikd
pushed a commit
to erikd/cabal
that referenced
this pull request
Jan 9, 2025
…askell#10089) * cabal-install: extract url scheme checks Extract a bunch of string equality checks for the URI scheme to top-level functions. * cabal-install: refactor and document transport checks "They're the same picture". Thus, refactor the *transport supports https* checks. * cabal-install: allow Basic authentication in curl transport Allow the curl transport to use Basic authentication, if and only if the url scheme is HTTPS (i.e. TLS will be used). Retain the existing behaviour (force Digest scheme) for insecure requests. This change is required to support upcoming hackage-server changes. The wget transport already supports Basic authentication. --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
erikd
pushed a commit
to erikd/cabal
that referenced
this pull request
Jan 9, 2025
…askell#10089) * cabal-install: extract url scheme checks Extract a bunch of string equality checks for the URI scheme to top-level functions. * cabal-install: refactor and document transport checks "They're the same picture". Thus, refactor the *transport supports https* checks. * cabal-install: allow Basic authentication in curl transport Allow the curl transport to use Basic authentication, if and only if the url scheme is HTTPS (i.e. TLS will be used). Retain the existing behaviour (force Digest scheme) for insecure requests. This change is required to support upcoming hackage-server changes. The wget transport already supports Basic authentication. --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR updates the curl transport to support HTTP Basic authentication scheme. There are a
couple of preliminary small refactors. Best review the commits independently and in order.
Targeting branch
3.12because I couldn't buildmaster(GHC panic, don't worry about it).It rebases cleanly onto
master.QA Notes
Ensure that authenticated operations using username and password against
hackage.haskell.orgsucceed, when using the Curl transport.Checklist