At 03:55 PM 12/28/2006 +0900, David Smith wrote:
"Phillip J. Eby" <pje@telecommunity.com> writes:
At 03:12 PM 12/28/2006 +0900, David Smith wrote:
The usecase is too obvious: using setuptools for distribution of modules that are not publically available, such as commercial or pre-release development.
If they're not publically available, why use authenticated HTTP at all? Among the many alternatives that work with easy_install today are:
* rsync-mirrored directories * NFS-mounted directories * ssh-transport SVN servers (you even get prompted for your credentials!) * proxied HTTP
Also, I forgot to mention password-protected FTP, which easy_install also supports (using ftp://user:pass@host URLs).
I believe HTTP authenticated subversion is more common than all of the above.
I've never set up svn-over-http before, as I find it a PITA compared to plain svn or svn-over-ssh. I guess tastes vary in this respect.
Additionally, the proxied HTTP support also lacks authentication support, which the patch rectifies.
It's relatively easy to add support for Basic auth with credentialed HTTP URLs, so that's what I've done. I'd rather not make easy_install interactive at this time, nor add one-shot user/password command line options, nor make the behavior dependent on the server's response. Using URLs with credentials also allows more than one set to be specified on the command line (or via dependency_links). The patch is minor enough that I added it to 0.6; it only affects URLs that would have caused today's easy_install to crash with an httplib.InvalidURL error, anyway. The easiest way to use it is to use a -f or dependency_links URL that points to a page with links to the actual downloads. As long as they are the same scheme and host, they'll inherit the credentials from the original URL.