1

My company has set up a private pypi repository and I have created a pip.ini file (Windows) in my project's venv folder like this:

[global]
trusted-host = files.pythonhosted.org
               pypi.python.org
               pypi.org
               nexus.mycompany.com
index = https://nexus.mycompany.com/repository/something-snapshots/simple
extra-index-url = https://nexus.mycompany.com/repository/something-snapshots/simple
cert = C:\path\to\cert.pem

My questions:

  1. Is there something wrong in the configuration?
  2. The private repo is protected with username and password that I would not like to write directly in the file. It is fine for me to write my username and pass when I want to install a private package, but when I try to install a public pypi package like pandas or numpy, it keeps asking the credentials of the private repo, even though the package is present in pypi.org. It says "Looking in indexes https://pypi.org/simple, https://nexus.mycompany.com/something-snapshots/simple" (in that order) but then prompts for user and pass, and actually installs the public package successfully if I input them correctly, but I would like to avoid it for public packages and do it only when installing a private package.
Pablo
  • 328
  • 2
  • 16
  • Have you resolved your issue ? I am facing the same problem. – user3416249 Jan 05 '22 at 13:39
  • @user3416249 I could not solve it. I created a new pip.ini file in C:\ProgramData\pip\pip.ini and created a file _netrc in my home folder as mentioned in https://stackoverflow.com/questions/50468951/credentials-in-pip-conf-for-private-pypi to have pip read the user and pass from there. But it is plain text so not the best solution. Moreover, pip keeps using it for any package, not just for those not found in the standard pypi repo. – Pablo Jan 06 '22 at 16:57

0 Answers0