Description
Issue description
When trying to specify dependencies on a private pypi server hosted on a specific port on a host, pipenv install fails to create a lockfile, claiming it can't find a version of the dependencies which satisfies the requirements. Upon trying to run pipenv install --skip-lock, it's revealed that there is an SSL error when trying to verify the certificate, even though in the Pipfile the source was specified to verify_ssl=false (See the following codeblock for the source):
[[source]]
name = "mypypi"
url = "https://my.pypirepo.net:4443"
verify_ssl = false
When running with verbose output on, it appears that pipenv is passing --trusted-host to pip without the port number:
['/path/to/pip', 'install', '--verbose', '--upgrade', '"my-package==1.0.5"', '-i', 'https://my.pypirepo.net:4443', '--trusted-host', 'my.pypirepo.net']
which fails when I run pip directly (pip works if I provide the port).
Expected result
pipenv should include the port number in the --trusted-host argument if it is provided.
Actual result
pipenv does not include the port number when it invokes pip with --trusted-host
Steps to replicate
- Configure a private pypi repo behind https without a valid SSL certificate, accessible on a non-standard HTTPS port (Any port other than 443).
- Specify a source in a pipfile which points at this address, and specify
verify_ssl=false - Specify a dependency to pull from the above source
- Run pipenv install --skip-lock
$ pipenv --support
Pipenv version: '2018.11.26'
Pipenv location: '/usr/local/lib/python3.7/site-packages/pipenv'
Python location: '/usr/local/opt/python/bin/python3.7'
Python installations found:
3.7.2:/usr/local/bin/python33.7.2:/usr/local/bin/python3.7m3.6.8:/Users/username/.pyenv/versions/3.6.8/bin/python33.6.8:/Users/username/.pyenv/versions/3.6.8/bin/python3.6m2.7.10:/usr/bin/python2.7.10:/usr/bin/pythonw2.7.10:/usr/bin/python2.7
PEP 508 Information:
{'implementation_name': 'cpython',
'implementation_version': '3.7.2',
'os_name': 'posix',
'platform_machine': 'x86_64',
'platform_python_implementation': 'CPython',
'platform_release': '17.7.0',
'platform_system': 'Darwin',
'platform_version': 'Darwin Kernel Version 17.7.0: Thu Dec 20 21:47:19 PST '
'2018; root:xnu-4570.71.22~1/RELEASE_X86_64',
'python_full_version': '3.7.2',
'python_version': '3.7',
'sys_platform': 'darwin'}
System environment variables:
TERM_PROGRAMTERMSHELLTMPDIRApple_PubSub_Socket_RenderTERM_PROGRAM_VERSIONTERM_SESSION_IDUSERSSH_AUTH_SOCKPATHPWDLANGXPC_FLAGSPS1XPC_SERVICE_NAMEPYENV_SHELLHOMESHLVLLOGNAMEOLDPWD___CF_USER_TEXT_ENCODINGPIP_DISABLE_PIP_VERSION_CHECKPYTHONDONTWRITEBYTECODEPIP_SHIMS_BASE_MODULEPIP_PYTHON_PATHPYTHONFINDER_IGNORE_UNSUPPORTED
Pipenv–specific environment variables:
Debug–specific environment variables:
PATH:/Users/username/Applications:/usr/local/bin:/Users/username/.cargo/bin:/Users/username/.pyenv/shims:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbinSHELL:/bin/bashLANG:en_CA.UTF-8PWD:/Users/username/my_repos/my_repo
Contents of Pipfile ('/Users/username/my_repos/my_repo/Pipfile'):
#[[source]]
#name = "pypi"
#url = "https://pypi.org/simple"
#verify_ssl = true
[[source]]
name = "mypypi"
url = "https://my.pypirepo.net:4443"
verify_ssl = false
[dev-packages]
[packages]
my-repo-one = {version="*", index="mypypi"}
#flake8 = {version="*", index="pypi"}
#flake8-quotes = {version="*", index="pypi"}
#pytest = {version="*", index="pypi"}
#requests-mock = {version="*", index="pypi"}
#yapf = {version="*", index="pypi"}
my-package = {version="==1.0.5", index="mypypi"}
#mock = {version="*", index="pypi"}
#callee = {version="*", index="pypi"}
#boto3 = {version="<1.8", index="pypi"}
[requires]
python_version = "3.6"