uv: HTTP 401 Unauthorized for private package index
Hello! Very excited for this project ❤️
Installing a package from a private azure package index (Azure Artifacts) seems to be failing with a HTTP status client error (405 Method Not Allowed)
:
uv pip install --extra-index-url "https://<FEED_NAME>:<PERSONAL_ACCESS_TOKEN>@pkgs.dev.azure.com/<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/pypi/simple/" package-name
error: Failed to download: package-name==X.Y.Z
Caused by: HTTP status client error (405 Method Not Allowed) for url (pkgs.dev.azure.com/<ORGANIZATION_NAME>/_packaging/.../pypi/download/package-name/X.Y.Z/package_name-X.Y.Z-py3-none-any.whl#[sha256=])
The equivalent pip-native command works as expected
python -m pip install --extra-index-url "https://<FEED_NAME>:<PERSONAL_ACCESS_TOKEN>@pkgs.dev.azure.com/<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/pypi/simple/" package-name
About this issue
- Original URL
- State: closed
- Created 5 months ago
- Reactions: 13
- Comments: 16 (8 by maintainers)
Yep this is a priority for me next week!
A fix is up at https://github.com/astral-sh/uv/pull/1886 if anyone wants to give it a try against a private index.
Thank you all!
I can confirm that on
uv 0.1.6
this is no longer giving405 Method Not Allowed
but a401 Unauthorized
Okay, @olivierlefloch fixed HEAD requests, but there’s now an auth problem. @zanieb, do you want to take from here?
Verified working on azure artifacts feed using token authentication!!
Incredible work @zanieb, @olivierlefloch and @charliermarsh 🚀
Same for gitlab hosted private package index: getting a 401 Unauthorized. Interestingly, opening the URL in the error message in the browser downloads the package for me without a problem. the url looks like this:
https://gitlab.com/api/v4/groups/<GROUP_NR>/-/packages/pypi/files/<SOME_LONG_HASH>/<PKG_NAME>-py3-none-any.whl#sha256=<PKG_SHA>
Thank you @zanieb! At least for Azure Artifacts, I am still seeing the same error on
0.1.8
(401 Unauthorized
)Thanks and sorry about that – we’ll get this setup internally and see if we can reproduce.
I can confirm as well ❤️ Thank you so much!
Hi! We just merged a fix with #1874 that’s out in v0.1.8 — let me know if that helps. I’ll continue testing against various private repositories.