Use `--index-url` in PyPi description (#22620)

Fixes #22616

Co-authored-by: zeripath <art27@cantab.net>
This commit is contained in:
KN4CK3R 2023-01-27 15:12:18 +01:00 committed by GitHub
parent 5ff037ef51
commit 51a92cb821
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 1 deletions

View File

@ -77,6 +77,8 @@ For example:
pip install --index-url https://testuser:password123@gitea.example.com/api/packages/testuser/pypi/simple --no-deps test_package pip install --index-url https://testuser:password123@gitea.example.com/api/packages/testuser/pypi/simple --no-deps test_package
``` ```
You can use `--extra-index-url` instead of `--index-url` but that makes you vulnerable to dependency confusion attacks because `pip` checks the official PyPi repository for the package before it checks the specified custom repository. Read the `pip` docs for more information.
## Supported commands ## Supported commands
``` ```

View File

@ -4,7 +4,7 @@
<div class="ui form"> <div class="ui form">
<div class="field"> <div class="field">
<label>{{svg "octicon-terminal"}} {{.locale.Tr "packages.pypi.install"}}</label> <label>{{svg "octicon-terminal"}} {{.locale.Tr "packages.pypi.install"}}</label>
<div class="markup"><pre class="code-block"><code>pip install --extra-index-url {{AppUrl}}api/packages/{{.PackageDescriptor.Owner.Name}}/pypi/simple {{.PackageDescriptor.Package.Name}}</code></pre></div> <div class="markup"><pre class="code-block"><code>pip install --index-url {{AppUrl}}api/packages/{{.PackageDescriptor.Owner.Name}}/pypi/simple {{.PackageDescriptor.Package.Name}}</code></pre></div>
</div> </div>
<div class="field"> <div class="field">
<label>{{.locale.Tr "packages.pypi.documentation" | Safe}}</label> <label>{{.locale.Tr "packages.pypi.documentation" | Safe}}</label>