You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We currently use a mix of pyenv, pipx, and Poetry in our Python projects and I'm very interested in uv's potential to replace all of these tools.
One of the things that we want to be able to do is to use the public PyPI index by default, but use our internal Artifactory index for specific organization-internal dependencies. We don't want to search the public PyPI index for those private dependencies in case there's a public one with the same name, and we don't want everything to go through our Artifactory index because of the impact on cost from the data transfer.
With Poetry, we can do this via explicit sources - is there a way to accomplish the same sort of behavior with uv?
For example, our pyproject.toml file would include this configuration:
No prob! One thing to note: if you set your Artifactory index via extra-index-url, then by default, uv will not look in PyPI at all if a package exists in your Artifactory index. This differs from pip's behavior but protects you from dependency confusion attacks (your first requirement).
(I know it doesn't solve the second requirement of skipping your own index to save on data transfer.)
We currently use a mix of pyenv, pipx, and Poetry in our Python projects and I'm very interested in uv's potential to replace all of these tools.
One of the things that we want to be able to do is to use the public PyPI index by default, but use our internal Artifactory index for specific organization-internal dependencies. We don't want to search the public PyPI index for those private dependencies in case there's a public one with the same name, and we don't want everything to go through our Artifactory index because of the impact on cost from the data transfer.
With Poetry, we can do this via explicit sources - is there a way to accomplish the same sort of behavior with uv?
For example, our pyproject.toml file would include this configuration:
The text was updated successfully, but these errors were encountered: