Move PackageFinder's --trusted-host logic to PipSession by cjerdonek · Pull Request #6903 · pypa/pip (original) (raw)
This PR moves PackageFinder
's --trusted-host
logic to PipSession
.
Before this PR, the --trusted-host
state and logic was spread across two classes: PipSession
(via its self.mount()
calls) and PackageFinder
(from its trusted_hosts
attribute). This meant that both classes had to know about the trusted hosts and be kept in sync with each other when updating the trusted hosts.
Moving PackageFinder
's --trusted-host
logic to PipSession
lets all of this logic be kept in one place. It also makes PackageFinder
simpler, because (1) PackageFinder
no longer has to know about or have methods to manage the trusted hosts (aside from a single property that delegates to the underlying PipSession
), and (2) we no longer need to pass the trusted_hosts
value to PackageFinder
as an argument when constructing the PackageFinder
instance (we only need to pass the PipSession
argument). So the argument list becomes smaller on the PackageFinder
side.
Putting it wholly in download.py
also makes sense from a subject matter perspective.