Poetry 2 POETRY_HTTP_BASIC_ issues

[black-snow]

Description

This is going to be a very bad bug report as I have little information to provide, sadly.

When I upgrade from 1.8.4 to 2.0.1 my pipeline fails to pull from a private registry. It's an Azure DevOps pipeline and I use the PipAuthenticate task and then export the password as POETRY_HTTP_BASIC_registry-name_PASSWORD.

I also provide the password via env locally and that works fine with Poetry 2. I am clueless to why it breaks the pipeline - perhaps someone has an idea.

Workarounds

none

Poetry Installation Method

pip

Operating System

some Ubuntu, I guess

Poetry Version

2.0.1

Poetry Configuration

the default, I guess - can print it out if it helps

Python Sysconfig

Example pyproject.toml

Poetry Runtime Logs

poetry-runtime.log

Source (X): Authorization error accessing https://pkgs.dev.azure.com/X/_packaging/X/pypi/simple/X/

RuntimeError

Unable to find installation candidates for X (0.0.1rc5)

at .venv/lib/python3.13/site-packages/poetry/installation/chooser.py:86 in choose_for
     82│ 
     83│             links.append(link)
     84│ 
     85│         if not links:
  →  86│             raise RuntimeError(f"Unable to find installation candidates for {package}")
     87│ 
     88│         # Get the best link
     89│         chosen = max(links, key=lambda link: self._sort_key(package, link))
     90│ 

Cannot install X.

[abn]

As per https://python-poetry.org/docs/repositories/#configuring-credentials

Note: Usernames cannot be empty. Attempting to use an empty username can result in an unpredictable failure.

And as per https://learn.microsoft.com/en-us/azure/devops/artifacts/python/use-packages-from-pypi?view=azure-devops#authenticate-with-your-feed

The first time you connect to Azure DevOps, you'll need to enter your credentials when prompted. Provide your username (any string) and your personal access token in the designated fields. These credentials will be cached locally and automatically used to sign you in the next time you use the service.

And in step (5) seems the username is FEED_NAME. If it is an authenticated environment where your pipeline is running, maybe pipx inject poetry artifacts-keyring might also help?

PS: I do not use Azure DevOps Pipeline.

Also see https://github.com/NathanVaughn/poetry-azure-artifacts-plugin.

[black-snow]

@abn I suspected it might be that but was honestly too lazy to actually test it (since it was working without it before ...?). I set it to some dummy value and that seems to do the trick.

... thanks for your time!

(I'm still curious if there was a change in Poetry 2 that explains why it worked previously but does no longer do so.)

[abn]

The change was introduced in #9850 which was released in 2.0.0. See also #9850 (comment).

I have also raised #10088 to revert most of that change and to allow empty usernames in the next release. But this is up for discussion.