Is monkeypatch_for_cert needed any more?

Question

Is monkeypatch_for_cert needed any more?

pfmoore opened this issue 3 years ago · 4 comments

Nowadays, pip extracts the cert bundle from certifi to a temporary file (see #pip/10753). As far as I can see, monkeypatch_for_cert here does basically the same thing.

Could we just remove that function?

Answer 1 · 2022-01-06T09:18:26.000Z

I think so. Someone can try this out, and ensure that it is indeed the case.

Answer 2 · 2022-01-06T09:21:34.000Z

I might have a go at that if & when I can work out how I'd test such a change... But if anyone else gets to it first, I won't object 🙂

Answer 3 · 2022-01-06T12:53:36.000Z

FWIW, how to work on this repository for iterating on things like this:

Update the templates.
nox -s generate (regenerates the get-pip.py files)
nox -s check-3.9 (runs the relevant script in a clean venv)

Answer 4 · 2022-01-06T12:58:00.000Z

I think things should blow up -- certifi should fail, IIUC -- if removing the whole monkeypatching thing isn't something the code can handle. :)