Skip to content

Add support for custom message headers from external registries #13605

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 5 commits into
base: main
Choose a base branch
from
Draft

Add support for custom message headers from external registries #13605

wants to merge 5 commits into from

Conversation

luisgcoding
Copy link

Summary

This PR adds support for extracting custom error messages from the X-Error-Message HTTP header in network error responses, providing users with more detailed and actionable error information from package registries.

Problem

Currently, pip relies on the standard HTTP/1.1 reasonPhrase field to provide error context to users when encountering client errors from package registries. However, HTTP/2 drops this reasonPhrase field, leaving only the status code available. This results in less informative error messages for users.

Solution

  • Added _extract_custom_error_message() function to parse the X-Error-Message header from HTTP responses
  • Modified raise_for_status() to utilize custom error messages for 4xx client errors when available
  • Maintained backward compatibility by falling back to standard HTTP reason phrases when the header is missing or empty
  • Implemented registry-agnostic approach that works with any server using the X-Error-Message header

Testing

Added comprehensive test coverage including:

  • Successful extraction of custom error messages
  • Fallback behavior when headers are missing, empty, or whitespace-only
  • Integration with raise_for_status() for both success and fallback scenarios

@pfmoore
Copy link
Member

pfmoore commented Sep 30, 2025

For some context, see https://discuss.python.org/t/block-download-of-components-when-violating-policy/104021

My current impression of that discussion is that RFC 9457 is more likely to be the preferred solution. But either way, I think this is likely to be something that should be standardised via a PEP, as it will be important that all clients (pip, uv, etc) use the same mechanism.

@luisgcoding
Copy link
Author

For some context, see https://discuss.python.org/t/block-download-of-components-when-violating-policy/104021

My current impression of that discussion is that RFC 9457 is more likely to be the preferred solution. But either way, I think this is likely to be something that should be standardised via a PEP, as it will be important that all clients (pip, uv, etc) use the same mechanism.

Thank you so much for the quick response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bot:chronographer:provided
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@luisgcoding @pfmoore