uv tool upgrade does not authenticate against GitLab private pypi package registry #14806
Description
Summary
Hi,
I have a CLI package myapp published on a self-hosted GitLab Package Registry. The GitLab project hosting the package has Private visibility : you must authenticate to access the project's package registry.
Here is my uv.toml config file :
native-tls = true
[[index]]
url = "https://gitlab-deploy-token:[email protected]/api/v4/projects/1234/packages/pypi/simple"
ignore-error-codes = [401] # Necessary for uv to detect new pacakge versions from my GitLab package repository
[[index]]
url = "https://mirror.mycompany.com/repository/pypi.python.org/simple"
default = trueWhen I use uv tool install myapp command, it properly installs the myapp package.
When I try to upgrade the tool to a newly released version with uv tool upgrade myapp, I get this error :
error: Failed to upgrade myapp
Caused by: Failed to fetch:https://gitlab.mycompany.com/api/v4/projects/1234/packages/pypi/files/e09e2e982ff5314c738e8f2478f6e7a656210b829bac89fc38cf127c96aee2d9/myapp-1.16.0-py3-none-any.whl
Caused by: HTTP status client error (401 Unauthorized) for url (https://gitlab.mycompany.com/api/v4/projects/1234/packages/pypi/files/e09e2e982ff5314c738e8f2478f6e7a656210b829bac89fc38cf127c96aee2d9/myapp-1.16.0-py3-none-any.whl)
What I tried :
curlthis URL while being unauthenticated : I get the same 401 errorcurl -u username:my-gitlab-deploy-token(with HTTP Basic auth) : I'm allowed to download the whl file.- Configure the GitLab project's package registry to be unauthenticated : everything works fine, uv upgrades the package.
The full uv -vv tool upgrade myapp log is in the attached uv-tool-upgrade.log.
I've read the docs about tools and index auth, but didn't find anything which could solve my problem.
Did I misconfigured something ? Or is this a bug ?
Thanks !
Platform
Windows 11 x86_64 WSL Ubuntu 24.04 LTS
Version
0.8.0
Python version
3.13.2