diff --git a/crates/uv-client/src/base_client.rs b/crates/uv-client/src/base_client.rs index d901f57e72cb1..e4945f5eeb325 100644 --- a/crates/uv-client/src/base_client.rs +++ b/crates/uv-client/src/base_client.rs @@ -67,6 +67,7 @@ pub struct BaseClientBuilder<'a> { keyring: KeyringProviderType, allow_insecure_host: Vec, native_tls: bool, + built_in_root_certs: bool, retries: u32, pub connectivity: Connectivity, markers: Option<&'a MarkerEnvironment>, @@ -127,6 +128,7 @@ impl BaseClientBuilder<'_> { keyring: KeyringProviderType::default(), allow_insecure_host: vec![], native_tls: false, + built_in_root_certs: false, connectivity: Connectivity::Online, retries: DEFAULT_RETRIES, markers: None, @@ -192,6 +194,12 @@ impl<'a> BaseClientBuilder<'a> { self } + #[must_use] + pub fn built_in_root_certs(mut self, built_in_root_certs: bool) -> Self { + self.built_in_root_certs = built_in_root_certs; + self + } + #[must_use] pub fn markers(mut self, markers: &'a MarkerEnvironment) -> Self { self.markers = Some(markers); @@ -388,7 +396,7 @@ impl<'a> BaseClientBuilder<'a> { .user_agent(user_agent) .pool_max_idle_per_host(20) .read_timeout(timeout) - .tls_built_in_root_certs(false) + .tls_built_in_root_certs(self.built_in_root_certs) .redirect(redirect_policy.reqwest_policy()); // If necessary, accept invalid certificates. diff --git a/crates/uv-client/src/registry_client.rs b/crates/uv-client/src/registry_client.rs index 1d12c5adfa8db..c21aa3b31def4 100644 --- a/crates/uv-client/src/registry_client.rs +++ b/crates/uv-client/src/registry_client.rs @@ -126,6 +126,14 @@ impl<'a> RegistryClientBuilder<'a> { self } + #[must_use] + pub fn built_in_root_certs(mut self, built_in_root_certs: bool) -> Self { + self.base_client_builder = self + .base_client_builder + .built_in_root_certs(built_in_root_certs); + self + } + #[must_use] pub fn cache(mut self, cache: Cache) -> Self { self.cache = cache;