pixi self-update not using custom TLS settings? #5117
Description
Checks
-
I have checked that this issue has not already been reported.
-
I have confirmed this bug exists on the latest version of pixi, using
pixi --version.
Reproducible example
Commands I ran and their output:
pixi self-updateFails with the error (since updating from 0.46.0):
Error: × URL: https://github.com/prefix-dev/pixi/releases/latest. Request failed: error sending request for url (https://
│ github.com/prefix-dev/pixi/releases/latest)pixi info output:
System
------------
Pixi version: 0.61.0
Platform: linux-64
Virtual packages: __unix=0=0
: __linux=5.14.0=0
: __glibc=2.34=0
: __archspec=1=zen2
Cache dir: <my homedir>/.cache/rattler/cache
Auth storage:<my homedir>/.rattler/credentials.json
Config locations: <my homedir>/.pixi/config.toml
Issue description
I recently updated from pixi 0.46.0 (sorry - a bit behind the update curve!) to 0.61.0.
One of the things I had to change to add to my pixi.config file was the following:
tls-root-certs = "native"as I am behind a corporate firewall and need to use our own site custom CA certificates (this was added via #5013 I believe).
Without that setting, any pixi commands that try to download data from the internet (such as Anaconda repodata) would fail with TLS errors.
Whilst the above setting fixed commands that interact with my workspace or environments, the pixi auto-update command is failing in a similar looking way.
Q: Is it possible that the pixi self-update is using the webpki certificate that ships with pixi, rather than honouring the tls-root-certs setting in the config settings?
Note: pixi self-update runs fine from my personal laptop.
Expected behavior
pixi update should run without error, or use the tls settings from config.toml (assuming it is a TLS issue).