Ergonomic, hermetic, user-friendly software build system for Python, Go, Java, Kotlin, Protobuf, Scala, Shell. Pants lets you fearlessly scale up your codebase!

Pants

So I'm running into something I was hoping could be clarified. When using the python-repos.indexes property I've got the url set to https://%(env.ARTIFACTORY_USERNAME)s:%(env.ARTIFACTORY_TOKEN)<mailto:s@myprivateserver.com|s@myprivateserver.com>. What I'm seeings is that when I run pants generate-lockfiles, the env vars for that URL are available via the `ps` command. Is there a way to hide those credentials in the `pex` command that creates the lockfiles?

Do you know how this is secured when using plain pip directly?

(Background: pex is, in most ways, a wrapper around pip, so knowing how pip would solve it for you will likely hint at how to get pex to.)