From a96e766b5517893646244fc2cc0b7890b78f3ccd Mon Sep 17 00:00:00 2001
From: Zanie Blue <contact@zanie.dev>
Date: Tue, 3 Jun 2025 09:23:07 -0500
Subject: [PATCH] Retain credentials for direct URLs in `uv export` (#13809)

Reverts unintended breaking change from #13560

Test case from https://github.com/astral-sh/uv/pull/13808
---
 crates/uv-resolver/src/lock/export/requirements_txt.rs | 9 ++++++++-
 crates/uv/tests/it/export.rs                           | 3 +--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/crates/uv-resolver/src/lock/export/requirements_txt.rs b/crates/uv-resolver/src/lock/export/requirements_txt.rs
index 7766790ff..4cca73a34 100644
--- a/crates/uv-resolver/src/lock/export/requirements_txt.rs
+++ b/crates/uv-resolver/src/lock/export/requirements_txt.rs
@@ -108,7 +108,14 @@ impl std::fmt::Display for RequirementsTxtExport<'_> {
                         subdirectory: direct.subdirectory.clone(),
                         ext: DistExtension::Source(SourceDistExtension::TarGz),
                     });
-                    write!(f, "{} @ {}", package.id.name, url)?;
+                    write!(
+                        f,
+                        "{} @ {}",
+                        package.id.name,
+                        // TODO(zanieb): We should probably omit passwords here by default, but we
+                        // should change it in a breaking release and allow opt-in to include them.
+                        url.displayable_with_credentials()
+                    )?;
                 }
                 Source::Path(path) | Source::Directory(path) => {
                     if path.is_absolute() {
diff --git a/crates/uv/tests/it/export.rs b/crates/uv/tests/it/export.rs
index 3a59b0ec2..20f733060 100644
--- a/crates/uv/tests/it/export.rs
+++ b/crates/uv/tests/it/export.rs
@@ -1174,7 +1174,6 @@ fn requirements_txt_https_git_credentials() -> Result<()> {
     Ok(())
 }
 
-#[cfg(feature = "git")]
 #[test]
 fn requirements_txt_https_credentials() -> Result<()> {
     let context = TestContext::new("3.12");
@@ -1197,7 +1196,7 @@ fn requirements_txt_https_credentials() -> Result<()> {
     ----- stdout -----
     # This file was autogenerated by uv via the following command:
     #    uv export --cache-dir [CACHE_DIR]
-    iniconfig @ https://public:****@pypi-proxy.fly.dev/basic-auth/files/packages/ef/a6/62565a6e1cf69e10f5727360368e451d4b7f58beeac6173dc9db836a5b46/iniconfig-2.0.0-py3-none-any.whl \
+    iniconfig @ https://public:heron@pypi-proxy.fly.dev/basic-auth/files/packages/ef/a6/62565a6e1cf69e10f5727360368e451d4b7f58beeac6173dc9db836a5b46/iniconfig-2.0.0-py3-none-any.whl \
         --hash=sha256:b6a85871a79d2e3b22d2d1b94ac2824226a63c6b741c88f7ae975f18b6778374
         # via project