fix: Login failure using truststore: forward resolved `ssl_verify` in…

…stead of raw config string (#270)

* fix: forward resolved ssl_verify instead of raw config string

When ssl_verify is set to "truststore", configure_ssl() builds a
truststore SSLContext, mounts it on the session adapters, and sets
self.verify = True. Several call sites bypassed that resolved value and
passed the raw self.config.ssl_verify (the literal string "truststore")
as requests' verify= argument, which requests treats as a CA bundle file
path, raising:

  OSError: Could not find a suitable TLS CA certificate bundle,
  invalid path: truststore

This both caused the error and bypassed the truststore verification that
had already been configured. Use the resolved self.verify (client.py
request() default and avatar fetch) and self.client.verify (device flow
authorization + token polling) instead.

Add regression tests asserting the verify value forwarded to requests is
the resolved value (truststore -> True), not the raw config string.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix: Skip tests of truststore for versions of Python where unsupported

* fix: skip truststore tests when module not available

The previous skip condition checked Python version, but truststore
may not be installed even on Python 3.10+. Check for actual module
availability instead.

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: mattkram <mkramer@anaconda.com>

chore(deps): update pre-commit hook python-jsonschema/check-jsonschem…

…a to v0.37.2 (#257)

Co-authored-by: anaconda-renovate[bot] <117830771+anaconda-renovate[bot]@users.noreply.github.com>

fix: Add special-case handling for channels that require API keys and…

… conflict w/ wildcard (#248)

[fix] async account attr (#247)

* lazy load .account

* tests

* pytest-asyncio in dev dependencies

* pin virtualenv

* conda, not pip

* pip in conda_deps

* anonymous account dict

fix: Pre-empt loading of token from configuration when API key presen…

…t in environment variable (#246)

fix: Pre-empt loading of token from configuration when API key presen…

…t in environment variable

Env manager package config (#242)

* add env-manager to auth config

* version constraint support

* test config

* Explicit ^

Co-authored-by: Jose Mesa <102056573+jmesa89@users.noreply.github.com>

* chore(pre-commit): linting

---------

Co-authored-by: Jose Mesa <102056573+jmesa89@users.noreply.github.com>
Co-authored-by: Anaconda Bot <devops+anaconda-bot@anaconda.com>

pass ssl-verify to post-login (#241)

fix: Preserve default site on modify (#227)

* --default will never be None

* tests

* temporarily try pinning conda version

* now lets try conda=26

* relax conda constraint

---------

Co-authored-by: Matt Kramer <mkramer@anaconda.com>

feat: Extended auth handler configuration (#193)

* feat: Add ability to specify override auth domain in conda channel_settings

tmp2

fix: Remove hard-code and implement real behavior

* feat: Load extra channel settings via pydantic model with validation

* feat: Add support for credential_type override as well

* fix: Remove use of global context object