How to use secondary source as a fallback for Python package installs?

Question

My users have some software that depends on a package distribution in a private index and its source code in a private git repository. Because it is more inconvenient for my users to authenticate to the private index (e.g., local dev environment), they can instead install from a git source. At the same time if the software is deployed in an index-authenticated environment (e.g., prod environment), it should install from the index instead.

Is there a way to specify this in pyproject.toml or pip install?¹

---

^{[1]: A non-answer is pip install git+https://path/to/package/dependency. This misunderstands my request for a way to specify a fallback.}

Answer 1

For packages

[project]
...
dependencies = [
    "myprivatepkg",
]

[project.optional-dependencies]
local=[
    "myprivatepkg@git+https://path/to/package",
]

then they would need to pip install ".[local]"

For applications

Make a new file, perhaps call it requirements-local.txt

# requirements-local.txt
myprivatepkg@git+https://path/to/package

then they would need to pip install -r requirements-local.txt

---

Explanation

To my knowledge no Python package installer supports fallbacks outside of multiple Python indexes (with --extra-index). Alternatively, without automatic fallback, you can provide your users with two sets of dependencies: one for local unauthenticated environment and for authenticated environments (the latter being the default). With pip as your installer this can be done with extra dependencies (for packages) or a separate requirements file (for applications).