Provide a way to customize requests.Session

[gdetrez]

Description of issue or feature request:
Would it be possible to have a safe way for the user of the update client to customize the Session object used to download files? E.g. providing (limited?) custom parameters for the Session()?

I have two use cases in mind:

• provide Authorization credentials (e.g. basic auth or bearer token) that may be needed to access the files
• customizing the user-agent header to prepend the application's own <name>/<version>

[trishankatdatadog]

@gdetrez you might be interested in following #1171, which should let you do what you want...

[joshuagl]

See also #1213, which includes a proposal for abstracting out the networking pieces for greater customisation.

[jku]

I am closing this: both ngclient and the legacy client include a download abstraction that allows any shenanigans a client app might want to do. The included RequestsFetcher implementation does not explicitly expose the requests session but for this purpose a client could easily create their own customized fetcher that modifies the session (this is what I did in my pip POC).