diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..0f4cb886 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,79 @@ +name: Publish to PyPI + +on: + push: + tags: + - "*" + +permissions: + contents: read + +jobs: + build: + name: "Build dists" + runs-on: "ubuntu-latest" + environment: + name: "publish" + outputs: + hashes: ${{ steps.hash.outputs.hashes }} + + steps: + - name: "Checkout repository" + uses: "actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3" + + - name: "Setup Python" + uses: "actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b" + with: + python-version: "3.x" + + - name: "Install dependencies" + run: python -m pip install build + + - name: "Build dists" + run: | + SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) \ + python -m build + + - name: "Generate hashes" + id: hash + run: | + cd dist && echo "::set-output name=hashes::$(sha256sum * | base64 -w0)" + + - name: "Upload dists" + uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce" + with: + name: "dist" + path: "dist/" + if-no-files-found: error + retention-days: 5 + + provenance: + needs: [build] + permissions: + actions: read + contents: write + id-token: write # Needed to access the workflow's OIDC identity. + uses: "slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.5.0" + with: + base64-subjects: "${{ needs.build.outputs.hashes }}" + upload-assets: true + compile-generator: true # Workaround for https://github.com/slsa-framework/slsa-github-generator/issues/1163 + + publish: + name: "Publish to PyPI" + if: startsWith(github.ref, 'refs/tags/') + needs: ["build", "provenance"] + permissions: + contents: write + id-token: write + runs-on: "ubuntu-latest" + + steps: + - name: "Download dists" + uses: "actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a" + with: + name: "dist" + path: "dist/" + + - name: "Publish dists to PyPI" + uses: "pypa/gh-action-pypi-publish@48b317d84d5f59668bb13be49d1697e36b3ad009" diff --git a/changelog/931.misc.rst b/changelog/931.misc.rst deleted file mode 100644 index 5be844d5..00000000 --- a/changelog/931.misc.rst +++ /dev/null @@ -1 +0,0 @@ -Throws an error when uploading signed files without any distribution files. \ No newline at end of file diff --git a/changelog/991.misc.rst b/changelog/991.misc.rst deleted file mode 100644 index de7248ff..00000000 --- a/changelog/991.misc.rst +++ /dev/null @@ -1 +0,0 @@ -Fix the ReadTheDocs build by removing minimum python version and specifying build requirements. diff --git a/docs/changelog.rst b/docs/changelog.rst index c1fa2922..4af8768f 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -2,8 +2,8 @@ Changelog ========= -This project follows the `semantic versioning `_ -and `pre-release versioning `_ +This project follows the `semantic versioning `_ +and `pre-release versioning `_ schemes recommended by the Python Packaging Authority. .. Do *NOT* add changelog entries here! @@ -12,6 +12,21 @@ schemes recommended by the Python Packaging Authority. .. towncrier release notes start +Twine 5.0.0 (2024-02-10) +------------------------ + +Bugfixes +^^^^^^^^ + +- Use ``email.message`` instead of ``cgi`` as ``cgi`` has been deprecated (`#969 `_) + + +Misc +^^^^ + +- `#931 `_, `#991 `_, `#1028 `_, `#1040 `_ + + Twine 4.0.2 (2022-11-30) ------------------------ diff --git a/docs/conf.py b/docs/conf.py index 81bcb73a..95791532 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -265,15 +265,19 @@ # How to display URL addresses: 'footnote', 'no', or 'inline'. # texinfo_show_urls = 'footnote' +# See https://www.sphinx-doc.org/en/master/usage/configuration.html#confval-linkcheck_ignore linkcheck_ignore = [ - "http://127.0.0.1*", + r"https?://127\.0\.0\.1.*", # Avoid errors due to GitHub rate limit # https://github.com/sphinx-doc/sphinx/issues/7388 - "https://github.com/pypa/twine/issues/*", + r"https://github\.com/pypa/twine/issues/.*", # Avoid errors from channels interpreted as anchors - "https://web.libera.chat/#", + r"https://web\.libera\.chat/#", # Avoid error from InvalidPyPIUploadURL docstring - "https://upload.pypi.org/legacy", + r"https://upload\.pypi\.org/legacy/?", + # Avoid errors from 403/Login Redirects + r"https://(test\.)?pypi\.org/manage/project/twine/collaboration/?", + r"https://pypi\.org/manage/project/twine/collaboration/?", ] intersphinx_mapping = { diff --git a/setup.cfg b/setup.cfg index 86704c2e..4b4908ac 100644 --- a/setup.cfg +++ b/setup.cfg @@ -23,7 +23,6 @@ classifiers = Programming Language :: Python Programming Language :: Python :: 3 Programming Language :: Python :: 3 :: Only - Programming Language :: Python :: 3.7 Programming Language :: Python :: 3.8 Programming Language :: Python :: 3.9 Programming Language :: Python :: 3.10 diff --git a/tests/test_settings.py b/tests/test_settings.py index c5555e84..ea31182d 100644 --- a/tests/test_settings.py +++ b/tests/test_settings.py @@ -1,4 +1,5 @@ """Tests for the Settings class and module.""" + # Copyright 2018 Ian Stapleton Cordasco # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/twine/__init__.py b/twine/__init__.py index d5b07bc7..99a68612 100644 --- a/twine/__init__.py +++ b/twine/__init__.py @@ -3,6 +3,7 @@ The contents of this package are not a public API. For more details, see https://github.com/pypa/twine/issues/194 and https://github.com/pypa/twine/issues/665. """ + # Copyright 2018 Donald Stufft and individual contributors # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/twine/commands/__init__.py b/twine/commands/__init__.py index 080bae3e..acd80f2e 100644 --- a/twine/commands/__init__.py +++ b/twine/commands/__init__.py @@ -3,6 +3,7 @@ The contents of this package are not a public API. For more details, see https://github.com/pypa/twine/issues/194 and https://github.com/pypa/twine/issues/665. """ + # Copyright 2013 Donald Stufft # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/twine/commands/check.py b/twine/commands/check.py index 90b2e375..b3178c34 100644 --- a/twine/commands/check.py +++ b/twine/commands/check.py @@ -1,4 +1,5 @@ """Module containing the logic for ``twine check``.""" + # Copyright 2018 Dustin Ingram # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/twine/commands/register.py b/twine/commands/register.py index 69828640..3efb0a7a 100644 --- a/twine/commands/register.py +++ b/twine/commands/register.py @@ -1,4 +1,5 @@ """Module containing the logic for ``twine register``.""" + # Copyright 2015 Ian Cordasco # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/twine/commands/upload.py b/twine/commands/upload.py index 186c5915..b289d6b0 100644 --- a/twine/commands/upload.py +++ b/twine/commands/upload.py @@ -1,4 +1,5 @@ """Module containing the logic for ``twine upload``.""" + # Copyright 2013 Donald Stufft # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/twine/exceptions.py b/twine/exceptions.py index 02cb3708..b87b938b 100644 --- a/twine/exceptions.py +++ b/twine/exceptions.py @@ -1,4 +1,5 @@ """Module containing exceptions raised by twine.""" + # Copyright 2015 Ian Stapleton Cordasco # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/twine/settings.py b/twine/settings.py index d9dd4af3..78d382e2 100644 --- a/twine/settings.py +++ b/twine/settings.py @@ -1,4 +1,5 @@ """Module containing logic for handling settings.""" + # Copyright 2018 Ian Stapleton Cordasco # # Licensed under the Apache License, Version 2.0 (the "License");