c959b126b7
- Update to 6.2.0: * Features: + Refresh short-lived PyPI token in long running Trusted Publishing uploads. * Bugfixes + Fix compatibility kludge for invalid License-File metadata entries emitted by build backends to work also with packaging version 24.0. + Fix a couple of incorrectly rendered error messages. + twine now enforces keyring >= 21.2.0. + twine now catches configparser.Error to prevent accidental leaks of secret tokens or passwords to the user's console. * Deprecations and Removals: + Remove hacks that support --skip-existing for indexes other than PyPI and TestPyPI. + Remove support for MD5 digests during uploads. - Drop patch skip-unsupported-Metadata-Version-test.patch, merged upstream.
Steve Kowalik2025-09-18 01:37:33 +00:00
c4a33157ea
Accepting request 1301302 from devel:languages:python
Ana Guerrero2025-08-26 12:56:22 +00:00
d7fa8f0508
- Convert to libalternatives on SLE-16-based and newer systems
Markéta Machová2025-08-25 14:24:56 +00:00
752f8af662
- Update to 6.1.0 * Features - Twine now has preliminary built-in support for Trusted Publishing as an authentication mechanism. (#1194) * Deprecations and Removals - Remove support for egg and wininst distribution types. These are not accepted by PyPI and not produced by any modern build-backends. (#1195) - Twine no longer supports .tar.bz2 source distributions. (#1200) * Misc - packaging is used instead of pkginfo for parsing and validating metadata. This aligns metadata validation to the one performed by PyPI. packaging version 24.0 or later is required. Support for metadata version 2.4 requires packaging 24.2 or later. pkginfo is not a dependency anymore. (#1180) - Use "source" instead of None as pyversion for sdist uploads. This is what PyPI (and most likely other package indexes) expects. (#1191) - Changes from 6.0.1 * Bugfixes - Fixed a regression where twine check would fail to expand wildcards, e.g. twine check 'dist/*'. (#1188) * Misc #1184 - Changes from 6.0.0 * Bugfixes - Restore support for pkginfo 1.11 (#1116) * Deprecations and Removals - Username for PyPI and Test PyPI now defaults to __token__ but no longer overrides a username configured in the environment or supplied on the command line. Workflows still supplying anything other than __token__ for the username when uploading to PyPI or Test PyPI will now fail. Either supply __token__ or do not supply a username at all. (#1121) * Misc #1024Matej Cepl2025-01-25 20:45:13 +00:00
49f1b53315
Accepting request 1224057 from devel:languages:python
Ana Guerrero2024-11-15 14:38:05 +00:00
a885dbaefc
- Skip a test broken by importlib_metadata 8.5+.
Steve Kowalik2024-11-14 03:51:43 +00:00
f1804fc0ea
- Update to 5.1.1 * Resolve DeprecationWarnings when extracting `twine` metadata. * Fix bug for Repository URLs with auth where the port was lost. When attempting to prevent printing authentication credentials in URLs provided with username and password, we did not properly handle the case where the URL also contains a port (when reconstructing the URL). This is now handled and tested to ensure no regressions.
Markéta Machová2024-10-11 12:11:02 +00:00
5bf22a6aa1
- update to 5.1.0: * Add the experimental --attestations flag.
Dirk Mueller2024-06-29 12:59:30 +00:00
bd72bf60b7
Accepting request 1166677 from devel:languages:python
Ana Guerrero2024-04-11 17:40:26 +00:00
91fe3384a3
Accepting request 1166606 from home:anag+factory:Staging
Matej Cepl2024-04-10 14:24:45 +00:00
1288bf847a
Accepting request 1158919 from devel:languages:python
Ana Guerrero2024-03-18 15:44:45 +00:00
d36863e4c0
- Update to 5.0.0: - Use email.message instead of cgi as cgi has been deprecated - Remove upstreamed patch license_files.patch - Add skip-unsupported-Metadata-Version-test.patch (gh#pypa/twine#1071) to skip failing test case.
Matej Cepl2024-03-18 08:39:54 +00:00
2fcab94ab3
Add reference to the upstream PR
Matej Cepl2023-05-06 08:30:16 +00:00
9afc433559
- Update to 4.0.2: - Remove deprecated function to fix twine check with pkginfo 1.9.0. - Improve logging when keyring fails. - Reconfgure root logger to show all log messages. - Drop support for Python 3.6. - Use Rich instead of tqdm for upload progress bar. - Remove Twine’s dependencies from the User-Agent header when uploading. - Improve detection of disabled BLAKE2 hashing due to FIPS mode. - Restore warning for missing long_description. - Add --verbose logging for querying keyring credentials. - Log all upload responses with --verbose. - Show more helpful error message for invalid metadata. - Require a recent version of urllib3. - Add support for core metadata version 2.2, defined in PEP 643. - Add support for Python 3.10. - Show more helpful messages for invalid passwords. - Allow the --skip-existing option to work with GCP Artifact Registry. - Add a helpful error message when an upload fails due to missing a trailing slash in the URL. - Generalize --verbose suggestion when an upload fails. - Improve error messages - Do not include md5_digest or blake2_256_digest if FIPS mode is enabled on the host. This removes those fields from the metadata before sending the metadata to the repository. - Add license_files.patch to make pip happy.
Matej Cepl2023-05-05 14:27:24 +00:00
ad290f184d
- Update to 1.14.0: * Better error handling and gpg2 fallback if gpg not available. * Fixes for python 3.8
Tomáš Chvátal
2019-09-10 09:45:40 +00:00
Daniel Garcia Moreno
Ana Guerrero
Steve Kowalik
Markéta Machová
Matej Cepl
Dominique Leuenberger
Dirk Mueller
Tomáš Chvátal
Ondřej Súkup
Yuchen Lin
Thomas Bechtold
Denisart Benjamin
Todd R
Sascha Peilicke