diff --git a/python-twine.changes b/python-twine.changes index 7a9aaa6..cf28670 100644 --- a/python-twine.changes +++ b/python-twine.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Thu Sep 18 01:35:42 UTC 2025 - Steve Kowalik + +- Update to 6.2.0: + * Features: + + Refresh short-lived PyPI token in long running Trusted Publishing + uploads. + * Bugfixes + + Fix compatibility kludge for invalid License-File metadata entries + emitted by build backends to work also with packaging version 24.0. + + Fix a couple of incorrectly rendered error messages. + + twine now enforces keyring >= 21.2.0. + + twine now catches configparser.Error to prevent accidental leaks of + secret tokens or passwords to the user's console. + * Deprecations and Removals: + + Remove hacks that support --skip-existing for indexes other than PyPI + and TestPyPI. + + Remove support for MD5 digests during uploads. +- Drop patch skip-unsupported-Metadata-Version-test.patch, merged upstream. + ------------------------------------------------------------------- Mon Aug 25 14:24:32 UTC 2025 - Markéta Machová diff --git a/python-twine.spec b/python-twine.spec index 77a625a..e0dbd2f 100644 --- a/python-twine.spec +++ b/python-twine.spec @@ -23,21 +23,18 @@ %endif %{?sle15_python_module_pythons} Name: python-twine -Version: 6.1.0 +Version: 6.2.0 Release: 0 Summary: Collection of utilities for interacting with PyPI License: Apache-2.0 URL: https://github.com/pypa/twine Source: https://files.pythonhosted.org/packages/source/t/twine/twine-%{version}.tar.gz Patch0: 0001-remove-disable-socket-pytest-opt.patch -# PATCH-FIX-UPSTREAM skip-unsupported-Metadata-Version-test.patch gh#pypa/twine#1071 mcepl@suse.com -# Skip failing test case -Patch1: skip-unsupported-Metadata-Version-test.patch BuildRequires: %{python_module id} BuildRequires: %{python_module importlib-metadata >= 3.6} BuildRequires: %{python_module jaraco.envs} BuildRequires: %{python_module jaraco.packaging >= 9} -BuildRequires: %{python_module keyring >= 15.1} +BuildRequires: %{python_module keyring >= 21.2} BuildRequires: %{python_module munch} BuildRequires: %{python_module packaging >= 24.2} BuildRequires: %{python_module pip} @@ -57,7 +54,7 @@ BuildRequires: %{python_module wheel} BuildRequires: fdupes BuildRequires: python-rpm-macros Requires: python-id -Requires: python-keyring >= 15.1 +Requires: python-keyring >= 21.2 Requires: python-packaging Requires: python-readme_renderer >= 35.0 Requires: python-requests >= 2.20 diff --git a/skip-unsupported-Metadata-Version-test.patch b/skip-unsupported-Metadata-Version-test.patch deleted file mode 100644 index aabcdf7..0000000 --- a/skip-unsupported-Metadata-Version-test.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- - tests/test_package.py | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -Index: twine-6.1.0/tests/test_package.py -=================================================================== ---- twine-6.1.0.orig/tests/test_package.py -+++ twine-6.1.0/tests/test_package.py -@@ -349,11 +349,6 @@ def test_fips_metadata_excludes_md5_and_ - "read_data, exception_message", - [ - pytest.param( -- b"Metadata-Version: 102.3\nName: test-package\nVersion: 1.0.0\n", -- "'102.3' is not a valid metadata version", -- id="unsupported Metadata-Version", -- ), -- pytest.param( - b"Metadata-Version: 2.3\nName: test-package\nVersion: UNKNOWN\n", - "'UNKNOWN' is invalid for 'version'", - id="invalid Version", diff --git a/twine-6.1.0.tar.gz b/twine-6.1.0.tar.gz deleted file mode 100644 index 54b06a8..0000000 --- a/twine-6.1.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:be324f6272eff91d07ee93f251edf232fc647935dd585ac003539b42404a8dbd -size 168404 diff --git a/twine-6.2.0.tar.gz b/twine-6.2.0.tar.gz new file mode 100644 index 0000000..02e9b10 --- /dev/null +++ b/twine-6.2.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e5ed0d2fd70c9959770dce51c8f39c8945c574e18173a7b81802dab51b4b75cf +size 172262