Accepting request 1305594 from devel:languages:python

- Update to 6.2.0:
  * Features:
    + Refresh short-lived PyPI token in long running Trusted Publishing
      uploads.
  * Bugfixes
    + Fix compatibility kludge for invalid License-File metadata entries
      emitted by build backends to work also with packaging version 24.0.
    + Fix a couple of incorrectly rendered error messages.
    + twine now enforces keyring >= 21.2.0.
    + twine now catches configparser.Error to prevent accidental leaks of
      secret tokens or passwords to the user's console.
  * Deprecations and Removals:
    + Remove hacks that support --skip-existing for indexes other than PyPI
      and TestPyPI.
    + Remove support for MD5 digests during uploads.
- Drop patch skip-unsupported-Metadata-Version-test.patch, merged upstream.

OBS-URL: https://build.opensuse.org/request/show/1305594
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-twine?expand=0&rev=21

python-twine.changes

@@ -1,3 +1,81 @@
+-------------------------------------------------------------------
+Thu Sep 18 01:35:42 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Update to 6.2.0:
+  * Features:
+    + Refresh short-lived PyPI token in long running Trusted Publishing
+      uploads.
+  * Bugfixes
+    + Fix compatibility kludge for invalid License-File metadata entries
+      emitted by build backends to work also with packaging version 24.0.
+    + Fix a couple of incorrectly rendered error messages.
+    + twine now enforces keyring >= 21.2.0.
+    + twine now catches configparser.Error to prevent accidental leaks of
+      secret tokens or passwords to the user's console.
+  * Deprecations and Removals:
+    + Remove hacks that support --skip-existing for indexes other than PyPI
+      and TestPyPI.
+    + Remove support for MD5 digests during uploads.
+- Drop patch skip-unsupported-Metadata-Version-test.patch, merged upstream.
+
+-------------------------------------------------------------------
+Mon Aug 25 14:24:32 UTC 2025 - Markéta Machová <mmachova@suse.com>
+
+- Convert to libalternatives on SLE-16-based and newer systems
+
+-------------------------------------------------------------------
+Sat Jan 25 21:08:56 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
+
+- Add missing Requires.
+
+-------------------------------------------------------------------
+Fri Jan 24 15:30:25 UTC 2025 - ecsos <ecsos@opensuse.org>
+
+- Update to 6.1.0
+  * Features
+    - Twine now has preliminary built-in support for Trusted Publishing as an authentication mechanism. (#1194)
+  * Deprecations and Removals
+    - Remove support for egg and wininst distribution types.
+      These are not accepted by PyPI and not produced by any modern build-backends. (#1195)
+    - Twine no longer supports .tar.bz2 source distributions. (#1200)
+  * Misc
+    - packaging is used instead of pkginfo for parsing and validating metadata.
+      This aligns metadata validation to the one performed by PyPI.
+      packaging  version 24.0 or later is required. Support for metadata version 2.4
+      requires packaging 24.2 or later. pkginfo is not a dependency anymore. (#1180)
+    - Use "source" instead of None as pyversion for sdist uploads. This is what PyPI (and most likely other package indexes) expects. (#1191)
+- Changes from 6.0.1
+  * Bugfixes
+    - Fixed a regression where twine check would fail to expand wildcards, e.g. twine check 'dist/*'. (#1188)
+  * Misc
+    #1184
+- Changes from 6.0.0
+  * Bugfixes
+    - Restore support for pkginfo 1.11 (#1116)
+  * Deprecations and Removals
+    - Username for PyPI and Test PyPI now defaults to __token__ but no longer overrides a username
+      configured in the environment or supplied on the command line. Workflows still supplying
+      anything other than __token__ for the username when uploading to PyPI or Test PyPI will now fail.
+      Either supply __token__ or do not supply a username at all. (#1121)
+  * Misc
+    #1024
+
+-------------------------------------------------------------------
+Thu Nov 14 03:51:14 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Skip a test broken by importlib_metadata 8.5+. 
+
+-------------------------------------------------------------------
+Fri Oct 11 11:50:51 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Update to 5.1.1
+  * Resolve DeprecationWarnings when extracting ``twine`` metadata.
+  * Fix bug for Repository URLs with auth where the port was lost. When attempting
+    to prevent printing authentication credentials in URLs provided with username
+    and password, we did not properly handle the case where the URL also contains
+    a port (when reconstructing the URL). This is now handled and tested to
+    ensure no regressions.
+
 -------------------------------------------------------------------
 Sat Jun 29 12:59:17 UTC 2024 - Dirk Müller <dmueller@suse.com>
 

python-twine.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-twine
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,23 +16,27 @@
 #
 
 
+%if 0%{?suse_version} > 1500
+%bcond_without libalternatives
+%else
+%bcond_with libalternatives
+%endif
 %{?sle15_python_module_pythons}
 Name:           python-twine
-Version:        5.1.0
+Version:        6.2.0
 Release:        0
 Summary:        Collection of utilities for interacting with PyPI
 License:        Apache-2.0
 URL:            https://github.com/pypa/twine
 Source:         https://files.pythonhosted.org/packages/source/t/twine/twine-%{version}.tar.gz
 Patch0:         0001-remove-disable-socket-pytest-opt.patch
-# PATCH-FIX-UPSTREAM skip-unsupported-Metadata-Version-test.patch gh#pypa/twine#1071 mcepl@suse.com
-# Skip failing test case
-Patch1:         skip-unsupported-Metadata-Version-test.patch
+BuildRequires:  %{python_module id}
 BuildRequires:  %{python_module importlib-metadata >= 3.6}
 BuildRequires:  %{python_module jaraco.envs}
 BuildRequires:  %{python_module jaraco.packaging >= 9}
-BuildRequires:  %{python_module keyring >= 15.1}
+BuildRequires:  %{python_module keyring >= 21.2}
 BuildRequires:  %{python_module munch}
+BuildRequires:  %{python_module packaging >= 24.2}
 BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module pkginfo >= 1.8.1}
 BuildRequires:  %{python_module portend}
@@ -49,17 +53,23 @@ BuildRequires:  %{python_module urllib3 >= 1.26.0}
 BuildRequires:  %{python_module wheel}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
-Requires:       python-importlib-metadata >= 3.6
-Requires:       python-keyring >= 15.1
-Requires:       python-pkginfo >= 1.8.1
+Requires:       python-id
+Requires:       python-keyring >= 21.2
+Requires:       python-packaging
 Requires:       python-readme_renderer >= 35.0
 Requires:       python-requests >= 2.20
 Requires:       python-requests-toolbelt >= 0.8.0
 Requires:       python-rfc3986 >= 1.4.0
 Requires:       python-rich >= 12.0.0
+Requires:       python-urllib3 >= 1.26
+BuildArch:      noarch
+%if %{with libalternatives}
+BuildRequires:  alts
+Requires:       alts
+%else
 Requires(post): update-alternatives
 Requires(postun): update-alternatives
-BuildArch:      noarch
+%endif
 %python_subpackages
 
 %description
@@ -85,7 +95,8 @@ sed -i '1s/^#!.*//' twine/__main__.py
 # do not run integration tests
 rm tests/test_integration.py
 # test_check_status_code_for_wrong_repo_url is online test
-%pytest -k 'not test_check_status_code_for_wrong_repo_url'
+# test_package_from_egg broken by importlib_metadata 8.5+
+%pytest -k 'not (test_check_status_code_for_wrong_repo_url or test_package_from_egg)'
 
 %post
 %python_install_alternative twine
@@ -93,11 +104,14 @@ rm tests/test_integration.py
 %postun
 %python_uninstall_alternative twine
 
+%pre
+%python_libalternatives_reset_alternative twine
+
 %files %{python_files}
 %doc AUTHORS README.rst
 %license LICENSE
 %python_alternative %{_bindir}/twine
 %{python_sitelib}/twine
-%{python_sitelib}/twine-%{version}*-info
+%{python_sitelib}/twine-%{version}.dist-info
 
 %changelog

skip-unsupported-Metadata-Version-test.patch

@@ -1,20 +0,0 @@
----
- tests/test_package.py |   10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-Index: twine-5.1.0/tests/test_package.py
-===================================================================
---- twine-5.1.0.orig/tests/test_package.py
-+++ twine-5.1.0/tests/test_package.py
-@@ -384,11 +384,6 @@ def test_fips_metadata_excludes_md5_and_
-     "read_data, missing_fields",
-     [
-         pytest.param(
--            b"Metadata-Version: 102.3\nName: test-package\nVersion: 1.0.0\n",
--            "Name, Version",
--            id="unsupported Metadata-Version",
--        ),
--        pytest.param(
-             b"Metadata-Version: 2.3\nName: UNKNOWN\nVersion: UNKNOWN\n",
-             "Name, Version",
-             id="missing Name and Version",

twine-5.1.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4d74770c88c4fcaf8134d2a6a9d863e40f08255ff7d8e2acb3cbbd57d25f6e9d
-size 224997

twine-6.2.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e5ed0d2fd70c9959770dce51c8f39c8945c574e18173a7b81802dab51b4b75cf
+size 172262