Document broken pkginfo==1.9.0 transitive dep

Refs:
* https://github.com/pypa/gh-action-pypi-publish/issues/107
This commit is contained in:
Sviatoslav Sydorenko 2022-11-30 10:32:45 +01:00
parent c54db9c2b7
commit 0b69a8c2df
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 9345E8FEA89CA455
2 changed files with 13 additions and 1 deletions

View file

@ -1 +1,11 @@
twine
# NOTE: `pkginfo` is a transitive dependency for us that is coming from Twine.
# NOTE: It is declared here only to avoid installing a broken combination of
# NOTE: the distribution packages. This should be removed once a fixed version
# NOTE: of Twine is out.
# Refs:
# * https://github.com/pypa/gh-action-pypi-publish/issues/107
# * https://github.com/pypa/twine/issues/940
# * https://github.com/pypa/twine/pull/941
pkginfo != 1.9.0

View file

@ -35,7 +35,9 @@ keyring==23.11.0
more-itertools==9.0.0
# via jaraco-classes
pkginfo==1.9.2
# via twine
# via
# -r requirements/runtime.in
# twine
pycparser==2.21
# via cffi
pygments==2.13.0