From 0b69a8c2dfa166206a4007a228ec3306ac63d1d0 Mon Sep 17 00:00:00 2001
From: Sviatoslav Sydorenko <wk@sydorenko.org.ua>
Date: Wed, 30 Nov 2022 10:32:45 +0100
Subject: [PATCH] Document broken `pkginfo==1.9.0` transitive dep

Refs:
* https://github.com/pypa/gh-action-pypi-publish/issues/107
---
 requirements/runtime.in  | 10 ++++++++++
 requirements/runtime.txt |  4 +++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/requirements/runtime.in b/requirements/runtime.in
index af996cf..abf4ef4 100644
--- a/requirements/runtime.in
+++ b/requirements/runtime.in
@@ -1 +1,11 @@
 twine
+
+# NOTE: `pkginfo` is a transitive dependency for us that is coming from Twine.
+# NOTE: It is declared here only to avoid installing a broken combination of
+# NOTE: the distribution packages. This should be removed once a fixed version
+# NOTE: of Twine is out.
+# Refs:
+# * https://github.com/pypa/gh-action-pypi-publish/issues/107
+# * https://github.com/pypa/twine/issues/940
+# * https://github.com/pypa/twine/pull/941
+pkginfo != 1.9.0
diff --git a/requirements/runtime.txt b/requirements/runtime.txt
index 56bcb30..c2f1ba2 100644
--- a/requirements/runtime.txt
+++ b/requirements/runtime.txt
@@ -35,7 +35,9 @@ keyring==23.11.0
 more-itertools==9.0.0
     # via jaraco-classes
 pkginfo==1.9.2
-    # via twine
+    # via
+    #   -r requirements/runtime.in
+    #   twine
 pycparser==2.21
     # via cffi
 pygments==2.13.0