actions/pypi-publish
1
0
Fork 0
mirror of https://github.com/pypa/gh-action-pypi-publish.git synced 2024-12-27 09:32:15 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

📌📦 Pin pkginfo to v1.12 @ runtime deps

Browse source 
Signed-off-by: William Woodruff <william@trailofbits.com>
This commit is contained in:
William Woodruff 2024-12-05 09:42:44 -05:00 committed by Sviatoslav Sydorenko
parent ff2b051b0a
commit 138a1215a3
No known key found for this signature in database
GPG key ID: 9345E8FEA89CA455
2 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
requirements/runtime.in
View file

@ -1,5 +1,10 @@
twine ~= 6.0 twine ~= 6.0
# NOTE: 1.12.0 and later enable support for metadata 2.4
# NOTE: This can be dropped once twine stops using pkginfo
# Ref: https://github.com/pypa/twine/pull/1180
pkginfo ~= 1.12.0
# NOTE: Used to detect an ambient OIDC credential for OIDC publishing, # NOTE: Used to detect an ambient OIDC credential for OIDC publishing,
# NOTE: as well as PEP 740 attestations. # NOTE: as well as PEP 740 attestations.
id ~= 1.0 id ~= 1.0

6
requirements/runtime.txt
View file

@ -66,8 +66,10 @@ packaging==24.1
# -r runtime.in # -r runtime.in
# pypi-attestations # pypi-attestations
# twine # twine
pkginfo==1.10.0 pkginfo==1.12.0
# via twine # via
# -r runtime.in
# twine
platformdirs==4.2.2 platformdirs==4.2.2
# via sigstore # via sigstore
pyasn1==0.6.0 pyasn1==0.6.0