mirror of
https://github.com/pypa/gh-action-pypi-publish.git
synced 2024-11-09 10:23:35 -05:00
README: retitle, add note
Signed-off-by: William Woodruff <william@trailofbits.com>
This commit is contained in:
parent
a0f29a5690
commit
89ddbeae04
1 changed files with 6 additions and 1 deletions
|
@ -62,12 +62,17 @@ The secret used in `${{ secrets.PYPI_API_TOKEN }}` needs to be created on the
|
||||||
settings page of your project on GitHub. See [Creating & using secrets].
|
settings page of your project on GitHub. See [Creating & using secrets].
|
||||||
|
|
||||||
|
|
||||||
### Publishing with OpenID Connect
|
### Trusted publishing
|
||||||
|
|
||||||
> **IMPORTANT**: This functionality is in beta, and will not work for you
|
> **IMPORTANT**: This functionality is in beta, and will not work for you
|
||||||
> unless you're a member of the PyPI trusted publishing beta testers' group.
|
> unless you're a member of the PyPI trusted publishing beta testers' group.
|
||||||
> For more information, see [warehouse#12965].
|
> For more information, see [warehouse#12965].
|
||||||
|
|
||||||
|
> **NOTE**: Trusted publishing is sometimes referred to by its
|
||||||
|
> underlying technology -- OpenID Connect, or OIDC for short.
|
||||||
|
> If you see references to "OIDC publishing" in the context of PyPI,
|
||||||
|
> this is what they're referring to.
|
||||||
|
|
||||||
This action supports PyPI's [trusted publishing]
|
This action supports PyPI's [trusted publishing]
|
||||||
implementation, which allows authentication to PyPI without a manually
|
implementation, which allows authentication to PyPI without a manually
|
||||||
configured API token or username/password combination. To perform
|
configured API token or username/password combination. To perform
|
||||||
|
|
Loading…
Reference in a new issue