pypi-publish

mirror of https://github.com/pypa/gh-action-pypi-publish.git synced 2024-10-05 19:04:31 -04:00

Author	SHA1	Message	Date
Sviatoslav Sydorenko (Святослав Сидоренко)	f7600683ef	Merge pull request #271 from mosfet80/patch-3 Some checks failed 🧪 / smoke-test (push) Has been cancelled Details Update `actions/checkout` to v3 in self-tests	2024-09-29 11:06:37 +02:00
mosfet80	6edc294485	Fix node.js v16 deprecation self-smoke-test-action.yml actions/checkout@v3 use node.js versio 16. But version 16 is deprecated. version 4 fixes the problem.	2024-09-29 09:04:41 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	85a5a80b22	Merge pull request #270 from trail-of-forks/fix-magic-link-summary Some checks are pending 🧪 / smoke-test (push) Waiting to run Details	2024-09-29 01:45:28 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	954318b48e	Merge pull request #267 from mosfet80/patch-2	2024-09-29 01:38:05 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	24791c7774	Merge pull request #266 from mosfet80/patch-1	2024-09-29 01:37:58 +02:00
Facundo Tuesca	d8c894824b	Fix magic link nudge formatting in job summary	2024-09-27 20:47:50 +02:00
Facundo Tuesca	a1ce3844ac	Check for Trusted Publishing in magic link logic	2024-09-27 20:47:02 +02:00
mosfet80	00b87c80e8	Update check-jsonschema and pre-commit libs https://github.com/python-jsonschema/check-jsonschema/releases https://github.com/pre-commit/pre-commit-hooks/releases/tag/v4.6.0	2024-09-23 11:56:13 +02:00
mosfet80	a571f1e128	Update pylint lib https://github.com/pylint-dev/pylint/releases/tag/v3.3.0	2024-09-23 11:52:50 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	897895f1e1	Merge pull request #262 from trail-of-forks/ww/bump-attestations-req Some checks failed 🧪 / smoke-test (push) Has been cancelled Details Resolves #263	2024-09-20 23:35:44 +02:00
William Woodruff	ce32325c61	requirements: bump pypi-attestations to 0.0.12 Signed-off-by: William Woodruff <william@trailofbits.com>	2024-09-19 18:14:50 +02:00
Facundo Tuesca	36978192ca	Add nudge message with magic link to create new Trusted Publisher Some checks failed 🧪 / smoke-test (push) Has been cancelled Details PR #250 Co-authored-by: Sviatoslav Sydorenko <sviat@redhat.com>	2024-09-05 17:25:58 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	4f8925cefa	Merge pull request #258 from facutuesca/patch-1	2024-09-05 17:06:25 +02:00
Facundo Tuesca	a58e550ac2	Remove redundant `Path.absolute()` call	2024-09-03 16:21:03 +02:00
Sviatoslav Sydorenko	0ab0b79471	🚑 Invert the dists-to-attest validity check Some checks failed 🧪 / smoke-test (push) Has been cancelled Details This bug sneaked into #236 but should not affect many people as the attestations generation feature is experimental and opt-in. Fixes #256	2024-09-03 10:25:06 +02:00
William Woodruff	8a08d61689	Expose PEP 740 attestations functionality Some checks failed 🧪 / smoke-test (push) Has been cancelled Details PR #236 This patch adds PEP 740 attestation generation to the workflow: when the Trusted Publishing flow is used, this will generate a publish attestation for each distribution being uploaded. These generated attestations are then fed into `twine`, which newly supports them via `--attestations`. Ref: https://github.com/pypi/warehouse/issues/15871	2024-09-01 02:50:29 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	fb9fc6a4e6	Merge pull request #245 from trail-of-forks/ww/bump-twine Some checks failed 🧪 / smoke-test (push) Has been cancelled Details	2024-06-27 19:55:19 +02:00
William Woodruff	4d020ff0a9	requirements: re-compile requirements with latest twine Signed-off-by: William Woodruff <william@trailofbits.com>	2024-06-24 16:49:50 -04:00
Sviatoslav Sydorenko	ec4db0b4dd	Merge PR #243 into unstable/v1 Some checks failed 🧪 / smoke-test (push) Has been cancelled Details	2024-06-16 20:09:43 +02:00
William Woodruff	e7908444c6	oidc-exchange: link to status dashboard Signed-off-by: William Woodruff <william@trailofbits.com>	2024-06-11 17:49:43 -04:00
Sviatoslav Sydorenko	87b624f871	💅Update homepage @ Dockerfile to GH Marketplace	2024-05-29 22:25:10 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	da2f9bb91e	Merge pull request #241 from br3ndonland/ghcr-label Add Docker label for GHCR	2024-05-29 22:20:17 +02:00
Brendon Smith	abbea2dd5c	Add Docker label for GHCR This commit will add the label `org.opencontainers.image.source` to the Dockerfile. This label helps link GitHub Container Registry (GHCR) with the associated repo. https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry https://github.com/pypa/gh-action-pypi-publish/pull/230/files#r1603926630	2024-05-29 22:18:35 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	2734d07314	build(deps): bump requests from 2.31.0 to 2.32.0 in /requirements (#240 ) build(deps): bump requests from 2.31.0 to 2.32.0 in /requirements	2024-05-29 16:37:07 +02:00
dependabot[bot]	a54b9b8952	--- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2024-05-21 05:26:31 +00:00
Sviatoslav Sydorenko	699cd6103f	⇪📦 Bump the runtime dep lockfile	2024-05-16 17:50:20 +02:00
pre-commit-ci[bot]	8414fc2457	[pre-commit.ci] pre-commit autoupdate (#225 ) * [pre-commit.ci] pre-commit autoupdate updates: - [github.com/Lucas-C/pre-commit-hooks.git: v1.5.4 → v1.5.5](https://github.com/Lucas-C/pre-commit-hooks.git/compare/v1.5.4...v1.5.5) - [github.com/python-jsonschema/check-jsonschema.git: 0.27.3 → 0.28.1](https://github.com/python-jsonschema/check-jsonschema.git/compare/0.27.3...0.28.1) - [github.com/adrienverge/yamllint.git: v1.33.0 → v1.35.1](https://github.com/adrienverge/yamllint.git/compare/v1.33.0...v1.35.1) - [github.com/PyCQA/flake8.git: 6.1.0 → 7.0.0](https://github.com/PyCQA/flake8.git/compare/6.1.0...7.0.0) - [github.com/PyCQA/flake8.git: 4.0.1 → 7.0.0](https://github.com/PyCQA/flake8.git/compare/4.0.1...7.0.0) - [github.com/PyCQA/pylint.git: v3.0.3 → v3.1.0](https://github.com/PyCQA/pylint.git/compare/v3.0.3...v3.1.0) * Bump WPS to v0.19.x series * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * Merge separate flake8 runs back into one --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> Co-authored-by: Sviatoslav Sydorenko <sviat@redhat.com>	2024-05-16 15:39:26 +00:00
Peter Shen	67a07ebbed	Disable the progress bar when running `twine upload` PR #231 Resolves #229 Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com>	2024-05-16 17:14:58 +02:00
William Woodruff	771d60f44b	Eliminate future tense in the password nudge in `twine-upload` Additionally, this turns the corresponding code branch into a hard error in case of the regular PyPI. Signed-off-by: William Woodruff <william@trailofbits.com> PR #234 Fixes #233	2024-05-16 17:07:28 +02:00
Sviatoslav Sydorenko	04f4e64de3	Set Python 3.11 for the `flake8-commas` linter It doesn't yet support 3.12 and is an unconditional dependency of WPS.	2024-05-16 16:29:54 +02:00
Sviatoslav Sydorenko (Святослав Сидоренко)	3fbcf7ccf4	Merge pull request #228 from pypa/dependabot/pip/requirements/idna-3.7 build(deps): bump idna from 3.6 to 3.7 in /requirements	2024-04-12 15:30:45 +02:00
dependabot[bot]	576aae3934	build(deps): bump idna from 3.6 to 3.7 in /requirements Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](https://github.com/kjd/idna/compare/v3.6...v3.7) --- updated-dependencies: - dependency-name: idna dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2024-04-12 04:51:56 +00:00
Sviatoslav Sydorenko	81e9d935c8	Bump `pip` to v24.0 in runtime prerequisites lock	2024-03-08 00:20:54 +01:00
Sviatoslav Sydorenko	91527c4583	Regenerate lockfiles with pip-tools v7.4.1	2024-03-08 00:19:54 +01:00
Sviatoslav Sydorenko	3a817c6dce	Bump action runtime to CPython 3.12	2024-03-08 00:15:38 +01:00
Sviatoslav Sydorenko	741947b9ca	Add a config file for `pip-tools`	2024-03-07 23:43:48 +01:00
Sviatoslav Sydorenko	d7af439579	Mass-bump transitive dependencies of runtime	2024-03-07 23:08:31 +01:00
Sviatoslav Sydorenko	e90ddca975	Bump `readme-renderer` to v43.0	2024-03-07 23:07:33 +01:00
Sviatoslav Sydorenko	dae7fa3e8d	Bump Twine to v5.0.0	2024-03-07 23:05:40 +01:00
Sviatoslav Sydorenko	0fe04ae7d9	Bump `id` to v1.3.0	2024-03-07 23:04:40 +01:00
Sviatoslav Sydorenko	444e17980b	Bump cryptography to v42.0.5	2024-03-07 23:02:36 +01:00
Sviatoslav Sydorenko	820be4e5e3	Normalize pip-tools' header comment @ `runtime.txt` It's currently not prefixed with `requirements/` in most places and that what Dependabot keeps using.	2024-03-07 23:00:46 +01:00
Sviatoslav Sydorenko (Святослав Сидоренко)	aec4e82833	Merge pull request #219 from SigureMo/re-generate-requirements build(deps): bump `pkginfo` version to support `Metadata-version=2.3`	2024-03-06 19:16:52 +01:00
SigureMo	b065889f7f	revert other bumps	2024-03-06 19:20:47 +08:00
SigureMo	00a7cd17a2	re-gen on Linux and run command in requirements/	2024-03-06 01:59:27 +00:00
SigureMo	2972d54cda	bump pkginfo only	2024-03-05 18:16:00 +08:00
SigureMo	f6a1bcf881	Revert "build(deps): re-generate requirements to support `Metadata-version=2.3`" This reverts commit `e6ed2a4dfb`.	2024-03-05 18:07:49 +08:00
SigureMo	e6ed2a4dfb	build(deps): re-generate requirements to support `Metadata-version=2.3`	2024-03-05 12:56:14 +08:00
William Woodruff	e53eb8b103	Clarify the error during OIDC exchange on PRs from forks This specializes the token retrieval error handling, providing an alternative error message when the error cause is something that we know can't possibly work due to GitHub's own restrictions on PRs from forks. PR #203 Closes #202 Ref https://github.com/python-pillow/Pillow/pull/7616 Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com>	2024-02-27 05:09:52 +01:00
Sviatoslav Sydorenko (Святослав Сидоренко)	edfa8f355b	Merge pull request #216 from xuanzhi33/unstable/v1 Correct the trusted publishing note admonition markdown syntax in the README	2024-02-24 20:27:48 +01:00

1 2 3 4 5 ...

301 commits