pypi-publish

mirror of https://github.com/pypa/gh-action-pypi-publish.git synced 2024-11-09 02:13:33 -05:00

Author	SHA1	Message	Date
Dustin Ingram	41c10ee223	Add link to configuration docs for Trusted Publishing	2023-08-11 11:23:40 -04:00
William Woodruff	637917e5f2	README: re-add "pro tip" language Signed-off-by: William Woodruff <william@trailofbits.com>	2023-08-09 18:01:51 -04:00
William Woodruff	4864f13c38	README: use semantic callouts See: https://github.com/orgs/community/discussions/16925 Signed-off-by: William Woodruff <william@trailofbits.com>	2023-08-09 17:58:56 -04:00
Sviatoslav Sydorenko	2a939dd49b	🎨📝 Link SHA pinning encouragement @ README This article [[1]] describes security flows of using branches and tags as an end-user. The commit is intended to educate them but not force doing so if they don't want to. [1]: https://julienrenaux.fr/2019/12/20/github-actions-security-risk/	2023-07-13 16:44:47 +02:00
William Woodruff	0811f991bd	README: small doc tweaks Signed-off-by: William Woodruff <william@trailofbits.com>	2023-04-24 09:30:35 -06:00
Sviatoslav Sydorenko	f47b34707f	📝🎨 Put OIDC on pedestal @ README This patch makes sure that the new users would go for the secretless publishing when integrating the action, from the beginning.	2023-04-24 07:26:17 +02:00
Sviatoslav Sydorenko	7a1a355fb5	🎨 Show GH environments use in README examples It is a useful protection feature giving the end-users more control over the release flow and trust.	2023-04-24 07:07:39 +02:00
William Woodruff	c008c2f40a	README: re-add OIDC note Signed-off-by: William Woodruff <william@trailofbits.com>	2023-04-22 07:27:01 -06:00
William Woodruff	fe431ff9ad	README, oidc-exchange: remove beta references Signed-off-by: William Woodruff <william@trailofbits.com>	2023-04-21 16:09:58 -06:00
Sviatoslav Sydorenko	82695c57c9	📝 Link the announcement discussions from README This patch encourages the end-users to share feedback using GitHub Discussions instead of issues.	2023-04-03 18:19:33 +02:00
William Woodruff	89ddbeae04	README: retitle, add note Signed-off-by: William Woodruff <william@trailofbits.com>	2023-04-03 23:37:32 +09:00
William Woodruff	4372cb5585	README: replace OIDC with "trusted publishing" Also updates the link to reference the public documentation for trusted publishing, rather than the PyPI short help section (which also needs to be updated). Signed-off-by: William Woodruff <william@trailofbits.com>	2023-04-03 21:26:53 +09:00
William Woodruff	2b46bad8cb	OIDC beta support Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>	2023-03-15 17:08:09 -04:00
Sviatoslav Sydorenko	f131721e84	🎨 Convert action inputs to use kebab-case Up until now, the action input names followed the snake_case naming pattern that is well familiar to the pythonistas. But in GitHub actions, the de-facto standard is using kebab-case, which is what this patch achieves. This style helps make the keys in YAML better standardized and distinguishable from other identifiers. The old snake_case names remain functional for the time being and will not be removed until at least v3 release of this action.	2023-03-11 01:24:52 +01:00
Sviatoslav Sydorenko	ce291dce5b	🎨🐛Fix the branch @ pre-commit.ci badge links	2022-12-06 23:24:07 +01:00
Sviatoslav Sydorenko	47622d7eb0	🎨 Add CI/CD badges to README	2022-12-06 22:59:26 +01:00
Sviatoslav Sydorenko	5fb2f047e2	Drop `__token__` from README code usage snippets This patch reduces the emphasis on the `__token__` value of the `user` input since it's default anyway. It also adds a separate paragraph showing how to specify a custom username if the need be. Ref: https://github.com/pypa/packaging.python.org/issues/1108	2022-07-25 23:13:35 +02:00
Sviatoslav Sydorenko	7bbdccd64f	Update the mention of `master` with `unstable/v1`	2022-07-25 23:07:43 +02:00
Sviatoslav Sydorenko	328cf89e05	📝 Fix a link to the "Distribution Package" term	2022-07-25 22:55:14 +02:00
Sviatoslav Sydorenko	1bbe3c9926	📝 Announce deprecation of the `master` branch From now on, the default repository branch is `unstable/v1`. Resolves #83	2022-07-25 17:26:15 +02:00
Sviatoslav Sydorenko	9f0421c6c6	Add #StandWithUkraine banner to README This patch highlights the original developer's identity while spreading awareness about the circumstances[1] affecting the lead contributors. Since it affects the maintenance of this project and the users must be well-informed of why this repository doesn't get as much attention as it deserves. [1]: https://github.com/vshymanskyy/StandWithUkraine	2022-07-25 16:42:56 +02:00
meowmeowcat	c83d37bdf0	Introduce print_hash in README	2022-01-08 12:41:13 +08:00
Sviatoslav Sydorenko	bea5cda687	Fix a typo in README: s/wheels/wheel/	2021-02-19 20:28:01 +01:00
Sviatoslav Sydorenko	f334b3c277	Tell to use artifacts for platform wheels @ README Per suggestion @ https://github.com/pypa/gh-action-pypi-publish/discussions/57#discussioncomment-365097	2021-02-19 20:22:31 +01:00
Sviatoslav Sydorenko	c89694fb92	Merge PR #55	2021-02-19 20:08:03 +01:00
Sviatoslav Sydorenko	ed5a157a01	Add an empty line after the title @ README	2021-02-19 20:04:22 +01:00
P. L. Lim	3f53700db1	DOC: Do not use master in examples to be consistent with the "pro tip"	2021-01-22 09:36:17 -05:00
Ville Skyttä	4425980a33	Use PYPI_API_TOKEN instead of pypi_password as secret name in examples GitHub secrets are customarily spelled in uppercase, and in PyPI terms we're dealing with API tokens here, not passwords.	2020-12-12 18:08:55 +02:00
Subin Modeel	cf69e2047c	Update twine-upload.sh	2020-09-25 13:14:20 -04:00
Hugo van Kemenade	312517a552	Fix typo	2020-07-09 10:45:41 +03:00
Sviatoslav Sydorenko	00ef3b8182	Expose `skip_existing` setting to the end-users	2020-06-19 21:30:53 +02:00
Sviatoslav Sydorenko	65c102608d	Use detached link syntax in README	2020-06-03 17:53:04 +02:00
Sviatoslav Sydorenko	55abf9c047	Replace `github.ref` -> `github.event.ref` README Resolves #31	2020-06-03 17:49:53 +02:00
Henry Schreiner	9bda1cadd0	Use metadata_verify instead of check	2020-06-03 11:05:45 -04:00
Henry Schreiner	176ae50c06	feat: Add twine check before upload #30	2020-06-02 14:44:35 -04:00
Samuel Williams	a8ddac2458	Fix typo in inputs `d7872a6165` changed the name of an input from `dist` to `packages-dir`, but unfortunately it looks like GitHub actions expect underscores rather than dashes, so deploys are currently broken with the following errors: ``` Run pypa/gh-action-pypi-publish@master with: user: __token__ password: *** packages-dir: dist env: pythonLocation: /opt/hostedtoolcache/Python/3.8.0/x64 /usr/bin/docker run --name [...] -e INPUT_PACKAGES-DIR [...] /app/twine-upload.sh: line 22: INPUT_PACKAGES_DIR: unbound variable This patch replaces the dash with an underscore. Resolves #20	2019-12-06 23:15:10 +00:00
Sviatoslav Sydorenko	19c0fbd15c	Reword `package-dir` example title in README	2019-12-06 13:44:40 +01:00
Sviatoslav Sydorenko	b645b1f9d3	Use a regular PyPI in the custom dist dir example	2019-12-06 13:42:24 +01:00
Sviatoslav Sydorenko	d7872a6165	Change `dist` param to `packages-dir`	2019-12-06 13:38:52 +01:00
Jesse Farebrother	4f4304928f	Custom dist	2019-12-05 16:25:02 -07:00
matham	7c2cab72a6	Indicate clearly what is being uploaded.	2019-11-26 16:07:42 -05:00
NIKHIL DHANDRE	12afb8d7be	Fix miss leading link creating & using secrets	2019-11-24 00:05:12 +05:30
Sviatoslav Sydorenko	66f4ba747a	Add a link to the PyPA guide	2019-09-27 13:37:19 +02:00
Sviatoslav Sydorenko	369493d046	Wrap lines in README to fit 80 chars	2019-09-24 23:04:57 +02:00
Sviatoslav Sydorenko	74be6d36c6	Add a README recommendation to pin action versions	2019-09-24 23:03:49 +02:00
Hugo van Kemenade	d773dec8a8	Test PyPI -> TestPyPI	2019-09-19 11:04:14 +03:00
Hugo	881f0049bd	Typos and brevity	2019-09-16 14:01:16 +03:00
Sviatoslav Sydorenko	0f45ea95d8	Rename a Test PyPI secret	2019-09-15 15:24:35 +02:00
Sviatoslav Sydorenko	32324e5beb	Mention ``repository_url`` in README	2019-09-15 09:16:54 +02:00
Sviatoslav Sydorenko	48259af24d	Add a Non-goals section to the README	2019-09-12 14:06:55 +02:00

1 2

57 commits