Also updates the link to reference the public documentation
for trusted publishing, rather than the PyPI short help
section (which also needs to be updated).
Signed-off-by: William Woodruff <william@trailofbits.com>
Up until now, the action input names followed the snake_case naming
pattern that is well familiar to the pythonistas. But in GitHub
actions, the de-facto standard is using kebab-case, which is what
this patch achieves.
This style helps make the keys in YAML better standardized and
distinguishable from other identifiers.
The old snake_case names remain functional for the time being and will
not be removed until at least v3 release of this action.
This patch reduces the emphasis on the `__token__` value of the `user`
input since it's default anyway. It also adds a separate paragraph
showing how to specify a custom username if the need be.
Ref: https://github.com/pypa/packaging.python.org/issues/1108
This patch highlights the original developer's identity while
spreading awareness about the circumstances[1] affecting the lead
contributors. Since it affects the maintenance of this project and the
users must be well-informed of why this repository doesn't get as much
attention as it deserves.
[1]: https://github.com/vshymanskyy/StandWithUkraine
d7872a6165 changed the name of an input from `dist` to `packages-dir`,
but unfortunately it looks like GitHub actions expect underscores rather
than dashes, so deploys are currently broken with the following errors:
```
Run pypa/gh-action-pypi-publish@master
with:
user: __token__
password: ***
packages-dir: dist
env:
pythonLocation: /opt/hostedtoolcache/Python/3.8.0/x64
/usr/bin/docker run --name [...] -e INPUT_PACKAGES-DIR [...]
/app/twine-upload.sh: line 22: INPUT_PACKAGES_DIR: unbound variable
This patch replaces the dash with an underscore.
Resolves#20
