twine ~= 6.0 # NOTE: 1.12.0 and later enable support for metadata 2.4 # NOTE: This can be dropped once twine stops using pkginfo # Ref: https://github.com/pypa/twine/pull/1180 pkginfo ~= 1.12.0 # NOTE: Used to detect an ambient OIDC credential for OIDC publishing, # NOTE: as well as PEP 740 attestations. id ~= 1.0 # NOTE: This is pulled in transitively through `twine`, but we also declare # NOTE: it explicitly here because `oidc-exchange.py` uses it. # Ref: https://github.com/di/id requests # NOTE: Used to generate attestations. pypi-attestations ~= 0.0.15 sigstore ~= 3.5.1 # NOTE: Used to detect the PyPI package name from the distribution files packaging